diff --git a/test-network/configtx/configtx.yaml b/test-network/configtx/configtx.yaml index 77db240f..8d7e48e6 100644 --- a/test-network/configtx/configtx.yaml +++ b/test-network/configtx/configtx.yaml @@ -301,7 +301,7 @@ Channel: &ChannelDefaults ################################################################################ Profiles: - TwoOrgsOrdererGenesis: + TwoOrgsApplicationGenesis: <<: *ChannelDefaults Orderer: <<: *OrdererDefaults @@ -309,18 +309,10 @@ Profiles: - *OrdererOrg Capabilities: <<: *OrdererCapabilities - Consortiums: - SampleConsortium: - Organizations: - - *Org1 - - *Org2 - TwoOrgsChannel: - Consortium: SampleConsortium - <<: *ChannelDefaults Application: <<: *ApplicationDefaults Organizations: - *Org1 - *Org2 Capabilities: - <<: *ApplicationCapabilities + <<: *ApplicationCapabilities \ No newline at end of file diff --git a/test-network/docker/docker-compose-test-net.yaml b/test-network/docker/docker-compose-test-net.yaml index 71acf7fa..c8b3d66d 100644 --- a/test-network/docker/docker-compose-test-net.yaml +++ b/test-network/docker/docker-compose-test-net.yaml @@ -22,8 +22,6 @@ services: - FABRIC_LOGGING_SPEC=INFO - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 - ORDERER_GENERAL_LISTENPORT=7050 - - ORDERER_GENERAL_GENESISMETHOD=file - - ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block - ORDERER_GENERAL_LOCALMSPID=OrdererMSP - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp # enabled TLS @@ -36,6 +34,14 @@ services: - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] + - ORDERER_GENERAL_BOOTSTRAPMETHOD=none + - ORDERER_CHANNELPARTICIPATION_ENABLED=true + - ORDERER_ADMIN_TLS_ENABLED=true + - ORDERER_ADMIN_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt + - ORDERER_ADMIN_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key + - ORDERER_ADMIN_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] + - ORDERER_ADMIN_TLS_CLIENTROOTCAS=[/var/hyperledger/orderer/tls/ca.crt] + - ORDERER_ADMIN_LISTENADDRESS=0.0.0.0:7053 working_dir: /opt/gopath/src/github.com/hyperledger/fabric command: orderer volumes: @@ -45,6 +51,7 @@ services: - orderer.example.com:/var/hyperledger/production/orderer ports: - 7050:7050 + - 7053:7053 networks: - test diff --git a/test-network/network.sh b/test-network/network.sh index 0768cd66..9217104b 100755 --- a/test-network/network.sh +++ b/test-network/network.sh @@ -120,7 +120,7 @@ function checkPrereqs() { # directory. Cryptogen uses the files to generate the crypto material for each # org in the "organizations" directory. -# You can also Fabric CAs to generate the crypto material. CAs sign the certificates +# You can also use Fabric CAs to generate the crypto material. CAs sign the certificates # and keys that they generate to create a valid root of trust for each organization. # The script uses Docker Compose to bring up three CAs, one for each peer organization # and the ordering organization. The configuration file for creating the Fabric CA @@ -211,23 +211,17 @@ function createOrgs() { } # Once you create the organization crypto material, you need to create the -# genesis block of the orderer system channel. This block is required to bring -# up any orderer nodes and create any application channels. +# genesis block of the application channel. # The configtxgen tool is used to create the genesis block. Configtxgen consumes a # "configtx.yaml" file that contains the definitions for the sample network. The -# genesis block is defined using the "TwoOrgsOrdererGenesis" profile at the bottom -# of the file. This profile defines a sample consortium, "SampleConsortium", -# consisting of our two Peer Orgs. This consortium defines which organizations are -# recognized as members of the network. The peer and ordering organizations are defined -# in the "Profiles" section at the top of the file. As part of each organization -# profile, the file points to a the location of the MSP directory for each member. -# This MSP is used to create the channel MSP that defines the root of trust for -# each organization. In essence, the channel MSP allows the nodes and users to be -# recognized as network members. The file also specifies the anchor peers for each -# peer org. In future steps, this same file is used to create the channel creation -# transaction and the anchor peer updates. -# +# genesis block is defined using the "TwoOrgsApplicationGenesis" profile at the bottom +# of the file. This profile defines an application channel consisting of our two Peer Orgs. +# The peer and ordering organizations are defined in the "Profiles" section at the +# top of the file. As part of each organization profile, the file points to the +# location of the MSP directory for each member. This MSP is used to create the channel +# MSP that defines the root of trust for each organization. In essence, the channel +# MSP allows the nodes and users to be recognized as network members. # # If you receive the following warning, it can be safely ignored: # @@ -236,27 +230,7 @@ function createOrgs() { # You can ignore the logs regarding intermediate certs, we are not using them in # this crypto implementation. -# Generate orderer system channel genesis block. -function createConsortium() { - which configtxgen - if [ "$?" -ne 0 ]; then - fatalln "configtxgen tool not found." - fi - - infoln "Generating Orderer Genesis block" - - # Note: For some unknown reason (at least for now) the block file can't be - # named orderer.genesis.block or the orderer will fail to launch! - set -x - configtxgen -profile TwoOrgsOrdererGenesis -channelID system-channel -outputBlock ./system-genesis-block/genesis.block - res=$? - { set +x; } 2>/dev/null - if [ $res -ne 0 ]; then - fatalln "Failed to generate orderer genesis block..." - fi -} - -# After we create the org crypto material and the system channel genesis block, +# After we create the org crypto material and the application channel genesis block, # we can now bring up the peers and ordering service. By default, the base # file for creating the network is "docker-compose-test-net.yaml" in the ``docker`` # folder. This file defines the environment variables and file mounts that @@ -268,7 +242,6 @@ function networkUp() { # generate artifacts if they don't exist if [ ! -d "organizations/peerOrganizations" ]; then createOrgs - createConsortium fi COMPOSE_FILES="-f ${COMPOSE_FILE_BASE}" @@ -296,9 +269,7 @@ function createChannel() { fi # now run the script that creates a channel. This script uses configtxgen once - # more to create the channel creation transaction and the anchor peer updates. - # configtx.yaml is mounted in the cli container, which allows us to use it to - # create the channel artifacts + # to create the channel creation transaction and the anchor peer updates. scripts/createChannel.sh $CHANNEL_NAME $CLI_DELAY $MAX_RETRY $VERBOSE } diff --git a/test-network/scripts/createChannel.sh b/test-network/scripts/createChannel.sh index 567155cb..9ee2740b 100755 --- a/test-network/scripts/createChannel.sh +++ b/test-network/scripts/createChannel.sh @@ -17,9 +17,13 @@ if [ ! -d "channel-artifacts" ]; then mkdir channel-artifacts fi -createChannelTx() { +createChannelGenesisBlock() { + which configtxgen + if [ "$?" -ne 0 ]; then + fatalln "configtxgen tool not found." + fi set -x - configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/${CHANNEL_NAME}.tx -channelID $CHANNEL_NAME + configtxgen -profile TwoOrgsApplicationGenesis -outputBlock ./channel-artifacts/${CHANNEL_NAME}.block -channelID $CHANNEL_NAME res=$? { set +x; } 2>/dev/null verifyResult $res "Failed to generate channel configuration transaction..." @@ -33,7 +37,7 @@ createChannel() { while [ $rc -ne 0 -a $COUNTER -lt $MAX_RETRY ] ; do sleep $DELAY set -x - peer channel create -o localhost:7050 -c $CHANNEL_NAME --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/${CHANNEL_NAME}.tx --outputBlock $BLOCKFILE --tls --cafile $ORDERER_CA >&log.txt + osnadmin channel join --channel-id $CHANNEL_NAME --config-block ./channel-artifacts/${CHANNEL_NAME}.block -o localhost:7053 --ca-file $ORDERER_CA --client-cert $ORDERER_ADMIN_TLS_SIGN_CERT --client-key $ORDERER_ADMIN_TLS_PRIVATE_KEY >&log.txt res=$? { set +x; } 2>/dev/null let rc=$res @@ -71,9 +75,9 @@ setAnchorPeer() { FABRIC_CFG_PATH=${PWD}/configtx -## Create channeltx -infoln "Generating channel create transaction '${CHANNEL_NAME}.tx'" -createChannelTx +## Create channel genesis block +infoln "Generating channel genesis block '${CHANNEL_NAME}.block'" +createChannelGenesisBlock FABRIC_CFG_PATH=$PWD/../config/ BLOCKFILE="./channel-artifacts/${CHANNEL_NAME}.block" diff --git a/test-network/scripts/envVar.sh b/test-network/scripts/envVar.sh index 4ac40c07..978754ef 100755 --- a/test-network/scripts/envVar.sh +++ b/test-network/scripts/envVar.sh @@ -15,6 +15,8 @@ export ORDERER_CA=${PWD}/organizations/ordererOrganizations/example.com/orderers export PEER0_ORG1_CA=${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt export PEER0_ORG2_CA=${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt export PEER0_ORG3_CA=${PWD}/organizations/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt +export ORDERER_ADMIN_TLS_SIGN_CERT=${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt +export ORDERER_ADMIN_TLS_PRIVATE_KEY=${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.key # Set environment variables for the peer org setGlobals() {