mirror of
https://github.com/hyperledger/fabric-samples.git
synced 2026-06-17 15:35:09 +00:00
184 lines
5 KiB
YAML
184 lines
5 KiB
YAML
#
|
|
# Copyright IBM Corp. All Rights Reserved.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: org2-peer1-tls-cert
|
|
namespace: ${ORG2_NS}
|
|
spec:
|
|
isCA: false
|
|
privateKey:
|
|
algorithm: ECDSA
|
|
size: 256
|
|
dnsNames:
|
|
- localhost
|
|
- org2-peer1
|
|
- org2-peer1.${ORG2_NS}.svc.cluster.local
|
|
- org2-peer1.${DOMAIN}
|
|
- org2-peer-gateway-svc
|
|
- org2-peer-gateway-svc.${DOMAIN}
|
|
ipAddresses:
|
|
- 127.0.0.1
|
|
secretName: org2-peer1-tls-cert
|
|
issuerRef:
|
|
name: org2-tls-cert-issuer
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: org2-peer1-config
|
|
data:
|
|
FABRIC_CFG_PATH: /var/hyperledger/fabric/config
|
|
FABRIC_LOGGING_SPEC: "debug:cauthdsl,policies,msp,grpc,peer.gossip.mcs,gossip,leveldbhelper=info"
|
|
CORE_PEER_TLS_ENABLED: "true"
|
|
CORE_PEER_TLS_CERT_FILE: /var/hyperledger/fabric/config/tls/tls.crt
|
|
CORE_PEER_TLS_KEY_FILE: /var/hyperledger/fabric/config/tls/tls.key
|
|
CORE_PEER_TLS_ROOTCERT_FILE: /var/hyperledger/fabric/config/tls/ca.crt
|
|
CORE_PEER_ID: org2-peer1.org2.example.com
|
|
CORE_PEER_ADDRESS: org2-peer1:7051
|
|
CORE_PEER_LISTENADDRESS: 0.0.0.0:7051
|
|
CORE_PEER_CHAINCODEADDRESS: org2-peer1:7052
|
|
CORE_PEER_CHAINCODELISTENADDRESS: 0.0.0.0:7052
|
|
# bootstrap peer is the other peer in the same org
|
|
CORE_PEER_GOSSIP_BOOTSTRAP: org2-peer2:7051
|
|
CORE_PEER_GOSSIP_EXTERNALENDPOINT: org2-peer1.${ORG2_NS}.svc.cluster.local:7051
|
|
CORE_PEER_LOCALMSPID: Org2MSP
|
|
CORE_PEER_MSPCONFIGPATH: /var/hyperledger/fabric/organizations/peerOrganizations/org2.example.com/peers/org2-peer1.org2.example.com/msp
|
|
CORE_OPERATIONS_LISTENADDRESS: 0.0.0.0:9443
|
|
CORE_PEER_FILESYSTEMPATH: /var/hyperledger/fabric/data/org2-peer1.org2.example.com
|
|
CORE_LEDGER_SNAPSHOTS_ROOTDIR: /var/hyperledger/fabric/data/org2-peer1.org2.example.com/snapshots
|
|
CHAINCODE_AS_A_SERVICE_BUILDER_CONFIG: "{\"peername\":\"org2peer1\"}"
|
|
FABRIC_K8S_BUILDER_OBJECT_NAME_PREFIX: org2-peer1-cc
|
|
CORE_LEDGER_STATE_STATEDATABASE: CouchDB
|
|
CORE_LEDGER_STATE_COUCHDBCONFIG_MAXRETRIESONSTARTUP: "20"
|
|
CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS: localhost:5984
|
|
CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME: admin
|
|
CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD: adminpw
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: org2-peer1
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: org2-peer1
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: org2-peer1
|
|
org: org2
|
|
spec:
|
|
containers:
|
|
- name: main
|
|
image: ${FABRIC_PEER_IMAGE}
|
|
imagePullPolicy: IfNotPresent
|
|
envFrom:
|
|
- configMapRef:
|
|
name: org2-peer1-config
|
|
ports:
|
|
- containerPort: 7051
|
|
- containerPort: 7052
|
|
- containerPort: 9443
|
|
volumeMounts:
|
|
- name: fabric-volume
|
|
mountPath: /var/hyperledger
|
|
- name: fabric-config
|
|
mountPath: /var/hyperledger/fabric/config
|
|
- name: tls-cert-volume
|
|
mountPath: /var/hyperledger/fabric/config/tls
|
|
readOnly: true
|
|
- name: couchdb
|
|
image: couchdb:${COUCHDB_VERSION}
|
|
imagePullPolicy: IfNotPresent
|
|
env:
|
|
- name: "COUCHDB_USER"
|
|
value: "admin"
|
|
- name: "COUCHDB_PASSWORD"
|
|
value: "adminpw"
|
|
ports:
|
|
- containerPort: 5984
|
|
volumes:
|
|
- name: fabric-volume
|
|
persistentVolumeClaim:
|
|
claimName: fabric-org2
|
|
- name: fabric-config
|
|
configMap:
|
|
name: org2-config
|
|
- name: tls-cert-volume
|
|
secret:
|
|
secretName: org2-peer1-tls-cert
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: org2-peer1
|
|
spec:
|
|
ports:
|
|
- name: grpc
|
|
port: 7051
|
|
protocol: TCP
|
|
- name: chaincode
|
|
port: 7052
|
|
protocol: TCP
|
|
- name: operations
|
|
port: 9443
|
|
protocol: TCP
|
|
selector:
|
|
app: org2-peer1
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: org2-peer-gateway-svc
|
|
spec:
|
|
ports:
|
|
- name: grpc
|
|
port: 7051
|
|
protocol: TCP
|
|
selector:
|
|
org: org2
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
|
|
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
|
labels:
|
|
app: org2-peer1
|
|
name: org2-peer1
|
|
spec:
|
|
ingressClassName: nginx
|
|
rules:
|
|
- host: org2-peer1.${DOMAIN}
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: org2-peer1
|
|
port:
|
|
name: grpc
|
|
path: /
|
|
pathType: ImplementationSpecific
|
|
- host: org2-peer-gateway-svc.${DOMAIN}
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: org2-peer-gateway-svc
|
|
port:
|
|
name: grpc
|
|
path: /
|
|
pathType: ImplementationSpecific
|
|
tls:
|
|
- hosts:
|
|
- org2-peer1.${DOMAIN}
|
|
- hosts:
|
|
- org2-peer-gateway-svc.${DOMAIN}
|