Adding examples of CCAAS and support into the test-network-k8s (#527)

* Changes to the test-network k8s deployment to use the built-in as-a-service chaincode builder from the Peer Container Signed-off-by: Matthew B White <whitemat@uk.ibm.com> * Remove the ccaas init container from org2 peer; tweak docs on ccaas config Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> Co-authored-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
2026-06-17 15:35:09 +00:00 · 2021-12-17 14:09:03 +00:00 · 2021-12-17 14:09:03 +00:00 · e07a9ff86b
commit e07a9ff86b
parent 96623f1bd5
14 changed files with 53 additions and 106 deletions
--- a/test-network-k8s/chaincode/asset-transfer-basic/connection.json
+++ b/test-network-k8s/chaincode/asset-transfer-basic/connection.json
@ -1,5 +1,5 @@
 {
-  "address": "org1-cc-asset-transfer-basic:9999",
+  "address": "{{.peername}}-cc-asset-transfer-basic:9999",
  "dial_timeout": "10s",
  "tls_required": false
 }
--- a/test-network-k8s/chaincode/asset-transfer-basic/metadata.json
+++ b/test-network-k8s/chaincode/asset-transfer-basic/metadata.json
@ -1,4 +1,4 @@
 {
-  "type": "external",
+  "type": "ccaas",
  "label": "basic_1.0"
-}
+}
--- a/test-network-k8s/config/org1/core.yaml
+++ b/test-network-k8s/config/org1/core.yaml
@ -474,7 +474,7 @@ vm:
    # unix:///var/run/docker.sock
    # http://localhost:2375
    # https://localhost:2376
-    endpoint: unix:///var/run/docker.sock
+    # endpoint: unix:///var/run/docker.sock

    # settings for docker vms
    docker:
@ -558,12 +558,11 @@ chaincode:
    # chaincode. The external builder detection processing will iterate over the
    # builders in the order specified below.
    externalBuilders:
-      - path: /var/hyperledger/fabric/chaincode/ccs-builder
-        name: ccs-builder
-        propagateEnvironment:
-          - HOME
-          - CORE_PEER_ID
-          - CORE_PEER_LOCALMSPID
+       - name: ccaas_builder
+         path: /opt/hyperledger/ccaas_builder
+         propagateEnvironment:
+           - CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG
+

    # The maximum duration to wait for the chaincode build and install process
    # to complete.
--- a/test-network-k8s/config/org2/core.yaml
+++ b/test-network-k8s/config/org2/core.yaml
@ -558,13 +558,11 @@ chaincode:
    # chaincode. The external builder detection processing will iterate over the
    # builders in the order specified below.
    externalBuilders:
-      - path: /var/hyperledger/fabric/chaincode/ccs-builder
-        name: ccs-builder
-        propagateEnvironment:
-          - HOME
-          - CORE_PEER_ID
-          - CORE_PEER_LOCALMSPID
-
+       - name: ccaas_builder
+         path: /opt/hyperledger/ccaas_builder
+         propagateEnvironment:
+           - CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG
+          
    # The maximum duration to wait for the chaincode build and install process
    # to complete.
    installTimeout: 300s
--- a/test-network-k8s/docs/TEST_NETWORK.md
+++ b/test-network-k8s/docs/TEST_NETWORK.md
@ -103,52 +103,38 @@ Running Fabric in Kubernetes places some unique constraints on the Chaincode lif

 - For cloud-ready development, test, validation, CI/CD, and production practices, the use of the 
  [Chaincode as a Service](https://hyperledger-fabric.readthedocs.io/en/latest/cc_service.html) pattern provides a 
-  _vastly superior user experience_.  However, with the current (2.3) Fabric builds, the configuration of [External 
-  Chaincode Builders](https://hyperledger-fabric.readthedocs.io/en/latest/cc_launcher.html) is non-trivial and 
-  includes some real complexity for deployment to Kubernetes.
+  _vastly superior user experience_.  
  

 - Running Chaincode builds in Docker in Docker, running in Kubernetes in Docker is ... interesting.  Let's 
  step back and _keep it simple_. 


-  
-For the Kube Test Network, we've configured the peer nodes to launch with the [fabric-ccs-builder](https://github.com/hyperledgendary/fabric-ccs-builder) 
-External Chaincode Builders pre-bundled into the network.  When chaincode is installed on the peers, the external 
-builder binaries will be invoked, bypassing the reliance on a local Docker daemon running in Kubernetes.
+In the Kubernetes Test Network, we've incorporated the default `ccaas` external builder
+(See [fabric #2884](https://github.com/hyperledger/fabric/issues/2884)) as an accelerator for working with 
+Chaincode-as-a-Service on Kubernetes.  For `ccaas` smart contracts, when chaincode is installed on a peer, the 
+external builder binaries will be invoked, bypassing the reliance on a local Docker daemon running in Kubernetes.

 This configuration is accomplished by registering an external builder in the peer core.yaml: 

 ```yaml
    externalBuilders:
-      - path: /var/hyperledger/fabric/chaincode/ccs-builder
-        name: ccs-builder
+      - name: ccaas_builder
+        path: /opt/hyperledger/ccaas_builder
        propagateEnvironment:
-          - HOME
-          - CORE_PEER_ID
-          - CORE_PEER_LOCALMSPID
-```
-  
-At launch time, the Kubernetes deployment includes an init container that will load the fabric-ccs-builder binaries 
-from a public container registry, copying the external builders into the target volume in the peer: 
-
-```yaml
-      initContainers:
-        - name: fabric-ccs-builder
-          image: {{FABRIC_CONTAINER_REGISTRY}}/fabric-ccs-builder
-          command: [sh, -c]
-          args: ["cp /go/bin/* /var/hyperledger/fabric/chaincode/ccs-builder/bin/"]
-          volumeMounts:
-            - name: ccs-builder
-              mountPath: /var/hyperledger/fabric/chaincode/ccs-builder/bin
+          - CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG
 ```

-With this configuration we eliminate the reliance on Docker daemon, fully supporting the _Chaincode-as-a-Service_ 
-pattern for building smart contracts in a cloud-native environment.
+To trigger the external builder for a chaincode service, set the metadata.json `type` attribute to `ccaas`.  E.g.:  
+```json
+{
+  "type": "ccaas",
+  "label": "basic_1.0"
+}
+```

 - [x] Pro tip: Use the companion container registry at `localhost:5000` to deploy custom chaincode into the test network. 
- [x] Pro tip: Deploy a chaincode with `address: host.docker.internal:9999` and run your chaincode in a debugger. 
- [ ] Note: An external chaincode builder will be included in future releases of Fabric.
+- [x] Pro tip: Deploy a chaincode with `address: host.docker.internal:9999` and attach your chaincode in a debugger. 


 ## Starting Peers and Orderers 
--- a/test-network-k8s/kube/org1/org1-cc-template.yaml
+++ b/test-network-k8s/kube/org1/org1-cc-template.yaml
@ -7,16 +7,16 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: org1-cc-{{CHAINCODE_NAME}}
+  name: org1{{PEER_NAME}}-cc-{{CHAINCODE_NAME}}
 spec:
  replicas: 1
  selector:
    matchLabels:
-      app: org1-cc-{{CHAINCODE_NAME}}
+      app: org1{{PEER_NAME}}-cc-{{CHAINCODE_NAME}}
  template:
    metadata:
      labels:
-        app: org1-cc-{{CHAINCODE_NAME}}
+        app: org1{{PEER_NAME}}-cc-{{CHAINCODE_NAME}}
    spec:
      containers:
        - name: main
@ -35,11 +35,11 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: org1-cc-{{CHAINCODE_NAME}}
+  name: org1{{PEER_NAME}}-cc-{{CHAINCODE_NAME}}
 spec:
  ports:
    - name: chaincode
      port: 9999
      protocol: TCP
  selector:
-    app: org1-cc-{{CHAINCODE_NAME}}
+    app: org1{{PEER_NAME}}-cc-{{CHAINCODE_NAME}}
--- a/test-network-k8s/kube/org1/org1-peer1.yaml
+++ b/test-network-k8s/kube/org1/org1-peer1.yaml
@ -28,7 +28,7 @@ data:
  CORE_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
  CORE_PEER_FILESYSTEMPATH: /var/hyperledger/fabric/data/org1-peer1.org1.example.com
  CORE_LEDGER_SNAPSHOTS_ROOTDIR: /var/hyperledger/fabric/data/org1-peer1.org1.example.com/snapshots
-
+  CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG: "{\"peername\":\"org1peer1\"}"
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -61,20 +61,6 @@ spec:
              mountPath: /var/hyperledger
            - name: fabric-config
              mountPath: /var/hyperledger/fabric/config
-            - name: ccs-builder
-              mountPath: /var/hyperledger/fabric/chaincode/ccs-builder/bin
-
-      # load the external chaincode builder into the peer image prior to peer launch.
-      initContainers:
-        - name: fabric-ccs-builder
-          image: ghcr.io/hyperledgendary/fabric-ccs-builder
-          imagePullPolicy: IfNotPresent
-          command: [sh, -c]
-          args: ["cp /go/bin/* /var/hyperledger/fabric/chaincode/ccs-builder/bin/"]
-          volumeMounts:
-            - name: ccs-builder
-              mountPath: /var/hyperledger/fabric/chaincode/ccs-builder/bin
-
      volumes:
        - name: fabric-volume
          persistentVolumeClaim:
@ -82,8 +68,7 @@ spec:
        - name: fabric-config
          configMap:
            name: org1-config
-        - name: ccs-builder
-          emptyDir: {}
+
 ---
 apiVersion: v1
 kind: Service
--- a/test-network-k8s/kube/org1/org1-peer2.yaml
+++ b/test-network-k8s/kube/org1/org1-peer2.yaml
@ -28,7 +28,7 @@ data:
  CORE_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
  CORE_PEER_FILESYSTEMPATH: /var/hyperledger/fabric/data/org1-peer2.org1.example.com
  CORE_LEDGER_SNAPSHOTS_ROOTDIR: /var/hyperledger/fabric/data/org1-peer2.org1.example.com/snapshots
-
+  CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG: "{\"peername\":\"org1peer2\"}"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/test-network-k8s/kube/org2/org2-peer1.yaml
+++ b/test-network-k8s/kube/org2/org2-peer1.yaml
@ -28,7 +28,7 @@ data:
  CORE_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
  CORE_PEER_FILESYSTEMPATH: /var/hyperledger/fabric/data/org2-peer1.org2.example.com
  CORE_LEDGER_SNAPSHOTS_ROOTDIR: /var/hyperledger/fabric/data/org2-peer1.org2.example.com/snapshots
-
+  CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG: "{\"peername\":\"org2peer1\"}"
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -61,20 +61,6 @@ spec:
              mountPath: /var/hyperledger
            - name: fabric-config
              mountPath: /var/hyperledger/fabric/config
-            - name: ccs-builder
-              mountPath: /var/hyperledger/fabric/chaincode/ccs-builder/bin
-
-      # load the external chaincode builder into the peer image prior to peer launch.
-      initContainers:
-        - name: fabric-ccs-builder
-          image: ghcr.io/hyperledgendary/fabric-ccs-builder
-          imagePullPolicy: IfNotPresent
-          command: [sh, -c]
-          args: ["cp /go/bin/* /var/hyperledger/fabric/chaincode/ccs-builder/bin/"]
-          volumeMounts:
-            - name: ccs-builder
-              mountPath: /var/hyperledger/fabric/chaincode/ccs-builder/bin
-
      volumes:
        - name: fabric-volume
          persistentVolumeClaim:
@ -82,8 +68,6 @@ spec:
        - name: fabric-config
          configMap:
            name: org2-config
-        - name: ccs-builder
-          emptyDir: {}

 ---
 apiVersion: v1
--- a/test-network-k8s/kube/org2/org2-peer2.yaml
+++ b/test-network-k8s/kube/org2/org2-peer2.yaml
@ -28,7 +28,7 @@ data:
  CORE_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
  CORE_PEER_FILESYSTEMPATH: /var/hyperledger/fabric/data/org2-peer2.org2.example.com
  CORE_LEDGER_SNAPSHOTS_ROOTDIR: /var/hyperledger/fabric/data/org2-peer2.org2.example.com/snapshots
-
+  CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG: "{\"peername\":\"org2peer2\"}"
 ---
 apiVersion: apps/v1
 kind: Deployment
--- a/test-network-k8s/network
+++ b/test-network-k8s/network
@ -20,7 +20,7 @@ set -o errexit
 # todo: track down a nasty bug whereby the CA service endpoints (kube services) will occasionally reject TCP connections after network down/up.  This is patched by introducing a 10s sleep after the deployments are up...
 # todo: refactor query/invoke to specify chaincode name (-n param)

-FABRIC_VERSION=${TEST_NETWORK_FABRIC_VERSION:-2.3.2}
+FABRIC_VERSION=${TEST_NETWORK_FABRIC_VERSION:-2.4.1}
 FABRIC_CA_VERSION=${TEST_NETWORK_FABRIC_CA_VERSION:-1.5.2}
 FABRIC_CONTAINER_REGISTRY=${TEST_NETWORK_FABRIC_CONTAINER_REGISTRY:-hyperledger}
 NETWORK_NAME=${TEST_NETWORK_NAME:-test-network}
--- a/test-network-k8s/scripts/chaincode.sh
+++ b/test-network-k8s/scripts/chaincode.sh
@ -36,11 +36,12 @@ function transfer_chaincode_archive_for() {

 function install_chaincode_for() {
  local org=$1
-  push_fn "Installing chaincode for org ${org}"
+  local peer=$2
+  push_fn "Installing chaincode for org ${org}  peer ${peer}"

  # Install the chaincode
  echo 'set -x
-  export CORE_PEER_ADDRESS='${org}'-peer1:7051
+  export CORE_PEER_ADDRESS='${org}'-'${peer}':7051
  peer lifecycle chaincode install build/chaincode/'${CHAINCODE_NAME}'.tgz
  ' | exec kubectl -n $NS exec deploy/${org}-admin-cli -c main -i -- /bin/bash

@ -51,6 +52,7 @@ function launch_chaincode_service() {
  local org=$1
  local cc_id=$2
  local cc_image=$3
+  local peer=$4
  push_fn "Launching chaincode container \"${cc_image}\""

  # The chaincode endpoint needs to have the generated chaincode ID available in the environment.
@ -60,9 +62,10 @@ function launch_chaincode_service() {
    | sed 's,{{CHAINCODE_NAME}},'${CHAINCODE_NAME}',g' \
    | sed 's,{{CHAINCODE_ID}},'${cc_id}',g' \
    | sed 's,{{CHAINCODE_IMAGE}},'${cc_image}',g' \
+    | sed 's,{{PEER_NAME}},'${peer}',g' \
    | exec kubectl -n $NS apply -f -

-  kubectl -n $NS rollout status deploy/${org}-cc-${CHAINCODE_NAME}
+  kubectl -n $NS rollout status deploy/${org}${peer}-cc-${CHAINCODE_NAME}

  pop_fn
 }
@ -124,14 +127,6 @@ function query_chaincode_metadata() {
  peer chaincode query -n '${CHAINCODE_NAME}' -C '${CHANNEL_NAME}' -c '"'$args'"'
  ' | exec kubectl -n $NS exec deploy/org1-admin-cli -c main -i -- /bin/bash

-  log ''
-  log 'Org1-Peer-SVC:'
-  echo '
-  export CORE_PEER_ADDRESS=org1-peer-svc:7051
-  peer chaincode query -n '${CHAINCODE_NAME}' -C '${CHANNEL_NAME}' -c '"'$args'"'
-  ' | exec kubectl -n $NS exec deploy/org1-admin-cli -c main -i -- /bin/bash
-
-
 }

 function invoke_chaincode() {
@ -168,7 +163,8 @@ function install_chaincode() {

  package_chaincode_for ${org}
  transfer_chaincode_archive_for ${org}
-  install_chaincode_for ${org}
+  install_chaincode_for ${org} peer1
+  install_chaincode_for ${org} peer2

  set_chaincode_id
 }
@ -186,7 +182,8 @@ function deploy_chaincode() {
  set -x

  install_chaincode
-  launch_chaincode_service org1 $CHAINCODE_ID $CHAINCODE_IMAGE
+  launch_chaincode_service org1 $CHAINCODE_ID $CHAINCODE_IMAGE peer1
+  launch_chaincode_service org1 $CHAINCODE_ID $CHAINCODE_IMAGE peer2
  activate_chaincode
 }

--- a/test-network-k8s/scripts/kind.sh
+++ b/test-network-k8s/scripts/kind.sh
@ -12,7 +12,6 @@ function pull_docker_images() {
  docker pull ${FABRIC_CONTAINER_REGISTRY}/fabric-orderer:$FABRIC_VERSION
  docker pull ${FABRIC_CONTAINER_REGISTRY}/fabric-peer:$FABRIC_VERSION
  docker pull ${FABRIC_CONTAINER_REGISTRY}/fabric-tools:$FABRIC_VERSION
-  docker pull ghcr.io/hyperledgendary/fabric-ccs-builder:latest
  docker pull ghcr.io/hyperledgendary/fabric-ccaas-asset-transfer-basic:latest

  pop_fn
@ -25,7 +24,6 @@ function load_docker_images() {
  kind load docker-image ${FABRIC_CONTAINER_REGISTRY}/fabric-orderer:$FABRIC_VERSION
  kind load docker-image ${FABRIC_CONTAINER_REGISTRY}/fabric-peer:$FABRIC_VERSION
  kind load docker-image ${FABRIC_CONTAINER_REGISTRY}/fabric-tools:$FABRIC_VERSION
-  kind load docker-image ghcr.io/hyperledgendary/fabric-ccs-builder:latest
  kind load docker-image ghcr.io/hyperledgendary/fabric-ccaas-asset-transfer-basic:latest
  
  pop_fn 
--- a/test-network/scripts/deployCC.sh
+++ b/test-network/scripts/deployCC.sh
@ -44,8 +44,8 @@ elif [ -z "$CC_SRC_LANGUAGE" ] || [ "$CC_SRC_LANGUAGE" = "NA" ]; then
  fatalln "No chaincode language was provided. Valid call example: ./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go"

 ## Make sure that the path to the chaincode exists
-elif [ ! -d "$CC_SRC_PATH" ]; then
-  fatalln "Path to chaincode does not exist. Please provide different path."
+elif [ ! -d "$CC_SRC_PATH" ] && [ ! -f "$CC_SRC_PATH" ]; then
+  fatalln "dfghPath to chaincode does not exist. Please provide different path."
 fi

 CC_SRC_LANGUAGE=$(echo "$CC_SRC_LANGUAGE" | tr [:upper:] [:lower:])