epistemophiliac/fabric-samples
1
0
Fork 0
mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-23 01:55:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

add raft add orderer test

Browse source
This commit is contained in:
Cloud User 2019-07-23 07:17:42 +00:00
parent 3da5f8a450
commit 55dca10cc5
31 changed files with 3641 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

404
first-network/add_orderer_configtx.yaml Normal file
View file

@ -0,0 +1,404 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
# leave this flag set to true.
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.com
Port: 9051
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
- *Org2
Capabilities:
<<: *ApplicationCapabilities
SampleDevModeKafka:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: kafka
Kafka:
Brokers:
- kafka.example.com:9092
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
- Host: orderer2.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
- Host: orderer3.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
- Host: orderer4.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
- Host: orderer5.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
- Host: orderer6.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer6.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer6.example.com/tls/server.crt
Addresses:
- orderer.example.com:7050
- orderer2.example.com:7050
- orderer3.example.com:7050
- orderer4.example.com:7050
- orderer5.example.com:7050
- orderer6.example.com:7050
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2

466
first-network/add_orderer_genesis.log Normal file
View file

@ -0,0 +1,466 @@
use default log.
2019-07-22 06:19:30.827 UTC [localconfig] completeInitialization -> INFO 001 Kafka.Version unset, setting to 0.10.2.0
2019-07-22 06:19:30.843 UTC [orderer.common.server] prettyPrintStruct -> INFO 002 Orderer config values:
General.LedgerType = "file"
General.ListenAddress = "0.0.0.0"
General.ListenPort = 7050
General.isOpenYxlog = false
General.LogPath = "/var/fabric_logs"
General.LogName = "orderer_log"
General.maxlinesPerFile = 0
General.maxsizePerFile = 0
General.maxTotalSize = 0
General.maxdays = 0
General.daily = false
General.rotate = false
General.isAutoDelete = false
General.yxLogLevel = 0
General.TLS.Enabled = true
General.TLS.PrivateKey = "/var/hyperledger/orderer/tls/server.key"
General.TLS.Certificate = "/var/hyperledger/orderer/tls/server.crt"
General.TLS.RootCAs = [/var/hyperledger/orderer/tls/ca.crt]
General.TLS.ClientAuthRequired = false
General.TLS.ClientRootCAs = []
General.Cluster.ListenAddress = ""
General.Cluster.ListenPort = 0
General.Cluster.ServerCertificate = ""
General.Cluster.ServerPrivateKey = ""
General.Cluster.ClientCertificate = "/var/hyperledger/orderer/tls/server.crt"
General.Cluster.ClientPrivateKey = "/var/hyperledger/orderer/tls/server.key"
General.Cluster.RootCAs = [/var/hyperledger/orderer/tls/ca.crt]
General.Cluster.DialTimeout = 5s
General.Cluster.RPCTimeout = 7s
General.Cluster.ReplicationBufferSize = 20971520
General.Cluster.ReplicationPullTimeout = 5s
General.Cluster.ReplicationRetryTimeout = 5s
General.Cluster.ReplicationBackgroundRefreshInterval = 5m0s
General.Cluster.ReplicationMaxRetries = 12
General.Cluster.SendBufferSize = 10
General.Cluster.CertExpirationWarningThreshold = 168h0m0s
General.Keepalive.ServerMinInterval = 1m0s
General.Keepalive.ServerInterval = 2h0m0s
General.Keepalive.ServerTimeout = 20s
General.GenesisMethod = "file"
General.GenesisProfile = "SampleInsecureSolo"
General.SystemChannel = "test-system-channel-name"
General.GenesisFile = "/var/hyperledger/orderer/orderer.genesis.block"
General.Profile.Enabled = false
General.Profile.Address = "0.0.0.0:6060"
General.LocalMSPDir = "/var/hyperledger/orderer/msp"
General.LocalMSPID = "OrdererMSP"
General.BCCSP.ProviderName = "SW"
General.BCCSP.SwOpts.SecLevel = 256
General.BCCSP.SwOpts.HashFamily = "SHA2"
General.BCCSP.SwOpts.Ephemeral = false
General.BCCSP.SwOpts.FileKeystore.KeyStorePath = "/var/hyperledger/orderer/msp/keystore"
General.BCCSP.SwOpts.DummyKeystore =
General.BCCSP.SwOpts.InmemKeystore =
General.BCCSP.PluginOpts =
General.Authentication.TimeWindow = 15m0s
FileLedger.Location = "/var/hyperledger/production/orderer"
FileLedger.Prefix = "hyperledger-fabric-ordererledger"
FileLedger.DataDump.Enabled = false
FileLedger.DataDump.DumpDir = "/var/hyperledger/production/orderer/chains"
FileLedger.DataDump.LoadDir = "/var/hyperledger/production/orderer/chains"
FileLedger.DataDump.MaxFileLimit = 4096
FileLedger.DataDump.DumpCron = [0 */5 * * * ? 0 0 * * * ?]
FileLedger.DataDump.DumpInterval = 5m0s
FileLedger.DataDump.LoadRetryTimes = 5
RAMLedger.HistorySize = 1000
Kafka.Retry.ShortInterval = 5s
Kafka.Retry.ShortTotal = 10m0s
Kafka.Retry.LongInterval = 5m0s
Kafka.Retry.LongTotal = 12h0m0s
Kafka.Retry.NetworkTimeouts.DialTimeout = 10s
Kafka.Retry.NetworkTimeouts.ReadTimeout = 10s
Kafka.Retry.NetworkTimeouts.WriteTimeout = 10s
Kafka.Retry.Metadata.RetryMax = 3
Kafka.Retry.Metadata.RetryBackoff = 250ms
Kafka.Retry.Producer.RetryMax = 3
Kafka.Retry.Producer.RetryBackoff = 100ms
Kafka.Retry.Consumer.RetryBackoff = 2s
Kafka.Verbose = true
Kafka.Version = 0.10.2.0
Kafka.TLS.Enabled = false
Kafka.TLS.PrivateKey = ""
Kafka.TLS.Certificate = ""
Kafka.TLS.RootCAs = []
Kafka.TLS.ClientAuthRequired = false
Kafka.TLS.ClientRootCAs = []
Kafka.SASLPlain.Enabled = false
Kafka.SASLPlain.User = ""
Kafka.SASLPlain.Password = ""
Kafka.Topic.ReplicationFactor = 1
Debug.BroadcastTraceDir = ""
Debug.DeliverTraceDir = ""
Consensus = map[WALDir:/var/hyperledger/production/orderer/etcdraft/wal SnapDir:/var/hyperledger/production/orderer/etcdraft/snapshot]
Operations.ListenAddress = "127.0.0.1:8443"
Operations.TLS.Enabled = false
Operations.TLS.PrivateKey = ""
Operations.TLS.Certificate = ""
Operations.TLS.RootCAs = []
Operations.TLS.ClientAuthRequired = false
Operations.TLS.ClientRootCAs = []
Metrics.Provider = "disabled"
Metrics.Statsd.Network = "udp"
Metrics.Statsd.Address = "127.0.0.1:8125"
Metrics.Statsd.WriteInterval = 30s
Metrics.Statsd.Prefix = ""
2019-07-22 06:19:30.874 UTC [orderer.common.server] initializeServerConfig -> INFO 003 Starting orderer with TLS enabled
2019-07-22 06:19:30.875 UTC [orderer.common.server] configureClusterListener -> INFO 004 Cluster listener is not configured, defaulting to use the general listener on port 7050
2019-07-22 06:19:30.875 UTC [fsblkstorage] newBlockfileMgr -> INFO 005 Getting block information from block storage
2019-07-22 06:19:30.941 UTC [orderer.consensus.etcdraft] detectSelfID -> WARN 006 Could not find -----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAM+4vnDZ8FPXy05UiyumzagwCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTQ4MDBaFw0yOTA3MTkwNTQ4MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNi5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABHehhL036Sh1TPBOCf8dbpjuzjc2DyJXmF8Bxi4U4sZ4
WeKf7WuHotuhHZcCzx5Oz34aLE/6mLPbDBgaVfput9WjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI2LmV4YW1wbGUuY29tgghvcmRlcmVyNjAKBggq
hkjOPQQDAgNHADBEAiBEZyNWC3muZvcF4XT+/W4DGAjCq/1eQ8eGcAorvQNptwIg
QPbLb3OhaWc4dpAwn+IkSzzZJx0tuBRxfcznJxX3Tro=
-----END CERTIFICATE-----
among [-----BEGIN CERTIFICATE-----
MIICWDCCAf+gAwIBAgIQfOTFBqDBcfG8iixaAl2uRzAKBggqhkjOPQQDAjBsMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGjAYBgNVBAMTEXRsc2NhLmV4
YW1wbGUuY29tMB4XDTE5MDcyMjA1MzQwMFoXDTI5MDcxOTA1MzQwMFowWDELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFu
Y2lzY28xHDAaBgNVBAMTE29yZGVyZXIuZXhhbXBsZS5jb20wWTATBgcqhkjOPQIB
BggqhkjOPQMBBwNCAARtwVCGrNSb9okgQ4Tmq9c5lWR+Ye8YGWWaRovuHH3UCLY0
w5VgpNNsFivMGChaTXfQHDLq3NFQ+A/ojaulG4Gao4GWMIGTMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADArBgNVHSMEJDAigCCqA40mFDxLQPBZJHN+A+xXcCJAmPBovM4EOuIGP7WxYDAn
BgNVHREEIDAeghNvcmRlcmVyLmV4YW1wbGUuY29tggdvcmRlcmVyMAoGCCqGSM49
BAMCA0cAMEQCIC40SsoRsv6lxxKmaWsdscMT/ZqmGMhQlWTuBTGMy7W9AiAbaYSv
s4RErgwHkw7HXTzcEZVNVhYkdbJnxClbjDymtA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICXTCCAgOgAwIBAgIRAKWVN5W0oT8aaR0rorSB2dYwCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyMi5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABFVlkPqUNWjyf6yre2c8JURY4n3DyFPEFPtPgS9mjMgR
7giN0PkSMTSYmrIedbNHsJ187xZzL8IIs8N35HW8scKjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXIyLmV4YW1wbGUuY29tgghvcmRlcmVyMjAKBggq
hkjOPQQDAgNIADBFAiEAzz/kBXYknE0JVvicAjzohLYFw83IrZlk/xCTousGDIAC
IG4Zfax/TEiOQZpMX3MOycj/j8agIm7MKKA9842DCH+r
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICWzCCAgKgAwIBAgIQZeujwj2lcxe9R5+c8Az2UzAKBggqhkjOPQQDAjBsMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGjAYBgNVBAMTEXRsc2NhLmV4
YW1wbGUuY29tMB4XDTE5MDcyMjA1MzQwMFoXDTI5MDcxOTA1MzQwMFowWTELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFu
Y2lzY28xHTAbBgNVBAMTFG9yZGVyZXIzLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0C
AQYIKoZIzj0DAQcDQgAEldWlreqDNijrjhsUl+KDUHcK4SYc7yAyF2Y0LWFn5rWQ
+bOkK5ld5Tf24jy3xiOi90tcXqlzFtIXmjttEJPEQqOBmDCBlTAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwKwYDVR0jBCQwIoAgqgONJhQ8S0DwWSRzfgPsV3AiQJjwaLzOBDriBj+1sWAw
KQYDVR0RBCIwIIIUb3JkZXJlcjMuZXhhbXBsZS5jb22CCG9yZGVyZXIzMAoGCCqG
SM49BAMCA0cAMEQCIBDDst1+QRwqyV2DvY0lhyGlVP3LJdk2TD9tSyPbOfICAiBG
WgPpJTaRz+Y8WxxcwDEW0oXosRblt2gJ/a/01O7+CQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAMweMx8+91bpQOl6bGYiJY4wCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNC5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABIT1n5tdRdUXMKaP492pjHT1mRIeTunkJFIml/mVJuph
bnsuJ8Hr10qlLTT4tnnTKXPTo5xrUjW+LY/TEyOfMyCjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI0LmV4YW1wbGUuY29tgghvcmRlcmVyNDAKBggq
hkjOPQQDAgNHADBEAiBhLeLYbYT5GicQ+cjWvcBxaXZawhbDiOkuOukr6jIJxQIg
GUH3JTZjZ62cgyJOJt1f9iSppOTomvTE6aYrB2KIf10=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAPAzf/s/NW79cfknWc9E1V0wCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNS5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABP396kVr8nGVQ6Y6K0ZbNuenC16Z6as4gHjTE4heCOUy
1D3FOm07t5oucXtetlKvlVl8nq0QkJFWLgSJx8s4z8CjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI1LmV4YW1wbGUuY29tgghvcmRlcmVyNTAKBggq
hkjOPQQDAgNHADBEAiB0JPvoUQGs1Vk/Sb5EwsguB7sYlUiLw901yEbQG4Of4gIg
XfxLcBZGnq3XfOoqIazj1x91VgeHBS+LgwCyu2Nhw28=
-----END CERTIFICATE-----
]
2019-07-22 06:19:30.941 UTC [orderer.common.server] TrackChain -> INFO 007 Adding byfn-sys-channel to the set of chains to track
2019-07-22 06:19:30.942 UTC [orderer.commmon.multichannel] Initialize -> INFO 008 Starting system channel 'byfn-sys-channel' with genesis block hash 73ec77b9135630efc8ab310e825f8e0e03ffb43e94691ebe2c72413ca8367520 and orderer type etcdraft
2019-07-22 06:19:30.942 UTC [orderer.common.server] Start -> INFO 009 Starting orderer:
Version: 1.4.1-snapshot-2fd9f46
Commit SHA: 2fd9f46
Go version: go1.11.5
OS/Arch: linux/amd64
2019-07-22 06:19:30.942 UTC [orderer.common.server] Start -> INFO 00a Beginning to serve requests
2019-07-22 06:19:40.933 UTC [orderer.common.server] replicateDisabledChains -> INFO 00b Found 1 inactive chains: [byfn-sys-channel]
2019-07-22 06:19:40.933 UTC [orderer.common.cluster] ReplicateChains -> INFO 00c Will now replicate chains [byfn-sys-channel]
2019-07-22 06:19:40.944 UTC [orderer.common.cluster] discoverChannels -> INFO 00d Discovered 1 channels: [byfn-sys-channel]
2019-07-22 06:19:40.944 UTC [orderer.common.cluster] channelsToPull -> INFO 00e Evaluating channels to pull: [byfn-sys-channel]
2019-07-22 06:19:40.945 UTC [orderer.common.cluster] channelsToPull -> INFO 00f Probing whether I should pull channel byfn-sys-channel
2019-07-22 06:19:40.959 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 010 orderer2.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.960 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 011 orderer.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.960 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 012 orderer3.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.963 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 013 orderer4.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.965 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 014 orderer5.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.965 UTC [orderer.common.cluster.replication] HeightsByEndpoints -> INFO 015 Returning the heights of OSNs mapped by endpoints map[orderer2.example.com:7050:3 orderer.example.com:7050:3 orderer3.example.com:7050:3 orderer4.example.com:7050:3 orderer5.example.com:7050:3]
2019-07-22 06:19:40.983 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 016 orderer2.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.983 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 017 orderer3.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.986 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 018 orderer5.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.987 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 019 orderer.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.989 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 01a orderer4.example.com:7050 is at block sequence of 2
2019-07-22 06:19:40.989 UTC [orderer.common.cluster.replication] connectToSomeEndpoint -> INFO 01b Connected to orderer4.example.com:7050 with last block seq of 2
2019-07-22 06:19:40.990 UTC [orderer.common.cluster.replication] obtainStream -> INFO 01c Sending request for block [2] to orderer4.example.com:7050
2019-07-22 06:19:40.992 UTC [orderer.common.cluster.replication] pullBlocks -> INFO 01d Got block [2] of size 40 KB from orderer4.example.com:7050
2019-07-22 06:19:41.004 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 01e orderer2.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.008 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 01f orderer.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.009 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 020 orderer3.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.010 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 021 orderer4.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.010 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 022 orderer5.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.010 UTC [orderer.common.cluster.replication] connectToSomeEndpoint -> INFO 023 Connected to orderer2.example.com:7050 with last block seq of 2
2019-07-22 06:19:41.010 UTC [orderer.common.cluster.replication] obtainStream -> INFO 024 Sending request for block [2] to orderer2.example.com:7050
2019-07-22 06:19:41.012 UTC [orderer.common.cluster.replication] pullBlocks -> INFO 025 Got block [2] of size 40 KB from orderer2.example.com:7050
2019-07-22 06:19:41.021 UTC [orderer.common.cluster] channelsToPull -> INFO 026 I need to pull channel byfn-sys-channel
2019-07-22 06:19:41.021 UTC [orderer.common.cluster] ReplicateChains -> INFO 027 Found myself in 1 channels out of 1 : {[{byfn-sys-channel 0xc0009c6c40}] []}
2019-07-22 06:19:41.021 UTC [orderer.common.cluster] appendBlock -> INFO 028 Skipping commit of block [0] for channel byfn-sys-channel because height is at 1
2019-07-22 06:19:41.021 UTC [orderer.common.cluster] PullChannel -> INFO 029 Pulling channel byfn-sys-channel
2019-07-22 06:19:41.033 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 02a orderer4.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.033 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 02b orderer2.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.034 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 02c orderer.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.035 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 02d orderer3.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.035 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 02e orderer5.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.036 UTC [orderer.common.cluster.replication] HeightsByEndpoints -> INFO 02f Returning the heights of OSNs mapped by endpoints map[orderer4.example.com:7050:3 orderer2.example.com:7050:3 orderer.example.com:7050:3 orderer3.example.com:7050:3 orderer5.example.com:7050:3]
2019-07-22 06:19:41.036 UTC [orderer.common.cluster] PullChannel -> INFO 030 Latest block height for channel byfn-sys-channel is 3
2019-07-22 06:19:41.050 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 031 orderer2.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.051 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 032 orderer.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.052 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 033 orderer4.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.052 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 034 orderer5.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.054 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 035 orderer3.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.054 UTC [orderer.common.cluster.replication] connectToSomeEndpoint -> INFO 036 Connected to orderer5.example.com:7050 with last block seq of 2
2019-07-22 06:19:41.054 UTC [orderer.common.cluster.replication] obtainStream -> INFO 037 Sending request for block [1] to orderer5.example.com:7050
2019-07-22 06:19:41.057 UTC [orderer.common.cluster.replication] pullBlocks -> INFO 038 Got block [1] of size 26 KB from orderer5.example.com:7050
2019-07-22 06:19:41.057 UTC [orderer.common.cluster.replication] pullBlocks -> INFO 039 Got block [2] of size 40 KB from orderer5.example.com:7050
2019-07-22 06:19:41.062 UTC [orderer.common.cluster] appendBlock -> INFO 03a Committed block [1] for channel byfn-sys-channel
2019-07-22 06:19:41.078 UTC [orderer.common.cluster] appendBlock -> INFO 03b Committed block [2] for channel byfn-sys-channel
2019-07-22 06:19:41.078 UTC [orderer.common.cluster] PullChannel -> INFO 03c Pulling channel byfn-sys-channel
2019-07-22 06:19:41.090 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 03d orderer4.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.091 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 03e orderer5.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.091 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 03f orderer.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.093 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 040 orderer2.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.094 UTC [orderer.common.cluster.replication] fetchLastBlockSeq -> INFO 041 orderer3.example.com:7050 is at block sequence of 2
2019-07-22 06:19:41.094 UTC [orderer.common.cluster.replication] HeightsByEndpoints -> INFO 042 Returning the heights of OSNs mapped by endpoints map[orderer.example.com:7050:3 orderer2.example.com:7050:3 orderer3.example.com:7050:3 orderer4.example.com:7050:3 orderer5.example.com:7050:3]
2019-07-22 06:19:41.094 UTC [orderer.common.cluster] PullChannel -> INFO 043 Latest block height for channel byfn-sys-channel is 3
2019-07-22 06:19:41.094 UTC [orderer.common.cluster] pullChannelBlocks -> INFO 044 Latest height found (3) is equal to our height, skipping pulling channel byfn-sys-channel
2019-07-22 06:19:41.094 UTC [orderer.common.server] replicateDisabledChains -> INFO 045 Successfully replicated 1 chains: [byfn-sys-channel]
2019-07-22 06:19:41.095 UTC [orderer.commmon.multichannel] CreateChain -> INFO 046 A chain of type *inactive.Chain for channel byfn-sys-channel already exists. Halting it.
2019-07-22 06:19:41.105 UTC [orderer.consensus.etcdraft] HandleChain -> INFO 047 EvictionSuspicion not set, defaulting to 10m0s
2019-07-22 06:19:41.105 UTC [orderer.consensus.etcdraft] createOrReadWAL -> INFO 048 No WAL data found, creating new WAL at path '/var/hyperledger/production/orderer/etcdraft/wal/byfn-sys-channel' channel=byfn-sys-channel node=6
2019-07-22 06:19:41.121 UTC [orderer.commmon.multichannel] newChain -> INFO 049 Created and starting new chain byfn-sys-channel
2019-07-22 06:19:41.122 UTC [orderer.consensus.etcdraft] Start -> INFO 04a Starting Raft node channel=byfn-sys-channel node=6
2019-07-22 06:19:41.122 UTC [orderer.common.cluster] Configure -> INFO 04b Entering, channel: byfn-sys-channel, nodes: [ID: 5,
Endpoint: orderer5.example.com:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAPAzf/s/NW79cfknWc9E1V0wCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNS5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABP396kVr8nGVQ6Y6K0ZbNuenC16Z6as4gHjTE4heCOUy
1D3FOm07t5oucXtetlKvlVl8nq0QkJFWLgSJx8s4z8CjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI1LmV4YW1wbGUuY29tgghvcmRlcmVyNTAKBggq
hkjOPQQDAgNHADBEAiB0JPvoUQGs1Vk/Sb5EwsguB7sYlUiLw901yEbQG4Of4gIg
XfxLcBZGnq3XfOoqIazj1x91VgeHBS+LgwCyu2Nhw28=
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAPAzf/s/NW79cfknWc9E1V0wCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNS5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABP396kVr8nGVQ6Y6K0ZbNuenC16Z6as4gHjTE4heCOUy
1D3FOm07t5oucXtetlKvlVl8nq0QkJFWLgSJx8s4z8CjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI1LmV4YW1wbGUuY29tgghvcmRlcmVyNTAKBggq
hkjOPQQDAgNHADBEAiB0JPvoUQGs1Vk/Sb5EwsguB7sYlUiLw901yEbQG4Of4gIg
XfxLcBZGnq3XfOoqIazj1x91VgeHBS+LgwCyu2Nhw28=
-----END CERTIFICATE-----
ID: 1,
Endpoint: orderer.example.com:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIICWDCCAf+gAwIBAgIQfOTFBqDBcfG8iixaAl2uRzAKBggqhkjOPQQDAjBsMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGjAYBgNVBAMTEXRsc2NhLmV4
YW1wbGUuY29tMB4XDTE5MDcyMjA1MzQwMFoXDTI5MDcxOTA1MzQwMFowWDELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFu
Y2lzY28xHDAaBgNVBAMTE29yZGVyZXIuZXhhbXBsZS5jb20wWTATBgcqhkjOPQIB
BggqhkjOPQMBBwNCAARtwVCGrNSb9okgQ4Tmq9c5lWR+Ye8YGWWaRovuHH3UCLY0
w5VgpNNsFivMGChaTXfQHDLq3NFQ+A/ojaulG4Gao4GWMIGTMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADArBgNVHSMEJDAigCCqA40mFDxLQPBZJHN+A+xXcCJAmPBovM4EOuIGP7WxYDAn
BgNVHREEIDAeghNvcmRlcmVyLmV4YW1wbGUuY29tggdvcmRlcmVyMAoGCCqGSM49
BAMCA0cAMEQCIC40SsoRsv6lxxKmaWsdscMT/ZqmGMhQlWTuBTGMy7W9AiAbaYSv
s4RErgwHkw7HXTzcEZVNVhYkdbJnxClbjDymtA==
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIICWDCCAf+gAwIBAgIQfOTFBqDBcfG8iixaAl2uRzAKBggqhkjOPQQDAjBsMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGjAYBgNVBAMTEXRsc2NhLmV4
YW1wbGUuY29tMB4XDTE5MDcyMjA1MzQwMFoXDTI5MDcxOTA1MzQwMFowWDELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFu
Y2lzY28xHDAaBgNVBAMTE29yZGVyZXIuZXhhbXBsZS5jb20wWTATBgcqhkjOPQIB
BggqhkjOPQMBBwNCAARtwVCGrNSb9okgQ4Tmq9c5lWR+Ye8YGWWaRovuHH3UCLY0
w5VgpNNsFivMGChaTXfQHDLq3NFQ+A/ojaulG4Gao4GWMIGTMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADArBgNVHSMEJDAigCCqA40mFDxLQPBZJHN+A+xXcCJAmPBovM4EOuIGP7WxYDAn
BgNVHREEIDAeghNvcmRlcmVyLmV4YW1wbGUuY29tggdvcmRlcmVyMAoGCCqGSM49
BAMCA0cAMEQCIC40SsoRsv6lxxKmaWsdscMT/ZqmGMhQlWTuBTGMy7W9AiAbaYSv
s4RErgwHkw7HXTzcEZVNVhYkdbJnxClbjDymtA==
-----END CERTIFICATE-----
ID: 2,
Endpoint: orderer2.example.com:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIICXTCCAgOgAwIBAgIRAKWVN5W0oT8aaR0rorSB2dYwCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyMi5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABFVlkPqUNWjyf6yre2c8JURY4n3DyFPEFPtPgS9mjMgR
7giN0PkSMTSYmrIedbNHsJ187xZzL8IIs8N35HW8scKjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXIyLmV4YW1wbGUuY29tgghvcmRlcmVyMjAKBggq
hkjOPQQDAgNIADBFAiEAzz/kBXYknE0JVvicAjzohLYFw83IrZlk/xCTousGDIAC
IG4Zfax/TEiOQZpMX3MOycj/j8agIm7MKKA9842DCH+r
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIICXTCCAgOgAwIBAgIRAKWVN5W0oT8aaR0rorSB2dYwCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyMi5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABFVlkPqUNWjyf6yre2c8JURY4n3DyFPEFPtPgS9mjMgR
7giN0PkSMTSYmrIedbNHsJ187xZzL8IIs8N35HW8scKjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXIyLmV4YW1wbGUuY29tgghvcmRlcmVyMjAKBggq
hkjOPQQDAgNIADBFAiEAzz/kBXYknE0JVvicAjzohLYFw83IrZlk/xCTousGDIAC
IG4Zfax/TEiOQZpMX3MOycj/j8agIm7MKKA9842DCH+r
-----END CERTIFICATE-----
ID: 3,
Endpoint: orderer3.example.com:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIICWzCCAgKgAwIBAgIQZeujwj2lcxe9R5+c8Az2UzAKBggqhkjOPQQDAjBsMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGjAYBgNVBAMTEXRsc2NhLmV4
YW1wbGUuY29tMB4XDTE5MDcyMjA1MzQwMFoXDTI5MDcxOTA1MzQwMFowWTELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFu
Y2lzY28xHTAbBgNVBAMTFG9yZGVyZXIzLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0C
AQYIKoZIzj0DAQcDQgAEldWlreqDNijrjhsUl+KDUHcK4SYc7yAyF2Y0LWFn5rWQ
+bOkK5ld5Tf24jy3xiOi90tcXqlzFtIXmjttEJPEQqOBmDCBlTAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwKwYDVR0jBCQwIoAgqgONJhQ8S0DwWSRzfgPsV3AiQJjwaLzOBDriBj+1sWAw
KQYDVR0RBCIwIIIUb3JkZXJlcjMuZXhhbXBsZS5jb22CCG9yZGVyZXIzMAoGCCqG
SM49BAMCA0cAMEQCIBDDst1+QRwqyV2DvY0lhyGlVP3LJdk2TD9tSyPbOfICAiBG
WgPpJTaRz+Y8WxxcwDEW0oXosRblt2gJ/a/01O7+CQ==
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIICWzCCAgKgAwIBAgIQZeujwj2lcxe9R5+c8Az2UzAKBggqhkjOPQQDAjBsMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGjAYBgNVBAMTEXRsc2NhLmV4
YW1wbGUuY29tMB4XDTE5MDcyMjA1MzQwMFoXDTI5MDcxOTA1MzQwMFowWTELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFu
Y2lzY28xHTAbBgNVBAMTFG9yZGVyZXIzLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0C
AQYIKoZIzj0DAQcDQgAEldWlreqDNijrjhsUl+KDUHcK4SYc7yAyF2Y0LWFn5rWQ
+bOkK5ld5Tf24jy3xiOi90tcXqlzFtIXmjttEJPEQqOBmDCBlTAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwKwYDVR0jBCQwIoAgqgONJhQ8S0DwWSRzfgPsV3AiQJjwaLzOBDriBj+1sWAw
KQYDVR0RBCIwIIIUb3JkZXJlcjMuZXhhbXBsZS5jb22CCG9yZGVyZXIzMAoGCCqG
SM49BAMCA0cAMEQCIBDDst1+QRwqyV2DvY0lhyGlVP3LJdk2TD9tSyPbOfICAiBG
WgPpJTaRz+Y8WxxcwDEW0oXosRblt2gJ/a/01O7+CQ==
-----END CERTIFICATE-----
ID: 4,
Endpoint: orderer4.example.com:7050,
ServerTLSCert:-----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAMweMx8+91bpQOl6bGYiJY4wCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNC5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABIT1n5tdRdUXMKaP492pjHT1mRIeTunkJFIml/mVJuph
bnsuJ8Hr10qlLTT4tnnTKXPTo5xrUjW+LY/TEyOfMyCjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI0LmV4YW1wbGUuY29tgghvcmRlcmVyNDAKBggq
hkjOPQQDAgNHADBEAiBhLeLYbYT5GicQ+cjWvcBxaXZawhbDiOkuOukr6jIJxQIg
GUH3JTZjZ62cgyJOJt1f9iSppOTomvTE6aYrB2KIf10=
-----END CERTIFICATE-----
, ClientTLSCert:-----BEGIN CERTIFICATE-----
MIICXDCCAgOgAwIBAgIRAMweMx8+91bpQOl6bGYiJY4wCgYIKoZIzj0EAwIwbDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFDASBgNVBAoTC2V4YW1wbGUuY29tMRowGAYDVQQDExF0bHNjYS5l
eGFtcGxlLmNvbTAeFw0xOTA3MjIwNTM0MDBaFw0yOTA3MTkwNTM0MDBaMFkxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMR0wGwYDVQQDExRvcmRlcmVyNC5leGFtcGxlLmNvbTBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABIT1n5tdRdUXMKaP492pjHT1mRIeTunkJFIml/mVJuph
bnsuJ8Hr10qlLTT4tnnTKXPTo5xrUjW+LY/TEyOfMyCjgZgwgZUwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E
AjAAMCsGA1UdIwQkMCKAIKoDjSYUPEtA8Fkkc34D7FdwIkCY8Gi8zgQ64gY/tbFg
MCkGA1UdEQQiMCCCFG9yZGVyZXI0LmV4YW1wbGUuY29tgghvcmRlcmVyNDAKBggq
hkjOPQQDAgNHADBEAiBhLeLYbYT5GicQ+cjWvcBxaXZawhbDiOkuOukr6jIJxQIg
GUH3JTZjZ62cgyJOJt1f9iSppOTomvTE6aYrB2KIf10=
-----END CERTIFICATE-----
]
2019-07-22 06:19:41.122 UTC [orderer.common.cluster] updateStubInMapping -> INFO 04c Allocating a new stub for node 5 with endpoint of orderer5.example.com:7050 for channel byfn-sys-channel
2019-07-22 06:19:41.122 UTC [orderer.common.cluster] updateStubInMapping -> INFO 04d Deactivating node 5 in channel byfn-sys-channel with endpoint of orderer5.example.com:7050 due to TLS certificate change
2019-07-22 06:19:41.123 UTC [orderer.common.cluster] updateStubInMapping -> INFO 04e Allocating a new stub for node 1 with endpoint of orderer.example.com:7050 for channel byfn-sys-channel
2019-07-22 06:19:41.123 UTC [orderer.common.cluster] updateStubInMapping -> INFO 04f Deactivating node 1 in channel byfn-sys-channel with endpoint of orderer.example.com:7050 due to TLS certificate change
2019-07-22 06:19:41.124 UTC [orderer.common.cluster] updateStubInMapping -> INFO 050 Allocating a new stub for node 2 with endpoint of orderer2.example.com:7050 for channel byfn-sys-channel
2019-07-22 06:19:41.124 UTC [orderer.common.cluster] updateStubInMapping -> INFO 051 Deactivating node 2 in channel byfn-sys-channel with endpoint of orderer2.example.com:7050 due to TLS certificate change
2019-07-22 06:19:41.125 UTC [orderer.common.cluster] updateStubInMapping -> INFO 052 Allocating a new stub for node 3 with endpoint of orderer3.example.com:7050 for channel byfn-sys-channel
2019-07-22 06:19:41.125 UTC [orderer.common.cluster] updateStubInMapping -> INFO 053 Deactivating node 3 in channel byfn-sys-channel with endpoint of orderer3.example.com:7050 due to TLS certificate change
2019-07-22 06:19:41.126 UTC [orderer.common.cluster] updateStubInMapping -> INFO 054 Allocating a new stub for node 4 with endpoint of orderer4.example.com:7050 for channel byfn-sys-channel
2019-07-22 06:19:41.126 UTC [orderer.common.cluster] updateStubInMapping -> INFO 055 Deactivating node 4 in channel byfn-sys-channel with endpoint of orderer4.example.com:7050 due to TLS certificate change
2019-07-22 06:19:41.127 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 056 5 exists in both old and new membership for channel byfn-sys-channel , skipping its deactivation
2019-07-22 06:19:41.127 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 057 1 exists in both old and new membership for channel byfn-sys-channel , skipping its deactivation
2019-07-22 06:19:41.127 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 058 2 exists in both old and new membership for channel byfn-sys-channel , skipping its deactivation
2019-07-22 06:19:41.127 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 059 3 exists in both old and new membership for channel byfn-sys-channel , skipping its deactivation
2019-07-22 06:19:41.127 UTC [orderer.common.cluster] applyMembershipConfig -> INFO 05a 4 exists in both old and new membership for channel byfn-sys-channel , skipping its deactivation
2019-07-22 06:19:41.127 UTC [orderer.common.cluster] Configure -> INFO 05b Exiting
2019-07-22 06:19:41.127 UTC [orderer.consensus.etcdraft] start -> INFO 05c Starting raft node to join an existing channel channel=byfn-sys-channel node=6
2019-07-22 06:19:41.127 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 05d 6 became follower at term 0 channel=byfn-sys-channel node=6
2019-07-22 06:19:41.127 UTC [orderer.consensus.etcdraft] newRaft -> INFO 05e newRaft 6 [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0] channel=byfn-sys-channel node=6
2019-07-22 06:19:41.127 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 05f 6 became follower at term 1 channel=byfn-sys-channel node=6
2019-07-22 06:20:23.205 UTC [orderer.consensus.etcdraft] Step -> INFO 060 6 [term: 1] received a MsgHeartbeat message with higher term from 5 [term: 2] channel=byfn-sys-channel node=6
2019-07-22 06:20:23.206 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 061 6 became follower at term 2 channel=byfn-sys-channel node=6
2019-07-22 06:20:23.206 UTC [orderer.consensus.etcdraft] run -> INFO 062 raft.node: 6 elected leader 5 at term 2 channel=byfn-sys-channel node=6
2019-07-22 06:20:23.219 UTC [orderer.consensus.etcdraft] serveRequest -> INFO 063 Raft leader changed: 0 -> 5 channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] apply -> INFO 064 Applied config change to add node 1, current nodes in channel: [1] channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] apply -> INFO 065 Applied config change to add node 2, current nodes in channel: [1 2] channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] apply -> INFO 066 Applied config change to add node 3, current nodes in channel: [1 2 3] channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] apply -> INFO 067 Applied config change to add node 4, current nodes in channel: [1 2 3 4] channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] apply -> INFO 068 Applied config change to add node 5, current nodes in channel: [1 2 3 4 5] channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] writeBlock -> INFO 069 Got block [2], expect block [3], this node was forced to catch up channel=byfn-sys-channel node=6
2019-07-22 06:20:23.226 UTC [orderer.consensus.etcdraft] apply -> INFO 06a Applied config change to add node 6, current nodes in channel: [1 2 3 4 5 6] channel=byfn-sys-channel node=6

3
first-network/clean.sh Executable file
View file

@ -0,0 +1,3 @@
#!/bin/bash
docker rm -f $(docker ps -aq)
docker volume rm $(docker volume ls -q)

12
first-network/crypto-config-orderer6.yaml Normal file
View file

@ -0,0 +1,12 @@
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer6

114
first-network/docker-compose-cli-gm.yaml Normal file
View file

@ -0,0 +1,114 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
networks:
byfn:
services:
orderer.example.com:
environment:
- ORDERER_FILELEDGER_DATADUMP_ENABLED=false
- ORDERER_GENERAL_ISOPENYXLOG=false
- ORDERER_GENERAL_BCCSP_DEFAULT=GM
extends:
file: base/docker-compose-base.yaml
service: orderer.example.com
container_name: orderer.example.com
networks:
- byfn
peer0.org1.example.com:
container_name: peer0.org1.example.com
environment:
- CORE_LEDGER_DATADUMP_ENABLED=false
- CORE_LOGGING_ISOPENYXLOG=false
- CORE_PEER_BCCSP_DEFAULT=GM
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
networks:
- byfn
peer1.org1.example.com:
container_name: peer1.org1.example.com
environment:
- CORE_LEDGER_DATADUMP_ENABLED=false
- CORE_LOGGING_ISOPENYXLOG=false
- CORE_PEER_BCCSP_DEFAULT=GM
extends:
file: base/docker-compose-base.yaml
service: peer1.org1.example.com
networks:
- byfn
peer0.org2.example.com:
container_name: peer0.org2.example.com
environment:
- CORE_LEDGER_DATADUMP_ENABLED=false
- CORE_LOGGING_ISOPENYXLOG=false
- CORE_PEER_BCCSP_DEFAULT=GM
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.example.com
networks:
- byfn
peer1.org2.example.com:
container_name: peer1.org2.example.com
environment:
- CORE_LEDGER_DATADUMP_ENABLED=false
- CORE_LOGGING_ISOPENYXLOG=false
- CORE_PEER_BCCSP_DEFAULT=GM
extends:
file: base/docker-compose-base.yaml
service: peer1.org2.example.com
networks:
- byfn
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- CORE_PEER_BCCSP_DEFAULT=GM
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- orderer.example.com
- peer0.org1.example.com
- peer1.org1.example.com
- peer0.org2.example.com
- peer1.org2.example.com
networks:
- byfn

2
first-network/docker-compose-cli.yaml
View file

@ -22,6 +22,8 @@ services:
file: base/docker-compose-base.yaml
service: orderer.example.com
container_name: orderer.example.com
volumes:
- ./yaml:/etc/hyperledger/fabric
networks:
- byfn

30
first-network/orderer6.yaml Normal file
View file

@ -0,0 +1,30 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer6.example.com:
networks:
byfn:
services:
orderer6.example.com:
extends:
file: base/peer-base.yaml
service: orderer-base
container_name: orderer6.example.com
networks:
- byfn
volumes:
- ./channel-artifacts/last_config.block:/var/hyperledger/orderer/orderer.genesis.block
#- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer6.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer6.example.com/tls/:/var/hyperledger/orderer/tls
- orderer6.example.com:/var/hyperledger/production/orderer
ports:
- 12050:7050

574
first-network/yaml/configtx.yaml Normal file
View file

@ -0,0 +1,574 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# ORGANIZATIONS
#
# This section defines the organizational identities that can be referenced
# in the configuration profiles.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions.
- &SampleOrg
# Name is the key by which this org will be referenced in channel
# configuration transactions.
# Name can include alphanumeric characters as well as dots and dashes.
Name: SampleOrg
# ID is the key by which this org's MSP definition will be referenced.
# ID can include alphanumeric characters as well as dots and dashes.
ID: SampleOrg
# MSPDir is the filesystem path which contains the MSP configuration.
MSPDir: msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies: &SampleOrgPolicies
Readers:
Type: Signature
Rule: "OR('SampleOrg.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('SampleOrg.admin', 'SampleOrg.peer', 'SampleOrg.client')"
Writers:
Type: Signature
Rule: "OR('SampleOrg.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('SampleOrg.admin', 'SampleOrg.client')"
Admins:
Type: Signature
Rule: "OR('SampleOrg.admin')"
# AnchorPeers defines the location of peers which can be used for
# cross-org gossip communication. Note, this value is only encoded in
# the genesis block in the Application section context.
AnchorPeers:
- Host: 127.0.0.1
Port: 7051
################################################################################
#
# CAPABILITIES
#
# This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# APPLICATION
#
# This section defines the values to encode into a config transaction or
# genesis block for application-related parameters.
#
################################################################################
Application: &ApplicationDefaults
ACLs: &ACLsDefault
# This section provides defaults for policies for various resources
# in the system. These "resources" could be functions on system chaincodes
# (e.g., "GetBlockByNumber" on the "qscc" system chaincode) or other resources
# (e.g.,who can receive Block events). This section does NOT specify the resource's
# definition or API, but just the ACL policy for it.
#
# User's can override these defaults with their own policy mapping by defining the
# mapping under ACLs in their channel definition
#---Lifecycle System Chaincode (lscc) function to policy mapping for access control---#
# ACL policy for lscc's "getid" function
lscc/ChaincodeExists: /Channel/Application/Readers
# ACL policy for lscc's "getdepspec" function
lscc/GetDeploymentSpec: /Channel/Application/Readers
# ACL policy for lscc's "getccdata" function
lscc/GetChaincodeData: /Channel/Application/Readers
# ACL Policy for lscc's "getchaincodes" function
lscc/GetInstantiatedChaincodes: /Channel/Application/Readers
#---Query System Chaincode (qscc) function to policy mapping for access control---#
# ACL policy for qscc's "GetChainInfo" function
qscc/GetChainInfo: /Channel/Application/Readers
# ACL policy for qscc's "GetBlockByNumber" function
qscc/GetBlockByNumber: /Channel/Application/Readers
# ACL policy for qscc's "GetBlockByHash" function
qscc/GetBlockByHash: /Channel/Application/Readers
# ACL policy for qscc's "GetTransactionByID" function
qscc/GetTransactionByID: /Channel/Application/Readers
# ACL policy for qscc's "GetBlockByTxID" function
qscc/GetBlockByTxID: /Channel/Application/Readers
#---Configuration System Chaincode (cscc) function to policy mapping for access control---#
# ACL policy for cscc's "GetConfigBlock" function
cscc/GetConfigBlock: /Channel/Application/Readers
# ACL policy for cscc's "GetConfigTree" function
cscc/GetConfigTree: /Channel/Application/Readers
# ACL policy for cscc's "SimulateConfigTreeUpdate" function
cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers
#---Miscellanesous peer function to policy mapping for access control---#
# ACL policy for invoking chaincodes on peer
peer/Propose: /Channel/Application/Writers
# ACL policy for chaincode to chaincode invocation
peer/ChaincodeToChaincode: /Channel/Application/Readers
#---Events resource to policy mapping for access control###---#
# ACL policy for sending block events
event/Block: /Channel/Application/Readers
# ACL policy for sending filtered block events
event/FilteredBlock: /Channel/Application/Readers
# Organizations lists the orgs participating on the application side of the
# network.
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies: &ApplicationDefaultPolicies
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the application level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# ORDERER
#
# This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters.
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start.
# Available types are "solo" and "kafka".
OrdererType: solo
# Addresses here is a nonexhaustive list of orderers the peers and clients can
# connect to. Adding/removing nodes from this list has no impact on their
# participation in ordering.
# NOTE: In the solo case, this should be a one-item list.
Addresses:
- 127.0.0.1:7050
# Batch Timeout: The amount of time to wait before creating a batch.
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block.
# The orderer views messages opaquely, but typically, messages may
# be considered to be Fabric transactions. The 'batch' is the group
# of messages in the 'data' field of the block. Blocks will be a few kb
# larger than the batch size, when signatures, hashes, and other metadata
# is applied.
BatchSize:
# Max Message Count: The maximum number of messages to permit in a
# batch. No block will contain more than this number of messages.
MaxMessageCount: 500
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch. The maximum block size is this value
# plus the size of the associated metadata (usually a few KB depending
# upon the size of the signing identities). Any transaction larger than
# this value will be rejected by ordering. If the "kafka" OrdererType is
# selected, set 'message.max.bytes' and 'replica.fetch.max.bytes' on
# the Kafka brokers to a value that is larger than this one.
AbsoluteMaxBytes: 10 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed
# for the serialized messages in a batch. Roughly, this field may be considered
# the best effort maximum size of a batch. A batch will fill with messages
# until this size is reached (or the max message count, or batch timeout is
# exceeded). If adding a new message to the batch would cause the batch to
# exceed the preferred max bytes, then the current batch is closed and written
# to a block, and a new batch containing the new message is created. If a
# message larger than the preferred max bytes is received, then its batch
# will contain only that message. Because messages may be larger than
# preferred max bytes (up to AbsoluteMaxBytes), some batches may exceed
# the preferred max bytes, but will always contain exactly one transaction.
PreferredMaxBytes: 2 MB
# Max Channels is the maximum number of channels to allow on the ordering
# network. When set to 0, this implies no maximum number of channels.
MaxChannels: 0
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects. Edit
# this list to identify the brokers of the ordering service.
# NOTE: Use IP:port notation.
Brokers:
- kafka0:9092
- kafka1:9092
- kafka2:9092
# EtcdRaft defines configuration which must be set when the "etcdraft"
# orderertype is chosen.
EtcdRaft:
# The set of Raft replicas for this network. For the etcd/raft-based
# implementation, we expect every replica to also be an OSN. Therefore,
# a subset of the host:port items enumerated in this list should be
# replicated under the Orderer.Addresses key above.
Consenters:
- Host: raft0.example.com
Port: 7050
ClientTLSCert: path/to/ClientTLSCert0
ServerTLSCert: path/to/ServerTLSCert0
- Host: raft1.example.com
Port: 7050
ClientTLSCert: path/to/ClientTLSCert1
ServerTLSCert: path/to/ServerTLSCert1
- Host: raft2.example.com
Port: 7050
ClientTLSCert: path/to/ClientTLSCert2
ServerTLSCert: path/to/ServerTLSCert2
# Options to be specified for all the etcd/raft nodes. The values here
# are the defaults for all new channels and can be modified on a
# per-channel basis via configuration updates.
Options:
# TickInterval is the time interval between two Node.Tick invocations.
TickInterval: 500ms
# ElectionTick is the number of Node.Tick invocations that must pass
# between elections. That is, if a follower does not receive any
# message from the leader of current term before ElectionTick has
# elapsed, it will become candidate and start an election.
# ElectionTick must be greater than HeartbeatTick.
ElectionTick: 10
# HeartbeatTick is the number of Node.Tick invocations that must
# pass between heartbeats. That is, a leader sends heartbeat
# messages to maintain its leadership every HeartbeatTick ticks.
HeartbeatTick: 1
# MaxInflightBlocks limits the max number of in-flight append messages
# during optimistic replication phase.
MaxInflightBlocks: 5
# SnapshotIntervalSize defines number of bytes per which a snapshot is taken
SnapshotIntervalSize: 20 MB
# Organizations lists the orgs participating on the orderer side of the
# network.
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
# Capabilities describes the orderer level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *OrdererCapabilities
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# PROFILES
#
# Different configuration profiles may be encoded here to be specified as
# parameters to the configtxgen tool. The profiles which specify consortiums
# are to be used for generating the orderer genesis block. With the correct
# consortium members defined in the orderer genesis block, channel creation
# requests may be generated with only the org member names and a consortium
# name.
#
################################################################################
Profiles:
# SampleSingleMSPSolo defines a configuration which uses the Solo orderer,
# and contains a single MSP definition (the MSP sampleconfig).
# The Consortium SampleConsortium has only a single member, SampleOrg.
SampleSingleMSPSolo:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *SampleOrg
Consortiums:
SampleConsortium:
Organizations:
- *SampleOrg
# SampleSingleMSPKafka defines a configuration that differs from the
# SampleSingleMSPSolo one only in that it uses the Kafka-based orderer.
SampleSingleMSPKafka:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
OrdererType: kafka
Organizations:
- *SampleOrg
Consortiums:
SampleConsortium:
Organizations:
- *SampleOrg
# SampleInsecureSolo defines a configuration which uses the Solo orderer,
# contains no MSP definitions, and allows all transactions and channel
# creation requests for the consortium SampleConsortium.
SampleInsecureSolo:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Consortiums:
SampleConsortium:
Organizations:
# SampleInsecureKafka defines a configuration that differs from the
# SampleInsecureSolo one only in that it uses the Kafka-based orderer.
SampleInsecureKafka:
<<: *ChannelDefaults
Orderer:
OrdererType: kafka
<<: *OrdererDefaults
Consortiums:
SampleConsortium:
Organizations:
# SampleDevModeSolo defines a configuration which uses the Solo orderer,
# contains the sample MSP as both orderer and consortium member, and
# requires only basic membership for admin privileges. It also defines
# an Application on the ordering system channel, which should usually
# be avoided.
SampleDevModeSolo:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
Consortiums:
SampleConsortium:
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
# SampleDevModeKafka defines a configuration that differs from the
# SampleDevModeSolo one only in that it uses the Kafka-based orderer.
SampleDevModeKafka:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
OrdererType: kafka
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
Consortiums:
SampleConsortium:
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
# SampleSingleMSPChannel defines a channel with only the sample org as a
# member. It is designed to be used in conjunction with SampleSingleMSPSolo
# and SampleSingleMSPKafka orderer profiles. Note, for channel creation
# profiles, only the 'Application' section and consortium # name are
# considered.
SampleSingleMSPChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *SampleOrg
# SampleDevModeEtcdRaft defines a configuration that differs from the
# SampleDevModeSolo one only in that it uses the etcd/raft-based orderer.
SampleDevModeEtcdRaft:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"
Consortiums:
SampleConsortium:
Organizations:
- <<: *SampleOrg
Policies:
<<: *SampleOrgPolicies
Admins:
Type: Signature
Rule: "OR('SampleOrg.member')"

717
first-network/yaml/core.yaml Normal file
View file

@ -0,0 +1,717 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# 1.4 做出了更新 不再有单独的logging模块
#
logging:
# yunxiang fabric log module config
isOpenYxlog: false
logpath: /var/fabric_logs
logname: peer_log
# peer log level,0:emergency, 1:alert, 2:critical, 3:error,4:warning,5:notice,6:info, 7:debug
# default to be 6:info
yxLogLevel: 7
maxlinesPerFile: 100000000
maxsizePerFile: 102400000
maxTotalSize: 1024000000
isautodelete: false
maxdays: 7
daily: true
# chaincodeLog
chaincodeLogLevel: 7
# chaincode 日志宿主机存放路径容器内部存放路径为logpath
chaincodeLogPath: /var/chaincode_logs/
###############################################################################
#
# Peer section
#
###############################################################################
peer:
# The Peer id is used for identifying this Peer instance.
id: jdoe
# The networkId allows for logical seperation of networks
networkId: dev
# The Address at local network interface this Peer will listen on.
# By default, it will listen on all network interfaces
listenAddress: 0.0.0.0:7051
# The endpoint this peer uses to listen for inbound chaincode connections.
# If this is commented-out, the listen address is selected to be
# the peer's address (see below) with port 7052
# chaincodeListenAddress: 0.0.0.0:7052
# The endpoint the chaincode for this peer uses to connect to the peer.
# If this is not specified, the chaincodeListenAddress address is selected.
# And if chaincodeListenAddress is not specified, address is selected from
# peer listenAddress.
# chaincodeAddress: 0.0.0.0:7052
# When used as peer config, this represents the endpoint to other peers
# in the same organization. For peers in other organization, see
# gossip.externalEndpoint for more info.
# When used as CLI config, this means the peer's endpoint to interact with
address: 0.0.0.0:7051
# Whether the Peer should programmatically determine its address
# This case is useful for docker containers.
addressAutoDetect: false
# Setting for runtime.GOMAXPROCS(n). If n < 1, it does not change the
# current setting
gomaxprocs: -1
# Keepalive settings for peer server and clients
keepalive:
# MinInterval is the minimum permitted time between client pings.
# If clients send pings more frequently, the peer server will
# disconnect them
minInterval: 60s
# Client keepalive settings for communicating with other peer nodes
client:
# Interval is the time between pings to peer nodes. This must
# greater than or equal to the minInterval specified by peer
# nodes
interval: 60s
# Timeout is the duration the client waits for a response from
# peer nodes before closing the connection
timeout: 20s
# DeliveryClient keepalive settings for communication with ordering
# nodes.
deliveryClient:
# Interval is the time between pings to ordering nodes. This must
# greater than or equal to the minInterval specified by ordering
# nodes.
interval: 60s
# Timeout is the duration the client waits for a response from
# ordering nodes before closing the connection
timeout: 20s
# Gossip related configuration
gossip:
# Bootstrap set to initialize gossip with.
# This is a list of other peers that this peer reaches out to at startup.
# Important: The endpoints here have to be endpoints of peers in the same
# organization, because the peer would refuse connecting to these endpoints
# unless they are in the same organization as the peer.
bootstrap: 127.0.0.1:7051
# NOTE: orgLeader and useLeaderElection parameters are mutual exclusive.
# Setting both to true would result in the termination of the peer
# since this is undefined state. If the peers are configured with
# useLeaderElection=false, make sure there is at least 1 peer in the
# organization that its orgLeader is set to true.
# Defines whenever peer will initialize dynamic algorithm for
# "leader" selection, where leader is the peer to establish
# connection with ordering service and use delivery protocol
# to pull ledger blocks from ordering service. It is recommended to
# use leader election for large networks of peers.
useLeaderElection: true
# Statically defines peer to be an organization "leader",
# where this means that current peer will maintain connection
# with ordering service and disseminate block across peers in
# its own organization
orgLeader: false
# Interval for membershipTracker polling
membershipTrackerInterval: 5s
# Overrides the endpoint that the peer publishes to peers
# in its organization. For peers in foreign organizations
# see 'externalEndpoint'
endpoint:
# Maximum count of blocks stored in memory
maxBlockCountToStore: 100
# Max time between consecutive message pushes(unit: millisecond)
maxPropagationBurstLatency: 10ms
# Max number of messages stored until a push is triggered to remote peers
maxPropagationBurstSize: 10
# Number of times a message is pushed to remote peers
propagateIterations: 1
# Number of peers selected to push messages to
propagatePeerNum: 3
# Determines frequency of pull phases(unit: second)
# Must be greater than digestWaitTime + responseWaitTime
pullInterval: 4s
# Number of peers to pull from
pullPeerNum: 3
# Determines frequency of pulling state info messages from peers(unit: second)
requestStateInfoInterval: 4s
# Determines frequency of pushing state info messages to peers(unit: second)
publishStateInfoInterval: 4s
# Maximum time a stateInfo message is kept until expired
stateInfoRetentionInterval:
# Time from startup certificates are included in Alive messages(unit: second)
publishCertPeriod: 10s
# Should we skip verifying block messages or not (currently not in use)
skipBlockVerification: false
# Dial timeout(unit: second)
dialTimeout: 3s
# Connection timeout(unit: second)
connTimeout: 2s
# Buffer size of received messages
recvBuffSize: 20
# Buffer size of sending messages
sendBuffSize: 200
# Time to wait before pull engine processes incoming digests (unit: second)
# Should be slightly smaller than requestWaitTime
digestWaitTime: 1s
# Time to wait before pull engine removes incoming nonce (unit: milliseconds)
# Should be slightly bigger than digestWaitTime
requestWaitTime: 1500ms
# Time to wait before pull engine ends pull (unit: second)
responseWaitTime: 2s
# Alive check interval(unit: second)
aliveTimeInterval: 5s
# Alive expiration timeout(unit: second)
aliveExpirationTimeout: 25s
# Reconnect interval(unit: second)
reconnectInterval: 25s
# This is an endpoint that is published to peers outside of the organization.
# If this isn't set, the peer will not be known to other organizations.
externalEndpoint:
# Leader election service configuration
election:
# Longest time peer waits for stable membership during leader election startup (unit: second)
startupGracePeriod: 15s
# Interval gossip membership samples to check its stability (unit: second)
membershipSampleInterval: 1s
# Time passes since last declaration message before peer decides to perform leader election (unit: second)
leaderAliveThreshold: 10s
# Time between peer sends propose message and declares itself as a leader (sends declaration message) (unit: second)
leaderElectionDuration: 5s
pvtData:
# pullRetryThreshold determines the maximum duration of time private data corresponding for a given block
# would be attempted to be pulled from peers until the block would be committed without the private data
pullRetryThreshold: 60s
# As private data enters the transient store, it is associated with the peer's ledger's height at that time.
# transientstoreMaxBlockRetention defines the maximum difference between the current ledger's height upon commit,
# and the private data residing inside the transient store that is guaranteed not to be purged.
# Private data is purged from the transient store when blocks with sequences that are multiples
# of transientstoreMaxBlockRetention are committed.
transientstoreMaxBlockRetention: 1000
# pushAckTimeout is the maximum time to wait for an acknowledgement from each peer
# at private data push at endorsement time.
pushAckTimeout: 3s
# Block to live pulling margin, used as a buffer
# to prevent peer from trying to pull private data
# from peers that is soon to be purged in next N blocks.
# This helps a newly joined peer catch up to current
# blockchain height quicker.
btlPullMargin: 10
# the process of reconciliation is done in an endless loop, while in each iteration reconciler tries to
# pull from the other peers the most recent missing blocks with a maximum batch size limitation.
# reconcileBatchSize determines the maximum batch size of missing private data that will be reconciled in a
# single iteration.
reconcileBatchSize: 10
# reconcileSleepInterval determines the time reconciler sleeps from end of an iteration until the beginning
# of the next reconciliation iteration.
reconcileSleepInterval: 1m
# reconciliationEnabled is a flag that indicates whether private data reconciliation is enable or not.
reconciliationEnabled: true
# Gossip state transfer related configuration
state:
# indicates whenever state transfer is enabled or not
# default value is true, i.e. state transfer is active
# and takes care to sync up missing blocks allowing
# lagging peer to catch up to speed with rest network
enabled: true
# checkInterval interval to check whether peer is lagging behind enough to
# request blocks via state transfer from another peer.
checkInterval: 10s
# responseTimeout amount of time to wait for state transfer response from
# other peers
responseTimeout: 3s
# batchSize the number of blocks to request via state transfer from another peer
batchSize: 10
# blockBufferSize reflect the maximum distance between lowest and
# highest block sequence number state buffer to avoid holes.
# In order to ensure absence of the holes actual buffer size
# is twice of this distance
blockBufferSize: 100
# maxRetries maximum number of re-tries to ask
# for single state transfer request
maxRetries: 3
# TLS Settings
# Note that peer-chaincode connections through chaincodeListenAddress is
# not mutual TLS auth. See comments on chaincodeListenAddress for more info
tls:
# Require server-side TLS
enabled: false
# Require client certificates / mutual TLS.
# Note that clients that are not configured to use a certificate will
# fail to connect to the peer.
clientAuthRequired: false
# X.509 certificate used for TLS server
cert:
file: tls/server.crt
# Private key used for TLS server (and client if clientAuthEnabled
# is set to true
key:
file: tls/server.key
# Trusted root certificate chain for tls.cert
rootcert:
file: tls/ca.crt
# Set of root certificate authorities used to verify client certificates
clientRootCAs:
files:
- tls/ca.crt
# Private key used for TLS when making client connections. If
# not set, peer.tls.key.file will be used instead
clientKey:
file:
# X.509 certificate used for TLS when making client connections.
# If not set, peer.tls.cert.file will be used instead
clientCert:
file:
# Authentication contains configuration parameters related to authenticating
# client messages
authentication:
# the acceptable difference between the current server time and the
# client's time as specified in a client request message
timewindow: 15m
# Path on the file system where peer will store data (eg ledger). This
# location must be access control protected to prevent unintended
# modification that might corrupt the peer operations.
fileSystemPath: /var/hyperledger/production
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
# library to use
BCCSP:
# if setting is GM, chaincode.golang.dynamiclink must be false.
Default: SW
# Settings for the SW crypto provider (i.e. when DEFAULT: SW)
SW:
# TODO: The default Hash and Security level needs refactoring to be
# fully configurable. Changing these defaults requires coordination
# SHA2 is hardcoded in several places, not only BCCSP
Hash: SHA2
Security: 256
# Location of Key Store
FileKeyStore:
# If "", defaults to 'mspConfigPath'/keystore
KeyStore:
# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
PKCS11:
# Location of the PKCS11 module library
Library:
# Token Label
Label:
# User PIN
Pin:
Hash:
Security:
FileKeyStore:
KeyStore:
# Path on the file system where peer will find MSP local configurations
mspConfigPath: msp
# Identifier of the local MSP
# ----!!!!IMPORTANT!!!-!!!IMPORTANT!!!-!!!IMPORTANT!!!!----
# Deployers need to change the value of the localMspId string.
# In particular, the name of the local MSP ID of a peer needs
# to match the name of one of the MSPs in each of the channel
# that this peer is a member of. Otherwise this peer's messages
# will not be identified as valid by other nodes.
localMspId: SampleOrg
# CLI common client config options
client:
# connection timeout
connTimeout: 3s
# Delivery service related config
deliveryclient:
# It sets the total time the delivery service may spend in reconnection
# attempts until its retry logic gives up and returns an error
reconnectTotalTimeThreshold: 3600s
# It sets the delivery service <-> ordering service node connection timeout
connTimeout: 3s
# It sets the delivery service maximal delay between consecutive retries
reConnectBackoffThreshold: 3600s
# Type for the local MSP - by default it's of type bccsp
localMspType: bccsp
# Used with Go profiling tools only in none production environment. In
# production, it should be disabled (eg enabled: false)
profile:
enabled: false
listenAddress: 0.0.0.0:6060
# The admin service is used for administrative operations such as
# control over logger levels, etc.
# Only peer administrators can use the service.
adminService:
# The interface and port on which the admin server will listen on.
# If this is commented out, or the port number is equal to the port
# of the peer listen address - the admin service is attached to the
# peer's service (defaults to 7051).
#listenAddress: 0.0.0.0:7055
# Handlers defines custom handlers that can filter and mutate
# objects passing within the peer, such as:
# Auth filter - reject or forward proposals from clients
# Decorators - append or mutate the chaincode input passed to the chaincode
# Endorsers - Custom signing over proposal response payload and its mutation
# Valid handler definition contains:
# - A name which is a factory method name defined in
# core/handlers/library/library.go for statically compiled handlers
# - library path to shared object binary for pluggable filters
# Auth filters and decorators are chained and executed in the order that
# they are defined. For example:
# authFilters:
# -
# name: FilterOne
# library: /opt/lib/filter.so
# -
# name: FilterTwo
# decorators:
# -
# name: DecoratorOne
# -
# name: DecoratorTwo
# library: /opt/lib/decorator.so
# Endorsers are configured as a map that its keys are the endorsement system chaincodes that are being overridden.
# Below is an example that overrides the default ESCC and uses an endorsement plugin that has the same functionality
# as the default ESCC.
# If the 'library' property is missing, the name is used as the constructor method in the builtin library similar
# to auth filters and decorators.
# endorsers:
# escc:
# name: DefaultESCC
# library: /etc/hyperledger/fabric/plugin/escc.so
handlers:
authFilters:
-
name: DefaultAuth
-
name: ExpirationCheck # This filter checks identity x509 certificate expiration
decorators:
-
name: DefaultDecorator
endorsers:
escc:
name: DefaultEndorsement
library:
validators:
vscc:
name: DefaultValidation
library:
# library: /etc/hyperledger/fabric/plugin/escc.so
# Number of goroutines that will execute transaction validation in parallel.
# By default, the peer chooses the number of CPUs on the machine. Set this
# variable to override that choice.
# NOTE: overriding this value might negatively influence the performance of
# the peer so please change this value only if you know what you're doing
validatorPoolSize:
# The discovery service is used by clients to query information about peers,
# such as - which peers have joined a certain channel, what is the latest
# channel config, and most importantly - given a chaincode and a channel,
# what possible sets of peers satisfy the endorsement policy.
discovery:
enabled: true
# Whether the authentication cache is enabled or not.
authCacheEnabled: true
# The maximum size of the cache, after which a purge takes place
authCacheMaxSize: 1000
# The proportion (0 to 1) of entries that remain in the cache after the cache is purged due to overpopulation
authCachePurgeRetentionRatio: 0.75
# Whether to allow non-admins to perform non channel scoped queries.
# When this is false, it means that only peer admins can perform non channel scoped queries.
orgMembersAllowedAccess: false
###############################################################################
#
# VM section
#
###############################################################################
vm:
# Endpoint of the vm management system. For docker can be one of the following in general
# unix:///var/run/docker.sock
# http://localhost:2375
# https://localhost:2376
endpoint: unix:///var/run/docker.sock
# settings for docker vms
docker:
tls:
enabled: false
ca:
file: docker/ca.crt
cert:
file: docker/tls.crt
key:
file: docker/tls.key
# Enables/disables the standard out/err from chaincode containers for
# debugging purposes
attachStdout: false
# Parameters on creating docker container.
# Container may be efficiently created using ipam & dns-server for cluster
# NetworkMode - sets the networking mode for the container. Supported
# standard values are: `host`(default),`bridge`,`ipvlan`,`none`.
# Dns - a list of DNS servers for the container to use.
# Note: `Privileged` `Binds` `Links` and `PortBindings` properties of
# Docker Host Config are not supported and will not be used if set.
# LogConfig - sets the logging driver (Type) and related options
# (Config) for Docker. For more info,
# https://docs.docker.com/engine/admin/logging/overview/
# Note: Set LogConfig using Environment Variables is not supported.
hostConfig:
NetworkMode: host
Dns:
# - 192.168.0.1
LogConfig:
Type: json-file
Config:
max-size: "50m"
max-file: "5"
Memory: 2147483648
###############################################################################
#
# Chaincode section
#
###############################################################################
chaincode:
# The id is used by the Chaincode stub to register the executing Chaincode
# ID with the Peer and is generally supplied through ENV variables
# the `path` form of ID is provided when installing the chaincode.
# The `name` is used for all other requests and can be any string.
id:
path:
name:
# Generic builder environment, suitable for most chaincode types
builder: $(DOCKER_NS)/fabric-ccenv:latest
# Enables/disables force pulling of the base docker images (listed below)
# during user chaincode instantiation.
# Useful when using moving image tags (such as :latest)
pull: false
golang:
# golang will never need more than baseos
runtime: $(BASE_DOCKER_NS)/fabric-yxbaseos:latest
# whether or not golang chaincode should be linked dynamically
dynamicLink: true
car:
# car may need more facilities (JVM, etc) in the future as the catalog
# of platforms are expanded. For now, we can just use baseos
runtime: $(BASE_DOCKER_NS)/fabric-baseos:$(ARCH)-$(BASE_VERSION)
java:
# This is an image based on java:openjdk-8 with addition compiler
# tools added for java shim layer packaging.
# This image is packed with shim layer libraries that are necessary
# for Java chaincode runtime.
runtime: $(DOCKER_NS)/fabric-javaenv:$(ARCH)-$(PROJECT_VERSION)
node:
# need node.js engine at runtime, currently available in baseimage
# but not in baseos
runtime: $(BASE_DOCKER_NS)/fabric-baseimage:$(ARCH)-$(BASE_VERSION)
# Timeout duration for starting up a container and waiting for Register
# to come through. 1sec should be plenty for chaincode unit tests
startuptimeout: 300s
# Timeout duration for Invoke and Init calls to prevent runaway.
# This timeout is used by all chaincodes in all the channels, including
# system chaincodes.
# Note that during Invoke, if the image is not available (e.g. being
# cleaned up when in development environment), the peer will automatically
# build the image, which might take more time. In production environment,
# the chaincode image is unlikely to be deleted, so the timeout could be
# reduced accordingly.
executetimeout: 30s
# There are 2 modes: "dev" and "net".
# In dev mode, user runs the chaincode after starting peer from
# command line on local machine.
# In net mode, peer will run chaincode in a docker container.
mode: net
# keepalive in seconds. In situations where the communiction goes through a
# proxy that does not support keep-alive, this parameter will maintain connection
# between peer and chaincode.
# A value <= 0 turns keepalive off
keepalive: 0
# system chaincodes whitelist. To add system chaincode "myscc" to the
# whitelist, add "myscc: enable" to the list below, and register in
# chaincode/importsysccs.go
system:
cscc: enable
lscc: enable
escc: enable
vscc: enable
qscc: enable
# System chaincode plugins:
# System chaincodes can be loaded as shared objects compiled as Go plugins.
# See examples/plugins/scc for an example.
# Plugins must be white listed in the chaincode.system section above.
systemPlugins:
# example configuration:
# - enabled: true
# name: myscc
# path: /opt/lib/myscc.so
# invokableExternal: true
# invokableCC2CC: true
# Logging section for the chaincode container
logging:
# Default level for all loggers within the chaincode container
level: info
# Override default level for the 'shim' logger
shim: warning
# Format for the chaincode container logs
format: '%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}'
###############################################################################
#
# Ledger section - ledger configuration encompases both the blockchain
# and the state
#
###############################################################################
ledger:
blockchain:
dataDump:
enabled: true
dumpDir: /var/hyperledger/production/ledgersData/chains/chains/
loadDir: /var/hyperledger/production/ledgersData/chains/chains/
maxFileLimit: 4096
dumpCron:
- 0 */5 * * * ?
- 0 0 * * * ?
dumpInterval: 5m #24h
loadRetryTimes: 5
state:
# stateDatabase - options are "goleveldb", "CouchDB"
# goleveldb - default state database stored in goleveldb.
# CouchDB - store state database in CouchDB
stateDatabase: goleveldb
# Limit on the number of records to return per query
totalQueryLimit: 100000
couchDBConfig:
# It is recommended to run CouchDB on the same server as the peer, and
# not map the CouchDB container port to a server port in docker-compose.
# Otherwise proper security must be provided on the connection between
# CouchDB client (on the peer) and server.
couchDBAddress: 127.0.0.1:5984
# This username must have read and write authority on CouchDB
username:
# The password is recommended to pass as an environment variable
# during start up (eg CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD).
# If it is stored here, the file must be access control protected
# to prevent unintended users from discovering the password.
password:
# Number of retries for CouchDB errors
maxRetries: 3
# Number of retries for CouchDB errors during peer startup
maxRetriesOnStartup: 12
# CouchDB request timeout (unit: duration, e.g. 20s)
requestTimeout: 35s
# Limit on the number of records per each CouchDB query
# Note that chaincode queries are only bound by totalQueryLimit.
# Internally the chaincode may execute multiple CouchDB queries,
# each of size internalQueryLimit.
internalQueryLimit: 1000
# Limit on the number of records per CouchDB bulk update batch
maxBatchUpdateSize: 1000
# Warm indexes after every N blocks.
# This option warms any indexes that have been
# deployed to CouchDB after every N blocks.
# A value of 1 will warm indexes after every block commit,
# to ensure fast selector queries.
# Increasing the value may improve write efficiency of peer and CouchDB,
# but may degrade query response time.
warmIndexesAfterNBlocks: 1
# Create the _global_changes system database
# This is optional. Creating the global changes database will require
# additional system resources to track changes and maintain the database
createGlobalChangesDB: false
history:
# enableHistoryDatabase - options are true or false
# Indicates if the history of key updates should be stored.
# All history 'index' will be stored in goleveldb, regardless if using
# CouchDB or alternate database for the state.
enableHistoryDatabase: true
###############################################################################
#
# Operations section
#
###############################################################################
operations:
# host and port for the operations server
listenAddress: 127.0.0.1:9443
# TLS configuration for the operations endpoint
tls:
# TLS enabled
enabled: false
# path to PEM encoded server certificate for the operations server
cert:
file:
# path to PEM encoded server key for the operations server
key:
file:
# most operations service endpoints require client authentication when TLS
# is enabled. clientAuthRequired requires client certificate authentication
# at the TLS layer to access all resources.
clientAuthRequired: false
# paths to PEM encoded ca certificates to trust for client authentication
clientRootCAs:
files: []
###############################################################################
#
# Metrics section
#
###############################################################################
metrics:
# metrics provider is one of statsd, prometheus, or disabled
provider: disabled
# statsd configuration
statsd:
# network type: tcp or udp
network: udp
# statsd server address
address: 127.0.0.1:8125
# the interval at which locally cached counters and gauges are pushed
# to statsd; timings are pushed immediately
writeInterval: 10s
# prefix is prepended to all emitted statsd metrics
prefix:

14
first-network/yaml/msp/admincerts/admincert.pem Normal file
View file

@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICNjCCAd2gAwIBAgIRAMnf9/dmV9RvCCVw9pZQUfUwCgYIKoZIzj0EAwIwgYEx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g
RnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMQwwCgYDVQQLEwND
T1AxHDAaBgNVBAMTE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTcxMTEyMTM0MTEx
WhcNMjcxMTEwMTM0MTExWjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEMMAoGA1UECxMDQ09QMR8wHQYD
VQQDExZwZWVyMC5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEZ8S4V71OBJpyMIVZdwYdFXAckItrpvSrCf0HQg40WW9XSoOOO76I+Umf
EkmTlIJXP7/AyRRSRU38oI8Ivtu4M6NNMEswDgYDVR0PAQH/BAQDAgeAMAwGA1Ud
EwEB/wQCMAAwKwYDVR0jBCQwIoAginORIhnPEFZUhXm6eWBkm7K7Zc8R4/z7LW4H
ossDlCswCgYIKoZIzj0EAwIDRwAwRAIgVikIUZzgfuFsGLQHWJUVJCU7pDaETkaz
PzFgsCiLxUACICgzJYlW7nvZxP7b6tbeu3t8mrhMXQs956mD4+BoKuNI
-----END CERTIFICATE-----

15
first-network/yaml/msp/cacerts/cacert.pem Normal file
View file

@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICYjCCAgigAwIBAgIRAL1fEAnz5zp4moJ8MdSb/lYwCgYIKoZIzj0EAwIwgYEx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g
RnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMQwwCgYDVQQLEwND
T1AxHDAaBgNVBAMTE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTcxMTEyMTM0MTEx
WhcNMjcxMTEwMTM0MTExWjCBgTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm
b3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhh
bXBsZS5jb20xDDAKBgNVBAsTA0NPUDEcMBoGA1UEAxMTY2Eub3JnMS5leGFtcGxl
LmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGrsQ6oJpk6hDWf63HU3OSNd
bou9KNw/VIee1IngPDI4YJU7O+Xa/XLJuwnFv7BpR8Ytl3f+njC8i/RZP2/svO+j
XzBdMA4GA1UdDwEB/wQEAwIBpjAPBgNVHSUECDAGBgRVHSUAMA8GA1UdEwEB/wQF
MAMBAf8wKQYDVR0OBCIEIIpzkSIZzxBWVIV5unlgZJuyu2XPEeP8+y1uB6LLA5Qr
MAoGCCqGSM49BAMCA0gAMEUCIQDUh/+CC2dAICnYtACXspwUaaEbiyZxYIx+XDvW
o8VVcgIgGz5S4iC5+xkxgeaISPfxKTTVy6yzTdYGzCw1vPppjzo=
-----END CERTIFICATE-----

18
first-network/yaml/msp/config.yaml Normal file
View file

@ -0,0 +1,18 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
OrganizationalUnitIdentifiers:
- Certificate: "cacerts/cacert.pem"
OrganizationalUnitIdentifier: "COP"
NodeOUs:
Enable: false
ClientOUIdentifier:
# if Certificate is empty, then the certifier identifier will not be enforced
Certificate: "cacerts/cacert.pem"
OrganizationalUnitIdentifier: "OU_client"
PeerOUIdentifier:
Certificate: "cacerts/cacert.pem"
OrganizationalUnitIdentifier: "OU_peer"

5
first-network/yaml/msp/keystore/key.pem Executable file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgXa3mln4anewXtqrM
hMw6mfZhslkRa/j9P790ToKjlsihRANCAARnxLhXvU4EmnIwhVl3Bh0VcByQi2um
9KsJ/QdCDjRZb1dKg447voj5SZ8SSZOUglc/v8DJFFJFTfygjwi+27gz
-----END PRIVATE KEY-----

14
first-network/yaml/msp/signcerts/peer.pem Normal file
View file

@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICNjCCAd2gAwIBAgIRAMnf9/dmV9RvCCVw9pZQUfUwCgYIKoZIzj0EAwIwgYEx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g
RnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMQwwCgYDVQQLEwND
T1AxHDAaBgNVBAMTE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTcxMTEyMTM0MTEx
WhcNMjcxMTEwMTM0MTExWjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEMMAoGA1UECxMDQ09QMR8wHQYD
VQQDExZwZWVyMC5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAEZ8S4V71OBJpyMIVZdwYdFXAckItrpvSrCf0HQg40WW9XSoOOO76I+Umf
EkmTlIJXP7/AyRRSRU38oI8Ivtu4M6NNMEswDgYDVR0PAQH/BAQDAgeAMAwGA1Ud
EwEB/wQCMAAwKwYDVR0jBCQwIoAginORIhnPEFZUhXm6eWBkm7K7Zc8R4/z7LW4H
ossDlCswCgYIKoZIzj0EAwIDRwAwRAIgVikIUZzgfuFsGLQHWJUVJCU7pDaETkaz
PzFgsCiLxUACICgzJYlW7nvZxP7b6tbeu3t8mrhMXQs956mD4+BoKuNI
-----END CERTIFICATE-----

13
first-network/yaml/msp/tlscacerts/tlsroot.pem Normal file
View file

@ -0,0 +1,13 @@
-----BEGIN CERTIFICATE-----
MIIB8jCCAZigAwIBAgIRANxd4D3sY0656NqOh8Rha0AwCgYIKoZIzj0EAwIwWDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xDTALBgNVBAoTBE9yZzIxDTALBgNVBAMTBE9yZzIwHhcNMTcwNTA4
MDkzMDM0WhcNMjcwNTA2MDkzMDM0WjBYMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
Q2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzENMAsGA1UEChMET3Jn
MjENMAsGA1UEAxMET3JnMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDYy+qzS
J/8CMfhpBFhUhhz+7up4+lwjBWDSS01koszNh8camHTA8vS4ZsN+DZ2DRsSmRZgs
tG2oogLLIdh6Z1CjQzBBMA4GA1UdDwEB/wQEAwIBpjAPBgNVHSUECDAGBgRVHSUA
MA8GA1UdEwEB/wQFMAMBAf8wDQYDVR0OBAYEBAECAwQwCgYIKoZIzj0EAwIDSAAw
RQIgWnMmH0yxAjub3qfzxQioHKQ8+WvUjAXm0ejId9Q+rDICIQDr30UCPj+SXzOb
Cu4psMMBfLujKoiBNdLE1KEpt8lN1g==
-----END CERTIFICATE-----

14
first-network/yaml/msp/tlsintermediatecerts/tlsintermediate.pem Normal file
View file

@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICETCCAbagAwIBAgIQNpgoASE9fi0ooZVKcnwnZzAKBggqhkjOPQQDAjBYMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
YW5jaXNjbzENMAsGA1UEChMET3JnMjENMAsGA1UEAxMET3JnMjAeFw0xNzA1MDgw
OTMwMzRaFw0yNzA1MDYwOTMwMzRaMGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD
YWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRQwEgYDVQQKEwtPcmcy
LWNoaWxkMTEUMBIGA1UEAxMLT3JnMi1jaGlsZDEwWTATBgcqhkjOPQIBBggqhkjO
PQMBBwNCAARTBJ8/o1tpHPwuixYDgRwcrzAru0cWJJhE6KWHAa0vBCG4nl0zjjRS
og+iAuUcY4Z/gJoHol6dKSHk9h5jrqtEo1QwUjAOBgNVHQ8BAf8EBAMCAaYwDwYD
VR0lBAgwBgYEVR0lADAPBgNVHRMBAf8EBTADAQH/MA0GA1UdDgQGBAQBAgMEMA8G
A1UdIwQIMAaABAECAwQwCgYIKoZIzj0EAwIDSQAwRgIhAIkPzk7ORV/WhfG7QY/6
/OJg4++ftz2SZc44NIuogMArAiEAqbnpnmmHnzo2Qc6gnliCegpGnJ18RUT/jZlj
1qXHcvg=
-----END CERTIFICATE-----

398
first-network/yaml/orderer.yaml Normal file
View file

@ -0,0 +1,398 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Orderer Configuration
#
# - This controls the type and configuration of the orderer.
#
################################################################################
General:
# Ledger Type: The ledger type to provide to the orderer.
# Two non-production ledger types are provided for test purposes only:
# - ram: An in-memory ledger whose contents are lost on restart.
# - json: A simple file ledger that writes blocks to disk in JSON format.
# Only one production ledger type is provided:
# - file: A production file-based ledger.
LedgerType: file
# Listen address: The IP on which to bind to listen.
ListenAddress: 127.0.0.1
# Listen port: The port on which to bind to listen.
ListenPort: 7050
# yunxiang fabric log module config
isOpenYxlog: true
logpath: /var/fabric_logs
logname: orderer_log
# 0:emergency, 1:alert, 2:critical, 3:error, 4:warning, 5:notice, 6:info, 7:debug
# default to be 6:info
yxLogLevel: 4
maxlinesPerFile: 1000000
maxsizePerFile: 1024000
maxTotalSize: 10240000
isautodelete: false
maxdays: 7
daily: true
# TLS: TLS settings for the GRPC server.
TLS:
Enabled: false
# PrivateKey governs the file location of the private key of the TLS certificate.
PrivateKey: tls/server.key
# Certificate governs the file location of the server TLS certificate.
Certificate: tls/server.crt
RootCAs:
- tls/ca.crt
ClientAuthRequired: false
ClientRootCAs:
# Keepalive settings for the GRPC server.
Keepalive:
# ServerMinInterval is the minimum permitted time between client pings.
# If clients send pings more frequently, the server will
# disconnect them.
ServerMinInterval: 60s
# ServerInterval is the time between pings to clients.
ServerInterval: 7200s
# ServerTimeout is the duration the server waits for a response from
# a client before closing the connection.
ServerTimeout: 20s
# Cluster settings for ordering service nodes that communicate with other ordering service nodes
# such as Raft based ordering service.
Cluster:
# SendBufferSize is the maximum number of messages in the egress buffer.
# Consensus messages are dropped if the buffer is full, and transaction
# messages are waiting for space to be freed.
SendBufferSize: 10
# ClientCertificate governs the file location of the client TLS certificate
# used to establish mutual TLS connections with other ordering service nodes.
ClientCertificate:
# ClientPrivateKey governs the file location of the private key of the client TLS certificate.
ClientPrivateKey:
# The below 4 properties should be either set together, or be unset together.
# If they are set, then the orderer node uses a separate listener for intra-cluster
# communication. If they are unset, then the general orderer listener is used.
# This is useful if you want to use a different TLS server certificates on the
# client-facing and the intra-cluster listeners.
# ListenPort defines the port on which the cluster listens to connections.
ListenPort:
# ListenAddress defines the IP on which to listen to intra-cluster communication.
ListenAddress:
# ServerCertificate defines the file location of the server TLS certificate used for intra-cluster
# communication.
ServerCertificate:
# ServerPrivateKey defines the file location of the private key of the TLS certificate.
ServerPrivateKey:
# Genesis method: The method by which the genesis block for the orderer
# system channel is specified. Available options are "provisional", "file":
# - provisional: Utilizes a genesis profile, specified by GenesisProfile,
# to dynamically generate a new genesis block.
# - file: Uses the file provided by GenesisFile as the genesis block.
GenesisMethod: provisional
# Genesis profile: The profile to use to dynamically generate the genesis
# block to use when initializing the orderer system channel and
# GenesisMethod is set to "provisional". See the configtx.yaml file for the
# descriptions of the available profiles. Ignored if GenesisMethod is set to
# "file".
GenesisProfile: SampleInsecureSolo
# Genesis file: The file containing the genesis block to use when
# initializing the orderer system channel and GenesisMethod is set to
# "file". Ignored if GenesisMethod is set to "provisional".
GenesisFile: genesisblock
# LocalMSPDir is where to find the private crypto material needed by the
# orderer. It is set relative here as a default for dev environments but
# should be changed to the real location in production.
LocalMSPDir: msp
# LocalMSPID is the identity to register the local MSP material with the MSP
# manager. IMPORTANT: The local MSP ID of an orderer needs to match the MSP
# ID of one of the organizations defined in the orderer system channel's
# /Channel/Orderer configuration. The sample organization defined in the
# sample configuration provided has an MSP ID of "SampleOrg".
LocalMSPID: SampleOrg
# Enable an HTTP service for Go "pprof" profiling as documented at:
# https://golang.org/pkg/net/http/pprof
Profile:
Enabled: false
Address: 0.0.0.0:6060
# BCCSP configures the blockchain crypto service providers.
BCCSP:
# Default specifies the preferred blockchain crypto service provider
# to use. If the preferred provider is not available, the software
# based provider ("SW") will be used.
# Valid providers are:
# - SW: a software based crypto provider
# - PKCS11: a CA hardware security module crypto provider.
Default: SW
# SW configures the software based blockchain crypto provider.
SW:
# TODO: The default Hash and Security level needs refactoring to be
# fully configurable. Changing these defaults requires coordination
# SHA2 is hardcoded in several places, not only BCCSP
Hash: SHA2
Security: 256
# Location of key store. If this is unset, a location will be
# chosen using: 'LocalMSPDir'/keystore
FileKeyStore:
KeyStore:
# Authentication contains configuration parameters related to authenticating
# client messages
Authentication:
# the acceptable difference between the current server time and the
# client's time as specified in a client request message
TimeWindow: 15m
################################################################################
#
# SECTION: File Ledger
#
# - This section applies to the configuration of the file or json ledgers.
#
################################################################################
FileLedger:
# Location: The directory to store the blocks in.
# NOTE: If this is unset, a new temporary location will be chosen every time
# the orderer is restarted, using the prefix specified by Prefix.
Location: /var/hyperledger/production/orderer
# The prefix to use when generating a ledger directory in temporary space.
# Otherwise, this value is ignored.
Prefix: hyperledger-fabric-ordererledger
DataDump:
Enabled: true
DumpDir: /var/hyperledger/production/orderer/chains
LoadDir: /var/hyperledger/production/orderer/chains
MaxFileLimit: 4096
DumpCron:
- 0 */5 * * * ?
- 0 0 * * * ?
DumpInterval: 5m #24h
LoadRetryTimes: 5
################################################################################
#
# SECTION: RAM Ledger
#
# - This section applies to the configuration of the RAM ledger.
#
################################################################################
RAMLedger:
# History Size: The number of blocks that the RAM ledger is set to retain.
# WARNING: Appending a block to the ledger might cause the oldest block in
# the ledger to be dropped in order to limit the number total number blocks
# to HistorySize. For example, if history size is 10, when appending block
# 10, block 0 (the genesis block!) will be dropped to make room for block 10.
HistorySize: 1000
################################################################################
#
# SECTION: Kafka
#
# - This section applies to the configuration of the Kafka-based orderer, and
# its interaction with the Kafka cluster.
#
################################################################################
Kafka:
# Retry: What do if a connection to the Kafka cluster cannot be established,
# or if a metadata request to the Kafka cluster needs to be repeated.
Retry:
# When a new channel is created, or when an existing channel is reloaded
# (in case of a just-restarted orderer), the orderer interacts with the
# Kafka cluster in the following ways:
# 1. It creates a Kafka producer (writer) for the Kafka partition that
# corresponds to the channel.
# 2. It uses that producer to post a no-op CONNECT message to that
# partition
# 3. It creates a Kafka consumer (reader) for that partition.
# If any of these steps fail, they will be re-attempted every
# <ShortInterval> for a total of <ShortTotal>, and then every
# <LongInterval> for a total of <LongTotal> until they succeed.
# Note that the orderer will be unable to write to or read from a
# channel until all of the steps above have been completed successfully.
ShortInterval: 5s
ShortTotal: 10m
LongInterval: 5m
LongTotal: 12h
# Affects the socket timeouts when waiting for an initial connection, a
# response, or a transmission. See Config.Net for more info:
# https://godoc.org/github.com/Shopify/sarama#Config
NetworkTimeouts:
DialTimeout: 10s
ReadTimeout: 10s
WriteTimeout: 10s
# Affects the metadata requests when the Kafka cluster is in the middle
# of a leader election.See Config.Metadata for more info:
# https://godoc.org/github.com/Shopify/sarama#Config
Metadata:
RetryBackoff: 250ms
RetryMax: 3
# What to do if posting a message to the Kafka cluster fails. See
# Config.Producer for more info:
# https://godoc.org/github.com/Shopify/sarama#Config
Producer:
RetryBackoff: 100ms
RetryMax: 3
# What to do if reading from the Kafka cluster fails. See
# Config.Consumer for more info:
# https://godoc.org/github.com/Shopify/sarama#Config
Consumer:
RetryBackoff: 2s
# Settings to use when creating Kafka topics. Only applies when
# Kafka.Version is v0.10.1.0 or higher
Topic:
# The number of Kafka brokers across which to replicate the topic
ReplicationFactor: 3
# Verbose: Enable logging for interactions with the Kafka cluster.
Verbose: false
# TLS: TLS settings for the orderer's connection to the Kafka cluster.
TLS:
# Enabled: Use TLS when connecting to the Kafka cluster.
Enabled: false
# PrivateKey: PEM-encoded private key the orderer will use for
# authentication.
PrivateKey:
# As an alternative to specifying the PrivateKey here, uncomment the
# following "File" key and specify the file name from which to load the
# value of PrivateKey.
#File: path/to/PrivateKey
# Certificate: PEM-encoded signed public key certificate the orderer will
# use for authentication.
Certificate:
# As an alternative to specifying the Certificate here, uncomment the
# following "File" key and specify the file name from which to load the
# value of Certificate.
#File: path/to/Certificate
# RootCAs: PEM-encoded trusted root certificates used to validate
# certificates from the Kafka cluster.
RootCAs:
# As an alternative to specifying the RootCAs here, uncomment the
# following "File" key and specify the file name from which to load the
# value of RootCAs.
#File: path/to/RootCAs
# SASLPlain: Settings for using SASL/PLAIN authentication with Kafka brokers
SASLPlain:
# Enabled: Use SASL/PLAIN to authenticate with Kafka brokers
Enabled: false
# User: Required when Enabled is set to true
User:
# Password: Required when Enabled is set to true
Password:
# Kafka protocol version used to communicate with the Kafka cluster brokers
# (defaults to 0.10.2.0 if not specified)
Version:
################################################################################
#
# Debug Configuration
#
# - This controls the debugging options for the orderer
#
################################################################################
Debug:
# BroadcastTraceDir when set will cause each request to the Broadcast service
# for this orderer to be written to a file in this directory
BroadcastTraceDir:
# DeliverTraceDir when set will cause each request to the Deliver service
# for this orderer to be written to a file in this directory
DeliverTraceDir:
################################################################################
#
# Operations Configuration
#
# - This configures the operations server endpoint for the orderer
#
################################################################################
Operations:
# host and port for the operations server
ListenAddress: 127.0.0.1:8443
# TLS configuration for the operations endpoint
TLS:
# TLS enabled
Enabled: false
# Certificate is the location of the PEM encoded TLS certificate
Certificate:
# PrivateKey points to the location of the PEM-encoded key
PrivateKey:
# Most operations service endpoints require client authentication when TLS
# is enabled. ClientAuthRequired requires client certificate authentication
# at the TLS layer to access all resources.
ClientAuthRequired: false
# Paths to PEM encoded ca certificates to trust for client authentication
ClientRootCAs: []
################################################################################
#
# Metrics Configuration
#
# - This configures metrics collection for the orderer
#
################################################################################
Metrics:
# The metrics provider is one of statsd, prometheus, or disabled
Provider: disabled
# The statsd configuration
Statsd:
# network type: tcp or udp
Network: udp
# the statsd server address
Address: 127.0.0.1:8125
# The interval at which locally cached counters and gauges are pushed
# to statsd; timings are pushed immediately
WriteInterval: 30s
# The prefix is prepended to all emitted statsd metrics
Prefix:
################################################################################
#
# Consensus Configuration
#
# - This section contains config options for a consensus plugin. It is opaque
# to orderer, and completely up to consensus implementation to make use of.
#
################################################################################
Consensus:
# The allowed key-value pairs here depend on consensus plugin. For etcd/raft,
# we use following options:
# WALDir specifies the location at which Write Ahead Logs for etcd/raft are
# stored. Each channel will have its own subdir named after channel ID.
WALDir: /var/hyperledger/production/orderer/etcdraft/wal
# SnapDir specifies the location at which snapshots for etcd/raft are
# stored. Each channel will have its own subdir named after channel ID.
SnapDir: /var/hyperledger/production/orderer/etcdraft/snapshot

2
rafttest/.env Normal file
View file

@ -0,0 +1,2 @@
COMPOSE_PROJECT_NAME=net
IMAGE_TAG=latest

8
rafttest/.gitignore vendored Normal file
View file

@ -0,0 +1,8 @@
/channel-artifacts/*.tx
/channel-artifacts/*.block
/crypto-config/*
/docker-compose-e2e.yaml
/ledgers
/ledgers-backup
/channel-artifacts/*.json
/org3-artifacts/crypto-config/*

85
rafttest/add_org2.sh Executable file
View file

@ -0,0 +1,85 @@
#!/bin/bash
export FABRIC_CFG_PATH=$PWD
export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem
export PATH=${PWD}/../bin:${PWD}:$PATH
# 生成org2组织信息
configtxgen --printOrg Org2MSP >channel-artifacts/org2.json
# 设置通道为系统通道
export CHANNEL_NAME=testchainid
# 获取系统通道配置块并转换成json格式
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'peer channel fetch config config_block.pb -o orderer0.org1.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json'
# 将组织org2相关信息org2.json添加到config.json orderer groups位置
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'jq -s ".[0] * {"channel_group":{"groups":{"Orderer":{"groups": {"Org2MSP":.[1]}}}}}" config.json ./channel-artifacts/org2.json > modified_config.json'
# 将组织org2的orderer tls添加到config.json orderer consenters位置
export TLS_FILE=crypto/peerOrganizations/org2.example.com/peers/orderer0.org2.example.com/tls/server.crt
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" -e "TLS_FILE=$TLS_FILE" cli sh -c 'echo "{\"client_tls_cert\":\"$(cat $TLS_FILE | base64 |xargs echo | sed "s/ //g")\",\"host\":\"orderer0.org2.example.com\",\"port\":7050,\"server_tls_cert\":\"$(cat $TLS_FILE | base64 |xargs echo | sed "s/ //g")\"}" > org2consenter.json'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'jq ".channel_group.groups.Orderer.values.ConsensusType.value.metadata.consenters += [$(cat org2consenter.json)]" modified_config.json > modified_config_add.json'
# 转换成pb格式及计算增量差异
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_encode --input config.json --type common.Config --output config.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_encode --input modified_config_add.json --type common.Config --output modified_config.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output org2_update.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_decode --input org2_update.pb --type common.ConfigUpdate | jq . > org2_update.json'
# 构建交易并签名
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'echo "{\"payload\":{\"header\":{\"channel_header\":{\"channel_id\":\"testchainid\", \"type\":2}},\"data\":{\"config_update\":"$(cat org2_update.json)"}}}" | jq . > org2_update_in_envelope.json'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_encode --input org2_update_in_envelope.json --type common.Envelope --output org2_update_in_envelope.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'peer channel update -f org2_update_in_envelope.pb -c $CHANNEL_NAME -o orderer0.org1.example.com:7050 --tls --cafile $ORDERER_CA'
# 获取最新配置块给org2的orderer作为启动块
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'peer channel fetch config last_config_block.pb -o orderer0.org1.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'cp last_config_block.pb ./channel-artifacts/last_config.block'
# 启动org2
sleep 5
docker-compose -f docker-compose-org2.yaml up -d
sleep 10
# 按照上述步骤添加到应用链mychannel
export CHANNEL_NAME=mychannel
# 获取系统通道配置块并转换成json格式
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'peer channel fetch config config_block.pb -o orderer0.org1.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json'
# 将组织org2相关信息org2.json添加到config.json orderer及Application groups位置
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'jq -s ".[0] * {"channel_group":{"groups":{"Orderer":{"groups": {"Org2MSP":.[1]}}}}}" config.json ./channel-artifacts/org2.json > modified_config.json'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'jq -s ".[0] * {"channel_group":{"groups":{"Application":{"groups": {"Org2MSP":.[1]}}}}}" config.json ./channel-artifacts/org2.json > modified_config.json'
# 将组织org2的orderer tls添加到config.json orderer consenters位置
export TLS_FILE=crypto/peerOrganizations/org2.example.com/peers/orderer0.org2.example.com/tls/server.crt
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" -e "TLS_FILE=$TLS_FILE" cli sh -c 'echo "{\"client_tls_cert\":\"$(cat $TLS_FILE | base64 |xargs echo | sed "s/ //g")\",\"host\":\"orderer0.org2.example.com\",\"port\":7050,\"server_tls_cert\":\"$(cat $TLS_FILE | base64 |xargs echo | sed "s/ //g")\"}" > org2consenter.json'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'jq ".channel_group.groups.Orderer.values.ConsensusType.value.metadata.consenters += [$(cat org2consenter.json)]" modified_config.json > modified_config_add.json'
# 转换成pb格式及计算增量差异
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_encode --input config.json --type common.Config --output config.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_encode --input modified_config_add.json --type common.Config --output modified_config.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output org2_update.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_decode --input org2_update.pb --type common.ConfigUpdate | jq . > org2_update.json'
# 构建交易及更新
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'echo "{\"payload\":{\"header\":{\"channel_header\":{\"channel_id\":\"mychannel\", \"type\":2}},\"data\":{\"config_update\":"$(cat org2_update.json)"}}}" | jq . > org2_update_in_envelope.json'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'configtxlator proto_encode --input org2_update_in_envelope.json --type common.Envelope --output org2_update_in_envelope.pb'
docker exec -e "ORDERER_CA=$ORDERER_CA" -e "CHANNEL_NAME=$CHANNEL_NAME" cli sh -c 'peer channel update -f org2_update_in_envelope.pb -c $CHANNEL_NAME -o orderer0.org1.example.com:7050 --tls --cafile $ORDERER_CA'

110
rafttest/base/docker-compose-base.yaml Normal file
View file

@ -0,0 +1,110 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
orderer.example.com:
container_name: orderer.example.com
extends:
file: peer-base.yaml
service: orderer-base
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
- orderer.example.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.example.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.example.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org1.example.com:/var/hyperledger/production
ports:
- 7051:7051
peer1.org1.example.com:
container_name: peer1.org1.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org1.example.com
- CORE_PEER_ADDRESS=peer1.org1.example.com:8051
- CORE_PEER_LISTENADDRESS=0.0.0.0:8051
- CORE_PEER_CHAINCODEADDRESS=peer1.org1.example.com:8052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:8051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls:/etc/hyperledger/fabric/tls
- peer1.org1.example.com:/var/hyperledger/production
ports:
- 8051:8051
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:9051
- CORE_PEER_LISTENADDRESS=0.0.0.0:9051
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:9052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:9052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:9051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.example.com:10051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org2.example.com:/var/hyperledger/production
ports:
- 9051:9051
peer1.org2.example.com:
container_name: peer1.org2.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org2.example.com
- CORE_PEER_ADDRESS=peer1.org2.example.com:10051
- CORE_PEER_LISTENADDRESS=0.0.0.0:10051
- CORE_PEER_CHAINCODEADDRESS=peer1.org2.example.com:10052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:10052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:10051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:9051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
- peer1.org2.example.com:/var/hyperledger/production
ports:
- 10051:10051

52
rafttest/base/peer-base.yaml Normal file
View file

@ -0,0 +1,52 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
peer-base:
image: hyperledger/fabric-peer:$IMAGE_TAG
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_byfn
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
#- CORE_LEDGER_DATADUMP_ENABLED=TRUE
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
orderer-base:
image: hyperledger/fabric-orderer:$IMAGE_TAG
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
#- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
#- ORDERER_FILELEDGER_DATADUMP_ENABLED=TRUE
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer

0
rafttest/channel-artifacts/.gitkeep Normal file
View file

5
rafttest/clean.sh Executable file
View file

@ -0,0 +1,5 @@
#!/bin/bash
docker rm -f $(docker ps -aq)
docker volume rm $(docker volume ls -q)
rm -rf ./channel-artifacts/*
rm -rf crypto-config

320
rafttest/configtx.yaml Normal file
View file

@ -0,0 +1,320 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.member')"
# leave this flag set to true.
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP
# ID to load the MSP definition as
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.member')"
# leave this flag set to true.
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.com
Port: 9051
################################################################################
#
# SECTION: Capabilities
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
TwoOrgsChannel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
Capabilities:
<<: *ApplicationCapabilities
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer0.org1.example.com
Port: 7050
ClientTLSCert: crypto-config/peerOrganizations/org1.example.com/peers/orderer0.org1.example.com/tls/server.crt
ServerTLSCert: crypto-config/peerOrganizations/org1.example.com/peers/orderer0.org1.example.com/tls/server.crt
- Host: orderer1.org1.example.com
Port: 7050
ClientTLSCert: crypto-config/peerOrganizations/org1.example.com/peers/orderer1.org1.example.com/tls/server.crt
ServerTLSCert: crypto-config/peerOrganizations/org1.example.com/peers/orderer1.org1.example.com/tls/server.crt
Addresses:
- orderer0.org1.example.com:7050
- orderer1.org1.example.com:7050
Organizations:
- *Org1
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Org1
Consortiums:
SampleConsortium:
Organizations:
- *Org1

20
rafttest/crypto-config.yaml Normal file
View file

@ -0,0 +1,20 @@
PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
Specs:
- Hostname: orderer0
- Hostname: orderer1
- Name: Org2
Domain: org2.example.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
Specs:
- Hostname: orderer0

101
rafttest/docker-compose-org1.yaml Normal file
View file

@ -0,0 +1,101 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer0.org1.example.com:
orderer1.org1.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
networks:
byfn:
services:
orderer0.org1.example.com:
environment:
- ORDERER_GENERAL_LOCALMSPID=Org1MSP
extends:
file: base/peer-base.yaml
service: orderer-base
container_name: orderer0.org1.example.com
networks:
- byfn
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/peerOrganizations/org1.example.com/peers/orderer0.org1.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/peerOrganizations/org1.example.com/peers/orderer0.org1.example.com/tls/:/var/hyperledger/orderer/tls
- orderer0.org1.example.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
orderer1.org1.example.com:
environment:
- ORDERER_GENERAL_LOCALMSPID=Org1MSP
extends:
file: base/peer-base.yaml
service: orderer-base
container_name: orderer1.org1.example.com
networks:
- byfn
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/peerOrganizations/org1.example.com/peers/orderer1.org1.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/peerOrganizations/org1.example.com/peers/orderer1.org1.example.com/tls/:/var/hyperledger/orderer/tls
- orderer1.org1.example.com:/var/hyperledger/production/orderer
ports:
- 8050:7050
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org1.example.com
networks:
- byfn
peer1.org1.example.com:
container_name: peer1.org1.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org1.example.com
networks:
- byfn
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org1.example.com
- peer1.org1.example.com
- orderer0.org1.example.com
- orderer1.org1.example.com
networks:
- byfn

49
rafttest/docker-compose-org2.yaml Normal file
View file

@ -0,0 +1,49 @@
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
orderer0.org2.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
networks:
byfn:
services:
orderer0.org2.example.com:
environment:
- ORDERER_GENERAL_LOCALMSPID=Org2MSP
extends:
file: base/peer-base.yaml
service: orderer-base
container_name: orderer0.org2.example.com
networks:
- byfn
volumes:
- ./channel-artifacts/last_config.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/peerOrganizations/org2.example.com/peers/orderer0.org2.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/peerOrganizations/org2.example.com/peers/orderer0.org2.example.com/tls/:/var/hyperledger/orderer/tls
- orderer0.org2.example.com:/var/hyperledger/production/orderer
ports:
- 9050:7050
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer0.org2.example.com
networks:
- byfn
peer1.org2.example.com:
container_name: peer1.org2.example.com
extends:
file: base/docker-compose-base.yaml
service: peer1.org2.example.com
networks:
- byfn

27
rafttest/modified_config.json Normal file
View file

@ -0,0 +1,27 @@
jq - commandline JSON processor [version 1.5-1-a5b5cbe]
Usage: jq [options] <jq filter> [file...]
jq is a tool for processing JSON inputs, applying the
given filter to its JSON text inputs and producing the
filter's results as JSON on standard output.
The simplest filter is ., which is the identity filter,
copying jq's input to its output unmodified (except for
formatting).
For more advanced filters see the jq(1) manpage ("man jq")
and/or https://stedolan.github.io/jq
Some of the options include:
-c compact instead of pretty-printed output;
-n use `null` as the single input value;
-e set the exit status code based on the output;
-s read (slurp) all inputs into an array; apply filter to it;
-r output raw strings, not JSON texts;
-R read raw strings, not JSON texts;
-C colorize JSON;
-M monochrome (don't colorize JSON);
-S sort keys of objects on output;
--tab use tabs for indentation;
--arg a v set variable $a to value <v>;
--argjson a v set variable $a to JSON value <v>;
--slurpfile a f set variable $a to an array of JSON texts read from <f>;
See the manpage for more options.

32
rafttest/scripts/script.sh Executable file
View file

@ -0,0 +1,32 @@
#!/bin/bash
export CHANNEL_NAME=mychannel
export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem
## Create channel
echo "Creating channel..."
peer channel create -o orderer0.org1.example.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA
sleep 2
## Join all the peers to the channel
echo "peer0.org1 join the channel..."
peer channel join -b $CHANNEL_NAME.block
## Set the anchor peers for each org in the channel
echo "Updating anchor peers for org1..."
peer channel update -o orderer0.org1.example.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org1MSPanchors.tx --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA
sleep 2
## Install chaincode on peer0.org1
echo "Installing chaincode on peer0.org1..."
peer chaincode install -n mycc -v 1.0 -p github.com/chaincode/chaincode_example02/go
# Instantiate chaincode on peer0.org1
echo "Instantiating chaincode on peer0.org1..."
peer chaincode instantiate -o orderer0.org1.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a", "100", "b","200"]}' -P "OR ('Org1MSP.member')"
# Query chaincode on peer0.org1
echo "Querying chaincode on peer0.org1..."
sleep 5
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
# Invoke chaincode on peer0.org1
echo "Sending invoke transaction on peer0.org1"
peer chaincode invoke -o orderer0.org1.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}'
# Query chaincode on peer0.org1
sleep 5
echo "Querying chaincode on peer0.org1..."
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'

17
rafttest/start.sh Executable file
View file

@ -0,0 +1,17 @@
#!/bin/bash
export CHANNEL_NAME=mychannel
export FABRIC_CFG_PATH=$PWD
export PATH=${PWD}/../bin:${PWD}:$PATH
cryptogen generate --config=./crypto-config.yaml
configtxgen -profile SampleMultiNodeEtcdRaft -outputBlock ./channel-artifacts/genesis.block
configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
sleep 5
docker-compose -f docker-compose-org1.yaml up -d
sleep 20
docker exec -it cli sh -c "./scripts/script.sh"