a299e18e26
* Import Full Stack Asset Transfer Guide at commit fb554befdbbeff9e69159b54fce0b811603f29c7 Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * Update the workshop with a new WORKSHOP_PATH under fabric-samples Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * Update the workshop with a new WORKSHOP_PATH under fabric-samples Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * missed a .git ignored directory on add Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * Updates to run the workshop on the Apple M1 Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * Workaround for https://github.com/eslint/eslint/issues/15299 in the contract tslinter Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * Build an arch-specific CC images on M1 Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * empty commit - force a build Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> * revert an accidental commit that was building the top-level asset-transfer as arm64 Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com> Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
5.3 KiB
Deploy a Fabric Network
PREV: Deploy a Kube <==> NEXT: Install Chaincode
In addition to a graphical interface, Fabric Operations Console provides a set of RESTful service SDKs which can be utilized to realize a network in a declarative fashion using the Fabric Blockchain Ansible Collection.
With ansible, a Fabric network of CAs, Peers, Orderers, Channels, Chaincode, and Identities are realized by applying a series of playbooks to realize the target configuration.
Ready?
just check-kube
Build a Fabric Network
The first step is to create the configuration that Ansible will use, then run the Ansible Playbooks
Define the namespace and storage class that will be used for console
export WORKSHOP_NAMESPACE="fabricinfra"
# for *IBM Cloud K8S and Openshift* use this storage class
export WORKSHOP_STORAGE_CLASS="ibmc-file-gold"
Configure Ingress controller to the cluster
IBMCloud IKS Clusters and Kind
just nginx
Check the Ingress controllers domain
For IKS:
export INGRESS_IPADDR=$(kubectl -n ingress-nginx get svc/ingress-nginx-controller -o json | jq -r '.status.loadBalancer.ingress[0].ip')
export WORKSHOP_INGRESS_DOMAIN=$(echo $INGRESS_IPADDR | tr -s '.' '-').nip.io
For Kind:
export WORKSHOP_INGRESS_DOMAIN=localho.st
IBM Cloud Openshift
The ingress subdomain can be obtained from the Cluster's dashboard, for example
export WORKSHOP_INGRESS_DOMAIN=theclusterid.eu-gb.containers.appdomain.cloud
Generate Ansible Playbook configuration
# check the output to ensure the correct domain, storage class and namespace
just ansible-review-config
Please check the local _cfg/operator-console-vars.yaml file. Ensure that the ingress domain, storage class and namespace are correct. By default the all the WORKSHOP_xxx varirables are used to see the Ansible configuration, but it's worth double checking the files
For example:
# this MUST be set to either k8s or openshift
target: openshift
# Console name/domain
console_domain: 203-0-113-42.nip.io
console_storage_class: ibmc-file-gold
For Openshift, please ensure that the type: openshift is set
target: openshift
- Set Kubectl context
A Kubectl context is also requried - the default behaviour is use the current context.
Alternatively your K8S provider may give you a different command to get the K8S cxontext. For IKS use this command instead
ibmcloud ks cluster config --cluster <clusterid> --output yaml > _cfg/k8s_context.yaml
The k8s_context.yaml will be detected by the shell scripts and that will be used
- Run the 00-complete play:
# if you are using IKS/KIND
# do not do this for OpenShift
just ansible-ingress
# Start the operator and Fabric Operations Console
just ansible-operator
just ansible-console
# Construct a network and channel with ansible playbooks
just ansible-network
The console will be available at the Nginx ingress domain alias:
https://fabricinfra-hlf-console-console.<WORKSHOP_INGRESS_DOMAIN>
In a browser, connect to this URL (accepting the self-signed certificate), log in as admin password password and view the network structure in the Operations Console user interface. (you will be prompted to change the password!)
Generate configuration files
To connect applications details of the Gateway Endpoints with TLS certificates and the identies to use are required.
The Ansible scripts will have written several files to the _cfg directory, run ls -1 to see the files and refer to the table below for what file is
| Filename | Contents |
|---|---|
| 'Ordering Org Admin.json' | Ordering Organizations Admin identity |
| 'Ordering Org CA Admin.json' | Ordering Organization's Certificate Authority's Admin Identity |
| 'Org1 Admin.json' | Organization 1's Admin identity |
| 'Org1 CA Admin.json' | Organization 1's Certificate Authority's Admin Identity |
| 'Org2 Admin.json' | Organization 2's Admin identity |
| 'Org2 CA Admin.json' | Organization 2's Certificate Authority's Admin Identity |
| auth-vars.yml | Configuration for Ansible to connect to the Fabric Operations Console |
| fabric-common-vars.yml | Ansible Configuartion - for common and shared values |
| fabric-ordering-org-vars.yml | - for the ordering organization |
| fabric-org1-vars.yml | - for organization 1 |
| fabric-org2-vars.yml | - for ogranization 2 |
| operator-console-vars.yml | - for creating the operator an dconsole |