mirror of
https://github.com/hyperledger/fabric-samples.git
synced 2026-06-25 19:15:10 +00:00
Create a channel with TLS certs generated by cert-manager
Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
This commit is contained in:
Josh Kneubuhl
parent
f4854558c5
commit
632383900a
4 changed files with 34 additions and 6 deletions
|
|
@ -90,7 +90,7 @@ spec:
|
||||||
name: org0-config
|
name: org0-config
|
||||||
- name: tls-cert-volume
|
- name: tls-cert-volume
|
||||||
secret:
|
secret:
|
||||||
secretName: org0-orderer1-tls-cert
|
secretName: org0-orderer2-tls-cert
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
|
|
|
||||||
|
|
@ -90,7 +90,7 @@ spec:
|
||||||
name: org0-config
|
name: org0-config
|
||||||
- name: tls-cert-volume
|
- name: tls-cert-volume
|
||||||
secret:
|
secret:
|
||||||
secretName: org0-orderer2-tls-cert
|
secretName: org0-orderer3-tls-cert
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
|
|
|
||||||
|
|
@ -19,8 +19,8 @@ function create_channel_org_MSP() {
|
||||||
|
|
||||||
mkdir -p /var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts
|
mkdir -p /var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts
|
||||||
cp \
|
cp \
|
||||||
$FABRIC_CA_CLIENT_HOME/tls-ca/tlsadmin/msp/cacerts/'${org}'-tls-ca.pem \
|
/var/hyperledger/fabric-ca-server/tls/ca.crt \
|
||||||
/var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts
|
/var/hyperledger/fabric/organizations/'${org_type}'Organizations/'${org}'.example.com/msp/tlscacerts/'${org}'-tls-ca.pem
|
||||||
|
|
||||||
echo "NodeOUs:
|
echo "NodeOUs:
|
||||||
Enable: true
|
Enable: true
|
||||||
|
|
|
||||||
|
|
@ -170,6 +170,30 @@ function create_local_MSP() {
|
||||||
pop_fn
|
pop_fn
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function extract_orderer_tls_cert() {
|
||||||
|
local orderer=$1
|
||||||
|
|
||||||
|
echo 'set -x
|
||||||
|
|
||||||
|
mkdir -p /var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/'${orderer}'.org0.example.com/tls/signcerts/
|
||||||
|
|
||||||
|
cp \
|
||||||
|
var/hyperledger/fabric-ca-server/tls/tls.crt \
|
||||||
|
/var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/'${orderer}'.org0.example.com/tls/signcerts/cert.pem
|
||||||
|
|
||||||
|
' | exec kubectl -n $NS exec deploy/${orderer} -i -c main -- /bin/sh
|
||||||
|
}
|
||||||
|
|
||||||
|
function extract_orderer_tls_certs() {
|
||||||
|
push_fn "Extracting orderer TLS certs to local MSP folder"
|
||||||
|
|
||||||
|
extract_orderer_tls_cert org0-orderer1
|
||||||
|
extract_orderer_tls_cert org0-orderer2
|
||||||
|
extract_orderer_tls_cert org0-orderer3
|
||||||
|
|
||||||
|
pop_fn
|
||||||
|
}
|
||||||
|
|
||||||
function network_up() {
|
function network_up() {
|
||||||
|
|
||||||
# Kube config
|
# Kube config
|
||||||
|
|
@ -191,6 +215,8 @@ function network_up() {
|
||||||
|
|
||||||
launch_orderers
|
launch_orderers
|
||||||
launch_peers
|
launch_peers
|
||||||
|
|
||||||
|
extract_orderer_tls_certs
|
||||||
}
|
}
|
||||||
|
|
||||||
function stop_services() {
|
function stop_services() {
|
||||||
|
|
@ -205,6 +231,8 @@ function stop_services() {
|
||||||
kubectl -n $NS delete pod --all
|
kubectl -n $NS delete pod --all
|
||||||
kubectl -n $NS delete service --all
|
kubectl -n $NS delete service --all
|
||||||
kubectl -n $NS delete configmap --all
|
kubectl -n $NS delete configmap --all
|
||||||
|
kubectl -n $NS delete cert --all
|
||||||
|
kubectl -n $NS delete issuer --all
|
||||||
kubectl -n $NS delete secret --all
|
kubectl -n $NS delete secret --all
|
||||||
|
|
||||||
pop_fn
|
pop_fn
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue