mirror of
https://github.com/hyperledger/fabric-samples.git
synced 2026-06-23 10:05:10 +00:00
Create a channel with TLS certs generated by cert-manager
Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
This commit is contained in:
Josh Kneubuhl
parent
f4854558c5
commit
632383900a
4 changed files with 34 additions and 6 deletions
|
|
@ -90,7 +90,7 @@ spec:
|
|||
name: org0-config
|
||||
- name: tls-cert-volume
|
||||
secret:
|
||||
secretName: org0-orderer1-tls-cert
|
||||
secretName: org0-orderer2-tls-cert
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ spec:
|
|||
name: org0-config
|
||||
- name: tls-cert-volume
|
||||
secret:
|
||||
secretName: org0-orderer2-tls-cert
|
||||
secretName: org0-orderer3-tls-cert
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
|
|
|||
|
|
@ -16,12 +16,12 @@ function create_channel_org_MSP() {
|
|||
cp \
|
||||
$FABRIC_CA_CLIENT_HOME/'${ecert_ca}'/rcaadmin/msp/cacerts/'${ecert_ca}'.pem \
|
||||
/var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/cacerts
|
||||
|
||||
|
||||
mkdir -p /var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts
|
||||
cp \
|
||||
$FABRIC_CA_CLIENT_HOME/tls-ca/tlsadmin/msp/cacerts/'${org}'-tls-ca.pem \
|
||||
/var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts
|
||||
|
||||
/var/hyperledger/fabric-ca-server/tls/ca.crt \
|
||||
/var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts/'${org}'-tls-ca.pem
|
||||
|
||||
echo "NodeOUs:
|
||||
Enable: true
|
||||
ClientOUIdentifier:
|
||||
|
|
|
|||
|
|
@ -170,6 +170,30 @@ function create_local_MSP() {
|
|||
pop_fn
|
||||
}
|
||||
|
||||
function extract_orderer_tls_cert() {
|
||||
local orderer=$1
|
||||
|
||||
echo 'set -x
|
||||
|
||||
mkdir -p /var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/'${orderer}'.org0.example.com/tls/signcerts/
|
||||
|
||||
cp \
|
||||
var/hyperledger/fabric-ca-server/tls/tls.crt \
|
||||
/var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/'${orderer}'.org0.example.com/tls/signcerts/cert.pem
|
||||
|
||||
' | exec kubectl -n $NS exec deploy/${orderer} -i -c main -- /bin/sh
|
||||
}
|
||||
|
||||
function extract_orderer_tls_certs() {
|
||||
push_fn "Extracting orderer TLS certs to local MSP folder"
|
||||
|
||||
extract_orderer_tls_cert org0-orderer1
|
||||
extract_orderer_tls_cert org0-orderer2
|
||||
extract_orderer_tls_cert org0-orderer3
|
||||
|
||||
pop_fn
|
||||
}
|
||||
|
||||
function network_up() {
|
||||
|
||||
# Kube config
|
||||
|
|
@ -191,6 +215,8 @@ function network_up() {
|
|||
|
||||
launch_orderers
|
||||
launch_peers
|
||||
|
||||
extract_orderer_tls_certs
|
||||
}
|
||||
|
||||
function stop_services() {
|
||||
|
|
@ -205,6 +231,8 @@ function stop_services() {
|
|||
kubectl -n $NS delete pod --all
|
||||
kubectl -n $NS delete service --all
|
||||
kubectl -n $NS delete configmap --all
|
||||
kubectl -n $NS delete cert --all
|
||||
kubectl -n $NS delete issuer --all
|
||||
kubectl -n $NS delete secret --all
|
||||
|
||||
pop_fn
|
||||
|
|
|
|||
Loading…
Reference in a new issue