epistemophiliac/fabric-samples
1
0
Fork 0
mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-17 15:35:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
fabric-samples/test-network-k8s/kube/org1/org1-peer1.yaml
James Taylor 722539244c
Add container registry option to k8s test network 
Add new TEST_NETWORK_THIRD_PARTY_CONTAINER_REGISTRY config env var
to optionally use an alternative registry for couchdb etc.

See #1410

Signed-off-by: James Taylor <jamest@uk.ibm.com>
2026-05-21 11:52:52 +01:00

184 lines
5 KiB
YAML
Raw Blame History

#
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: org1-peer1-tls-cert
namespace: ${ORG1_NS}
spec:
isCA: false
privateKey:
algorithm: ECDSA
size: 256
dnsNames:
- localhost
- org1-peer1
- org1-peer1.${ORG1_NS}.svc.cluster.local
- org1-peer1.${DOMAIN}
- org1-peer-gateway-svc
- org1-peer-gateway-svc.${DOMAIN}
ipAddresses:
- 127.0.0.1
secretName: org1-peer1-tls-cert
issuerRef:
name: org1-tls-cert-issuer
---
apiVersion: v1
kind: ConfigMap
metadata:
name: org1-peer1-config
data:
FABRIC_CFG_PATH: /var/hyperledger/fabric/config
FABRIC_LOGGING_SPEC: "debug:cauthdsl,policies,msp,grpc,peer.gossip.mcs,gossip,leveldbhelper=info"
CORE_PEER_TLS_ENABLED: "true"
CORE_PEER_TLS_CERT_FILE: /var/hyperledger/fabric/config/tls/tls.crt
CORE_PEER_TLS_KEY_FILE: /var/hyperledger/fabric/config/tls/tls.key
CORE_PEER_TLS_ROOTCERT_FILE: /var/hyperledger/fabric/config/tls/ca.crt
CORE_PEER_ID: org1-peer1.org1.example.com
CORE_PEER_ADDRESS: org1-peer1:7051
CORE_PEER_LISTENADDRESS: 0.0.0.0:7051
CORE_PEER_CHAINCODEADDRESS: org1-peer1:7052
CORE_PEER_CHAINCODELISTENADDRESS: 0.0.0.0:7052
# bootstrap peer is the other peer in the same org
CORE_PEER_GOSSIP_BOOTSTRAP: org1-peer2:7051
CORE_PEER_GOSSIP_EXTERNALENDPOINT: org1-peer1.${ORG1_NS}.svc.cluster.local:7051
CORE_PEER_LOCALMSPID: Org1MSP
CORE_PEER_MSPCONFIGPATH: /var/hyperledger/fabric/organizations/peerOrganizations/org1.example.com/peers/org1-peer1.org1.example.com/msp
CORE_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
CORE_PEER_FILESYSTEMPATH: /var/hyperledger/fabric/data/org1-peer1.org1.example.com
CORE_LEDGER_SNAPSHOTS_ROOTDIR: /var/hyperledger/fabric/data/org1-peer1.org1.example.com/snapshots
CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG: "{\"peername\":\"org1peer1\"}"
FABRIC_K8S_BUILDER_OBJECT_NAME_PREFIX: org1-peer1-cc
CORE_LEDGER_STATE_STATEDATABASE: CouchDB
CORE_LEDGER_STATE_COUCHDBCONFIG_MAXRETRIESONSTARTUP: "20"
CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS: localhost:5984
CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME: admin
CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD: adminpw
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: org1-peer1
spec:
replicas: 1
selector:
matchLabels:
app: org1-peer1
template:
metadata:
labels:
app: org1-peer1
org: org1
spec:
containers:
- name: main
image: ${FABRIC_PEER_IMAGE}
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: org1-peer1-config
ports:
- containerPort: 7051
- containerPort: 7052
- containerPort: 9443
volumeMounts:
- name: fabric-volume
mountPath: /var/hyperledger
- name: fabric-config
mountPath: /var/hyperledger/fabric/config
- name: tls-cert-volume
mountPath: /var/hyperledger/fabric/config/tls
readOnly: true
- name: couchdb
image: ${THIRD_PARTY_CONTAINER_REGISTRY}/couchdb:${COUCHDB_VERSION}
imagePullPolicy: IfNotPresent
env:
- name: "COUCHDB_USER"
value: "admin"
- name: "COUCHDB_PASSWORD"
value: "adminpw"
ports:
- containerPort: 5984
volumes:
- name: fabric-volume
persistentVolumeClaim:
claimName: fabric-org1
- name: fabric-config
configMap:
name: org1-config
- name: tls-cert-volume
secret:
secretName: org1-peer1-tls-cert
---
apiVersion: v1
kind: Service
metadata:
name: org1-peer1
spec:
ports:
- name: grpc
port: 7051
protocol: TCP
- name: chaincode
port: 7052
protocol: TCP
- name: operations
port: 9443
protocol: TCP
selector:
app: org1-peer1
---
apiVersion: v1
kind: Service
metadata:
name: org1-peer-gateway-svc
spec:
ports:
- name: grpc
port: 7051
protocol: TCP
selector:
org: org1
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
labels:
app: org1-peer1
name: org1-peer1
spec:
ingressClassName: nginx
rules:
- host: org1-peer1.${DOMAIN}
http:
paths:
- backend:
service:
name: org1-peer1
port:
name: grpc
path: /
pathType: ImplementationSpecific
- host: org1-peer-gateway-svc.${DOMAIN}
http:
paths:
- backend:
service:
name: org1-peer-gateway-svc
port:
name: grpc
path: /
pathType: ImplementationSpecific
tls:
- hosts:
- org1-peer1.${DOMAIN}
- hosts:
- org1-peer-gateway-svc.${DOMAIN}
Reference in a new issue View git blame Copy permalink