From 54a885b6b18c8f86902a3f9664f65725369fc98d Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 8 Apr 2020 10:33:27 +0700 Subject: [PATCH 01/52] Using FABRIC_TAG env to specify fabric img version --- REMOTE_ORG.md | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/REMOTE_ORG.md b/REMOTE_ORG.md index cc30ada..2fa66cd 100644 --- a/REMOTE_ORG.md +++ b/REMOTE_ORG.md @@ -33,7 +33,6 @@ cp /tmp/artifact/cluster-merchant-example/akc-ca-data/remotetest.json /tmp/artif mamba -config='config/operator.env' --set-default mamba channel-config auto-update ``` -.... 8. Install test chaincode on operator cluster ``` @@ -53,6 +52,18 @@ curl -s -X POST http://admin-rca-ica.ordererhai:4001/chaincodes -H "content- cp /tmp/artifact/cluster-example/akc-ca-data/ica-orderer-ca-chain.pem /tmp/artifact/cluster-merchant-example/akc-ca-data/ ``` +Note: + +If endorsement policy is all org, you must send tlsca cert between endorsement peers. + Merchant send operator -> Operator edit network config + Operator send merchant -> Merchant edit network config + + +- Copy tls of peer operator to merchant +``` +cp /tmp/artifact/cluster-example/akc-ca-data/ica-mambatest-ca-chain.pem /tmp/artifact/cluster-merchant-example/akc-ca-data/ +``` + - Register new user for new org ``` curl -s -X POST http://admin-rca-ica.default:4001/registerUser -H "content-type: application/json" -d '{ @@ -79,11 +90,6 @@ curl -s -X POST http://admin-rca-ica.default:4001/chaincodes -H "content-typ }' ``` -Note: - -If endorsement policy is all org, you must send tlsca cert between endorsement peers. - Merchant send operator -> Operator edit network config - Operator gui merchant -> Merchant edit network config 10. Init/Upgrade chaincode on Operator cluster From 8c4051e0948798ae68da2c641f58c490005febf9 Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 8 Apr 2020 10:33:40 +0700 Subject: [PATCH 02/52] Using FABRIC_TAG env to specify fabric img version --- mamba/blockchain/channel_artifact/commands.py | 1 + mamba/blockchain/create_org/commands.py | 1 + mamba/blockchain/enroll_orderers/commands.py | 1 + mamba/blockchain/enroll_peers/commands.py | 1 + mamba/blockchain/ica/commands.py | 1 + mamba/blockchain/orderer/commands.py | 1 + mamba/blockchain/peer/commands.py | 1 + mamba/blockchain/rca/commands.py | 1 + mamba/blockchain/reg_orderers/commands.py | 1 + mamba/blockchain/reg_orgs/commands.py | 1 + mamba/blockchain/reg_peers/commands.py | 1 + mamba/blockchain/template/add-org/1gen-artifacts.yaml | 2 +- mamba/blockchain/template/add-org/2fetch-channel.yaml | 2 +- .../blockchain/template/add-org/3modifyingorgmaterial.yaml | 2 +- mamba/blockchain/template/add-org/4createconfigupdate.yaml | 2 +- .../template/add-org/5signchannelconfig-optional.yaml | 2 +- .../blockchain/template/add-org/6updatechannelconfig.yaml | 2 +- .../fabric-deployment-channel-artifacts.yaml | 2 +- .../enroll-orderer/fabric-deployment-enroll-orderer.yaml | 2 +- .../enroll-peer/fabric-deployment-enroll-peer.yaml | 2 +- .../blockchain/template/ica-ex/fabric-deployment-ica.yaml | 2 +- mamba/blockchain/template/ica/fabric-deployment-ica.yaml | 2 +- .../blockchain/template/orderer-sts/orderer-stateful.yaml | 2 +- mamba/blockchain/template/peer-sts/peer-stateful.yaml | 7 ++++++- mamba/blockchain/template/rca/fabric-deployment-rca.yaml | 2 +- .../fabric-deployment-register-orderer.yaml | 2 +- .../register-org/fabric-deployment-register-org.yaml | 2 +- .../register-peer/fabric-deployment-register-peer.yaml | 2 +- mamba/blockchain/update_channel_config/commands.py | 4 ++++ 29 files changed, 37 insertions(+), 17 deletions(-) diff --git a/mamba/blockchain/channel_artifact/commands.py b/mamba/blockchain/channel_artifact/commands.py index 2deeec8..28eb38d 100644 --- a/mamba/blockchain/channel_artifact/commands.py +++ b/mamba/blockchain/channel_artifact/commands.py @@ -16,6 +16,7 @@ def gen_channel_artifact(): k8s_template_file = '%s/channel-artifacts/fabric-deployment-channel-artifacts.yaml' % util.get_k8s_template_path() dict_env = { 'ORDERER_DOMAIN': domains[0], + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/create_org/commands.py b/mamba/blockchain/create_org/commands.py index aea3d24..fbb7319 100644 --- a/mamba/blockchain/create_org/commands.py +++ b/mamba/blockchain/create_org/commands.py @@ -76,6 +76,7 @@ def create_new_org(): dict_env = { 'ORG_NAME': settings.PEER_ORGS, 'ORG_DOMAIN': settings.PEER_DOMAINS, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/enroll_orderers/commands.py b/mamba/blockchain/enroll_orderers/commands.py index 725b020..b606613 100644 --- a/mamba/blockchain/enroll_orderers/commands.py +++ b/mamba/blockchain/enroll_orderers/commands.py @@ -17,6 +17,7 @@ def enroll_orderer(orderer): dict_env = { 'ORDERER': orderer, 'ENROLL_DOMAIN': domain, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/enroll_peers/commands.py b/mamba/blockchain/enroll_peers/commands.py index ac8df89..807c6a0 100644 --- a/mamba/blockchain/enroll_peers/commands.py +++ b/mamba/blockchain/enroll_peers/commands.py @@ -22,6 +22,7 @@ def enroll_peer(peer, index): 'ENROLL_DOMAIN': domain, 'PEER_INDEX': index, 'EXTERNAL_PEER_HOST': external_domain, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/ica/commands.py b/mamba/blockchain/ica/commands.py index a47bb1f..ed512de 100644 --- a/mamba/blockchain/ica/commands.py +++ b/mamba/blockchain/ica/commands.py @@ -52,6 +52,7 @@ def setup_ica(ica_org): 'ICA_DOMAIN': ica_domain, 'RCA_NAME': settings.RCA_NAME, 'RCA_HOST': rca_host, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/orderer/commands.py b/mamba/blockchain/orderer/commands.py index b116773..bce035c 100644 --- a/mamba/blockchain/orderer/commands.py +++ b/mamba/blockchain/orderer/commands.py @@ -38,6 +38,7 @@ def setup_orderer(orderer, index): 'ORDERER': orderer, 'ORDERER_DOMAIN': domain, 'ORDERER_INDEX': index, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/peer/commands.py b/mamba/blockchain/peer/commands.py index b0fc58d..2b906cc 100644 --- a/mamba/blockchain/peer/commands.py +++ b/mamba/blockchain/peer/commands.py @@ -59,6 +59,7 @@ def setup_peer(peer, index): 'PEER_ORG': peer, 'PEER_DOMAIN': domain, 'PEER_INDEX': index, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/rca/commands.py b/mamba/blockchain/rca/commands.py index a82152e..9b81982 100644 --- a/mamba/blockchain/rca/commands.py +++ b/mamba/blockchain/rca/commands.py @@ -32,6 +32,7 @@ def setup_rca(): 'ORG': domain, 'RCA_NAME': settings.RCA_NAME, 'FABRIC_ORGS': settings.ORGS, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/reg_orderers/commands.py b/mamba/blockchain/reg_orderers/commands.py index 9cd37f7..1276e27 100644 --- a/mamba/blockchain/reg_orderers/commands.py +++ b/mamba/blockchain/reg_orderers/commands.py @@ -17,6 +17,7 @@ def reg_orderer(orderer): dict_env = { 'ORDERER_ORG': orderer, 'ORDERER_DOMAIN': domain, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/reg_orgs/commands.py b/mamba/blockchain/reg_orgs/commands.py index f290b1a..1cd3d74 100644 --- a/mamba/blockchain/reg_orgs/commands.py +++ b/mamba/blockchain/reg_orgs/commands.py @@ -17,6 +17,7 @@ def reg_org(org): dict_env = { 'ORG': org, 'REG_DOMAIN': domain, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/reg_peers/commands.py b/mamba/blockchain/reg_peers/commands.py index 629fbbf..9f988d4 100644 --- a/mamba/blockchain/reg_peers/commands.py +++ b/mamba/blockchain/reg_peers/commands.py @@ -17,6 +17,7 @@ def reg_peer(org): dict_env = { 'PEER_ORG': org, 'PEER_DOMAIN': domain, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/template/add-org/1gen-artifacts.yaml b/mamba/blockchain/template/add-org/1gen-artifacts.yaml index 486add1..4acb5fa 100644 --- a/mamba/blockchain/template/add-org/1gen-artifacts.yaml +++ b/mamba/blockchain/template/add-org/1gen-artifacts.yaml @@ -13,7 +13,7 @@ spec: restartPolicy: "Never" containers: - name: gen-artifacts - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: - /bin/sh - -c diff --git a/mamba/blockchain/template/add-org/2fetch-channel.yaml b/mamba/blockchain/template/add-org/2fetch-channel.yaml index 46a431a..a822e14 100644 --- a/mamba/blockchain/template/add-org/2fetch-channel.yaml +++ b/mamba/blockchain/template/add-org/2fetch-channel.yaml @@ -13,7 +13,7 @@ spec: restartPolicy: "Never" containers: - name: fetch-channel - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: - /bin/sh - -c diff --git a/mamba/blockchain/template/add-org/3modifyingorgmaterial.yaml b/mamba/blockchain/template/add-org/3modifyingorgmaterial.yaml index bb2f413..6f3a7f5 100644 --- a/mamba/blockchain/template/add-org/3modifyingorgmaterial.yaml +++ b/mamba/blockchain/template/add-org/3modifyingorgmaterial.yaml @@ -14,7 +14,7 @@ spec: restartPolicy: "Never" containers: - name: modifyingorgmaterial - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: - /bin/sh - -c diff --git a/mamba/blockchain/template/add-org/4createconfigupdate.yaml b/mamba/blockchain/template/add-org/4createconfigupdate.yaml index c425bb1..602b255 100644 --- a/mamba/blockchain/template/add-org/4createconfigupdate.yaml +++ b/mamba/blockchain/template/add-org/4createconfigupdate.yaml @@ -14,7 +14,7 @@ spec: restartPolicy: "Never" containers: - name: createconfigupdate - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: - /bin/sh - -c diff --git a/mamba/blockchain/template/add-org/5signchannelconfig-optional.yaml b/mamba/blockchain/template/add-org/5signchannelconfig-optional.yaml index f565a3b..e5d6fc9 100644 --- a/mamba/blockchain/template/add-org/5signchannelconfig-optional.yaml +++ b/mamba/blockchain/template/add-org/5signchannelconfig-optional.yaml @@ -14,7 +14,7 @@ spec: restartPolicy: "Never" containers: - name: signchannelconfig - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: - /bin/sh - -c diff --git a/mamba/blockchain/template/add-org/6updatechannelconfig.yaml b/mamba/blockchain/template/add-org/6updatechannelconfig.yaml index 32aa8a9..050d53a 100644 --- a/mamba/blockchain/template/add-org/6updatechannelconfig.yaml +++ b/mamba/blockchain/template/add-org/6updatechannelconfig.yaml @@ -14,7 +14,7 @@ spec: restartPolicy: "Never" containers: - name: updatechannelconfig - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: - /bin/sh - -c diff --git a/mamba/blockchain/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml b/mamba/blockchain/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml index 5b4a466..fdb49b3 100644 --- a/mamba/blockchain/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml +++ b/mamba/blockchain/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: channel-artifacts - image: hyperledger/fabric-tools:1.4.1 + image: hyperledger/fabric-tools:{{FABRIC_TAG}} command: ["sh"] args: ["-c", "/scripts/gen-channel-artifacts.sh 2>&1;"] volumeMounts: diff --git a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml index 457c961..33b2ee4 100644 --- a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml +++ b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: enroll-o-{{ORDERER}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: ORDERERORG value: {{ORDERER}} diff --git a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml index cd3280d..f4c1e18 100644 --- a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml +++ b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: enroll-p{{PEER_INDEX}}-{{PEER}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: CORE_PEER_TLS_CERT_FILE value: /opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.crt diff --git a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml b/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml index 9d9e024..883e1d7 100644 --- a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml +++ b/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: {{ICA_NAME}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: FABRIC_CA_SERVER_HOME value: /etc/hyperledger/fabric-ca diff --git a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml b/mamba/blockchain/template/ica/fabric-deployment-ica.yaml index cc86028..cfd7be2 100644 --- a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml +++ b/mamba/blockchain/template/ica/fabric-deployment-ica.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: {{ICA_NAME}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: FABRIC_CA_SERVER_HOME value: /etc/hyperledger/fabric-ca diff --git a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml index 28d52d6..91404ce 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: orderer{{ORDERER_INDEX}}-orderer-akc - image: hyperledger/fabric-orderer:1.4.1 + image: hyperledger/fabric-orderer:{{FABRIC_TAG}} resources: requests: memory: "150Mi" diff --git a/mamba/blockchain/template/peer-sts/peer-stateful.yaml b/mamba/blockchain/template/peer-sts/peer-stateful.yaml index 79d86b9..78e7cdb 100644 --- a/mamba/blockchain/template/peer-sts/peer-stateful.yaml +++ b/mamba/blockchain/template/peer-sts/peer-stateful.yaml @@ -82,7 +82,7 @@ spec: spec: containers: - name: peer{{PEER_INDEX}}-{{PEER_ORG}} - image: hyperledger/fabric-peer:1.4.1 + image: hyperledger/fabric-peer:{{FABRIC_TAG}} # resources: # requests: # # memory: "3000Mi" @@ -140,6 +140,11 @@ spec: value: 0.0.0.0:9443 - name: CORE_METRICS_PROVIDER value: prometheus + # Allow more time for chaincode container to build on install. + - name: CORE_CHAINCODE_EXECUTETIMEOUT + value: 300s + - name: FABRIC_LOGGING_SPEC + value: INFO workingDir: /opt/gopath/src/github.com/hyperledger/fabric/peer ports: - containerPort: 7051 diff --git a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml b/mamba/blockchain/template/rca/fabric-deployment-rca.yaml index 7e3c368..be2261a 100644 --- a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml +++ b/mamba/blockchain/template/rca/fabric-deployment-rca.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: {{RCA_NAME}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: FABRIC_CA_SERVER_HOME value: /etc/hyperledger/fabric-ca diff --git a/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml b/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml index b42c497..89dac39 100644 --- a/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml +++ b/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: register-o-{{ORDERER_ORG}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: ORDERERORG value: {{ORDERER_ORG}} diff --git a/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml b/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml index a8aa98e..4df6042 100644 --- a/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml +++ b/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: register-org-{{ORG}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: ORG value: {{ORG}} diff --git a/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml b/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml index 5d188c9..57fa3f8 100644 --- a/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml +++ b/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: register-p-{{PEER_ORG}} - image: hyperledger/fabric-ca:1.4.1 + image: hyperledger/fabric-ca:{{FABRIC_TAG}} env: - name: PEERORG value: {{PEER_ORG}} diff --git a/mamba/blockchain/update_channel_config/commands.py b/mamba/blockchain/update_channel_config/commands.py index fbf8190..9411f16 100644 --- a/mamba/blockchain/update_channel_config/commands.py +++ b/mamba/blockchain/update_channel_config/commands.py @@ -26,6 +26,7 @@ def fetch_config(org=None, domain=None): 'ORDERER_NAME': settings.ORDERER_ORGS, 'ORDERER_DOMAIN': settings.ORDERER_DOMAINS, 'CHANNEL_NAME': settings.CHANNEL_NAME, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND @@ -41,6 +42,7 @@ def modify_config(domain=None): dict_env = { 'ORG_DOMAIN': domain, 'NEW_ORG_NAME': settings.NEW_ORG_NAME, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND @@ -57,6 +59,7 @@ def create_config_update_pb(domain=None): dict_env = { 'ORG_DOMAIN': domain, 'CHANNEL_NAME': settings.CHANNEL_NAME, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND @@ -76,6 +79,7 @@ def update_channel_config(org=None, domain=None): 'CHANNEL_NAME': settings.CHANNEL_NAME, 'ORDERER_NAME': settings.ORDERER_ORGS, 'ORDERER_DOMAIN': settings.ORDERER_DOMAINS, + 'FABRIC_TAG': settings.FABRIC_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND From ba9175775c89ecdfbbfb1f3ea27e94896bdbeae5 Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 8 Apr 2020 17:09:59 +0700 Subject: [PATCH 03/52] add prepare folder when start promethus --- mamba/blockchain/prometheus/commands.py | 1 + 1 file changed, 1 insertion(+) diff --git a/mamba/blockchain/prometheus/commands.py b/mamba/blockchain/prometheus/commands.py index 641cb96..a412f5f 100644 --- a/mamba/blockchain/prometheus/commands.py +++ b/mamba/blockchain/prometheus/commands.py @@ -26,6 +26,7 @@ def generate_prom_config(): orderers = settings.ORDERER_ORGS.split(' ') for orderer in orderers: domain = util.get_domain(orderer) + settings.k8s.prereqs(domain) for peer in range(int(settings.NUM_ORDERERS)): if len(prom_target) > 0: prom_target += ',' From 9d6c4fc3f1726ca825ae38731291ce6eab0dc517 Mon Sep 17 00:00:00 2001 From: Tran Hieu Date: Thu, 9 Apr 2020 10:15:43 +0000 Subject: [PATCH 04/52] Add FABRIC_CA_TAG & COUCHDB_TAG --- mamba/blockchain/enroll_orderers/commands.py | 2 +- mamba/blockchain/enroll_peers/commands.py | 2 +- mamba/blockchain/ica/commands.py | 2 +- mamba/blockchain/peer/commands.py | 1 + mamba/blockchain/prometheus/commands.py | 1 + mamba/blockchain/rca/commands.py | 2 +- mamba/blockchain/reg_orderers/commands.py | 2 +- mamba/blockchain/reg_orgs/commands.py | 2 +- mamba/blockchain/reg_peers/commands.py | 2 +- mamba/blockchain/scripts/gen-channel-artifacts.sh | 11 +++++++---- mamba/blockchain/start_network/commands.py | 12 ++++++------ .../fabric-deployment-enroll-orderer.yaml | 2 +- .../enroll-peer/fabric-deployment-enroll-peer.yaml | 2 +- .../template/ica-ex/fabric-deployment-ica.yaml | 2 +- .../template/ica/fabric-deployment-ica.yaml | 2 +- .../blockchain/template/peer-sts/peer-stateful.yaml | 2 +- .../template/rca/fabric-deployment-rca.yaml | 2 +- .../fabric-deployment-register-orderer.yaml | 2 +- .../register-org/fabric-deployment-register-org.yaml | 2 +- .../fabric-deployment-register-peer.yaml | 2 +- mamba/config/operator.env-template | 6 +++++- mamba/settings.py | 4 +++- 22 files changed, 39 insertions(+), 28 deletions(-) diff --git a/mamba/blockchain/enroll_orderers/commands.py b/mamba/blockchain/enroll_orderers/commands.py index b606613..5eee1e5 100644 --- a/mamba/blockchain/enroll_orderers/commands.py +++ b/mamba/blockchain/enroll_orderers/commands.py @@ -17,7 +17,7 @@ def enroll_orderer(orderer): dict_env = { 'ORDERER': orderer, 'ENROLL_DOMAIN': domain, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/enroll_peers/commands.py b/mamba/blockchain/enroll_peers/commands.py index 807c6a0..b4637f8 100644 --- a/mamba/blockchain/enroll_peers/commands.py +++ b/mamba/blockchain/enroll_peers/commands.py @@ -22,7 +22,7 @@ def enroll_peer(peer, index): 'ENROLL_DOMAIN': domain, 'PEER_INDEX': index, 'EXTERNAL_PEER_HOST': external_domain, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/ica/commands.py b/mamba/blockchain/ica/commands.py index ed512de..0dfec86 100644 --- a/mamba/blockchain/ica/commands.py +++ b/mamba/blockchain/ica/commands.py @@ -52,7 +52,7 @@ def setup_ica(ica_org): 'ICA_DOMAIN': ica_domain, 'RCA_NAME': settings.RCA_NAME, 'RCA_HOST': rca_host, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/peer/commands.py b/mamba/blockchain/peer/commands.py index 2b906cc..b308cc0 100644 --- a/mamba/blockchain/peer/commands.py +++ b/mamba/blockchain/peer/commands.py @@ -60,6 +60,7 @@ def setup_peer(peer, index): 'PEER_DOMAIN': domain, 'PEER_INDEX': index, 'FABRIC_TAG': settings.FABRIC_TAG, + 'COUCHDB_TAG': settings.COUCHDB_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/prometheus/commands.py b/mamba/blockchain/prometheus/commands.py index 641cb96..a412f5f 100644 --- a/mamba/blockchain/prometheus/commands.py +++ b/mamba/blockchain/prometheus/commands.py @@ -26,6 +26,7 @@ def generate_prom_config(): orderers = settings.ORDERER_ORGS.split(' ') for orderer in orderers: domain = util.get_domain(orderer) + settings.k8s.prereqs(domain) for peer in range(int(settings.NUM_ORDERERS)): if len(prom_target) > 0: prom_target += ',' diff --git a/mamba/blockchain/rca/commands.py b/mamba/blockchain/rca/commands.py index 9b81982..a043ae6 100644 --- a/mamba/blockchain/rca/commands.py +++ b/mamba/blockchain/rca/commands.py @@ -32,7 +32,7 @@ def setup_rca(): 'ORG': domain, 'RCA_NAME': settings.RCA_NAME, 'FABRIC_ORGS': settings.ORGS, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/reg_orderers/commands.py b/mamba/blockchain/reg_orderers/commands.py index 1276e27..612c361 100644 --- a/mamba/blockchain/reg_orderers/commands.py +++ b/mamba/blockchain/reg_orderers/commands.py @@ -17,7 +17,7 @@ def reg_orderer(orderer): dict_env = { 'ORDERER_ORG': orderer, 'ORDERER_DOMAIN': domain, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/reg_orgs/commands.py b/mamba/blockchain/reg_orgs/commands.py index 1cd3d74..8b1adca 100644 --- a/mamba/blockchain/reg_orgs/commands.py +++ b/mamba/blockchain/reg_orgs/commands.py @@ -17,7 +17,7 @@ def reg_org(org): dict_env = { 'ORG': org, 'REG_DOMAIN': domain, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/reg_peers/commands.py b/mamba/blockchain/reg_peers/commands.py index 9f988d4..3e783e8 100644 --- a/mamba/blockchain/reg_peers/commands.py +++ b/mamba/blockchain/reg_peers/commands.py @@ -17,7 +17,7 @@ def reg_peer(org): dict_env = { 'PEER_ORG': org, 'PEER_DOMAIN': domain, - 'FABRIC_TAG': settings.FABRIC_TAG, + 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND diff --git a/mamba/blockchain/scripts/gen-channel-artifacts.sh b/mamba/blockchain/scripts/gen-channel-artifacts.sh index 0b8c6f3..f276ee0 100644 --- a/mamba/blockchain/scripts/gen-channel-artifacts.sh +++ b/mamba/blockchain/scripts/gen-channel-artifacts.sh @@ -105,7 +105,7 @@ Orderer: &OrdererDefaults for ORG in $ORDERER_ORGS; do local COUNT=1 while [[ "$COUNT" -le $NUM_ORDERERS ]]; do - if [ $FABRIC_NETWORK_TYPE == "PROD" ] && [[ "$COUNT" -gt 1 ]]; then + if [ "$FABRIC_NETWORK_TYPE" == "PROD" ] && [[ "$COUNT" -gt 1 ]]; then COUNT=$((COUNT+1)) continue fi @@ -357,8 +357,7 @@ Profiles: echo " OrgsChannel: - Capabilities: - <<: *ChannelCapabilities + <<: *ChannelDefaults Consortium: SampleConsortium Application: <<: *ApplicationDefaults @@ -384,7 +383,11 @@ function generateChannelArtifacts() { log "Generating orderer genesis block at $GENESIS_BLOCK_FILE" # Note: For some unknown reason (at least for now) the block file can't be # named orderer.genesis.block or the orderer will fail to launch! - configtxgen -profile OrgsOrdererGenesis -outputBlock $GENESIS_BLOCK_FILE + if [ "$FABRIC_TAG" == "2.0.0" ]; then + configtxgen -profile OrgsOrdererGenesis -channelID mamba-sys-channel -outputBlock $GENESIS_BLOCK_FILE + else + configtxgen -profile OrgsOrdererGenesis -outputBlock $GENESIS_BLOCK_FILE + fi if [ "$?" -ne 0 ]; then fatal "Failed to generate orderer genesis block" fi diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 68d1a7c..c77a469 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -85,13 +85,13 @@ def start_network(): time.sleep(1) setup_admin() - # Bootrap network - time.sleep(1) - bootstrap_network() + # # Bootrap network + # time.sleep(1) + # bootstrap_network() - # cat log - domains = settings.ORDERER_DOMAINS.split(' ') - settings.k8s.read_pod_log('bootstrap-network', domains[0]) + # # cat log + # domains = settings.ORDERER_DOMAINS.split(' ') + # settings.k8s.read_pod_log('bootstrap-network', domains[0]) return True diff --git a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml index 33b2ee4..92eff8f 100644 --- a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml +++ b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: enroll-o-{{ORDERER}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: ORDERERORG value: {{ORDERER}} diff --git a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml index f4c1e18..ba2400c 100644 --- a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml +++ b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: enroll-p{{PEER_INDEX}}-{{PEER}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: CORE_PEER_TLS_CERT_FILE value: /opt/gopath/src/github.com/hyperledger/fabric/peer/tls/server.crt diff --git a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml b/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml index 883e1d7..f5bbaa4 100644 --- a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml +++ b/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: {{ICA_NAME}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: FABRIC_CA_SERVER_HOME value: /etc/hyperledger/fabric-ca diff --git a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml b/mamba/blockchain/template/ica/fabric-deployment-ica.yaml index cfd7be2..0b31869 100644 --- a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml +++ b/mamba/blockchain/template/ica/fabric-deployment-ica.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: {{ICA_NAME}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: FABRIC_CA_SERVER_HOME value: /etc/hyperledger/fabric-ca diff --git a/mamba/blockchain/template/peer-sts/peer-stateful.yaml b/mamba/blockchain/template/peer-sts/peer-stateful.yaml index 78e7cdb..fa5c660 100644 --- a/mamba/blockchain/template/peer-sts/peer-stateful.yaml +++ b/mamba/blockchain/template/peer-sts/peer-stateful.yaml @@ -25,7 +25,7 @@ spec: containers: - name: couchdb - image: couchdb:2.3.1 + image: couchdb:{{COUCHDB_TAG}} ports: - containerPort: 5984 # resources: diff --git a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml b/mamba/blockchain/template/rca/fabric-deployment-rca.yaml index be2261a..145d38c 100644 --- a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml +++ b/mamba/blockchain/template/rca/fabric-deployment-rca.yaml @@ -23,7 +23,7 @@ spec: spec: containers: - name: {{RCA_NAME}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: FABRIC_CA_SERVER_HOME value: /etc/hyperledger/fabric-ca diff --git a/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml b/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml index 89dac39..62f2034 100644 --- a/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml +++ b/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: register-o-{{ORDERER_ORG}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: ORDERERORG value: {{ORDERER_ORG}} diff --git a/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml b/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml index 4df6042..c793276 100644 --- a/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml +++ b/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: register-org-{{ORG}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: ORG value: {{ORG}} diff --git a/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml b/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml index 57fa3f8..f53a0fe 100644 --- a/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml +++ b/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: register-p-{{PEER_ORG}} - image: hyperledger/fabric-ca:{{FABRIC_TAG}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: PEERORG value: {{PEER_ORG}} diff --git a/mamba/config/operator.env-template b/mamba/config/operator.env-template index 746ae03..a13adbf 100644 --- a/mamba/config/operator.env-template +++ b/mamba/config/operator.env-template @@ -65,7 +65,11 @@ PRIVATE_DOCKER_PASSWORD="xxxxxxxxxxx" PRIVATE_DOCKER_EMAIL="mamba@akchain.io" # The tag of the docker images to download for Fabric CA and Fabric. Equates to the Fabric version -FABRIC_TAG="1.4.1" +# FABRIC_TAG="1.4.1" +# FABRIC_CA_TAG="1.4.1" +FABRIC_TAG="2.0.0" +FABRIC_CA_TAG="1.4.6" +COUCHDB_TAG="2.3" # Fill this if you're using remote org EXTERNAL_ORDERER_ADDRESSES="" # ex: orderer.example.com diff --git a/mamba/settings.py b/mamba/settings.py index c8697f9..82ff212 100644 --- a/mamba/settings.py +++ b/mamba/settings.py @@ -94,8 +94,10 @@ def init(dotenv_path, set_default): PRIVATE_DOCKER_PASSWORD = os.getenv('PRIVATE_DOCKER_PASSWORD') PRIVATE_DOCKER_EMAIL = os.getenv('PRIVATE_DOCKER_EMAIL') - global FABRIC_TAG + global FABRIC_TAG, FABRIC_CA_TAG, COUCHDB_TAG FABRIC_TAG = os.getenv('FABRIC_TAG') + FABRIC_CA_TAG = os.getenv('FABRIC_CA_TAG') + COUCHDB_TAG = os.getenv('COUCHDB_TAG') global EXTERNAL_ORDERER_ADDRESSES, EXTERNAL_ORG_PEER0_ADDRESSES global EXTERNAL_ORG_PEER1_ADDRESSES, EXTERNAL_RCA_ADDRESSES From f1072b147759b309e2eaa65111d1a12355f0449f Mon Sep 17 00:00:00 2001 From: meo Date: Wed, 15 Apr 2020 10:39:10 +0000 Subject: [PATCH 05/52] Update channel artifact for fabric 2.0 --- .../scripts/gen-channel-artifacts.sh | 39 +++++++++++++------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/mamba/blockchain/scripts/gen-channel-artifacts.sh b/mamba/blockchain/scripts/gen-channel-artifacts.sh index f276ee0..e26ca2e 100644 --- a/mamba/blockchain/scripts/gen-channel-artifacts.sh +++ b/mamba/blockchain/scripts/gen-channel-artifacts.sh @@ -34,7 +34,10 @@ function printOrg { Rule: \"OR('$ORG_MSP_ID.member')\" Admins: Type: Signature - Rule: \"OR('$ORG_MSP_ID.admin')\"" + Rule: \"OR('$ORG_MSP_ID.admin')\" + Endorsement: + Type: Signature + Rule: \"OR('$ORG_MSP_ID.peer')\"" } # printOrdererOrg @@ -62,14 +65,14 @@ function makeConfigTxYaml { # ################################################################################ Capabilities: - Global: &ChannelCapabilities - V1_3: true + Channel: &ChannelCapabilities + V2_0: true Orderer: &OrdererCapabilities - V1_1: true + V2_0: true Application: &ApplicationCapabilities - V1_3: true" + V2_0: true" echo " ################################################################################ @@ -99,9 +102,10 @@ Orderer: &OrdererDefaults # Available types are \"solo\" and \"kafka\". OrdererType: $ORDERER_TYPE - Addresses: - - $EXTERNAL_ORDERER_ADDRESSES:7050" - + Addresses:" + if [ "$EXTERNAL_ORDERER_ADDRESSES" != "" ]; then + echo" - $EXTERNAL_ORDERER_ADDRESSES:7050" + fi for ORG in $ORDERER_ORGS; do local COUNT=1 while [[ "$COUNT" -le $NUM_ORDERERS ]]; do @@ -130,7 +134,7 @@ Orderer: &OrdererDefaults # the serialized messages in a batch. If the 'kafka' OrdererType is # selected, set 'message.max.bytes' and 'replica.fetch.max.bytes' on the # Kafka brokers to a value that is larger than this one. - AbsoluteMaxBytes: 98 MB + AbsoluteMaxBytes: 99 MB # Preferred Max Bytes: The preferred maximum number of bytes allowed for # the serialized messages in a batch. A message larger than the @@ -140,15 +144,18 @@ Orderer: &OrdererDefaults # Max Channels is the maximum number of channels to allow on the ordering # network. When set to 0, this implies no maximum number of channels. - MaxChannels: 0 + MaxChannels: 0" + if [ "$ORDERER_TYPE" == "kafka" ]; then + echo " Kafka: # Brokers: A list of Kafka brokers to which the orderer connects. Edit # this list to identify the brokers of the ordering service. # NOTE: Use IP:port notation. Brokers: - - broker.$KAFKA_NAMESPACE:9092 - + - broker.$KAFKA_NAMESPACE:9092" + fi + echo " # Organizations is the list of orgs which are defined as participants on # the orderer side of the network. Organizations:" @@ -310,6 +317,12 @@ Application: &ApplicationDefaults Admins: Type: ImplicitMeta Rule: \"MAJORITY Admins\" + LifecycleEndorsement: + Type: ImplicitMeta + Rule: \"MAJORITY Endorsement\" + Endorsement: + Type: ImplicitMeta + Rule: \"MAJORITY Endorsement\" # Capabilities describes the application level capabilities, see the # dedicated Capabilities section elsewhere in this file for a full @@ -327,6 +340,8 @@ Profiles: OrgsOrdererGenesis: <<: *ChannelDefaults + Capabilities: + <<: *ChannelCapabilities Orderer: <<: *OrdererDefaults Organizations:" From 09dbd4fad5475731e6d0a65b795342d8f29c513a Mon Sep 17 00:00:00 2001 From: meo Date: Wed, 15 Apr 2020 10:39:59 +0000 Subject: [PATCH 06/52] min request storage test env --- .../blockchain/template/explorer/explorer-db-deployment.yaml | 2 +- mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml | 2 +- mamba/blockchain/template/ica/fabric-deployment-ica.yaml | 2 +- mamba/blockchain/template/kafka/2kafka-set.yaml | 2 +- mamba/blockchain/template/orderer-sts/orderer-stateful.yaml | 2 +- .../template/peer-sts/couchdb-cluster-stateful.yaml | 2 +- mamba/blockchain/template/peer-sts/peer-stateful.yaml | 4 ++-- .../peer-sts/peer-using-couchdb-cluster-stateful.yaml | 2 +- mamba/blockchain/template/rca/fabric-deployment-rca.yaml | 2 +- mamba/blockchain/template/zookeeper/2zk-set.yaml | 2 +- 10 files changed, 11 insertions(+), 11 deletions(-) diff --git a/mamba/blockchain/template/explorer/explorer-db-deployment.yaml b/mamba/blockchain/template/explorer/explorer-db-deployment.yaml index 455b7c0..8056ce6 100644 --- a/mamba/blockchain/template/explorer/explorer-db-deployment.yaml +++ b/mamba/blockchain/template/explorer/explorer-db-deployment.yaml @@ -40,4 +40,4 @@ spec: storageClassName: gp2 resources: requests: - storage: 25Gi \ No newline at end of file + storage: 5Gi \ No newline at end of file diff --git a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml b/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml index f5bbaa4..6d9f859 100644 --- a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml +++ b/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml @@ -75,7 +75,7 @@ spec: storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi --- apiVersion: v1 kind: Service diff --git a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml b/mamba/blockchain/template/ica/fabric-deployment-ica.yaml index 0b31869..68deea2 100644 --- a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml +++ b/mamba/blockchain/template/ica/fabric-deployment-ica.yaml @@ -75,7 +75,7 @@ spec: storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi --- apiVersion: v1 kind: Service diff --git a/mamba/blockchain/template/kafka/2kafka-set.yaml b/mamba/blockchain/template/kafka/2kafka-set.yaml index 4a3ef0a..6c4db1a 100644 --- a/mamba/blockchain/template/kafka/2kafka-set.yaml +++ b/mamba/blockchain/template/kafka/2kafka-set.yaml @@ -54,4 +54,4 @@ spec: accessModes: [ "ReadWriteOnce" ] resources: requests: - storage: 10Gi + storage: 5Gi diff --git a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml index 91404ce..7c7c94e 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml @@ -89,4 +89,4 @@ spec: storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi diff --git a/mamba/blockchain/template/peer-sts/couchdb-cluster-stateful.yaml b/mamba/blockchain/template/peer-sts/couchdb-cluster-stateful.yaml index fc237c9..e58ea5c 100644 --- a/mamba/blockchain/template/peer-sts/couchdb-cluster-stateful.yaml +++ b/mamba/blockchain/template/peer-sts/couchdb-cluster-stateful.yaml @@ -60,5 +60,5 @@ storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi \ No newline at end of file diff --git a/mamba/blockchain/template/peer-sts/peer-stateful.yaml b/mamba/blockchain/template/peer-sts/peer-stateful.yaml index fa5c660..e2edaf6 100644 --- a/mamba/blockchain/template/peer-sts/peer-stateful.yaml +++ b/mamba/blockchain/template/peer-sts/peer-stateful.yaml @@ -54,7 +54,7 @@ storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi --- apiVersion: apps/v1 kind: StatefulSet @@ -175,5 +175,5 @@ spec: storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi diff --git a/mamba/blockchain/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml b/mamba/blockchain/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml index 0b67c97..39bdcf8 100644 --- a/mamba/blockchain/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml +++ b/mamba/blockchain/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml @@ -106,4 +106,4 @@ storageClassName: gp2 resources: requests: - storage: 10Gi \ No newline at end of file + storage: 5Gi \ No newline at end of file diff --git a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml b/mamba/blockchain/template/rca/fabric-deployment-rca.yaml index 145d38c..1147900 100644 --- a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml +++ b/mamba/blockchain/template/rca/fabric-deployment-rca.yaml @@ -69,7 +69,7 @@ spec: storageClassName: gp2 resources: requests: - storage: 10Gi + storage: 5Gi --- apiVersion: v1 kind: Service diff --git a/mamba/blockchain/template/zookeeper/2zk-set.yaml b/mamba/blockchain/template/zookeeper/2zk-set.yaml index 4320670..d803f5e 100644 --- a/mamba/blockchain/template/zookeeper/2zk-set.yaml +++ b/mamba/blockchain/template/zookeeper/2zk-set.yaml @@ -51,4 +51,4 @@ spec: accessModes: [ "ReadWriteOnce" ] resources: requests: - storage: 10Gi + storage: 5Gi From d15eeaa39aba7841ef4142edea0b0dc9ab9ca055 Mon Sep 17 00:00:00 2001 From: harisato Date: Mon, 1 Jun 2020 07:54:10 +0000 Subject: [PATCH 07/52] Update CA --- .../src/chaincodes/abstore/go/abstore.go | 193 +++++++++++++ .../src/chaincodes/abstore/go/go.mod | 13 + .../src/chaincodes/abstore/go/go.sum | 81 ++++++ .../artifacts/src/chaincodes/fabcar/fabcar.go | 204 -------------- mamba/blockchain/scripts/enroll-orderer.sh | 61 +++-- mamba/blockchain/scripts/enroll-peer.sh | 88 ++++-- mamba/blockchain/scripts/env.sh | 3 +- .../scripts/gen-channel-artifacts.sh | 108 ++------ mamba/blockchain/scripts/register-orderer.sh | 5 +- mamba/blockchain/scripts/register-org.sh | 50 +++- mamba/blockchain/scripts/register-peer.sh | 5 +- mamba/blockchain/start_network/commands.py | 34 +-- .../orderer-sts/orderer-stateful.yaml | 2 +- mamba/configtx.yaml | 257 ++++++++++++++++++ mamba/cryptogen.yaml | 85 ++++++ mamba/utils/kube.py | 2 +- 16 files changed, 829 insertions(+), 362 deletions(-) create mode 100644 mamba/blockchain/artifacts/src/chaincodes/abstore/go/abstore.go create mode 100644 mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.mod create mode 100644 mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.sum delete mode 100644 mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go create mode 100644 mamba/configtx.yaml create mode 100644 mamba/cryptogen.yaml diff --git a/mamba/blockchain/artifacts/src/chaincodes/abstore/go/abstore.go b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/abstore.go new file mode 100644 index 0000000..55f1382 --- /dev/null +++ b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/abstore.go @@ -0,0 +1,193 @@ +/* +Copyright IBM Corp. 2016 All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "fmt" + "strconv" + + "github.com/hyperledger/fabric-chaincode-go/shim" + pb "github.com/hyperledger/fabric-protos-go/peer" +) + +// ABstore Chaincode implementation +type ABstore struct { +} + +func (t *ABstore) Init(stub shim.ChaincodeStubInterface) pb.Response { + fmt.Println("ABstore Init") + _, args := stub.GetFunctionAndParameters() + var A, B string // Entities + var Aval, Bval int // Asset holdings + var err error + + if len(args) != 4 { + return shim.Error("Incorrect number of arguments. Expecting 4") + } + + // Initialize the chaincode + A = args[0] + Aval, err = strconv.Atoi(args[1]) + if err != nil { + return shim.Error("Expecting integer value for asset holding") + } + B = args[2] + Bval, err = strconv.Atoi(args[3]) + if err != nil { + return shim.Error("Expecting integer value for asset holding") + } + fmt.Printf("Aval = %d, Bval = %d\n", Aval, Bval) + + // Write the state to the ledger + err = stub.PutState(A, []byte(strconv.Itoa(Aval))) + if err != nil { + return shim.Error(err.Error()) + } + + err = stub.PutState(B, []byte(strconv.Itoa(Bval))) + if err != nil { + return shim.Error(err.Error()) + } + + return shim.Success(nil) +} + +func (t *ABstore) Invoke(stub shim.ChaincodeStubInterface) pb.Response { + fmt.Println("ABstore Invoke") + function, args := stub.GetFunctionAndParameters() + if function == "invoke" { + // Make payment of X units from A to B + return t.invoke(stub, args) + } else if function == "delete" { + // Deletes an entity from its state + return t.delete(stub, args) + } else if function == "query" { + // the old "Query" is now implemtned in invoke + return t.query(stub, args) + } + + return shim.Error("Invalid invoke function name. Expecting \"invoke\" \"delete\" \"query\"") +} + +// Transaction makes payment of X units from A to B +func (t *ABstore) invoke(stub shim.ChaincodeStubInterface, args []string) pb.Response { + var A, B string // Entities + var Aval, Bval int // Asset holdings + var X int // Transaction value + var err error + + if len(args) != 3 { + return shim.Error("Incorrect number of arguments. Expecting 3") + } + + A = args[0] + B = args[1] + + // Get the state from the ledger + // TODO: will be nice to have a GetAllState call to ledger + Avalbytes, err := stub.GetState(A) + if err != nil { + return shim.Error("Failed to get state") + } + if Avalbytes == nil { + return shim.Error("Entity not found") + } + Aval, _ = strconv.Atoi(string(Avalbytes)) + + Bvalbytes, err := stub.GetState(B) + if err != nil { + return shim.Error("Failed to get state") + } + if Bvalbytes == nil { + return shim.Error("Entity not found") + } + Bval, _ = strconv.Atoi(string(Bvalbytes)) + + // Perform the execution + X, err = strconv.Atoi(args[2]) + if err != nil { + return shim.Error("Invalid transaction amount, expecting a integer value") + } + Aval = Aval - X + Bval = Bval + X + fmt.Printf("Aval = %d, Bval = %d\n", Aval, Bval) + + // Write the state back to the ledger + err = stub.PutState(A, []byte(strconv.Itoa(Aval))) + if err != nil { + return shim.Error(err.Error()) + } + + err = stub.PutState(B, []byte(strconv.Itoa(Bval))) + if err != nil { + return shim.Error(err.Error()) + } + + return shim.Success(nil) +} + +// Deletes an entity from state +func (t *ABstore) delete(stub shim.ChaincodeStubInterface, args []string) pb.Response { + if len(args) != 1 { + return shim.Error("Incorrect number of arguments. Expecting 1") + } + + A := args[0] + + // Delete the key from the state in ledger + err := stub.DelState(A) + if err != nil { + return shim.Error("Failed to delete state") + } + + return shim.Success(nil) +} + +// query callback representing the query of a chaincode +func (t *ABstore) query(stub shim.ChaincodeStubInterface, args []string) pb.Response { + var A string // Entities + var err error + + if len(args) != 1 { + return shim.Error("Incorrect number of arguments. Expecting name of the person to query") + } + + A = args[0] + + // Get the state from the ledger + Avalbytes, err := stub.GetState(A) + if err != nil { + jsonResp := "{\"Error\":\"Failed to get state for " + A + "\"}" + return shim.Error(jsonResp) + } + + if Avalbytes == nil { + jsonResp := "{\"Error\":\"Nil amount for " + A + "\"}" + return shim.Error(jsonResp) + } + + jsonResp := "{\"Name\":\"" + A + "\",\"Amount\":\"" + string(Avalbytes) + "\"}" + fmt.Printf("Query Response:%s\n", jsonResp) + return shim.Success(Avalbytes) +} + +func main() { + err := shim.Start(new(ABstore)) + if err != nil { + fmt.Printf("Error starting ABstore chaincode: %s", err) + } +} diff --git a/mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.mod b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.mod new file mode 100644 index 0000000..6ae456b --- /dev/null +++ b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.mod @@ -0,0 +1,13 @@ +module github.com/hyperledger/fabric-samples/chaincode/abstore/go + +go 1.12 + +require ( + github.com/hyperledger/fabric-chaincode-go v0.0.0-20190823162523-04390e015b85 + github.com/hyperledger/fabric-protos-go v0.0.0-20190821214336-621b908d5022 + golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 // indirect + golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a // indirect + golang.org/x/text v0.3.2 // indirect + google.golang.org/appengine v1.4.0 // indirect + google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 // indirect +) diff --git a/mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.sum b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.sum new file mode 100644 index 0000000..bf87551 --- /dev/null +++ b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/go.sum @@ -0,0 +1,81 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/hyperledger/fabric-chaincode-go v0.0.0-20190823162523-04390e015b85 h1:VEm3tPRTCzq3J/1XpVERh1PbOSnshUVwx2G5s3cLiTw= +github.com/hyperledger/fabric-chaincode-go v0.0.0-20190823162523-04390e015b85/go.mod h1:HZK6PKLWrvdD/t0oSLiyaRaUM6fZ7qjJuOlb0zrn0mo= +github.com/hyperledger/fabric-protos-go v0.0.0-20190821214336-621b908d5022 h1:WzttYAPO5xkQ87ZrxzEhvDZknfarSNu1PZt3NPMTE3Y= +github.com/hyperledger/fabric-protos-go v0.0.0-20190821214336-621b908d5022/go.mod h1:xVYTjK4DtZRBxZ2D9aE4y6AbLaPwue2o/criQyQbVD0= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190522155817-f3200d17e092 h1:4QSRKanuywn15aTZvI/mIDEgPQpswuFndXpOj3rKEco= +golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 h1:fHDIZ2oxGnUZRN6WgWFCbYBjH9uqVPRCUVUDhs0wnbA= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190710143415-6ec70d6a5542/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ= +golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8 h1:Nw54tB0rB7hY/N0NQvRW8DG4Yk3Q6T9cu9RcFQDu1tc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20180831171423-11092d34479b h1:lohp5blsw53GBXtLyLNaTXPXS9pJ1tiTw61ZHUoE9Qw= +google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 h1:gSJIx1SDwno+2ElGhA4+qG2zF97qiUzTM+rQ0klBOcE= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0 h1:AzbTB6ux+okLTzP8Ru1Xs41C303zdcfEht7MQnYJt5A= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go b/mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go deleted file mode 100644 index 01792bf..0000000 --- a/mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go +++ /dev/null @@ -1,204 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -/* - * The sample smart contract for documentation topic: - * Writing Your First Blockchain Application - */ - -package main - -/* Imports - * 4 utility libraries for formatting, handling bytes, reading and writing JSON, and string manipulation - * 2 specific Hyperledger Fabric specific libraries for Smart Contracts - */ -import ( - "bytes" - "encoding/json" - "fmt" - "strconv" - - "github.com/hyperledger/fabric/core/chaincode/shim" - sc "github.com/hyperledger/fabric/protos/peer" -) - -// Define the Smart Contract structure -type SmartContract struct { -} - -// Define the car structure, with 4 properties. Structure tags are used by encoding/json library -type Car struct { - Make string `json:"make"` - Model string `json:"model"` - Colour string `json:"colour"` - Owner string `json:"owner"` -} - -/* - * The Init method is called when the Smart Contract "fabcar" is instantiated by the blockchain network - * Best practice is to have any Ledger initialization in separate function -- see initLedger() - */ -func (s *SmartContract) Init(APIstub shim.ChaincodeStubInterface) sc.Response { - return shim.Success(nil) -} - -/* - * The Invoke method is called as a result of an application request to run the Smart Contract "fabcar" - * The calling application program has also specified the particular smart contract function to be called, with arguments - */ -func (s *SmartContract) Invoke(APIstub shim.ChaincodeStubInterface) sc.Response { - - // Retrieve the requested Smart Contract function and arguments - function, args := APIstub.GetFunctionAndParameters() - // Route to the appropriate handler function to interact with the ledger appropriately - if function == "queryCar" { - return s.queryCar(APIstub, args) - } else if function == "initLedger" { - return s.initLedger(APIstub) - } else if function == "createCar" { - return s.createCar(APIstub, args) - } else if function == "queryAllCars" { - return s.queryAllCars(APIstub) - } else if function == "changeCarOwner" { - return s.changeCarOwner(APIstub, args) - } - - return shim.Error("Invalid Smart Contract function name.") -} - -func (s *SmartContract) queryCar(APIstub shim.ChaincodeStubInterface, args []string) sc.Response { - - if len(args) != 1 { - return shim.Error("Incorrect number of arguments. Expecting 1") - } - - carAsBytes, _ := APIstub.GetState(args[0]) - return shim.Success(carAsBytes) -} - -func (s *SmartContract) initLedger(APIstub shim.ChaincodeStubInterface) sc.Response { - cars := []Car{ - Car{Make: "Toyota", Model: "Prius", Colour: "blue", Owner: "Tomoko"}, - Car{Make: "Ford", Model: "Mustang", Colour: "red", Owner: "Brad"}, - Car{Make: "Hyundai", Model: "Tucson", Colour: "green", Owner: "Jin Soo"}, - Car{Make: "Volkswagen", Model: "Passat", Colour: "yellow", Owner: "Max"}, - Car{Make: "Tesla", Model: "S", Colour: "black", Owner: "Adriana"}, - Car{Make: "Peugeot", Model: "205", Colour: "purple", Owner: "Michel"}, - Car{Make: "Chery", Model: "S22L", Colour: "white", Owner: "Aarav"}, - Car{Make: "Fiat", Model: "Punto", Colour: "violet", Owner: "Pari"}, - Car{Make: "Tata", Model: "Nano", Colour: "indigo", Owner: "Valeria"}, - Car{Make: "Holden", Model: "Barina", Colour: "brown", Owner: "Shotaro"}, - } - - i := 0 - for i < len(cars) { - fmt.Println("i is ", i) - carAsBytes, _ := json.Marshal(cars[i]) - APIstub.PutState("CAR"+strconv.Itoa(i), carAsBytes) - fmt.Println("Added", cars[i]) - i = i + 1 - } - - return shim.Success(nil) -} - -func (s *SmartContract) createCar(APIstub shim.ChaincodeStubInterface, args []string) sc.Response { - - if len(args) != 5 { - return shim.Error("Incorrect number of arguments. Expecting 5") - } - - var car = Car{Make: args[1], Model: args[2], Colour: args[3], Owner: args[4]} - - carAsBytes, _ := json.Marshal(car) - APIstub.PutState(args[0], carAsBytes) - - return shim.Success(nil) -} - -func (s *SmartContract) queryAllCars(APIstub shim.ChaincodeStubInterface) sc.Response { - - startKey := "CAR0" - endKey := "CAR999" - - resultsIterator, err := APIstub.GetStateByRange(startKey, endKey) - if err != nil { - return shim.Error(err.Error()) - } - defer resultsIterator.Close() - - // buffer is a JSON array containing QueryResults - var buffer bytes.Buffer - buffer.WriteString("[") - - bArrayMemberAlreadyWritten := false - for resultsIterator.HasNext() { - queryResponse, err := resultsIterator.Next() - if err != nil { - return shim.Error(err.Error()) - } - // Add a comma before array members, suppress it for the first array member - if bArrayMemberAlreadyWritten == true { - buffer.WriteString(",") - } - buffer.WriteString("{\"Key\":") - buffer.WriteString("\"") - buffer.WriteString(queryResponse.Key) - buffer.WriteString("\"") - - buffer.WriteString(", \"Record\":") - // Record is a JSON object, so we write as-is - buffer.WriteString(string(queryResponse.Value)) - buffer.WriteString("}") - bArrayMemberAlreadyWritten = true - } - buffer.WriteString("]") - - fmt.Printf("- queryAllCars:\n%s\n", buffer.String()) - - return shim.Success(buffer.Bytes()) -} - -func (s *SmartContract) changeCarOwner(APIstub shim.ChaincodeStubInterface, args []string) sc.Response { - - if len(args) != 2 { - return shim.Error("Incorrect number of arguments. Expecting 2") - } - - carAsBytes, _ := APIstub.GetState(args[0]) - car := Car{} - - json.Unmarshal(carAsBytes, &car) - car.Owner = args[1] - - carAsBytes, _ = json.Marshal(car) - APIstub.PutState(args[0], carAsBytes) - - return shim.Success(nil) -} - -// The main function is only relevant in unit test mode. Only included here for completeness. -func main() { - - // Create a new Smart Contract - err := shim.Start(new(SmartContract)) - if err != nil { - fmt.Printf("Error creating new Smart Contract: %s", err) - } -} diff --git a/mamba/blockchain/scripts/enroll-orderer.sh b/mamba/blockchain/scripts/enroll-orderer.sh index 7fc86f7..23e4f1a 100644 --- a/mamba/blockchain/scripts/enroll-orderer.sh +++ b/mamba/blockchain/scripts/enroll-orderer.sh @@ -7,33 +7,62 @@ source $(dirname "$0")/env.sh initOrdererVars orderer 1 ENROLLMENT_URL="https://$ORDERER_NAME_PASS@$CA_HOST:7054" +export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/orderer.$DOMAIN +mkdir -p $FABRIC_CA_CLIENT_HOME +export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE + +export TLS_CONFIG_PATH=$FABRIC_CA_CLIENT_HOME/orderers/$ORDERER_HOST/tls +export MSPCONFIGPATH=$FABRIC_CA_CLIENT_HOME/orderers/$ORDERER_HOST/msp + +mkdir -p $TLS_CONFIG_PATH +mkdir -p $MSPCONFIGPATH + log "Preparing to enroll '$ORDERER_HOST:$ORDERER_PORT', enrolled via '$ENROLLMENT_URL' with MSP at '$ORDERER_GENERAL_LOCALMSPDIR'" # Enroll to get orderer's TLS cert (using the "tls" profile) if [ "$EXTERNAL_ORDERER_ADDRESSES" == "" ]; then - fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $ORDERER_HOST + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $ORDERER_HOST else log "Enroll with EXTERNAL_ORDERER_ADDRESSES=$EXTERNAL_ORDERER_ADDRESSES" - fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $ORDERER_HOST --csr.hosts $EXTERNAL_ORDERER_ADDRESSES + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $ORDERER_HOST --csr.hosts $EXTERNAL_ORDERER_ADDRESSES fi -# Copy the TLS key and cert to the appropriate place -TLSDIR=$ORDERER_HOME/tls -mkdir -p $TLSDIR -cp /tmp/tls/keystore/* $ORDERER_GENERAL_TLS_PRIVATEKEY -cp /tmp/tls/signcerts/* $ORDERER_GENERAL_TLS_CERTIFICATE -rm -rf /tmp/tls +# # Copy the TLS key and cert to the appropriate place +# TLSDIR=$ORDERER_HOME/tls +# mkdir -p $TLSDIR +# cp /tmp/tls/keystore/* $ORDERER_GENERAL_TLS_PRIVATEKEY +# cp /tmp/tls/signcerts/* $ORDERER_GENERAL_TLS_CERTIFICATE +# rm -rf /tmp/tls # Enroll again to get the orderer's enrollment certificate (default profile) -fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $ORDERER_GENERAL_LOCALMSPDIR +if [ "$EXTERNAL_ORDERER_ADDRESSES" != ""]; then + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $ORDERER_HOST --csr.hosts $EXTERNAL_ORDERER_ADDRESSES +else + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $ORDERER_HOST +fi +# fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $ORDERER_GENERAL_LOCALMSPDIR # Finish setting up the local MSP for the orderer -finishMSPSetup $ORDERER_GENERAL_LOCALMSPDIR -copyAdminCert $ORDERER_GENERAL_LOCALMSPDIR +# finishMSPSetup $MSPCONFIGPATH +cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${MSPCONFIGPATH}/config.yaml +set -x +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${TLS_CONFIG_PATH}/ca.crt +cp ${TLS_CONFIG_PATH}/signcerts/* ${TLS_CONFIG_PATH}/server.crt +cp ${TLS_CONFIG_PATH}/keystore/* ${TLS_CONFIG_PATH}/server.key + +mkdir -p ${MSPCONFIGPATH}/tlscacerts +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${MSPCONFIGPATH}/tlscacerts/tlsca.orderer.$DOMAIN-cert.pem + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts/tlsca.orderer.$DOMAIN-cert.pem +set +x +# mkdir -p ${FABRIC_CA_CLIENT_HOME}/ca +# cp ${MSPCONFIGPATH}/cacerts/* ${FABRIC_CA_CLIENT_HOME}/ca/ca.$PEERORG.$DOMAIN-cert.pem +# copyAdminCert $ORDERER_GENERAL_LOCALMSPDIR # copy tls & msp crt -cp /etc/hyperledger/orderer/msp/keystore/* /data/orgs/orderer/msp/keystore/key.pem -cp /etc/hyperledger/orderer/msp/signcerts/cert.pem /data/orgs/orderer/msp/signcerts/ -mkdir -p /data/orgs/orderer/tls -cp $ORDERER_GENERAL_TLS_PRIVATEKEY /data/orgs/orderer/tls -cp $ORDERER_GENERAL_TLS_CERTIFICATE /data/orgs/orderer/tls \ No newline at end of file +# cp /etc/hyperledger/orderer/msp/keystore/* /data/orgs/orderer/msp/keystore/key.pem +# cp /etc/hyperledger/orderer/msp/signcerts/cert.pem /data/orgs/orderer/msp/signcerts/ +# mkdir -p /data/orgs/orderer/tls +# cp $ORDERER_GENERAL_TLS_PRIVATEKEY /data/orgs/orderer/tls +# cp $ORDERER_GENERAL_TLS_CERTIFICATE /data/orgs/orderer/tls \ No newline at end of file diff --git a/mamba/blockchain/scripts/enroll-peer.sh b/mamba/blockchain/scripts/enroll-peer.sh index 28adf75..79c458f 100644 --- a/mamba/blockchain/scripts/enroll-peer.sh +++ b/mamba/blockchain/scripts/enroll-peer.sh @@ -5,45 +5,81 @@ source $(dirname "$0")/env.sh log "Enrolling peer for org $PEERORG ..." initPeerVars $PEERORG ENROLLMENT_URL="https://$PEER_NAME_PASS@$CA_HOST:7054" +getDomain $PEERORG -log "Preparing to enroll peer '$CORE_PEER_ID', host '$PEER_HOST', enrolled via '$ENROLLMENT_URL' with MSP at '$CORE_PEER_MSPCONFIGPATH'" +export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$PEERORG.$DOMAIN +mkdir -p $FABRIC_CA_CLIENT_HOME +export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE -# Although a peer may use the same TLS key and certificate file for both inbound and outbound TLS, -# we generate a different key and certificate for inbound and outbound TLS simply to show that it is permissible +export TLS_CONFIG_PATH=$FABRIC_CA_CLIENT_HOME/peers/$PEER_HOST/tls +export MSPCONFIGPATH=$FABRIC_CA_CLIENT_HOME/peers/$PEER_HOST/msp -# Generate server TLS cert and key pair for the peer +mkdir -p $TLS_CONFIG_PATH +mkdir -p $MSPCONFIGPATH +log "Preparing to enroll peer '$CORE_PEER_ID', host '$PEER_HOST', enrolled via '$ENROLLMENT_URL' with MSP at '$CORE_PEER_MSPCONFIGPATH'" if [ "$EXTERNAL_PEER_HOST" != ""]; then - fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST else - fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $PEER_HOST + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $PEER_HOST fi -log "Copy the TLS key and cert to the appropriate place" -TLSDIR=$PEER_HOME/tls -mkdir -p $TLSDIR -cp /tmp/tls/signcerts/* $CORE_PEER_TLS_CERT_FILE -cp /tmp/tls/keystore/* $CORE_PEER_TLS_KEY_FILE -rm -rf /tmp/tls -log "Generate client TLS cert and key pair for the peer" -genClientTLSCert $PEER_HOST $CORE_PEER_TLS_CLIENTCERT_FILE $CORE_PEER_TLS_CLIENTKEY_FILE +# # Although a peer may use the same TLS key and certificate file for both inbound and outbound TLS, +# # we generate a different key and certificate for inbound and outbound TLS simply to show that it is permissible + +# # Generate server TLS cert and key pair for the peer +# if [ "$EXTERNAL_PEER_HOST" != ""]; then +# fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST +# else +# fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $PEER_HOST +# fi + +# log "Copy the TLS key and cert to the appropriate place" +# TLSDIR=$PEER_HOME/tls +# mkdir -p $TLSDIR +# cp /tmp/tls/signcerts/* $CORE_PEER_TLS_CERT_FILE +# cp /tmp/tls/keystore/* $CORE_PEER_TLS_KEY_FILE +# rm -rf /tmp/tls -log "Generate client TLS cert and key pair for the peer CLI" -genClientTLSCert $PEER_HOST /$DATA/tls/$PEER_NAME-cli-client.crt /$DATA/tls/$PEER_NAME-cli-client.key +# log "Generate client TLS cert and key pair for the peer" +# genClientTLSCert $PEER_HOST $CORE_PEER_TLS_CLIENTCERT_FILE $CORE_PEER_TLS_CLIENTKEY_FILE + +# log "Generate client TLS cert and key pair for the peer CLI" +# genClientTLSCert $PEER_HOST /$DATA/tls/$PEER_NAME-cli-client.crt /$DATA/tls/$PEER_NAME-cli-client.key # Enroll the peer to get an enrollment certificate and set up the core's local MSP directory -fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $CORE_PEER_MSPCONFIGPATH +if [ "$EXTERNAL_PEER_HOST" != ""]; then + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST +else + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $PEER_HOST +fi sleep 10 -finishMSPSetup $CORE_PEER_MSPCONFIGPATH -copyAdminCert $CORE_PEER_MSPCONFIGPATH +finishMSPSetup $MSPCONFIGPATH +cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${MSPCONFIGPATH}/config.yaml +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${TLS_CONFIG_PATH}/ca.crt +cp ${TLS_CONFIG_PATH}/signcerts/* ${TLS_CONFIG_PATH}/server.crt +cp ${TLS_CONFIG_PATH}/keystore/* ${TLS_CONFIG_PATH}/server.key + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts/ca.crt + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/tlsca +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/tlsca/tlsca.$PEERORG.$DOMAIN-cert.pem + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/ca +cp ${MSPCONFIGPATH}/cacerts/* ${FABRIC_CA_CLIENT_HOME}/ca/ca.$PEERORG.$DOMAIN-cert.pem +# copyAdminCert $CORE_PEER_MSPCONFIGPATH # copy tls & msp crt -mkdir -p /data/orgs/$CORE_PEER_ID/msp/keystore -mkdir -p /data/orgs/$CORE_PEER_ID/msp/signcerts -mkdir -p /data/orgs/$CORE_PEER_ID/tls -cp $CORE_PEER_MSPCONFIGPATH/keystore/* /data/orgs/$CORE_PEER_ID/msp/keystore/key.pem -cp $CORE_PEER_MSPCONFIGPATH/signcerts/cert.pem /data/orgs/$CORE_PEER_ID/msp/keystore/cert.pem -cp $CORE_PEER_TLS_CERT_FILE /data/orgs/$CORE_PEER_ID/tls/ -cp $CORE_PEER_TLS_KEY_FILE /data/orgs/$CORE_PEER_ID/tls/ +# mkdir -p /data/orgs/$CORE_PEER_ID/msp/keystore +# mkdir -p /data/orgs/$CORE_PEER_ID/msp/signcerts +# mkdir -p /data/orgs/$CORE_PEER_ID/tls +# cp $CORE_PEER_MSPCONFIGPATH/keystore/* /data/orgs/$CORE_PEER_ID/msp/keystore/key.pem +# cp $CORE_PEER_MSPCONFIGPATH/signcerts/cert.pem /data/orgs/$CORE_PEER_ID/msp/keystore/cert.pem +# cp $CORE_PEER_TLS_CERT_FILE /data/orgs/$CORE_PEER_ID/tls/ +# cp $CORE_PEER_TLS_KEY_FILE /data/orgs/$CORE_PEER_ID/tls/ + + +# cp $TLS_CONFIG_PATH/ log "Finished registering peer for org $PEERORG" \ No newline at end of file diff --git a/mamba/blockchain/scripts/env.sh b/mamba/blockchain/scripts/env.sh index f2f75af..8daecb5 100644 --- a/mamba/blockchain/scripts/env.sh +++ b/mamba/blockchain/scripts/env.sh @@ -99,7 +99,8 @@ function initOrgVars { INT_CA_CHAINFILE=/${DATA}/ica-${ORG}-ca-chain.pem ANCHOR_TX_FILE=/${DATA}/orgs/${ORG}/anchors.tx ORG_MSP_ID=${ORG}MSP - ORG_MSP_DIR=/${DATA}/orgs/${ORG}/msp + # ORG_MSP_DIR=/${DATA}/orgs/${ORG}/msp + ORG_MSP_DIR=/${DATA}/crypto-config/${ORG}.${DOMAIN}/msp ORG_ADMIN_CERT=${ORG_MSP_DIR}/admincerts/cert.pem ORG_ADMIN_HOME=/${DATA}/orgs/$ORG/admin diff --git a/mamba/blockchain/scripts/gen-channel-artifacts.sh b/mamba/blockchain/scripts/gen-channel-artifacts.sh index e26ca2e..db93c1a 100644 --- a/mamba/blockchain/scripts/gen-channel-artifacts.sh +++ b/mamba/blockchain/scripts/gen-channel-artifacts.sh @@ -23,21 +23,35 @@ function printOrg { # MSPDir is the filesystem path which contains the MSP configuration MSPDir: $ORG_MSP_DIR - AdminPrincipal: Role.ADMIN + # AdminPrincipal: Role.ADMIN - Policies: + Policies:" + if [ "$1" == "peer" ]; then + echo " Readers: Type: Signature - Rule: \"OR('$ORG_MSP_ID.member')\" + Rule: \"OR('$ORG_MSP_ID.admin', '$ORG_MSP_ID.peer', '$ORG_MSP_ID.client')\" Writers: Type: Signature - Rule: \"OR('$ORG_MSP_ID.member')\" + Rule: \"OR('$ORG_MSP_ID.admin', '$ORG_MSP_ID.client')\" Admins: Type: Signature Rule: \"OR('$ORG_MSP_ID.admin')\" Endorsement: Type: Signature Rule: \"OR('$ORG_MSP_ID.peer')\"" + else + echo " + Readers: + Type: Signature + Rule: \"OR('$ORG_MSP_ID.member')\" + Writers: + Type: Signature + Rule: \"OR('$ORG_MSP_ID.member')\" + Admins: + Type: Signature + Rule: \"OR('$ORG_MSP_ID.admin')\"" + fi } # printOrdererOrg @@ -49,7 +63,8 @@ function printOrdererOrg { # printPeerOrg function printPeerOrg { initPeerVars $1 $2 - printOrg + local PEER="peer" + printOrg $PEER echo " AnchorPeers: - Host: $PEER_HOST @@ -160,10 +175,10 @@ Orderer: &OrdererDefaults # the orderer side of the network. Organizations:" - for ORG in $ORDERER_ORGS; do - initOrgVars $ORG - echo " - *${ORG_CONTAINER_NAME}" - done + # for ORG in $ORDERER_ORGS; do + # initOrgVars $ORG + # echo " - *${ORG_CONTAINER_NAME}" + # done echo " # Policies defines the set of policies at this level of the config tree @@ -232,73 +247,6 @@ Channel: &ChannelDefaults # ################################################################################ Application: &ApplicationDefaults - ACLs: &ACLsDefault - # This section provides defaults for policies for various resources - # in the system. These \"resources\" could be functions on system chaincodes - # (e.g., \"GetBlockByNumber\" on the \"qscc\" system chaincode) or other resources - # (e.g.,who can receive Block events). This section does NOT specify the resource's - # definition or API, but just the ACL policy for it. - # - # User's can override these defaults with their own policy mapping by defining the - # mapping under ACLs in their channel definition - - #---Lifecycle System Chaincode (lscc) function to policy mapping for access control---# - - # ACL policy for lscc's \"getid\" function - lscc/ChaincodeExists: /Channel/Application/Readers - - # ACL policy for lscc's \"getdepspec\" function - lscc/GetDeploymentSpec: /Channel/Application/Readers - - # ACL policy for lscc's \"getccdata\" function - lscc/GetChaincodeData: /Channel/Application/Readers - - # ACL Policy for lscc's \"getchaincodes\" function - lscc/GetInstantiatedChaincodes: /Channel/Application/Readers - - #---Query System Chaincode (qscc) function to policy mapping for access control---# - - # ACL policy for qscc's \"GetChainInfo\" function - qscc/GetChainInfo: /Channel/Application/Readers - - # ACL policy for qscc's \"GetBlockByNumber\" function - qscc/GetBlockByNumber: /Channel/Application/Readers - - # ACL policy for qscc's \"GetBlockByHash\" function - qscc/GetBlockByHash: /Channel/Application/Readers - - # ACL policy for qscc's \"GetTransactionByID\" function - qscc/GetTransactionByID: /Channel/Application/Readers - - # ACL policy for qscc's \"GetBlockByTxID\" function - qscc/GetBlockByTxID: /Channel/Application/Readers - - #---Configuration System Chaincode (cscc) function to policy mapping for access control---# - - # ACL policy for cscc's \"GetConfigBlock\" function - cscc/GetConfigBlock: /Channel/Application/Readers - - # ACL policy for cscc's \"GetConfigTree\" function - cscc/GetConfigTree: /Channel/Application/Readers - - # ACL policy for cscc's \"SimulateConfigTreeUpdate\" function - cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers - - #---Miscellanesous peer function to policy mapping for access control---# - - # ACL policy for invoking chaincodes on peer - peer/Propose: /Channel/Application/Writers - - # ACL policy for chaincode to chaincode invocation - peer/ChaincodeToChaincode: /Channel/Application/Readers - - #---Events resource to policy mapping for access control###---# - - # ACL policy for sending block events - event/Block: /Channel/Application/Readers - - # ACL policy for sending filtered block events - event/FilteredBlock: /Channel/Application/Readers # Organizations is the list of orgs which are defined as participants on # the application side of the network. @@ -347,7 +295,7 @@ Profiles: Organizations:" for ORG in $ORDERER_ORGS; do initOrgVars $ORG - echo " - *${ORG_CONTAINER_NAME}" + echo " - *${ORG_CONTAINER_NAME}" done echo " Capabilities: @@ -357,7 +305,7 @@ Profiles: Organizations:" for ORG in $ORDERER_ORGS; do initOrgVars $ORG - echo " - *${ORG_CONTAINER_NAME}" + echo " - *${ORG_CONTAINER_NAME}" done echo " Capabilities: @@ -367,7 +315,7 @@ Profiles: Organizations:" for ORG in $PEER_ORGS; do initOrgVars $ORG - echo " - *${ORG_CONTAINER_NAME}" + echo " - *${ORG_CONTAINER_NAME}" done echo " @@ -379,7 +327,7 @@ Profiles: Organizations:" for ORG in $PEER_ORGS; do initOrgVars $ORG - echo " - *${ORG_CONTAINER_NAME}" + echo " - *${ORG_CONTAINER_NAME}" done echo " Capabilities: diff --git a/mamba/blockchain/scripts/register-orderer.sh b/mamba/blockchain/scripts/register-orderer.sh index 768845c..c92e11f 100644 --- a/mamba/blockchain/scripts/register-orderer.sh +++ b/mamba/blockchain/scripts/register-orderer.sh @@ -16,9 +16,10 @@ function main { function enrollCAAdmin { initOrgVars $ORG log "Enrolling with $CA_NAME as bootstrap identity ..." - export FABRIC_CA_CLIENT_HOME=$HOME/cas/$CA_NAME + export FABRIC_CA_CLIENT_HOME=$DATA/crypto-config/$ORG.$DOMAIN + mkdir -p $FABRIC_CA_CLIENT_HOME export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE - fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 +# fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 } # Register any identities associated with the orderer diff --git a/mamba/blockchain/scripts/register-org.sh b/mamba/blockchain/scripts/register-org.sh index 911481a..136cc0d 100644 --- a/mamba/blockchain/scripts/register-org.sh +++ b/mamba/blockchain/scripts/register-org.sh @@ -14,11 +14,28 @@ function main { # Enroll the CA administrator function enrollCAAdmin { - initOrgVars $ORG - log "Enrolling with $CA_NAME as bootstrap identity ...${DOMAIN}..." - export FABRIC_CA_CLIENT_HOME=$HOME/cas/$CA_NAME - export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE - fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 + initOrgVars $ORG + getDomain $ORG + log "Enrolling with $CA_NAME as bootstrap identity ...${DOMAIN}..." + export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$ORG.$DOMAIN + mkdir -p $FABRIC_CA_CLIENT_HOME + export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE + fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 + + echo "NodeOUs: + Enable: true + ClientOUIdentifier: + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + OrganizationalUnitIdentifier: client + PeerOUIdentifier: + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + OrganizationalUnitIdentifier: peer + AdminOUIdentifier: + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + OrganizationalUnitIdentifier: admin + OrdererOUIdentifier: + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + OrganizationalUnitIdentifier: orderer" > ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml } # Register the admin and user identities associated with the org @@ -27,20 +44,29 @@ function registerOrgIdentities { enrollCAAdmin log "Registering admin identity: $ADMIN_NAME with $CA_NAME" # The admin identity has the "admin" attribute which is added to ECert by default - fabric-ca-client register -d --id.name $ADMIN_NAME --id.secret $ADMIN_PASS --id.attrs "hf.Registrar.Roles=client,hf.Registrar.Attributes=*,hf.Revoker=true,hf.GenCRL=true,admin=true:ecert,abac.init=true:ecert" + # fabric-ca-client register -d --id.name $ADMIN_NAME --id.secret $ADMIN_PASS --id.attrs "hf.Registrar.Roles=client,hf.Registrar.Attributes=*,hf.Revoker=true,hf.GenCRL=true,admin=true:ecert,abac.init=true:ecert" + fabric-ca-client register -d --id.name $ADMIN_NAME --id.secret $ADMIN_PASS --id.type admin log "Registering user identity: $USER_NAME with $CA_NAME" - fabric-ca-client register -d --id.name $USER_NAME --id.secret $USER_PASS + fabric-ca-client register -d --id.name $USER_NAME --id.secret $USER_PASS --id.type client } function getCACerts { initOrgVars $ORG - log "Getting CA certs for organization $ORG and storing in $ORG_MSP_DIR" - export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE - fabric-ca-client getcacert -d -u https://$CA_HOST:7054 -M $ORG_MSP_DIR - finishMSPSetup $ORG_MSP_DIR + # log "Getting CA certs for organization $ORG and storing in $ORG_MSP_DIR" + # export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE + # fabric-ca-client getcacert -d -u https://$CA_HOST:7054 -M $ORG_MSP_DIR + finishMSPSetup $FABRIC_CA_CLIENT_HOME/msp # If ADMINCERTS is true, we need to enroll the admin now to populate the admincerts directory if [ $ADMINCERTS ]; then - switchToAdminIdentity + # switchToAdminIdentity + echo + echo "## Generate the org admin msp" + echo + set -x + mkdir -p ${FABRIC_CA_CLIENT_HOME}/users/admin/msp + fabric-ca-client enroll -d -u https://$ADMIN_NAME:$ADMIN_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/admin/msp + cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${FABRIC_CA_CLIENT_HOME}/users/admin/msp/config.yaml + set +x fi } diff --git a/mamba/blockchain/scripts/register-peer.sh b/mamba/blockchain/scripts/register-peer.sh index 60c0df7..091c976 100644 --- a/mamba/blockchain/scripts/register-peer.sh +++ b/mamba/blockchain/scripts/register-peer.sh @@ -31,9 +31,10 @@ function main { function enrollCAAdmin { initOrgVars $ORG log "Enrolling with $CA_NAME as bootstrap identity ..." - export FABRIC_CA_CLIENT_HOME=$HOME/cas/$CA_NAME + export FABRIC_CA_CLIENT_HOME=$DATA/crypto-config/$ORG.$DOMAIN + mkdir -p $FABRIC_CA_CLIENT_HOME export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE - fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 +# fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 } # Register any identities associated with a peer diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index c77a469..646e4d1 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -54,10 +54,10 @@ def start_network(): # Run jobs to enroll peers enroll_all_peer() - time.sleep(5) + # time.sleep(5) - # Create crypto-config folder to contains artifacts - update_folder() + # # Create crypto-config folder to contains artifacts + # update_folder() if settings.ORDERER_TYPE == 'kafka': # Create new Zookeeper services @@ -65,25 +65,25 @@ def start_network(): # Create new Kafka services setup_kafka() - # Run job to generate channel.tx, genesis.block - gen_channel_artifact() + # # Run job to generate channel.tx, genesis.block + # gen_channel_artifact() - # Create new StatefullSet orderers - setup_all_orderer() + # # Create new StatefullSet orderers + # setup_all_orderer() - # Create new StatefullSet peers - setup_all_peer() + # # Create new StatefullSet peers + # setup_all_peer() - # Run jobs to generate application artifacts - generate_artifact() + # # Run jobs to generate application artifacts + # generate_artifact() - # Create secret if use private docker hub - if settings.PRIVATE_DOCKER_IMAGE == 'true': - create_all_docker_secret('mamba') + # # Create secret if use private docker hub + # if settings.PRIVATE_DOCKER_IMAGE == 'true': + # create_all_docker_secret('mamba') - # Create new a new Admin service - time.sleep(1) - setup_admin() + # # Create new a new Admin service + # time.sleep(1) + # setup_admin() # # Bootrap network # time.sleep(1) diff --git a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml index 7c7c94e..eebd67a 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml @@ -35,7 +35,7 @@ spec: env: - name: FABRIC_LOGGING_SPEC #value: info - value: INFO + value: DEBUG - name: ORDERER_CFG_PATH value: /shared/ - name: ORDERER_GENERAL_LEDGERTYPE diff --git a/mamba/configtx.yaml b/mamba/configtx.yaml new file mode 100644 index 0000000..80ebb95 --- /dev/null +++ b/mamba/configtx.yaml @@ -0,0 +1,257 @@ + +################################################################################ +# +# SECTION: Capabilities +# +################################################################################ +Capabilities: + Channel: &ChannelCapabilities + V2_0: true + + Orderer: &OrdererCapabilities + V2_0: true + + Application: &ApplicationCapabilities + V2_0: true + +################################################################################ +# +# Section: Organizations +# +################################################################################ +Organizations: + + - &orderer + + Name: orderer + + # ID to load the MSP definition as + ID: ordererMSP + + # MSPDir is the filesystem path which contains the MSP configuration + MSPDir: /data/crypto-config/orderer.harisato/msp + + # AdminPrincipal: Role.ADMIN + + Policies: + + Readers: + Type: Signature + Rule: "OR('ordererMSP.member')" + Writers: + Type: Signature + Rule: "OR('ordererMSP.member')" + Admins: + Type: Signature + Rule: "OR('ordererMSP.admin')" + + - &harisato + + Name: harisato + + # ID to load the MSP definition as + ID: harisatoMSP + + # MSPDir is the filesystem path which contains the MSP configuration + MSPDir: /data/crypto-config/harisato.harisato/msp + + # AdminPrincipal: Role.ADMIN + + Policies: + + Readers: + Type: Signature + Rule: "OR('harisatoMSP.admin', 'harisatoMSP.peer', 'harisatoMSP.client')" + Writers: + Type: Signature + Rule: "OR('harisatoMSP.admin', 'harisatoMSP.client')" + Admins: + Type: Signature + Rule: "OR('harisatoMSP.admin')" + Endorsement: + Type: Signature + Rule: "OR('harisatoMSP.peer')" + + AnchorPeers: + - Host: + Port: 7051 + +################################################################################ +# +# SECTION: Orderer +# +################################################################################ +Orderer: &OrdererDefaults + + # Orderer Type: The orderer implementation to start. + # Available types are "solo" and "kafka". + OrdererType: solo + + Addresses: + - orderer0-orderer.harisato:7050 + + # Batch Timeout: The amount of time to wait before creating a batch. + BatchTimeout: 1s + + # Batch Size: Controls the number of messages batched into a block. + BatchSize: + + # Max Message Count: The maximum number of messages to permit in a + # batch. + MaxMessageCount: 100 + + # Absolute Max Bytes: The absolute maximum number of bytes allowed for + # the serialized messages in a batch. If the 'kafka' OrdererType is + # selected, set 'message.max.bytes' and 'replica.fetch.max.bytes' on the + # Kafka brokers to a value that is larger than this one. + AbsoluteMaxBytes: 99 MB + + # Preferred Max Bytes: The preferred maximum number of bytes allowed for + # the serialized messages in a batch. A message larger than the + # preferred max bytes will result in a batch larger than preferred max + # bytes. + PreferredMaxBytes: 512 KB + + # Max Channels is the maximum number of channels to allow on the ordering + # network. When set to 0, this implies no maximum number of channels. + MaxChannels: 0 + + # Organizations is the list of orgs which are defined as participants on + # the orderer side of the network. + Organizations: + + # Policies defines the set of policies at this level of the config tree + # For Orderer policies, their canonical path is + # /Channel/Orderer/ + Policies: + Readers: + Type: ImplicitMeta + Rule: "ANY Readers" + Writers: + Type: ImplicitMeta + Rule: "ANY Writers" + Admins: + Type: ImplicitMeta + Rule: "MAJORITY Admins" + # BlockValidation specifies what signatures must be included in the block + # from the orderer for the peer to validate it. + BlockValidation: + Type: ImplicitMeta + Rule: "ANY Writers" + + # Capabilities describes the orderer level capabilities, see the + # dedicated Capabilities section elsewhere in this file for a full + # description + Capabilities: + <<: *OrdererCapabilities + +################################################################################ +# +# CHANNEL +# +# This section defines the values to encode into a config transaction or +# genesis block for channel related parameters. +# +################################################################################ +Channel: &ChannelDefaults + # Policies defines the set of policies at this level of the config tree + # For Channel policies, their canonical path is + # /Channel/ + Policies: + # Who may invoke the 'Deliver' API + Readers: + Type: ImplicitMeta + Rule: "ANY Readers" + # Who may invoke the 'Broadcast' API + Writers: + Type: ImplicitMeta + Rule: "ANY Writers" + # By default, who may modify elements at this config level + Admins: + Type: ImplicitMeta + Rule: "MAJORITY Admins" + + + # Capabilities describes the channel level capabilities, see the + # dedicated Capabilities section elsewhere in this file for a full + # description + Capabilities: + <<: *ChannelCapabilities + +################################################################################ +# +# SECTION: Application +# +################################################################################ +Application: &ApplicationDefaults + + # Organizations is the list of orgs which are defined as participants on + # the application side of the network. + Organizations: + + # Policies defines the set of policies at this level of the config tree + # For Application policies, their canonical path is + # /Channel/Application/ + Policies: &ApplicationDefaultPolicies + Readers: + Type: ImplicitMeta + Rule: "ANY Readers" + Writers: + Type: ImplicitMeta + Rule: "ANY Writers" + Admins: + Type: ImplicitMeta + Rule: "MAJORITY Admins" + LifecycleEndorsement: + Type: ImplicitMeta + Rule: "MAJORITY Endorsement" + Endorsement: + Type: ImplicitMeta + Rule: "MAJORITY Endorsement" + + # Capabilities describes the application level capabilities, see the + # dedicated Capabilities section elsewhere in this file for a full + # description + Capabilities: + <<: *ApplicationCapabilities + +################################################################################ +# +# Profiles +# +################################################################################ +Profiles: + + OrgsOrdererGenesis: + <<: *ChannelDefaults + Capabilities: + <<: *ChannelCapabilities + Orderer: + <<: *OrdererDefaults + Organizations: + - *orderer + + Capabilities: + <<: *OrdererCapabilities + Application: + <<: *ApplicationDefaults + Organizations: + - *orderer + + Capabilities: + <<: *ApplicationCapabilities + Consortiums: + SampleConsortium: + Organizations: + - *harisato + + OrgsChannel: + <<: *ChannelDefaults + Consortium: SampleConsortium + Application: + <<: *ApplicationDefaults + Organizations: + - *harisato + + Capabilities: + <<: *ApplicationCapabilities diff --git a/mamba/cryptogen.yaml b/mamba/cryptogen.yaml new file mode 100644 index 0000000..e0be0d0 --- /dev/null +++ b/mamba/cryptogen.yaml @@ -0,0 +1,85 @@ +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +# --------------------------------------------------------------------------- +# "OrdererOrgs" - Definition of organizations managing orderer nodes +# --------------------------------------------------------------------------- + OrdererOrgs: + # --------------------------------------------------------------------------- + # Orderer + # --------------------------------------------------------------------------- + - Name: orderer + Domain: harisato + # --------------------------------------------------------------------------- + # "Specs" - See PeerOrgs below for complete description + # --------------------------------------------------------------------------- + Specs: + - Hostname: orderer0-orderer.harisato + + # --------------------------------------------------------------------------- + # "PeerOrgs" - Definition of organizations managing peer nodes + # --------------------------------------------------------------------------- + PeerOrgs: + # --------------------------------------------------------------------------- + # Org1 + # --------------------------------------------------------------------------- + - Name: harisato + Domain: harisato + EnableNodeOUs: true + # --------------------------------------------------------------------------- + # "Specs" + # --------------------------------------------------------------------------- + # Uncomment this section to enable the explicit definition of hosts in your + # configuration. Most users will want to use Template, below + # + # Specs is an array of Spec entries. Each Spec entry consists of two fields: + # - Hostname: (Required) The desired hostname, sans the domain. + # - CommonName: (Optional) Specifies the template or explicit override for + # the CN. By default, this is the template: + # + # "{{.Hostname}}.{{.Domain}}" + # + # which obtains its values from the Spec.Hostname and + # Org.Domain, respectively. + # --------------------------------------------------------------------------- + # Specs: + # - Hostname: foo # implicitly "foo.org1.example.com" + # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above + # - Hostname: bar + # - Hostname: baz + # --------------------------------------------------------------------------- + # "Template" + # --------------------------------------------------------------------------- + # Allows for the definition of 1 or more hosts that are created sequentially + # from a template. By default, this looks like "peer%d" from 0 to Count-1. + # You may override the number of nodes (Count), the starting index (Start) + # or the template used to construct the name (Hostname). + # + # Note: Template and Specs are not mutually exclusive. You may define both + # sections and the aggregate nodes will be created for you. Take care with + # name collisions + # --------------------------------------------------------------------------- + Template: + Count: 2 + # Start: 5 + # Hostname: {{.Prefix}}{{.Index}} # default + # --------------------------------------------------------------------------- + # "Users" + # --------------------------------------------------------------------------- + # Count: The number of user accounts _in addition_ to Admin + # --------------------------------------------------------------------------- + Users: + Count: 1 + # --------------------------------------------------------------------------- + # Org2: See "Org1" for full specification + # --------------------------------------------------------------------------- + - Name: Org2 + Domain: org2.example.com + EnableNodeOUs: true + Template: + Count: 2 + Users: + Count: 1 + \ No newline at end of file diff --git a/mamba/utils/kube.py b/mamba/utils/kube.py index 7815bb7..7477fe7 100644 --- a/mamba/utils/kube.py +++ b/mamba/utils/kube.py @@ -224,7 +224,7 @@ def find_pvc(self, namespace, keyword): def exec_pod(self, podName, namespace, command): try: resp = stream(self.coreApi.connect_get_namespaced_pod_exec, - name=podName, namespace=namespace, stderr=True, stdin=True, stdout=True, command=command) + name=podName, namespace=namespace, container='test-pod', stderr=True, stdin=True, stdout=True, command=command) # return util.resultDict(success=True, msg='Success', data=resp) return util.Result(success=True, msg='Success', data=resp) except ApiException as e: From 3a1409a78db7ad0197094c18d5e145369cc1f321 Mon Sep 17 00:00:00 2001 From: harisato Date: Mon, 1 Jun 2020 10:10:49 +0000 Subject: [PATCH 08/52] Update folder cert --- mamba/blockchain/scripts/register-org.sh | 8 ++++---- mamba/blockchain/start_network/commands.py | 12 ++++++------ .../template/orderer-sts/orderer-stateful.yaml | 8 ++++---- .../template/peer-sts/peer-stateful.yaml | 14 +++++++------- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/mamba/blockchain/scripts/register-org.sh b/mamba/blockchain/scripts/register-org.sh index 136cc0d..e5055ec 100644 --- a/mamba/blockchain/scripts/register-org.sh +++ b/mamba/blockchain/scripts/register-org.sh @@ -25,16 +25,16 @@ function enrollCAAdmin { echo "NodeOUs: Enable: true ClientOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: orderer" > ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml } diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 646e4d1..3cac3c4 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -65,14 +65,14 @@ def start_network(): # Create new Kafka services setup_kafka() - # # Run job to generate channel.tx, genesis.block - # gen_channel_artifact() + # Run job to generate channel.tx, genesis.block + gen_channel_artifact() - # # Create new StatefullSet orderers - # setup_all_orderer() + # Create new StatefullSet orderers + setup_all_orderer() - # # Create new StatefullSet peers - # setup_all_peer() + # Create new StatefullSet peers + setup_all_peer() # # Run jobs to generate application artifacts # generate_artifact() diff --git a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml index eebd67a..63c5c5e 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml @@ -45,7 +45,7 @@ spec: - name: ORDERER_GENERAL_LISTENADDRESS value: 0.0.0.0 - name: ORDERER_GENERAL_LOCALMSPDIR - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/msp + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/msp - name: ORDERER_GENERAL_LOCALMSPID value: ordererMSP - name: ORDERER_GENERAL_GENESISMETHOD @@ -55,12 +55,12 @@ spec: - name: ORDERER_GENERAL_TLS_ENABLED value: "true" - name: ORDERER_GENERAL_TLS_PRIVATEKEY - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.key + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.key - name: ORDERER_GENERAL_TLS_CERTIFICATE - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.crt + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.crt # THIS IS BROKEN: * 'General.TLS.RootCAs': source data must be an array or slice, got string - name: ORDERER_GENERAL_TLS_ROOTCAS - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/tlsca.{{ORDERER_DOMAIN}}-cert.pem + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/tlscacerts/tls-ica-{{ORDERER}}-{{ORDERER_DOMAIN}}-7054.pem - name: GODEBUG value: netdns=go - name: ORDERER_OPERATIONS_LISTENADDRESS diff --git a/mamba/blockchain/template/peer-sts/peer-stateful.yaml b/mamba/blockchain/template/peer-sts/peer-stateful.yaml index e2edaf6..9e1cff3 100644 --- a/mamba/blockchain/template/peer-sts/peer-stateful.yaml +++ b/mamba/blockchain/template/peer-sts/peer-stateful.yaml @@ -109,19 +109,19 @@ spec: - name: CORE_PEER_LOCALMSPID value: {{PEER_ORG}}MSP - name: CORE_PEER_MSPCONFIGPATH - value: /shared/peers/peer{{PEER_INDEX}}.{{PEER_DOMAIN}}/msp/ - #- name: CORE_LOGGING_LEVEL + value: /shared/peers/peer{{PEER_INDEX}}-{{PEER_ORG}}.{{PEER_DOMAIN}}/msp/ + #- name: FABRIC_LOGGING_SPEC #value: info - - name: CORE_LOGGING_GRPC + - name: FABRIC_LOGGING_SPEC value: debug - name: CORE_PEER_TLS_ENABLED value: "true" - name: CORE_PEER_TLS_CERT_FILE - value: /shared/peers/peer{{PEER_INDEX}}.{{PEER_DOMAIN}}/tls/server.crt + value: /shared/peers/peer{{PEER_INDEX}}-{{PEER_ORG}}.{{PEER_DOMAIN}}/tls/server.crt - name: CORE_PEER_TLS_KEY_FILE - value: /shared/peers/peer{{PEER_INDEX}}.{{PEER_DOMAIN}}/tls/server.key + value: /shared/peers/peer{{PEER_INDEX}}-{{PEER_ORG}}.{{PEER_DOMAIN}}/tls/server.key - name: CORE_PEER_TLS_ROOTCERT_FILE - value: /shared/peers/peer{{PEER_INDEX}}.{{PEER_DOMAIN}}/tls/tlsca.{{PEER_DOMAIN}}-cert.pem + value: /shared/peers/peer{{PEER_INDEX}}-{{PEER_ORG}}.{{PEER_DOMAIN}}/tls/tlscacerts/tls-ica-{{PEER_ORG}}-{{PEER_DOMAIN}}-7054.pem - name: CORE_LEDGER_STATE_STATEDATABASE value: CouchDB - name: FABRIC_CFG_PATH @@ -163,7 +163,7 @@ spec: - name: crypto-config nfs: server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/crypto-config/peerOrganizations/{{PEER_DOMAIN}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/crypto-config/{{PEER_ORG}}.{{PEER_DOMAIN}} - name: dockersocket hostPath: path: /var/run/docker.sock From ebf7253647787333780c4f88d5fe99981d1db1c1 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 2 Jun 2020 07:38:27 +0000 Subject: [PATCH 09/52] Update CA --- mamba/blockchain/scripts/enroll-peer.sh | 6 +++--- mamba/blockchain/scripts/register-org.sh | 17 +++++++++++++---- .../blockchain/scripts/start-intermediate-ca.sh | 8 ++++---- mamba/blockchain/start_network/commands.py | 8 ++++---- 4 files changed, 24 insertions(+), 15 deletions(-) diff --git a/mamba/blockchain/scripts/enroll-peer.sh b/mamba/blockchain/scripts/enroll-peer.sh index 79c458f..97bd40c 100644 --- a/mamba/blockchain/scripts/enroll-peer.sh +++ b/mamba/blockchain/scripts/enroll-peer.sh @@ -5,10 +5,10 @@ source $(dirname "$0")/env.sh log "Enrolling peer for org $PEERORG ..." initPeerVars $PEERORG ENROLLMENT_URL="https://$PEER_NAME_PASS@$CA_HOST:7054" -getDomain $PEERORG +# getDomain $PEERORG -export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$PEERORG.$DOMAIN -mkdir -p $FABRIC_CA_CLIENT_HOME +# export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$PEERORG.$DOMAIN +# mkdir -p $FABRIC_CA_CLIENT_HOME export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE export TLS_CONFIG_PATH=$FABRIC_CA_CLIENT_HOME/peers/$PEER_HOST/tls diff --git a/mamba/blockchain/scripts/register-org.sh b/mamba/blockchain/scripts/register-org.sh index e5055ec..ba0bfb2 100644 --- a/mamba/blockchain/scripts/register-org.sh +++ b/mamba/blockchain/scripts/register-org.sh @@ -25,16 +25,16 @@ function enrollCAAdmin { echo "NodeOUs: Enable: true ClientOUIdentifier: - # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: - # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: - # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: - # Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: orderer" > ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml } @@ -68,6 +68,15 @@ function getCACerts { cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${FABRIC_CA_CLIENT_HOME}/users/admin/msp/config.yaml set +x fi + + mkdir -p organizations/peerOrganizations/org1.example.com/users + mkdir -p ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME} + echo + echo "## Generate the user msp" + echo + set -x + fabric-ca-client enroll -u https://${USER_NAME}:$USER_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME}/msp + set +x } set +e diff --git a/mamba/blockchain/scripts/start-intermediate-ca.sh b/mamba/blockchain/scripts/start-intermediate-ca.sh index 3dfdd6f..6ffad89 100644 --- a/mamba/blockchain/scripts/start-intermediate-ca.sh +++ b/mamba/blockchain/scripts/start-intermediate-ca.sh @@ -19,10 +19,10 @@ aff="${aff#\\n }" sed -i "/affiliations:/a \\ $aff" \ $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml -sed -i 's+C: US+C: VN+g' $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml -sed -i "s+ST: \"North Carolina\"+ST: \"Hanoi\"+g" $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml -sed -i "s/O: Hyperledger/O: $ORG/g" $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml -sed -i 's/OU: Fabric/OU:/' $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml +# sed -i 's+C: US+C: VN+g' $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml +# sed -i "s+ST: \"North Carolina\"+ST: \"Hanoi\"+g" $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml +# sed -i "s/O: Hyperledger/O: $ORG/g" $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml +# sed -i 's/OU: Fabric/OU:/' $FABRIC_CA_SERVER_HOME/fabric-ca-server-config.yaml # Start the intermediate CA fabric-ca-server start diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 3cac3c4..7f0ce4d 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -68,11 +68,11 @@ def start_network(): # Run job to generate channel.tx, genesis.block gen_channel_artifact() - # Create new StatefullSet orderers - setup_all_orderer() + # # Create new StatefullSet orderers + # setup_all_orderer() - # Create new StatefullSet peers - setup_all_peer() + # # Create new StatefullSet peers + # setup_all_peer() # # Run jobs to generate application artifacts # generate_artifact() From 01b8cedb33fa5b45889cabe0695f0d6f9717b1c1 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 2 Jun 2020 07:46:25 +0000 Subject: [PATCH 10/52] Update enroll-peer --- mamba/blockchain/scripts/enroll-peer.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mamba/blockchain/scripts/enroll-peer.sh b/mamba/blockchain/scripts/enroll-peer.sh index 97bd40c..eeb6b29 100644 --- a/mamba/blockchain/scripts/enroll-peer.sh +++ b/mamba/blockchain/scripts/enroll-peer.sh @@ -7,8 +7,8 @@ initPeerVars $PEERORG ENROLLMENT_URL="https://$PEER_NAME_PASS@$CA_HOST:7054" # getDomain $PEERORG -# export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$PEERORG.$DOMAIN -# mkdir -p $FABRIC_CA_CLIENT_HOME +export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$PEERORG.$DOMAIN +mkdir -p $FABRIC_CA_CLIENT_HOME export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE export TLS_CONFIG_PATH=$FABRIC_CA_CLIENT_HOME/peers/$PEER_HOST/tls From fd07413e2e7752f61aa23cc6d555e80dc9d210ee Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 2 Jun 2020 08:10:47 +0000 Subject: [PATCH 11/52] Update env --- mamba/blockchain/scripts/env.sh | 4 ++-- .../enroll-peer/fabric-deployment-enroll-peer.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mamba/blockchain/scripts/env.sh b/mamba/blockchain/scripts/env.sh index 8daecb5..7c8874d 100644 --- a/mamba/blockchain/scripts/env.sh +++ b/mamba/blockchain/scripts/env.sh @@ -199,8 +199,8 @@ function initPeerVars { # PEER_NAME and PEER_HOST are set from yaml # Set peer variables. TODO: Deal with anchor peer external Host - # PEER_NAME=${PEER_PREFIX}${NUM}-${ORG} - # PEER_HOST=${PEER_NAME}.${DOMAIN} + PEER_NAME=${PEER_PREFIX}${NUM}-${ORG} + PEER_HOST=${PEER_NAME}.${DOMAIN} if [ $# -eq 2 ]; then NUM=$2 initOrgVars $ORG diff --git a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml index ba2400c..e17df66 100644 --- a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml +++ b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml @@ -33,10 +33,10 @@ spec: value: /opt/gopath/src/github.com/hyperledger/fabric/peer - name: PEERORG value: {{PEER}} - - name: PEER_NAME - value: peer{{PEER_INDEX}}-{{PEER}} - - name: PEER_HOST - value: peer{{PEER_INDEX}}-{{PEER}}.{{PEER}} + # - name: PEER_NAME + # value: peer{{PEER_INDEX}}-{{PEER}} + # - name: PEER_HOST + # value: peer{{PEER_INDEX}}-{{PEER}}.{{PEER}} - name: EXTERNAL_PEER_HOST value: {{EXTERNAL_PEER_HOST}} command: ["sh"] From 3ed93ed525436b008ac1c9c7ef91a9fc9626aad3 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 2 Jun 2020 08:57:58 +0000 Subject: [PATCH 12/52] Update enroll peer --- mamba/blockchain/scripts/enroll-peer.sh | 2 +- mamba/blockchain/scripts/env.sh | 14 +++++--------- .../enroll-peer/fabric-deployment-enroll-peer.yaml | 2 +- 3 files changed, 7 insertions(+), 11 deletions(-) diff --git a/mamba/blockchain/scripts/enroll-peer.sh b/mamba/blockchain/scripts/enroll-peer.sh index eeb6b29..a5a89d8 100644 --- a/mamba/blockchain/scripts/enroll-peer.sh +++ b/mamba/blockchain/scripts/enroll-peer.sh @@ -3,7 +3,7 @@ set -e source $(dirname "$0")/env.sh log "Enrolling peer for org $PEERORG ..." -initPeerVars $PEERORG +initPeerVars $PEERORG $1 ENROLLMENT_URL="https://$PEER_NAME_PASS@$CA_HOST:7054" # getDomain $PEERORG diff --git a/mamba/blockchain/scripts/env.sh b/mamba/blockchain/scripts/env.sh index 7c8874d..365e27b 100644 --- a/mamba/blockchain/scripts/env.sh +++ b/mamba/blockchain/scripts/env.sh @@ -189,24 +189,20 @@ function genClientTLSCert { # initPeerVars function initPeerVars { - if [ $# -gt 2 ]; then - echo "Usage: initPeerVars : $*" + if [ $# -ne 2 ]; then + echo "Usage: initPeerVars : $*" exit 1 fi ORG=$1 + NUM=$2 initOrgVars $ORG - # PEER_NAME and PEER_HOST are set from yaml # Set peer variables. TODO: Deal with anchor peer external Host + initOrgVars $ORG + getDomain $ORG PEER_NAME=${PEER_PREFIX}${NUM}-${ORG} PEER_HOST=${PEER_NAME}.${DOMAIN} - if [ $# -eq 2 ]; then - NUM=$2 - initOrgVars $ORG - getDomain $ORG - PEER_NAME=${PEER_PREFIX}${NUM}-${ORG} - fi PEER_PASS=${PEER_NAME}pw PEER_NAME_PASS=${PEER_NAME}:${PEER_PASS} diff --git a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml index e17df66..495b39f 100644 --- a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml +++ b/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml @@ -40,7 +40,7 @@ spec: - name: EXTERNAL_PEER_HOST value: {{EXTERNAL_PEER_HOST}} command: ["sh"] - args: ["-c", "/scripts/enroll-peer.sh 2>&1;"] + args: ["-c", "/scripts/enroll-peer.sh {{PEER_INDEX}} 2>&1;"] volumeMounts: - mountPath: /scripts name: rca-scripts From 2951ed868d83c5a08cd382017dede89098defe4b Mon Sep 17 00:00:00 2001 From: harisato Date: Thu, 4 Jun 2020 02:30:58 +0000 Subject: [PATCH 13/52] Update CA --- mamba/blockchain/scripts/register-orderer.sh | 2 +- mamba/blockchain/scripts/register-org.sh | 11 +++++----- mamba/blockchain/scripts/register-peer.sh | 2 +- .../scripts/start-intermediate-ca.sh | 13 ++++++++++-- mamba/blockchain/start_network/commands.py | 20 +++++++++---------- 5 files changed, 28 insertions(+), 20 deletions(-) diff --git a/mamba/blockchain/scripts/register-orderer.sh b/mamba/blockchain/scripts/register-orderer.sh index c92e11f..6d9d154 100644 --- a/mamba/blockchain/scripts/register-orderer.sh +++ b/mamba/blockchain/scripts/register-orderer.sh @@ -30,7 +30,7 @@ function registerOrdererIdentities { while [[ "$COUNT" -le $NUM_ORDERERS ]]; do initOrdererVars $ORG $COUNT log "Registering $ORDERER_NAME with $CA_NAME" - fabric-ca-client register -d --id.name $ORDERER_NAME --id.secret $ORDERER_PASS --id.type orderer + fabric-ca-client register -d --id.name $ORDERER_NAME --id.secret $ORDERER_PASS --id.type orderer --id.affiliation "" COUNT=$((COUNT+1)) done } diff --git a/mamba/blockchain/scripts/register-org.sh b/mamba/blockchain/scripts/register-org.sh index ba0bfb2..7c1a427 100644 --- a/mamba/blockchain/scripts/register-org.sh +++ b/mamba/blockchain/scripts/register-org.sh @@ -20,7 +20,7 @@ function enrollCAAdmin { export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$ORG.$DOMAIN mkdir -p $FABRIC_CA_CLIENT_HOME export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE - fabric-ca-client enroll -d -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 + fabric-ca-client enroll -u https://$CA_ADMIN_USER_PASS@$CA_HOST:7054 echo "NodeOUs: Enable: true @@ -45,9 +45,9 @@ function registerOrgIdentities { log "Registering admin identity: $ADMIN_NAME with $CA_NAME" # The admin identity has the "admin" attribute which is added to ECert by default # fabric-ca-client register -d --id.name $ADMIN_NAME --id.secret $ADMIN_PASS --id.attrs "hf.Registrar.Roles=client,hf.Registrar.Attributes=*,hf.Revoker=true,hf.GenCRL=true,admin=true:ecert,abac.init=true:ecert" - fabric-ca-client register -d --id.name $ADMIN_NAME --id.secret $ADMIN_PASS --id.type admin + fabric-ca-client register --id.name $ADMIN_NAME --id.secret $ADMIN_PASS --id.type admin --id.affiliation "" log "Registering user identity: $USER_NAME with $CA_NAME" - fabric-ca-client register -d --id.name $USER_NAME --id.secret $USER_PASS --id.type client + fabric-ca-client register --id.name $USER_NAME --id.secret $USER_PASS --id.type client --id.affiliation "" } function getCACerts { @@ -64,18 +64,17 @@ function getCACerts { echo set -x mkdir -p ${FABRIC_CA_CLIENT_HOME}/users/admin/msp - fabric-ca-client enroll -d -u https://$ADMIN_NAME:$ADMIN_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/admin/msp + fabric-ca-client enroll -u https://$ADMIN_NAME:$ADMIN_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/admin/msp cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${FABRIC_CA_CLIENT_HOME}/users/admin/msp/config.yaml set +x fi - mkdir -p organizations/peerOrganizations/org1.example.com/users mkdir -p ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME} echo echo "## Generate the user msp" echo set -x - fabric-ca-client enroll -u https://${USER_NAME}:$USER_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME}/msp + fabric-ca-client enroll https://${USER_NAME}:$USER_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME}/msp set +x } diff --git a/mamba/blockchain/scripts/register-peer.sh b/mamba/blockchain/scripts/register-peer.sh index 091c976..eae42e1 100644 --- a/mamba/blockchain/scripts/register-peer.sh +++ b/mamba/blockchain/scripts/register-peer.sh @@ -45,7 +45,7 @@ function registerPeerIdentities { while [[ "$COUNT" -lt $NUM_PEERS ]]; do initPeerVars $ORG $COUNT log "##### Registering $PEER_NAME with $CA_NAME. Executing: fabric-ca-client register -d --id.name $PEER_NAME --id.secret $PEER_PASS --id.type peer" - fabric-ca-client register -d --id.name $PEER_NAME --id.secret $PEER_PASS --id.type peer + fabric-ca-client register -d --id.name $PEER_NAME --id.secret $PEER_PASS --id.type peer --id.affiliation "" COUNT=$((COUNT+1)) done } diff --git a/mamba/blockchain/scripts/start-intermediate-ca.sh b/mamba/blockchain/scripts/start-intermediate-ca.sh index 6ffad89..52056e3 100644 --- a/mamba/blockchain/scripts/start-intermediate-ca.sh +++ b/mamba/blockchain/scripts/start-intermediate-ca.sh @@ -5,12 +5,21 @@ initOrgVars $ORG set -e +############################ +# Unuse RCA +fabric-ca-server init -b $BOOTSTRAP_USER_PASS +cp $FABRIC_CA_SERVER_HOME/ca-cert.pem $TARGET_CHAINFILE + +########################### +# Using RCA # Initialize the intermediate CA -fabric-ca-server init -b $BOOTSTRAP_USER_PASS -u $PARENT_URL +# fabric-ca-server init -b $BOOTSTRAP_USER_PASS -u $PARENT_URL # Copy the intermediate CA's certificate chain to the data directory to be used by others -cp $FABRIC_CA_SERVER_HOME/ca-chain.pem $TARGET_CHAINFILE +# cp $FABRIC_CA_SERVER_HOME/ca-chain.pem $TARGET_CHAINFILE + +######################### # Add the custom orgs # for o in $ORGS; do aff=$aff"\n $ORG.akc: []" diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 7f0ce4d..6cc19a4 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -34,7 +34,7 @@ def start_network(): copy_scripts() # Create a new Root Certificate Authority service - setup_rca() + # setup_rca() # Create new Intermediate Certificate Authority services setup_all_ica() @@ -59,20 +59,20 @@ def start_network(): # # Create crypto-config folder to contains artifacts # update_folder() - if settings.ORDERER_TYPE == 'kafka': - # Create new Zookeeper services - setup_zookeeper() - # Create new Kafka services - setup_kafka() + # if settings.ORDERER_TYPE == 'kafka': + # # Create new Zookeeper services + # setup_zookeeper() + # # Create new Kafka services + # setup_kafka() # Run job to generate channel.tx, genesis.block gen_channel_artifact() - # # Create new StatefullSet orderers - # setup_all_orderer() + # Create new StatefullSet orderers + setup_all_orderer() - # # Create new StatefullSet peers - # setup_all_peer() + # Create new StatefullSet peers + setup_all_peer() # # Run jobs to generate application artifacts # generate_artifact() From a54857e4cd2946e78f8114d32f165b2d662a1fb1 Mon Sep 17 00:00:00 2001 From: harisato Date: Thu, 4 Jun 2020 10:41:17 +0000 Subject: [PATCH 14/52] Use fabric 2.0 with rca --- mamba/blockchain/scripts/enroll-orderer.sh | 2 +- mamba/blockchain/scripts/register-org.sh | 8 ++++---- mamba/blockchain/scripts/start-intermediate-ca.sh | 9 +++++---- mamba/blockchain/scripts/start-root-ca.sh | 1 + mamba/blockchain/start_network/commands.py | 2 +- 5 files changed, 12 insertions(+), 10 deletions(-) diff --git a/mamba/blockchain/scripts/enroll-orderer.sh b/mamba/blockchain/scripts/enroll-orderer.sh index 23e4f1a..fe27fb5 100644 --- a/mamba/blockchain/scripts/enroll-orderer.sh +++ b/mamba/blockchain/scripts/enroll-orderer.sh @@ -43,7 +43,7 @@ fi # fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $ORDERER_GENERAL_LOCALMSPDIR # Finish setting up the local MSP for the orderer -# finishMSPSetup $MSPCONFIGPATH +finishMSPSetup $MSPCONFIGPATH cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${MSPCONFIGPATH}/config.yaml set -x cp ${TLS_CONFIG_PATH}/tlscacerts/* ${TLS_CONFIG_PATH}/ca.crt diff --git a/mamba/blockchain/scripts/register-org.sh b/mamba/blockchain/scripts/register-org.sh index 7c1a427..78c1e88 100644 --- a/mamba/blockchain/scripts/register-org.sh +++ b/mamba/blockchain/scripts/register-org.sh @@ -25,16 +25,16 @@ function enrollCAAdmin { echo "NodeOUs: Enable: true ClientOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: intermediatecerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: intermediatecerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: intermediatecerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: - Certificate: cacerts/ica-${ORG}-${DOMAIN}-7054.pem + Certificate: intermediatecerts/ica-${ORG}-${DOMAIN}-7054.pem OrganizationalUnitIdentifier: orderer" > ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml } diff --git a/mamba/blockchain/scripts/start-intermediate-ca.sh b/mamba/blockchain/scripts/start-intermediate-ca.sh index 52056e3..a91c0c2 100644 --- a/mamba/blockchain/scripts/start-intermediate-ca.sh +++ b/mamba/blockchain/scripts/start-intermediate-ca.sh @@ -7,16 +7,16 @@ set -e ############################ # Unuse RCA -fabric-ca-server init -b $BOOTSTRAP_USER_PASS -cp $FABRIC_CA_SERVER_HOME/ca-cert.pem $TARGET_CHAINFILE +# fabric-ca-server init -b $BOOTSTRAP_USER_PASS +# cp $FABRIC_CA_SERVER_HOME/ca-cert.pem $TARGET_CHAINFILE ########################### # Using RCA # Initialize the intermediate CA -# fabric-ca-server init -b $BOOTSTRAP_USER_PASS -u $PARENT_URL +fabric-ca-server init -b $BOOTSTRAP_USER_PASS -u $PARENT_URL # Copy the intermediate CA's certificate chain to the data directory to be used by others -# cp $FABRIC_CA_SERVER_HOME/ca-chain.pem $TARGET_CHAINFILE +cp $FABRIC_CA_SERVER_HOME/ca-chain.pem $TARGET_CHAINFILE ######################### @@ -35,3 +35,4 @@ sed -i "/affiliations:/a \\ $aff" \ # Start the intermediate CA fabric-ca-server start +# tail -f /etc/hosts \ No newline at end of file diff --git a/mamba/blockchain/scripts/start-root-ca.sh b/mamba/blockchain/scripts/start-root-ca.sh index b7d377a..1a58a15 100644 --- a/mamba/blockchain/scripts/start-root-ca.sh +++ b/mamba/blockchain/scripts/start-root-ca.sh @@ -30,3 +30,4 @@ sed -i "/affiliations:/a \\ $aff" \ # Start the root CA fabric-ca-server start --csr.hosts "$EXTERNAL_RCA_ADDRESSES" --csr.hosts "$RCA_NAME.$RCA_ORG" +# tail -f /etc/hosts \ No newline at end of file diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 6cc19a4..4aefa5f 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -34,7 +34,7 @@ def start_network(): copy_scripts() # Create a new Root Certificate Authority service - # setup_rca() + setup_rca() # Create new Intermediate Certificate Authority services setup_all_ica() From 597bc1e8262192dd649ae42786092e30f7db0e95 Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 8 Jul 2020 09:07:52 +0000 Subject: [PATCH 15/52] Update generate configtx.yaml --- .../scripts/gen-channel-artifacts.sh | 60 ++++++++++++------- 1 file changed, 40 insertions(+), 20 deletions(-) diff --git a/mamba/blockchain/scripts/gen-channel-artifacts.sh b/mamba/blockchain/scripts/gen-channel-artifacts.sh index 997746e..1c3456d 100755 --- a/mamba/blockchain/scripts/gen-channel-artifacts.sh +++ b/mamba/blockchain/scripts/gen-channel-artifacts.sh @@ -115,28 +115,9 @@ Organizations:" Orderer: &OrdererDefaults # Orderer Type: The orderer implementation to start. - # Available types are \"solo\" and \"kafka\". + # Available types are \"solo\", \"kafka\" and \"etcdraft\". OrdererType: $ORDERER_TYPE - Addresses:" - if [ "$EXTERNAL_ORDERER_ADDRESSES" != "" ]; then - echo " - - $EXTERNAL_ORDERER_ADDRESSES:7050" - fi - for ORG in $ORDERER_ORGS; do - local COUNT=1 - while [[ "$COUNT" -le $NUM_ORDERERS ]]; do - if [ "$FABRIC_NETWORK_TYPE" == "PROD" ] && [[ "$COUNT" -gt 1 ]]; then - COUNT=$((COUNT+1)) - continue - fi - initOrdererVars $ORG $COUNT - echo " - $ORDERER_HOST:$ORDERER_PORT" - COUNT=$((COUNT+1)) - done - done - - echo " # Batch Timeout: The amount of time to wait before creating a batch. BatchTimeout: $BATCH_TIMEOUT @@ -171,8 +152,47 @@ Orderer: &OrdererDefaults # NOTE: Use IP:port notation. Brokers: - broker.$KAFKA_NAMESPACE:9092" + elif [ "$ORDERER_TYPE" == "etcdraft" ]; then + echo " + EtcdRaft: + Consenters:" + for ORG in $ORDERER_ORGS; do + local COUNT=1 + while [[ "$COUNT" -le $NUM_ORDERERS ]]; do + if [ "$FABRIC_NETWORK_TYPE" == "PROD" ] && [[ "$COUNT" -gt 1 ]]; then + COUNT=$((COUNT+1)) + continue + fi + initOrdererVars $ORG $COUNT + echo " + - Host: $ORDERER_HOST + Port: $ORDERER_PORT + ClientTLSCert: /data/crypto-config/$ORG.$DOMAIN/orderers/$ORDERER_HOST/tls/server.crt + ServerTLSCert: /data/crypto-config/$ORG.$DOMAIN/orderers/$ORDERER_HOST/tls/server.crt + " + COUNT=$((COUNT+1)) + done + done fi echo " + Addresses:" + if [ "$EXTERNAL_ORDERER_ADDRESSES" != "" ]; then + echo " + - $EXTERNAL_ORDERER_ADDRESSES:7050" + fi + for ORG in $ORDERER_ORGS; do + local COUNT=1 + while [[ "$COUNT" -le $NUM_ORDERERS ]]; do + if [ "$FABRIC_NETWORK_TYPE" == "PROD" ] && [[ "$COUNT" -gt 1 ]]; then + COUNT=$((COUNT+1)) + continue + fi + initOrdererVars $ORG $COUNT + echo " - $ORDERER_HOST:$ORDERER_PORT" + COUNT=$((COUNT+1)) + done + done + echo " # Organizations is the list of orgs which are defined as participants on # the orderer side of the network. Organizations:" From 9749be94497044e71f3f1d316f3fc34907bd9b0f Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 15 Jul 2020 03:12:43 +0000 Subject: [PATCH 16/52] Add update anchor peer --- .../blockchain/scripts/update-anchor-peer.sh | 52 ++++++++++++++++ .../blockchain/update_anchor_peer/__init__.py | 0 .../blockchain/update_anchor_peer/commands.py | 62 +++++++++++++++++++ mamba/mamba.py | 2 + 4 files changed, 116 insertions(+) create mode 100644 mamba/blockchain/scripts/update-anchor-peer.sh create mode 100644 mamba/blockchain/update_anchor_peer/__init__.py create mode 100644 mamba/blockchain/update_anchor_peer/commands.py diff --git a/mamba/blockchain/scripts/update-anchor-peer.sh b/mamba/blockchain/scripts/update-anchor-peer.sh new file mode 100644 index 0000000..f8d24d6 --- /dev/null +++ b/mamba/blockchain/scripts/update-anchor-peer.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# Generate anchor config file +function generateAnchorConfig() { + for ORG in $ORGS; do + local orgmsp=${ORG}MSP + echo "####### Generating anchor peer update transaction for ${orgmsp} ##########" + set -x + export FABRIC_CFG_PATH=$PWD + mkdir -p /shared/channel-artifacts + configtxgen -profile $CHANNEL_NAME -outputAnchorPeersUpdate "./channel-artifacts/${orgmsp}anchors.tx" -channelID $CHANNEL_NAME -asOrg ${orgmsp} + res=$? + set +x + if [ $res -ne 0 ]; then + echo "Failed to generate anchor peer update transaction for ${orgmsp}..." + exit 1 + fi + echo + done +} + +function updateAnchorPeerConfig() { + which curl + if [ "$?" -ne 0 ]; then + echo "configtxgen tool not found. installing" + apt-get update && apt-get install curl -y + fi + for ORG in $ORGS; do + local orgmsp=${ORG}MSP + set -x + curl -s -X POST http://$ADMIN_URL/api/v2/peers/updateAnchorPeer -H "content-type: application/json" -d '{ + "orgName":"'"${ORG}"'", + "peerIndex": "0", + "channelName":"'"${CHANNEL_NAME}"'", + "ordererAddress": "'"${ORDERER_ADDRESS}"'", + "configUpdatePath":"'"../artifacts/channel-artifacts/${orgmsp}anchors.tx"'" + }' + set +x + done + + echo "Update Anchor Peer Config" +} + +function main() { + generateAnchorConfig + updateAnchorPeerConfig +} + +cd /shared/ +main + + diff --git a/mamba/blockchain/update_anchor_peer/__init__.py b/mamba/blockchain/update_anchor_peer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/update_anchor_peer/commands.py b/mamba/blockchain/update_anchor_peer/commands.py new file mode 100644 index 0000000..07ae2c2 --- /dev/null +++ b/mamba/blockchain/update_anchor_peer/commands.py @@ -0,0 +1,62 @@ +import click +import os +import time +import settings +from os import path + +from utils import hiss, util + +def update_anchor_peer(org): + + # Get domain + domain = util.get_domain(org) + # Create temp folder & namespace + settings.k8s.prereqs(domain) + + dict_env = { + 'ORG_NAME': org, + 'ORG_DOMAIN': domain, + 'ORGS': settings.ORGS, + 'ORDERER_NAME': settings.ORDERER_ORGS, + 'ORDERER_DOMAIN': settings.ORDERER_DOMAINS, + 'CHANNEL_NAME': settings.CHANNEL_NAME, + 'FABRIC_TAG': settings.FABRIC_TAG, + 'EFS_SERVER': settings.EFS_SERVER, + 'EFS_PATH': settings.EFS_PATH, + 'EFS_EXTEND': settings.EFS_EXTEND + } + k8s_template_file = '%s/update-anchor-peer/fabric-deployment-anchor-peer.yaml' % util.get_k8s_template_path() + settings.k8s.apply_yaml_from_template( + namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) + +def delete_job_update_anchor_peer(org): + # Get domain + domain = util.get_domain(org) + jobname = 'update-anchor-peer' + # Delete job pod + return settings.k8s.delete_job(name=jobname, namespace=domain) + +def setup_all(): + orgs = settings.PEER_ORGS.split(' ') + for org in orgs: + update_anchor_peer(org) + +def del_all_job(): + orgs = settings.PEER_ORGS.split(' ') + for org in orgs: + delete_job_update_anchor_peer(org) + +@click.group() +def anchor_peer(): + """Anchor Peer config""" + pass + +@anchor_peer.command('setup', short_help="Create job to update anchor peer") +def setup_anchor_peer(): + hiss.rattle('Update anchor peer') + setup_all() + +@anchor_peer.command('delete', short_help="Delete job update anchor peer") +def delete_anchor_peer(): + hiss.rattle('Delete job config anchor peer') + del_all_job() \ No newline at end of file diff --git a/mamba/mamba.py b/mamba/mamba.py index c0f0418..1e3d44e 100644 --- a/mamba/mamba.py +++ b/mamba/mamba.py @@ -21,6 +21,7 @@ from blockchain.update_folder.commands import updatefolder from blockchain.channel_artifact.commands import channel_artifact from blockchain.peer.commands import peer +from blockchain.update_anchor_peer.commands import setup_anchor_peer from blockchain.gen_artifact.commands import gen_artifact from blockchain.admin.commands import admin from blockchain.bootstrap_network.commands import bootstrap @@ -75,6 +76,7 @@ def mamba(config, set_default): mamba.add_command(grafana) mamba.add_command(create_org) mamba.add_command(channel_config) +mamba.add_command(setup_anchor_peer) if __name__ == '__main__': mamba() \ No newline at end of file From 5c530effa700f2145c72d3b0ef48631e6c139fd7 Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 15 Jul 2020 04:22:42 +0000 Subject: [PATCH 17/52] Update anchor peer --- .../blockchain/scripts/update-anchor-peer.sh | 17 ++++--- .../fabric-deployment-anchor-peer.yaml | 45 +++++++++++++++++++ .../blockchain/update_anchor_peer/commands.py | 4 +- 3 files changed, 55 insertions(+), 11 deletions(-) mode change 100644 => 100755 mamba/blockchain/scripts/update-anchor-peer.sh create mode 100644 mamba/blockchain/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml diff --git a/mamba/blockchain/scripts/update-anchor-peer.sh b/mamba/blockchain/scripts/update-anchor-peer.sh old mode 100644 new mode 100755 index f8d24d6..0c990c2 --- a/mamba/blockchain/scripts/update-anchor-peer.sh +++ b/mamba/blockchain/scripts/update-anchor-peer.sh @@ -3,16 +3,15 @@ # Generate anchor config file function generateAnchorConfig() { for ORG in $ORGS; do - local orgmsp=${ORG}MSP - echo "####### Generating anchor peer update transaction for ${orgmsp} ##########" + echo "####### Generating anchor peer update transaction for ${ORG} ##########" set -x export FABRIC_CFG_PATH=$PWD - mkdir -p /shared/channel-artifacts - configtxgen -profile $CHANNEL_NAME -outputAnchorPeersUpdate "./channel-artifacts/${orgmsp}anchors.tx" -channelID $CHANNEL_NAME -asOrg ${orgmsp} + mkdir -p /data/channel-artifacts + configtxgen -profile OrgsChannel -outputAnchorPeersUpdate "./channel-artifacts/${ORG}Anchors.tx" -channelID $CHANNEL_NAME -asOrg ${ORG} res=$? set +x if [ $res -ne 0 ]; then - echo "Failed to generate anchor peer update transaction for ${orgmsp}..." + echo "Failed to generate anchor peer update transaction for ${ORG}..." exit 1 fi echo @@ -23,17 +22,17 @@ function updateAnchorPeerConfig() { which curl if [ "$?" -ne 0 ]; then echo "configtxgen tool not found. installing" - apt-get update && apt-get install curl -y + apk update && apk add curl fi for ORG in $ORGS; do - local orgmsp=${ORG}MSP + # local orgmsp=${ORG}MSP set -x curl -s -X POST http://$ADMIN_URL/api/v2/peers/updateAnchorPeer -H "content-type: application/json" -d '{ "orgName":"'"${ORG}"'", "peerIndex": "0", "channelName":"'"${CHANNEL_NAME}"'", "ordererAddress": "'"${ORDERER_ADDRESS}"'", - "configUpdatePath":"'"../artifacts/channel-artifacts/${orgmsp}anchors.tx"'" + "anchorConfigPath":"'"/shared/channel-artifacts/${ORG}Anchors.tx"'" }' set +x done @@ -46,7 +45,7 @@ function main() { updateAnchorPeerConfig } -cd /shared/ +cd /data/ main diff --git a/mamba/blockchain/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml b/mamba/blockchain/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml new file mode 100644 index 0000000..6b6ecfa --- /dev/null +++ b/mamba/blockchain/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml @@ -0,0 +1,45 @@ +apiVersion: batch/v1 +kind: Job +metadata: + namespace: {{ORG_DOMAIN}} + name: update-anchor-peer-{{ORG_NAME}}-{{CHANNEL_NAME}} +spec: + template: + metadata: + labels: + app: hyperledger + role: peer + org: {{ORG_DOMAIN}} + name: update-anchor-peer-{{ORG_NAME}}-{{CHANNEL_NAME}} + spec: + restartPolicy: "Never" + containers: + - name: update-anchor-peer-{{ORG_NAME}}-{{CHANNEL_NAME}} + image: hyperledger/fabric-tools:{{FABRIC_TAG}} + env: + - name: CHANNEL_NAME + value: {{CHANNEL_NAME}} + - name: ORGS + value: {{ORGS}} + - name: ORDERER_ADDRESS + value: orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}:7050 + - name: ADMIN_URL + value: admin-v2.{{ORG_DOMAIN}}:4001 + # command: ["printenv"] + command: ["sh"] + # args: ["-c", "tail -f /dev/null"] + args: ["-c", "/scripts/update-anchor-peer.sh 2>&1;"] + volumeMounts: + - mountPath: /scripts + name: rca-scripts + - mountPath: /data + name: rca-data + volumes: + - name: rca-scripts + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-scripts/ + - name: rca-data + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ diff --git a/mamba/blockchain/update_anchor_peer/commands.py b/mamba/blockchain/update_anchor_peer/commands.py index 07ae2c2..9fe71e2 100644 --- a/mamba/blockchain/update_anchor_peer/commands.py +++ b/mamba/blockchain/update_anchor_peer/commands.py @@ -16,7 +16,7 @@ def update_anchor_peer(org): dict_env = { 'ORG_NAME': org, 'ORG_DOMAIN': domain, - 'ORGS': settings.ORGS, + 'ORGS': settings.PEER_ORGS, 'ORDERER_NAME': settings.ORDERER_ORGS, 'ORDERER_DOMAIN': settings.ORDERER_DOMAINS, 'CHANNEL_NAME': settings.CHANNEL_NAME, @@ -32,7 +32,7 @@ def update_anchor_peer(org): def delete_job_update_anchor_peer(org): # Get domain domain = util.get_domain(org) - jobname = 'update-anchor-peer' + jobname = 'update-anchor-peer-%s-%s' % (org, settings.CHANNEL_NAME) # Delete job pod return settings.k8s.delete_job(name=jobname, namespace=domain) From cebf677991304ef868c5f44c981b3b61919ba6da Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 15 Jul 2020 06:46:37 +0000 Subject: [PATCH 18/52] Update anchor peer --- mamba/mamba.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mamba/mamba.py b/mamba/mamba.py index 1e3d44e..2a0ef4a 100644 --- a/mamba/mamba.py +++ b/mamba/mamba.py @@ -21,7 +21,7 @@ from blockchain.update_folder.commands import updatefolder from blockchain.channel_artifact.commands import channel_artifact from blockchain.peer.commands import peer -from blockchain.update_anchor_peer.commands import setup_anchor_peer +from blockchain.update_anchor_peer.commands import anchor_peer from blockchain.gen_artifact.commands import gen_artifact from blockchain.admin.commands import admin from blockchain.bootstrap_network.commands import bootstrap @@ -76,7 +76,7 @@ def mamba(config, set_default): mamba.add_command(grafana) mamba.add_command(create_org) mamba.add_command(channel_config) -mamba.add_command(setup_anchor_peer) +mamba.add_command(anchor_peer) if __name__ == '__main__': mamba() \ No newline at end of file From f0e208d038e6922687299b9ceecdb73fac83148b Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 22 Jul 2020 09:07:33 +0000 Subject: [PATCH 19/52] Update multi orderer --- mamba/blockchain/enroll_orderers/commands.py | 13 +++++++---- mamba/blockchain/scripts/enroll-orderer.sh | 6 ++++- mamba/blockchain/scripts/enroll-peer.sh | 2 +- .../fabric-deployment-enroll-orderer.yaml | 10 ++++---- .../orderer-sts/orderer-service-nlb.yaml | 2 +- .../template/orderer-sts/orderer-service.yaml | 23 +------------------ .../orderer-sts/orderer-stateful.yaml | 4 ++-- 7 files changed, 23 insertions(+), 37 deletions(-) diff --git a/mamba/blockchain/enroll_orderers/commands.py b/mamba/blockchain/enroll_orderers/commands.py index 5eee1e5..fda3a96 100644 --- a/mamba/blockchain/enroll_orderers/commands.py +++ b/mamba/blockchain/enroll_orderers/commands.py @@ -6,7 +6,7 @@ from utils import hiss, util import settings -def enroll_orderer(orderer): +def enroll_orderer(orderer, index): # Get domain domain = util.get_domain(orderer) @@ -17,6 +17,7 @@ def enroll_orderer(orderer): dict_env = { 'ORDERER': orderer, 'ENROLL_DOMAIN': domain, + 'ORDERER_INDEX': index, 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, @@ -26,11 +27,11 @@ def enroll_orderer(orderer): settings.k8s.apply_yaml_from_template( namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) -def del_enroll_orderer(orderer): +def del_enroll_orderer(orderer, index): # Get domain domain = util.get_domain(orderer) - jobname = 'enroll-o-%s' % orderer + jobname = 'enroll-o%s-%s' % (index, orderer) # Delete job pod return settings.k8s.delete_job(name=jobname, namespace=domain) @@ -39,13 +40,15 @@ def enroll_all_orderer(): orderers = settings.ORDERER_ORGS.split(' ') # TODO: Multiprocess for orderer in orderers: - enroll_orderer(orderer) + for index in range(int(settings.NUM_ORDERERS)): + enroll_orderer(orderer, str(index)) def del_all_enroll_orderer(): orderers = settings.ORDERER_ORGS.split(' ') # TODO: Multiprocess for orderer in orderers: - del_enroll_orderer(orderer) + for index in range(int(settings.NUM_ORDERERS)): + del_enroll_orderer(orderer, index) @click.group() def enroll_orderers(): diff --git a/mamba/blockchain/scripts/enroll-orderer.sh b/mamba/blockchain/scripts/enroll-orderer.sh index fe27fb5..5f8bde8 100755 --- a/mamba/blockchain/scripts/enroll-orderer.sh +++ b/mamba/blockchain/scripts/enroll-orderer.sh @@ -4,7 +4,11 @@ set -e # Setup orderer enrollment environment variables source $(dirname "$0")/env.sh -initOrdererVars orderer 1 + +COUNT=$(($1+1)) + +log "Enrolling orderer $COUNT for $ORDERERORG ..." +initOrdererVars $ORDERERORG $COUNT ENROLLMENT_URL="https://$ORDERER_NAME_PASS@$CA_HOST:7054" export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/orderer.$DOMAIN diff --git a/mamba/blockchain/scripts/enroll-peer.sh b/mamba/blockchain/scripts/enroll-peer.sh index a5a89d8..45d9574ec 100755 --- a/mamba/blockchain/scripts/enroll-peer.sh +++ b/mamba/blockchain/scripts/enroll-peer.sh @@ -2,7 +2,7 @@ set -e source $(dirname "$0")/env.sh -log "Enrolling peer for org $PEERORG ..." +log "Enrolling peer $1 for org $PEERORG ..." initPeerVars $PEERORG $1 ENROLLMENT_URL="https://$PEER_NAME_PASS@$CA_HOST:7054" # getDomain $PEERORG diff --git a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml index 92eff8f..8809e51 100644 --- a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml +++ b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml @@ -2,19 +2,19 @@ apiVersion: batch/v1 kind: Job metadata: namespace: {{ENROLL_DOMAIN}} - name: enroll-o-{{ORDERER}} + name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} spec: template: metadata: labels: app: hyperledger - role: orderer + role: {{ORDERER}} org: {{ENROLL_DOMAIN}} - name: enroll-o-{{ORDERER}} + name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} spec: restartPolicy: "Never" containers: - - name: enroll-o-{{ORDERER}} + - name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} env: - name: ORDERERORG @@ -24,7 +24,7 @@ spec: - name: ORDERER_HOME value: /etc/hyperledger/orderer command: ["sh"] - args: ["-c", "/scripts/enroll-orderer.sh 2>&1;"] + args: ["-c", "/scripts/enroll-orderer.sh {{ORDERER_INDEX}} 2>&1;"] volumeMounts: - mountPath: /scripts name: rca-scripts diff --git a/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml b/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml index 46a14df..c03d8fd 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml @@ -9,7 +9,7 @@ metadata: spec: selector: app: hyperledger - role: orderer + role: {{ORDERER}} orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} org: {{ORDERER_DOMAIN}} ports: diff --git a/mamba/blockchain/template/orderer-sts/orderer-service.yaml b/mamba/blockchain/template/orderer-sts/orderer-service.yaml index b5ba620..7c99911 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-service.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-service.yaml @@ -7,28 +7,7 @@ metadata: spec: selector: app: hyperledger - role: orderer - orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} - org: {{ORDERER_DOMAIN}} - type: NodePort - ports: - - name: listen-endpoint - protocol: TCP - port: 7050 - targetPort: 7050 - - name: prometheus-listen-endpoint - protocol: TCP - port: 10443 ---- -apiVersion: v1 -kind: Service -metadata: - name: orderer{{ORDERER_INDEX}}-{{ORDERER}} - namespace: {{ORDERER_DOMAIN}} -spec: - selector: - app: hyperledger - role: orderer + role: {{ORDERER}} orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} org: {{ORDERER_DOMAIN}} type: NodePort diff --git a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml index 30bceac..26b9323 100644 --- a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml +++ b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml @@ -10,14 +10,14 @@ spec: selector: matchLabels: app: hyperledger - role: orderer + role: {{ORDERER}} org: {{ORDERER_DOMAIN}} orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} template: metadata: labels: app: hyperledger - role: orderer + role: {{ORDERER}} org: {{ORDERER_DOMAIN}} orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} spec: From 941df63ee0d58d475acb2d25535d06bb1a185197 Mon Sep 17 00:00:00 2001 From: harisato Date: Thu, 23 Jul 2020 03:24:53 +0000 Subject: [PATCH 20/52] Add time.sleep after enroll certificate --- mamba/blockchain/start_network/commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 4aefa5f..e21f818 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -54,7 +54,7 @@ def start_network(): # Run jobs to enroll peers enroll_all_peer() - # time.sleep(5) + time.sleep(5) # # Create crypto-config folder to contains artifacts # update_folder() From 645bd28eaaa03c4c754166f3f48b793e29251734 Mon Sep 17 00:00:00 2001 From: harisato Date: Thu, 23 Jul 2020 04:19:40 +0000 Subject: [PATCH 21/52] Update folder structure --- mamba/blockchain/copyscripts/commands.py | 4 +- .../scripts/bootstrap-network.sh | 0 mamba/scripts/enroll-orderer.sh | 72 +++++++++++++++ mamba/scripts/enroll-peer.sh | 85 +++++++++++++++++ mamba/{blockchain => }/scripts/env-build.sh | 0 mamba/{blockchain => }/scripts/env.sh | 0 .../scripts/gen-channel-artifacts.sh | 2 +- .../{blockchain => }/scripts/gen-configtx.sh | 0 .../scripts/gen-network-config.sh | 0 mamba/{blockchain => }/scripts/init.sh | 0 .../scripts/register-orderer.sh | 0 .../{blockchain => }/scripts/register-org.sh | 0 .../{blockchain => }/scripts/register-peer.sh | 0 .../scripts/start-intermediate-ca.sh | 0 .../{blockchain => }/scripts/start-root-ca.sh | 0 .../scripts/update-anchor-peer.sh | 0 mamba/{blockchain => }/scripts/utilities.sh | 0 .../template/add-org/0create-configtx.yaml | 0 .../template/add-org/1gen-artifacts.yaml | 0 .../template/add-org/2fetch-channel.yaml | 0 .../add-org/3modifyingorgmaterial.yaml | 0 .../template/add-org/4createconfigupdate.yaml | 0 .../add-org/5signchannelconfig-optional.yaml | 0 .../add-org/6updatechannelconfig.yaml | 0 .../template/add-org/configtx-template.yaml | 0 .../add-org/network-config-template.yaml | 0 .../template/add-org/org-template.yaml | 0 .../template/admin/admin-deployment.yaml | 0 .../template/admin/admin-service.yaml | 0 .../autoscaler/cluster_autoscaler.yml | 0 .../fabric-deployment-bootstrap-network.yaml | 0 .../fabric-deployment-channel-artifacts.yaml | 0 .../ebs-encryption/0gp2-encryption.yaml | 0 .../ebs-encryption/1set_default_sc.sh | 0 .../template/efs/install_efs.sh | 0 .../template/efs/pvc-efs.yaml | 0 .../template/efs/test-efs.yaml | 0 .../template/efs/upgrade_efs.sh | 0 .../fabric-deployment-enroll-orderer.yaml | 41 +++++++++ .../fabric-deployment-enroll-peer.yaml | 0 .../template/explorer/README.md | 0 .../explorer/explorer-db-deployment.yaml | 0 .../explorer/explorer-db-service.yaml | 0 .../explorer/explorer-deployment.yaml | 0 .../template/explorer/explorer-service.yaml | 0 .../fabric-deployment-gen-artifacts.yaml | 0 .../grafana/grafana-service-stateful.yaml | 0 .../template/grafana/grafana-stateful.yaml | 0 .../template/helm/0get_helm.sh | 0 .../{blockchain => }/template/helm/1rbac.yaml | 0 .../template/helm/2install_helm.sh | 0 .../ica-ex/fabric-deployment-ica.yaml | 0 .../template/ica/fabric-deployment-ica.yaml | 0 .../template/ingress/0clusterRole.yaml | 0 .../ingress/1alb-ingress-controller.yaml | 0 .../template/kafka/0kafka-hs.yaml | 0 .../template/kafka/1kafka-cs.yaml | 0 .../template/kafka/2kafka-set.yaml | 0 .../template/metrics/install_metrics.sh | 0 .../template/metrics/upgrade_metrics.sh | 0 .../template/namespace/namespaces.yaml | 0 .../orderer-sts/orderer-service-nlb.yaml | 20 ++++ .../template/orderer-sts/orderer-service.yaml | 21 +++++ .../orderer-sts/orderer-stateful.yaml | 92 +++++++++++++++++++ .../template/peer-sts/DB-CLUSTER.md | 0 .../peer-sts/couchdb-cluster-service.yaml | 0 .../peer-sts/couchdb-cluster-stateful.yaml | 0 .../template/peer-sts/peer-service-nlb.yaml | 0 .../peer-sts/peer-service-stateful.yaml | 0 .../template/peer-sts/peer-stateful.yaml | 0 .../peer-using-couchdb-cluster-stateful.yaml | 0 .../prometheus-service-stateful.yaml | 0 .../prometheus/prometheus-stateful.yaml | 0 .../prometheus/prometheus-template.yml | 0 .../rca/fabric-deployment-rca-nlb.yaml | 0 .../template/rca/fabric-deployment-rca.yaml | 0 .../fabric-deployment-register-orderer.yaml | 0 .../fabric-deployment-register-org.yaml | 0 .../fabric-deployment-register-peer.yaml | 0 .../fabric-deployment-anchor-peer.yaml | 0 .../template/zookeeper/0zk-cs.yaml | 0 .../template/zookeeper/1zk-hs.yaml | 0 .../template/zookeeper/2zk-set.yaml | 0 mamba/utils/util.py | 2 +- 84 files changed, 335 insertions(+), 4 deletions(-) rename mamba/{blockchain => }/scripts/bootstrap-network.sh (100%) create mode 100755 mamba/scripts/enroll-orderer.sh create mode 100755 mamba/scripts/enroll-peer.sh rename mamba/{blockchain => }/scripts/env-build.sh (100%) rename mamba/{blockchain => }/scripts/env.sh (100%) rename mamba/{blockchain => }/scripts/gen-channel-artifacts.sh (99%) rename mamba/{blockchain => }/scripts/gen-configtx.sh (100%) rename mamba/{blockchain => }/scripts/gen-network-config.sh (100%) rename mamba/{blockchain => }/scripts/init.sh (100%) rename mamba/{blockchain => }/scripts/register-orderer.sh (100%) rename mamba/{blockchain => }/scripts/register-org.sh (100%) rename mamba/{blockchain => }/scripts/register-peer.sh (100%) rename mamba/{blockchain => }/scripts/start-intermediate-ca.sh (100%) rename mamba/{blockchain => }/scripts/start-root-ca.sh (100%) rename mamba/{blockchain => }/scripts/update-anchor-peer.sh (100%) rename mamba/{blockchain => }/scripts/utilities.sh (100%) rename mamba/{blockchain => }/template/add-org/0create-configtx.yaml (100%) rename mamba/{blockchain => }/template/add-org/1gen-artifacts.yaml (100%) rename mamba/{blockchain => }/template/add-org/2fetch-channel.yaml (100%) rename mamba/{blockchain => }/template/add-org/3modifyingorgmaterial.yaml (100%) rename mamba/{blockchain => }/template/add-org/4createconfigupdate.yaml (100%) rename mamba/{blockchain => }/template/add-org/5signchannelconfig-optional.yaml (100%) rename mamba/{blockchain => }/template/add-org/6updatechannelconfig.yaml (100%) rename mamba/{blockchain => }/template/add-org/configtx-template.yaml (100%) rename mamba/{blockchain => }/template/add-org/network-config-template.yaml (100%) rename mamba/{blockchain => }/template/add-org/org-template.yaml (100%) rename mamba/{blockchain => }/template/admin/admin-deployment.yaml (100%) rename mamba/{blockchain => }/template/admin/admin-service.yaml (100%) rename mamba/{blockchain => }/template/autoscaler/cluster_autoscaler.yml (100%) rename mamba/{blockchain => }/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml (100%) rename mamba/{blockchain => }/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml (100%) rename mamba/{blockchain => }/template/ebs-encryption/0gp2-encryption.yaml (100%) rename mamba/{blockchain => }/template/ebs-encryption/1set_default_sc.sh (100%) rename mamba/{blockchain => }/template/efs/install_efs.sh (100%) rename mamba/{blockchain => }/template/efs/pvc-efs.yaml (100%) rename mamba/{blockchain => }/template/efs/test-efs.yaml (100%) rename mamba/{blockchain => }/template/efs/upgrade_efs.sh (100%) create mode 100644 mamba/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml rename mamba/{blockchain => }/template/enroll-peer/fabric-deployment-enroll-peer.yaml (100%) rename mamba/{blockchain => }/template/explorer/README.md (100%) rename mamba/{blockchain => }/template/explorer/explorer-db-deployment.yaml (100%) rename mamba/{blockchain => }/template/explorer/explorer-db-service.yaml (100%) rename mamba/{blockchain => }/template/explorer/explorer-deployment.yaml (100%) rename mamba/{blockchain => }/template/explorer/explorer-service.yaml (100%) rename mamba/{blockchain => }/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml (100%) rename mamba/{blockchain => }/template/grafana/grafana-service-stateful.yaml (100%) rename mamba/{blockchain => }/template/grafana/grafana-stateful.yaml (100%) rename mamba/{blockchain => }/template/helm/0get_helm.sh (100%) rename mamba/{blockchain => }/template/helm/1rbac.yaml (100%) rename mamba/{blockchain => }/template/helm/2install_helm.sh (100%) rename mamba/{blockchain => }/template/ica-ex/fabric-deployment-ica.yaml (100%) rename mamba/{blockchain => }/template/ica/fabric-deployment-ica.yaml (100%) rename mamba/{blockchain => }/template/ingress/0clusterRole.yaml (100%) rename mamba/{blockchain => }/template/ingress/1alb-ingress-controller.yaml (100%) rename mamba/{blockchain => }/template/kafka/0kafka-hs.yaml (100%) rename mamba/{blockchain => }/template/kafka/1kafka-cs.yaml (100%) rename mamba/{blockchain => }/template/kafka/2kafka-set.yaml (100%) rename mamba/{blockchain => }/template/metrics/install_metrics.sh (100%) rename mamba/{blockchain => }/template/metrics/upgrade_metrics.sh (100%) rename mamba/{blockchain => }/template/namespace/namespaces.yaml (100%) create mode 100644 mamba/template/orderer-sts/orderer-service-nlb.yaml create mode 100644 mamba/template/orderer-sts/orderer-service.yaml create mode 100644 mamba/template/orderer-sts/orderer-stateful.yaml rename mamba/{blockchain => }/template/peer-sts/DB-CLUSTER.md (100%) rename mamba/{blockchain => }/template/peer-sts/couchdb-cluster-service.yaml (100%) rename mamba/{blockchain => }/template/peer-sts/couchdb-cluster-stateful.yaml (100%) rename mamba/{blockchain => }/template/peer-sts/peer-service-nlb.yaml (100%) rename mamba/{blockchain => }/template/peer-sts/peer-service-stateful.yaml (100%) rename mamba/{blockchain => }/template/peer-sts/peer-stateful.yaml (100%) rename mamba/{blockchain => }/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml (100%) rename mamba/{blockchain => }/template/prometheus/prometheus-service-stateful.yaml (100%) rename mamba/{blockchain => }/template/prometheus/prometheus-stateful.yaml (100%) rename mamba/{blockchain => }/template/prometheus/prometheus-template.yml (100%) rename mamba/{blockchain => }/template/rca/fabric-deployment-rca-nlb.yaml (100%) rename mamba/{blockchain => }/template/rca/fabric-deployment-rca.yaml (100%) rename mamba/{blockchain => }/template/register-orderer/fabric-deployment-register-orderer.yaml (100%) rename mamba/{blockchain => }/template/register-org/fabric-deployment-register-org.yaml (100%) rename mamba/{blockchain => }/template/register-peer/fabric-deployment-register-peer.yaml (100%) rename mamba/{blockchain => }/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml (100%) rename mamba/{blockchain => }/template/zookeeper/0zk-cs.yaml (100%) rename mamba/{blockchain => }/template/zookeeper/1zk-hs.yaml (100%) rename mamba/{blockchain => }/template/zookeeper/2zk-set.yaml (100%) diff --git a/mamba/blockchain/copyscripts/commands.py b/mamba/blockchain/copyscripts/commands.py index 3f700d6..a167bd1 100644 --- a/mamba/blockchain/copyscripts/commands.py +++ b/mamba/blockchain/copyscripts/commands.py @@ -40,7 +40,7 @@ def copy_scripts(): config_file = os.path.abspath(os.path.join( __package__, "../config/.env")) env_script_File = os.path.abspath(os.path.join( - __package__, "../blockchain/scripts/env-scripts.sh")) + __package__, "../scripts/env-scripts.sh")) copyfile(config_file, env_script_File) # Remove old script folder in efs @@ -58,7 +58,7 @@ def copy_scripts(): # Copy scripts folder to efs hiss.sub_echo('Copy scripts folder to efs') script_path = os.path.abspath(os.path.join( - __package__, "../blockchain/scripts")) + __package__, "../scripts")) if not settings.k8s.cp_to_pod(podName=pods[0], namespace='default', source=script_path, target='%s/akc-ca-scripts' % settings.EFS_ROOT): return hiss.hiss('connot copy scripts folder to pod %s' % pods[0]) diff --git a/mamba/blockchain/scripts/bootstrap-network.sh b/mamba/scripts/bootstrap-network.sh similarity index 100% rename from mamba/blockchain/scripts/bootstrap-network.sh rename to mamba/scripts/bootstrap-network.sh diff --git a/mamba/scripts/enroll-orderer.sh b/mamba/scripts/enroll-orderer.sh new file mode 100755 index 0000000..5f8bde8 --- /dev/null +++ b/mamba/scripts/enroll-orderer.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +set -e + +# Setup orderer enrollment environment variables +source $(dirname "$0")/env.sh + +COUNT=$(($1+1)) + +log "Enrolling orderer $COUNT for $ORDERERORG ..." +initOrdererVars $ORDERERORG $COUNT +ENROLLMENT_URL="https://$ORDERER_NAME_PASS@$CA_HOST:7054" + +export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/orderer.$DOMAIN +mkdir -p $FABRIC_CA_CLIENT_HOME +export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE + +export TLS_CONFIG_PATH=$FABRIC_CA_CLIENT_HOME/orderers/$ORDERER_HOST/tls +export MSPCONFIGPATH=$FABRIC_CA_CLIENT_HOME/orderers/$ORDERER_HOST/msp + +mkdir -p $TLS_CONFIG_PATH +mkdir -p $MSPCONFIGPATH + +log "Preparing to enroll '$ORDERER_HOST:$ORDERER_PORT', enrolled via '$ENROLLMENT_URL' with MSP at '$ORDERER_GENERAL_LOCALMSPDIR'" + +# Enroll to get orderer's TLS cert (using the "tls" profile) +if [ "$EXTERNAL_ORDERER_ADDRESSES" == "" ]; then + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $ORDERER_HOST +else + log "Enroll with EXTERNAL_ORDERER_ADDRESSES=$EXTERNAL_ORDERER_ADDRESSES" + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $ORDERER_HOST --csr.hosts $EXTERNAL_ORDERER_ADDRESSES +fi + +# # Copy the TLS key and cert to the appropriate place +# TLSDIR=$ORDERER_HOME/tls +# mkdir -p $TLSDIR +# cp /tmp/tls/keystore/* $ORDERER_GENERAL_TLS_PRIVATEKEY +# cp /tmp/tls/signcerts/* $ORDERER_GENERAL_TLS_CERTIFICATE +# rm -rf /tmp/tls + +# Enroll again to get the orderer's enrollment certificate (default profile) +if [ "$EXTERNAL_ORDERER_ADDRESSES" != ""]; then + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $ORDERER_HOST --csr.hosts $EXTERNAL_ORDERER_ADDRESSES +else + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $ORDERER_HOST +fi +# fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $ORDERER_GENERAL_LOCALMSPDIR + +# Finish setting up the local MSP for the orderer +finishMSPSetup $MSPCONFIGPATH +cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${MSPCONFIGPATH}/config.yaml +set -x +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${TLS_CONFIG_PATH}/ca.crt +cp ${TLS_CONFIG_PATH}/signcerts/* ${TLS_CONFIG_PATH}/server.crt +cp ${TLS_CONFIG_PATH}/keystore/* ${TLS_CONFIG_PATH}/server.key + +mkdir -p ${MSPCONFIGPATH}/tlscacerts +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${MSPCONFIGPATH}/tlscacerts/tlsca.orderer.$DOMAIN-cert.pem + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts/tlsca.orderer.$DOMAIN-cert.pem +set +x +# mkdir -p ${FABRIC_CA_CLIENT_HOME}/ca +# cp ${MSPCONFIGPATH}/cacerts/* ${FABRIC_CA_CLIENT_HOME}/ca/ca.$PEERORG.$DOMAIN-cert.pem +# copyAdminCert $ORDERER_GENERAL_LOCALMSPDIR + +# copy tls & msp crt +# cp /etc/hyperledger/orderer/msp/keystore/* /data/orgs/orderer/msp/keystore/key.pem +# cp /etc/hyperledger/orderer/msp/signcerts/cert.pem /data/orgs/orderer/msp/signcerts/ +# mkdir -p /data/orgs/orderer/tls +# cp $ORDERER_GENERAL_TLS_PRIVATEKEY /data/orgs/orderer/tls +# cp $ORDERER_GENERAL_TLS_CERTIFICATE /data/orgs/orderer/tls \ No newline at end of file diff --git a/mamba/scripts/enroll-peer.sh b/mamba/scripts/enroll-peer.sh new file mode 100755 index 0000000..45d9574ec --- /dev/null +++ b/mamba/scripts/enroll-peer.sh @@ -0,0 +1,85 @@ +#!/bin/bash +set -e + +source $(dirname "$0")/env.sh +log "Enrolling peer $1 for org $PEERORG ..." +initPeerVars $PEERORG $1 +ENROLLMENT_URL="https://$PEER_NAME_PASS@$CA_HOST:7054" +# getDomain $PEERORG + +export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$PEERORG.$DOMAIN +mkdir -p $FABRIC_CA_CLIENT_HOME +export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE + +export TLS_CONFIG_PATH=$FABRIC_CA_CLIENT_HOME/peers/$PEER_HOST/tls +export MSPCONFIGPATH=$FABRIC_CA_CLIENT_HOME/peers/$PEER_HOST/msp + +mkdir -p $TLS_CONFIG_PATH +mkdir -p $MSPCONFIGPATH +log "Preparing to enroll peer '$CORE_PEER_ID', host '$PEER_HOST', enrolled via '$ENROLLMENT_URL' with MSP at '$CORE_PEER_MSPCONFIGPATH'" +if [ "$EXTERNAL_PEER_HOST" != ""]; then + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST +else + fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M $TLS_CONFIG_PATH --csr.hosts $PEER_HOST +fi + + +# # Although a peer may use the same TLS key and certificate file for both inbound and outbound TLS, +# # we generate a different key and certificate for inbound and outbound TLS simply to show that it is permissible + +# # Generate server TLS cert and key pair for the peer +# if [ "$EXTERNAL_PEER_HOST" != ""]; then +# fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST +# else +# fabric-ca-client enroll -d --enrollment.profile tls -u $ENROLLMENT_URL -M /tmp/tls --csr.hosts $PEER_HOST +# fi + +# log "Copy the TLS key and cert to the appropriate place" +# TLSDIR=$PEER_HOME/tls +# mkdir -p $TLSDIR +# cp /tmp/tls/signcerts/* $CORE_PEER_TLS_CERT_FILE +# cp /tmp/tls/keystore/* $CORE_PEER_TLS_KEY_FILE +# rm -rf /tmp/tls + +# log "Generate client TLS cert and key pair for the peer" +# genClientTLSCert $PEER_HOST $CORE_PEER_TLS_CLIENTCERT_FILE $CORE_PEER_TLS_CLIENTKEY_FILE + +# log "Generate client TLS cert and key pair for the peer CLI" +# genClientTLSCert $PEER_HOST /$DATA/tls/$PEER_NAME-cli-client.crt /$DATA/tls/$PEER_NAME-cli-client.key + +# Enroll the peer to get an enrollment certificate and set up the core's local MSP directory +if [ "$EXTERNAL_PEER_HOST" != ""]; then + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $PEER_HOST --csr.hosts $EXTERNAL_PEER_HOST +else + fabric-ca-client enroll -d -u $ENROLLMENT_URL -M $MSPCONFIGPATH --csr.hosts $PEER_HOST +fi +sleep 10 +finishMSPSetup $MSPCONFIGPATH +cp ${FABRIC_CA_CLIENT_HOME}/msp/config.yaml ${MSPCONFIGPATH}/config.yaml +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${TLS_CONFIG_PATH}/ca.crt +cp ${TLS_CONFIG_PATH}/signcerts/* ${TLS_CONFIG_PATH}/server.crt +cp ${TLS_CONFIG_PATH}/keystore/* ${TLS_CONFIG_PATH}/server.key + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts/ca.crt + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/tlsca +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/tlsca/tlsca.$PEERORG.$DOMAIN-cert.pem + +mkdir -p ${FABRIC_CA_CLIENT_HOME}/ca +cp ${MSPCONFIGPATH}/cacerts/* ${FABRIC_CA_CLIENT_HOME}/ca/ca.$PEERORG.$DOMAIN-cert.pem +# copyAdminCert $CORE_PEER_MSPCONFIGPATH + +# copy tls & msp crt +# mkdir -p /data/orgs/$CORE_PEER_ID/msp/keystore +# mkdir -p /data/orgs/$CORE_PEER_ID/msp/signcerts +# mkdir -p /data/orgs/$CORE_PEER_ID/tls +# cp $CORE_PEER_MSPCONFIGPATH/keystore/* /data/orgs/$CORE_PEER_ID/msp/keystore/key.pem +# cp $CORE_PEER_MSPCONFIGPATH/signcerts/cert.pem /data/orgs/$CORE_PEER_ID/msp/keystore/cert.pem +# cp $CORE_PEER_TLS_CERT_FILE /data/orgs/$CORE_PEER_ID/tls/ +# cp $CORE_PEER_TLS_KEY_FILE /data/orgs/$CORE_PEER_ID/tls/ + + +# cp $TLS_CONFIG_PATH/ + +log "Finished registering peer for org $PEERORG" \ No newline at end of file diff --git a/mamba/blockchain/scripts/env-build.sh b/mamba/scripts/env-build.sh similarity index 100% rename from mamba/blockchain/scripts/env-build.sh rename to mamba/scripts/env-build.sh diff --git a/mamba/blockchain/scripts/env.sh b/mamba/scripts/env.sh similarity index 100% rename from mamba/blockchain/scripts/env.sh rename to mamba/scripts/env.sh diff --git a/mamba/blockchain/scripts/gen-channel-artifacts.sh b/mamba/scripts/gen-channel-artifacts.sh similarity index 99% rename from mamba/blockchain/scripts/gen-channel-artifacts.sh rename to mamba/scripts/gen-channel-artifacts.sh index 1c3456d..3a36352 100755 --- a/mamba/blockchain/scripts/gen-channel-artifacts.sh +++ b/mamba/scripts/gen-channel-artifacts.sh @@ -368,7 +368,7 @@ function generateChannelArtifacts() { log "Generating orderer genesis block at $GENESIS_BLOCK_FILE" # Note: For some unknown reason (at least for now) the block file can't be # named orderer.genesis.block or the orderer will fail to launch! - if [ "$FABRIC_TAG" == "2.0.0" ]; then + if [ "$FABRIC_TAG" == "2.2.0" ]; then configtxgen -profile OrgsOrdererGenesis -channelID mamba-sys-channel -outputBlock $GENESIS_BLOCK_FILE else configtxgen -profile OrgsOrdererGenesis -outputBlock $GENESIS_BLOCK_FILE diff --git a/mamba/blockchain/scripts/gen-configtx.sh b/mamba/scripts/gen-configtx.sh similarity index 100% rename from mamba/blockchain/scripts/gen-configtx.sh rename to mamba/scripts/gen-configtx.sh diff --git a/mamba/blockchain/scripts/gen-network-config.sh b/mamba/scripts/gen-network-config.sh similarity index 100% rename from mamba/blockchain/scripts/gen-network-config.sh rename to mamba/scripts/gen-network-config.sh diff --git a/mamba/blockchain/scripts/init.sh b/mamba/scripts/init.sh similarity index 100% rename from mamba/blockchain/scripts/init.sh rename to mamba/scripts/init.sh diff --git a/mamba/blockchain/scripts/register-orderer.sh b/mamba/scripts/register-orderer.sh similarity index 100% rename from mamba/blockchain/scripts/register-orderer.sh rename to mamba/scripts/register-orderer.sh diff --git a/mamba/blockchain/scripts/register-org.sh b/mamba/scripts/register-org.sh similarity index 100% rename from mamba/blockchain/scripts/register-org.sh rename to mamba/scripts/register-org.sh diff --git a/mamba/blockchain/scripts/register-peer.sh b/mamba/scripts/register-peer.sh similarity index 100% rename from mamba/blockchain/scripts/register-peer.sh rename to mamba/scripts/register-peer.sh diff --git a/mamba/blockchain/scripts/start-intermediate-ca.sh b/mamba/scripts/start-intermediate-ca.sh similarity index 100% rename from mamba/blockchain/scripts/start-intermediate-ca.sh rename to mamba/scripts/start-intermediate-ca.sh diff --git a/mamba/blockchain/scripts/start-root-ca.sh b/mamba/scripts/start-root-ca.sh similarity index 100% rename from mamba/blockchain/scripts/start-root-ca.sh rename to mamba/scripts/start-root-ca.sh diff --git a/mamba/blockchain/scripts/update-anchor-peer.sh b/mamba/scripts/update-anchor-peer.sh similarity index 100% rename from mamba/blockchain/scripts/update-anchor-peer.sh rename to mamba/scripts/update-anchor-peer.sh diff --git a/mamba/blockchain/scripts/utilities.sh b/mamba/scripts/utilities.sh similarity index 100% rename from mamba/blockchain/scripts/utilities.sh rename to mamba/scripts/utilities.sh diff --git a/mamba/blockchain/template/add-org/0create-configtx.yaml b/mamba/template/add-org/0create-configtx.yaml similarity index 100% rename from mamba/blockchain/template/add-org/0create-configtx.yaml rename to mamba/template/add-org/0create-configtx.yaml diff --git a/mamba/blockchain/template/add-org/1gen-artifacts.yaml b/mamba/template/add-org/1gen-artifacts.yaml similarity index 100% rename from mamba/blockchain/template/add-org/1gen-artifacts.yaml rename to mamba/template/add-org/1gen-artifacts.yaml diff --git a/mamba/blockchain/template/add-org/2fetch-channel.yaml b/mamba/template/add-org/2fetch-channel.yaml similarity index 100% rename from mamba/blockchain/template/add-org/2fetch-channel.yaml rename to mamba/template/add-org/2fetch-channel.yaml diff --git a/mamba/blockchain/template/add-org/3modifyingorgmaterial.yaml b/mamba/template/add-org/3modifyingorgmaterial.yaml similarity index 100% rename from mamba/blockchain/template/add-org/3modifyingorgmaterial.yaml rename to mamba/template/add-org/3modifyingorgmaterial.yaml diff --git a/mamba/blockchain/template/add-org/4createconfigupdate.yaml b/mamba/template/add-org/4createconfigupdate.yaml similarity index 100% rename from mamba/blockchain/template/add-org/4createconfigupdate.yaml rename to mamba/template/add-org/4createconfigupdate.yaml diff --git a/mamba/blockchain/template/add-org/5signchannelconfig-optional.yaml b/mamba/template/add-org/5signchannelconfig-optional.yaml similarity index 100% rename from mamba/blockchain/template/add-org/5signchannelconfig-optional.yaml rename to mamba/template/add-org/5signchannelconfig-optional.yaml diff --git a/mamba/blockchain/template/add-org/6updatechannelconfig.yaml b/mamba/template/add-org/6updatechannelconfig.yaml similarity index 100% rename from mamba/blockchain/template/add-org/6updatechannelconfig.yaml rename to mamba/template/add-org/6updatechannelconfig.yaml diff --git a/mamba/blockchain/template/add-org/configtx-template.yaml b/mamba/template/add-org/configtx-template.yaml similarity index 100% rename from mamba/blockchain/template/add-org/configtx-template.yaml rename to mamba/template/add-org/configtx-template.yaml diff --git a/mamba/blockchain/template/add-org/network-config-template.yaml b/mamba/template/add-org/network-config-template.yaml similarity index 100% rename from mamba/blockchain/template/add-org/network-config-template.yaml rename to mamba/template/add-org/network-config-template.yaml diff --git a/mamba/blockchain/template/add-org/org-template.yaml b/mamba/template/add-org/org-template.yaml similarity index 100% rename from mamba/blockchain/template/add-org/org-template.yaml rename to mamba/template/add-org/org-template.yaml diff --git a/mamba/blockchain/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml similarity index 100% rename from mamba/blockchain/template/admin/admin-deployment.yaml rename to mamba/template/admin/admin-deployment.yaml diff --git a/mamba/blockchain/template/admin/admin-service.yaml b/mamba/template/admin/admin-service.yaml similarity index 100% rename from mamba/blockchain/template/admin/admin-service.yaml rename to mamba/template/admin/admin-service.yaml diff --git a/mamba/blockchain/template/autoscaler/cluster_autoscaler.yml b/mamba/template/autoscaler/cluster_autoscaler.yml similarity index 100% rename from mamba/blockchain/template/autoscaler/cluster_autoscaler.yml rename to mamba/template/autoscaler/cluster_autoscaler.yml diff --git a/mamba/blockchain/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml similarity index 100% rename from mamba/blockchain/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml rename to mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml diff --git a/mamba/blockchain/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml b/mamba/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml similarity index 100% rename from mamba/blockchain/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml rename to mamba/template/channel-artifacts/fabric-deployment-channel-artifacts.yaml diff --git a/mamba/blockchain/template/ebs-encryption/0gp2-encryption.yaml b/mamba/template/ebs-encryption/0gp2-encryption.yaml similarity index 100% rename from mamba/blockchain/template/ebs-encryption/0gp2-encryption.yaml rename to mamba/template/ebs-encryption/0gp2-encryption.yaml diff --git a/mamba/blockchain/template/ebs-encryption/1set_default_sc.sh b/mamba/template/ebs-encryption/1set_default_sc.sh similarity index 100% rename from mamba/blockchain/template/ebs-encryption/1set_default_sc.sh rename to mamba/template/ebs-encryption/1set_default_sc.sh diff --git a/mamba/blockchain/template/efs/install_efs.sh b/mamba/template/efs/install_efs.sh similarity index 100% rename from mamba/blockchain/template/efs/install_efs.sh rename to mamba/template/efs/install_efs.sh diff --git a/mamba/blockchain/template/efs/pvc-efs.yaml b/mamba/template/efs/pvc-efs.yaml similarity index 100% rename from mamba/blockchain/template/efs/pvc-efs.yaml rename to mamba/template/efs/pvc-efs.yaml diff --git a/mamba/blockchain/template/efs/test-efs.yaml b/mamba/template/efs/test-efs.yaml similarity index 100% rename from mamba/blockchain/template/efs/test-efs.yaml rename to mamba/template/efs/test-efs.yaml diff --git a/mamba/blockchain/template/efs/upgrade_efs.sh b/mamba/template/efs/upgrade_efs.sh similarity index 100% rename from mamba/blockchain/template/efs/upgrade_efs.sh rename to mamba/template/efs/upgrade_efs.sh diff --git a/mamba/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml b/mamba/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml new file mode 100644 index 0000000..8809e51 --- /dev/null +++ b/mamba/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml @@ -0,0 +1,41 @@ +apiVersion: batch/v1 +kind: Job +metadata: + namespace: {{ENROLL_DOMAIN}} + name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} +spec: + template: + metadata: + labels: + app: hyperledger + role: {{ORDERER}} + org: {{ENROLL_DOMAIN}} + name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} + spec: + restartPolicy: "Never" + containers: + - name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} + image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} + env: + - name: ORDERERORG + value: {{ORDERER}} + - name: FABRIC_CA_CLIENT_TLS_CERTFILES + value: /data/ica-{{ORDERER}}-ca-chain.pem + - name: ORDERER_HOME + value: /etc/hyperledger/orderer + command: ["sh"] + args: ["-c", "/scripts/enroll-orderer.sh {{ORDERER_INDEX}} 2>&1;"] + volumeMounts: + - mountPath: /scripts + name: rca-scripts + - mountPath: /data + name: rca-data + volumes: + - name: rca-scripts + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-scripts/ + - name: rca-data + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ diff --git a/mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml b/mamba/template/enroll-peer/fabric-deployment-enroll-peer.yaml similarity index 100% rename from mamba/blockchain/template/enroll-peer/fabric-deployment-enroll-peer.yaml rename to mamba/template/enroll-peer/fabric-deployment-enroll-peer.yaml diff --git a/mamba/blockchain/template/explorer/README.md b/mamba/template/explorer/README.md similarity index 100% rename from mamba/blockchain/template/explorer/README.md rename to mamba/template/explorer/README.md diff --git a/mamba/blockchain/template/explorer/explorer-db-deployment.yaml b/mamba/template/explorer/explorer-db-deployment.yaml similarity index 100% rename from mamba/blockchain/template/explorer/explorer-db-deployment.yaml rename to mamba/template/explorer/explorer-db-deployment.yaml diff --git a/mamba/blockchain/template/explorer/explorer-db-service.yaml b/mamba/template/explorer/explorer-db-service.yaml similarity index 100% rename from mamba/blockchain/template/explorer/explorer-db-service.yaml rename to mamba/template/explorer/explorer-db-service.yaml diff --git a/mamba/blockchain/template/explorer/explorer-deployment.yaml b/mamba/template/explorer/explorer-deployment.yaml similarity index 100% rename from mamba/blockchain/template/explorer/explorer-deployment.yaml rename to mamba/template/explorer/explorer-deployment.yaml diff --git a/mamba/blockchain/template/explorer/explorer-service.yaml b/mamba/template/explorer/explorer-service.yaml similarity index 100% rename from mamba/blockchain/template/explorer/explorer-service.yaml rename to mamba/template/explorer/explorer-service.yaml diff --git a/mamba/blockchain/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml b/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml similarity index 100% rename from mamba/blockchain/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml rename to mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml diff --git a/mamba/blockchain/template/grafana/grafana-service-stateful.yaml b/mamba/template/grafana/grafana-service-stateful.yaml similarity index 100% rename from mamba/blockchain/template/grafana/grafana-service-stateful.yaml rename to mamba/template/grafana/grafana-service-stateful.yaml diff --git a/mamba/blockchain/template/grafana/grafana-stateful.yaml b/mamba/template/grafana/grafana-stateful.yaml similarity index 100% rename from mamba/blockchain/template/grafana/grafana-stateful.yaml rename to mamba/template/grafana/grafana-stateful.yaml diff --git a/mamba/blockchain/template/helm/0get_helm.sh b/mamba/template/helm/0get_helm.sh similarity index 100% rename from mamba/blockchain/template/helm/0get_helm.sh rename to mamba/template/helm/0get_helm.sh diff --git a/mamba/blockchain/template/helm/1rbac.yaml b/mamba/template/helm/1rbac.yaml similarity index 100% rename from mamba/blockchain/template/helm/1rbac.yaml rename to mamba/template/helm/1rbac.yaml diff --git a/mamba/blockchain/template/helm/2install_helm.sh b/mamba/template/helm/2install_helm.sh similarity index 100% rename from mamba/blockchain/template/helm/2install_helm.sh rename to mamba/template/helm/2install_helm.sh diff --git a/mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml b/mamba/template/ica-ex/fabric-deployment-ica.yaml similarity index 100% rename from mamba/blockchain/template/ica-ex/fabric-deployment-ica.yaml rename to mamba/template/ica-ex/fabric-deployment-ica.yaml diff --git a/mamba/blockchain/template/ica/fabric-deployment-ica.yaml b/mamba/template/ica/fabric-deployment-ica.yaml similarity index 100% rename from mamba/blockchain/template/ica/fabric-deployment-ica.yaml rename to mamba/template/ica/fabric-deployment-ica.yaml diff --git a/mamba/blockchain/template/ingress/0clusterRole.yaml b/mamba/template/ingress/0clusterRole.yaml similarity index 100% rename from mamba/blockchain/template/ingress/0clusterRole.yaml rename to mamba/template/ingress/0clusterRole.yaml diff --git a/mamba/blockchain/template/ingress/1alb-ingress-controller.yaml b/mamba/template/ingress/1alb-ingress-controller.yaml similarity index 100% rename from mamba/blockchain/template/ingress/1alb-ingress-controller.yaml rename to mamba/template/ingress/1alb-ingress-controller.yaml diff --git a/mamba/blockchain/template/kafka/0kafka-hs.yaml b/mamba/template/kafka/0kafka-hs.yaml similarity index 100% rename from mamba/blockchain/template/kafka/0kafka-hs.yaml rename to mamba/template/kafka/0kafka-hs.yaml diff --git a/mamba/blockchain/template/kafka/1kafka-cs.yaml b/mamba/template/kafka/1kafka-cs.yaml similarity index 100% rename from mamba/blockchain/template/kafka/1kafka-cs.yaml rename to mamba/template/kafka/1kafka-cs.yaml diff --git a/mamba/blockchain/template/kafka/2kafka-set.yaml b/mamba/template/kafka/2kafka-set.yaml similarity index 100% rename from mamba/blockchain/template/kafka/2kafka-set.yaml rename to mamba/template/kafka/2kafka-set.yaml diff --git a/mamba/blockchain/template/metrics/install_metrics.sh b/mamba/template/metrics/install_metrics.sh similarity index 100% rename from mamba/blockchain/template/metrics/install_metrics.sh rename to mamba/template/metrics/install_metrics.sh diff --git a/mamba/blockchain/template/metrics/upgrade_metrics.sh b/mamba/template/metrics/upgrade_metrics.sh similarity index 100% rename from mamba/blockchain/template/metrics/upgrade_metrics.sh rename to mamba/template/metrics/upgrade_metrics.sh diff --git a/mamba/blockchain/template/namespace/namespaces.yaml b/mamba/template/namespace/namespaces.yaml similarity index 100% rename from mamba/blockchain/template/namespace/namespaces.yaml rename to mamba/template/namespace/namespaces.yaml diff --git a/mamba/template/orderer-sts/orderer-service-nlb.yaml b/mamba/template/orderer-sts/orderer-service-nlb.yaml new file mode 100644 index 0000000..c03d8fd --- /dev/null +++ b/mamba/template/orderer-sts/orderer-service-nlb.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: orderer{{ORDERER_INDEX}}-{{ORDERER}}-nlb + namespace: {{ORDERER_DOMAIN}} + annotations: + service.beta.kubernetes.io/aws-load-balancer-type: "nlb" +spec: + selector: + app: hyperledger + role: {{ORDERER}} + orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} + org: {{ORDERER_DOMAIN}} + ports: + - name: listen-endpoint + protocol: TCP + port: 7050 + targetPort: 7050 + type: LoadBalancer diff --git a/mamba/template/orderer-sts/orderer-service.yaml b/mamba/template/orderer-sts/orderer-service.yaml new file mode 100644 index 0000000..7c99911 --- /dev/null +++ b/mamba/template/orderer-sts/orderer-service.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: orderer{{ORDERER_INDEX}}-{{ORDERER}} + namespace: {{ORDERER_DOMAIN}} +spec: + selector: + app: hyperledger + role: {{ORDERER}} + orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} + org: {{ORDERER_DOMAIN}} + type: NodePort + ports: + - name: listen-endpoint + protocol: TCP + port: 7050 + targetPort: 7050 + - name: prometheus-listen-endpoint + protocol: TCP + port: 10443 diff --git a/mamba/template/orderer-sts/orderer-stateful.yaml b/mamba/template/orderer-sts/orderer-stateful.yaml new file mode 100644 index 0000000..26b9323 --- /dev/null +++ b/mamba/template/orderer-sts/orderer-stateful.yaml @@ -0,0 +1,92 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + namespace: {{ORDERER_DOMAIN}} + name: orderer{{ORDERER_INDEX}}-{{ORDERER}} +spec: + serviceName: orderer{{ORDERER_INDEX}}-{{ORDERER}} + replicas: 1 + selector: + matchLabels: + app: hyperledger + role: {{ORDERER}} + org: {{ORDERER_DOMAIN}} + orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} + template: + metadata: + labels: + app: hyperledger + role: {{ORDERER}} + org: {{ORDERER_DOMAIN}} + orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} + spec: + containers: + - name: orderer{{ORDERER_INDEX}}-orderer-akc + image: hyperledger/fabric-orderer:{{FABRIC_TAG}} + # resources: + # requests: + # memory: "150Mi" + # cpu: "50m" + # limits: + # memory: "3000Mi" + # cpu: "2" + command: ["sh", "-c", "orderer"] + env: + - name: FABRIC_LOGGING_SPEC + #value: info + value: DEBUG + - name: ORDERER_CFG_PATH + value: /shared/ + - name: ORDERER_GENERAL_LEDGERTYPE + value: file + - name: ORDERER_FILELEDGER_LOCATION + value: /var/ledger/orderer{{ORDERER_INDEX}} + - name: ORDERER_GENERAL_LISTENADDRESS + value: 0.0.0.0 + - name: ORDERER_GENERAL_LOCALMSPDIR + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/msp + - name: ORDERER_GENERAL_LOCALMSPID + value: ordererMSP + - name: ORDERER_GENERAL_GENESISMETHOD + value: file + - name: ORDERER_GENERAL_GENESISFILE + value: /shared/genesis.block + - name: ORDERER_GENERAL_TLS_ENABLED + value: "true" + - name: ORDERER_GENERAL_TLS_PRIVATEKEY + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.key + - name: ORDERER_GENERAL_TLS_CERTIFICATE + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.crt + # THIS IS BROKEN: * 'General.TLS.RootCAs': source data must be an array or slice, got string + - name: ORDERER_GENERAL_TLS_ROOTCAS + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/tlscacerts/tls-ica-{{ORDERER}}-{{ORDERER_DOMAIN}}-7054.pem + - name: GODEBUG + value: netdns=go + - name: ORDERER_OPERATIONS_LISTENADDRESS + value: 0.0.0.0:10443 + - name: ORDERER_METRICS_PROVIDER + value: prometheus + workingDir: /opt/gopath/src/github.com/hyperledger/fabric/orderer + ports: + - containerPort: 7050 + - containerPort: 10443 + volumeMounts: + - name: crypto-config + mountPath: /shared + - name: orderer{{ORDERER_INDEX}}-{{ORDERER_DOMAIN}}-pvc-akc + mountPath: /var/ledger/orderer{{ORDERER_INDEX}} + volumes: + - name: crypto-config + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ + volumeClaimTemplates: + - metadata: + name: orderer{{ORDERER_INDEX}}-{{ORDERER_DOMAIN}}-pvc-akc + spec: + accessModes: [ "ReadWriteOnce" ] + storageClassName: gp2 + resources: + requests: + storage: 5Gi diff --git a/mamba/blockchain/template/peer-sts/DB-CLUSTER.md b/mamba/template/peer-sts/DB-CLUSTER.md similarity index 100% rename from mamba/blockchain/template/peer-sts/DB-CLUSTER.md rename to mamba/template/peer-sts/DB-CLUSTER.md diff --git a/mamba/blockchain/template/peer-sts/couchdb-cluster-service.yaml b/mamba/template/peer-sts/couchdb-cluster-service.yaml similarity index 100% rename from mamba/blockchain/template/peer-sts/couchdb-cluster-service.yaml rename to mamba/template/peer-sts/couchdb-cluster-service.yaml diff --git a/mamba/blockchain/template/peer-sts/couchdb-cluster-stateful.yaml b/mamba/template/peer-sts/couchdb-cluster-stateful.yaml similarity index 100% rename from mamba/blockchain/template/peer-sts/couchdb-cluster-stateful.yaml rename to mamba/template/peer-sts/couchdb-cluster-stateful.yaml diff --git a/mamba/blockchain/template/peer-sts/peer-service-nlb.yaml b/mamba/template/peer-sts/peer-service-nlb.yaml similarity index 100% rename from mamba/blockchain/template/peer-sts/peer-service-nlb.yaml rename to mamba/template/peer-sts/peer-service-nlb.yaml diff --git a/mamba/blockchain/template/peer-sts/peer-service-stateful.yaml b/mamba/template/peer-sts/peer-service-stateful.yaml similarity index 100% rename from mamba/blockchain/template/peer-sts/peer-service-stateful.yaml rename to mamba/template/peer-sts/peer-service-stateful.yaml diff --git a/mamba/blockchain/template/peer-sts/peer-stateful.yaml b/mamba/template/peer-sts/peer-stateful.yaml similarity index 100% rename from mamba/blockchain/template/peer-sts/peer-stateful.yaml rename to mamba/template/peer-sts/peer-stateful.yaml diff --git a/mamba/blockchain/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml b/mamba/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml similarity index 100% rename from mamba/blockchain/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml rename to mamba/template/peer-sts/peer-using-couchdb-cluster-stateful.yaml diff --git a/mamba/blockchain/template/prometheus/prometheus-service-stateful.yaml b/mamba/template/prometheus/prometheus-service-stateful.yaml similarity index 100% rename from mamba/blockchain/template/prometheus/prometheus-service-stateful.yaml rename to mamba/template/prometheus/prometheus-service-stateful.yaml diff --git a/mamba/blockchain/template/prometheus/prometheus-stateful.yaml b/mamba/template/prometheus/prometheus-stateful.yaml similarity index 100% rename from mamba/blockchain/template/prometheus/prometheus-stateful.yaml rename to mamba/template/prometheus/prometheus-stateful.yaml diff --git a/mamba/blockchain/template/prometheus/prometheus-template.yml b/mamba/template/prometheus/prometheus-template.yml similarity index 100% rename from mamba/blockchain/template/prometheus/prometheus-template.yml rename to mamba/template/prometheus/prometheus-template.yml diff --git a/mamba/blockchain/template/rca/fabric-deployment-rca-nlb.yaml b/mamba/template/rca/fabric-deployment-rca-nlb.yaml similarity index 100% rename from mamba/blockchain/template/rca/fabric-deployment-rca-nlb.yaml rename to mamba/template/rca/fabric-deployment-rca-nlb.yaml diff --git a/mamba/blockchain/template/rca/fabric-deployment-rca.yaml b/mamba/template/rca/fabric-deployment-rca.yaml similarity index 100% rename from mamba/blockchain/template/rca/fabric-deployment-rca.yaml rename to mamba/template/rca/fabric-deployment-rca.yaml diff --git a/mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml b/mamba/template/register-orderer/fabric-deployment-register-orderer.yaml similarity index 100% rename from mamba/blockchain/template/register-orderer/fabric-deployment-register-orderer.yaml rename to mamba/template/register-orderer/fabric-deployment-register-orderer.yaml diff --git a/mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml b/mamba/template/register-org/fabric-deployment-register-org.yaml similarity index 100% rename from mamba/blockchain/template/register-org/fabric-deployment-register-org.yaml rename to mamba/template/register-org/fabric-deployment-register-org.yaml diff --git a/mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml b/mamba/template/register-peer/fabric-deployment-register-peer.yaml similarity index 100% rename from mamba/blockchain/template/register-peer/fabric-deployment-register-peer.yaml rename to mamba/template/register-peer/fabric-deployment-register-peer.yaml diff --git a/mamba/blockchain/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml b/mamba/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml similarity index 100% rename from mamba/blockchain/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml rename to mamba/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml diff --git a/mamba/blockchain/template/zookeeper/0zk-cs.yaml b/mamba/template/zookeeper/0zk-cs.yaml similarity index 100% rename from mamba/blockchain/template/zookeeper/0zk-cs.yaml rename to mamba/template/zookeeper/0zk-cs.yaml diff --git a/mamba/blockchain/template/zookeeper/1zk-hs.yaml b/mamba/template/zookeeper/1zk-hs.yaml similarity index 100% rename from mamba/blockchain/template/zookeeper/1zk-hs.yaml rename to mamba/template/zookeeper/1zk-hs.yaml diff --git a/mamba/blockchain/template/zookeeper/2zk-set.yaml b/mamba/template/zookeeper/2zk-set.yaml similarity index 100% rename from mamba/blockchain/template/zookeeper/2zk-set.yaml rename to mamba/template/zookeeper/2zk-set.yaml diff --git a/mamba/utils/util.py b/mamba/utils/util.py index 1bad450..73dd226 100644 --- a/mamba/utils/util.py +++ b/mamba/utils/util.py @@ -56,7 +56,7 @@ def get_temp_path(): def get_k8s_template_path(): - return os.path.abspath(os.path.join(__package__, "../blockchain/template")) + return os.path.abspath(os.path.join(__package__, "../template")) def split_timenow_utc(): From 2d3e102ac51f5888bc6dafb34839659e3fcf5072 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 24 Jul 2020 02:42:41 +0000 Subject: [PATCH 22/52] add example for external chaincode --- .../external-chaincode/fabcar/Dockerfile | 19 ++ .../external-chaincode/fabcar/fabcar.go | 196 ++++++++++++++++++ .../example/external-chaincode/fabcar/go.mod | 12 ++ 3 files changed, 227 insertions(+) create mode 100644 mamba/example/external-chaincode/fabcar/Dockerfile create mode 100644 mamba/example/external-chaincode/fabcar/fabcar.go create mode 100644 mamba/example/external-chaincode/fabcar/go.mod diff --git a/mamba/example/external-chaincode/fabcar/Dockerfile b/mamba/example/external-chaincode/fabcar/Dockerfile new file mode 100644 index 0000000..e99334e --- /dev/null +++ b/mamba/example/external-chaincode/fabcar/Dockerfile @@ -0,0 +1,19 @@ +# This image is a microservice in golang for the Degree chaincode +FROM golang:1.14.2-alpine AS build + +COPY ./ /go/src/github.com/fabcar +WORKDIR /go/src/github.com/fabcar + +# Build application +RUN go build -o chaincode -v . + +# Production ready image +# Pass the binary to the prod image +FROM alpine:3.11 as prod + +COPY --from=build /go/src/github.com/fabcar/chaincode /app/chaincode + +USER 1000 + +WORKDIR /app +CMD ./chaincode \ No newline at end of file diff --git a/mamba/example/external-chaincode/fabcar/fabcar.go b/mamba/example/external-chaincode/fabcar/fabcar.go new file mode 100644 index 0000000..4373266 --- /dev/null +++ b/mamba/example/external-chaincode/fabcar/fabcar.go @@ -0,0 +1,196 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package main + + import ( + "encoding/json" + "fmt" + "strconv" + "os" + + "github.com/hyperledger/fabric-chaincode-go/shim" + "github.com/hyperledger/fabric-contract-api-go/contractapi" + ) + + // SmartContract provides functions for managing a car + type SmartContract struct { + contractapi.Contract + } + + // Car describes basic details of what makes up a car + type Car struct { + Make string `json:"make"` + Model string `json:"model"` + Colour string `json:"colour"` + Owner string `json:"owner"` + } + + // QueryResult structure used for handling result of query + type QueryResult struct { + Key string `json:"Key"` + Record *Car + } + + // Main function to start the external chaincode server + func main() { + cc, err := contractapi.NewChaincode(new(SmartContract)) + + if err != nil { + fmt.Println("Error starting a new ContractApi Chaincode:", err) + } + + server := &shim.ChaincodeServer{ + CCID: os.Getenv("CHAINCODE_CCID"), + Address: os.Getenv("CHAINCODE_ADDRESS"), + CC: cc, + TLSProps: shim.TLSProperties{ + Disabled: true, + }, + } + + // Start the chaincode external server + err = server.Start() + + if err != nil { + fmt.Println("Error starting FabCar chaincode server:", err) + } else { + fmt.Println("Succesfully started new Fabcar Chaincode server with the new ContractApi") + } + } + + // InitLedger adds a base set of cars to the ledger + func (s *SmartContract) InitLedger(ctx contractapi.TransactionContextInterface) error { + cars := []Car{ + Car{Make: "Toyota", Model: "Prius", Colour: "blue", Owner: "Tomoko"}, + Car{Make: "Ford", Model: "Mustang", Colour: "red", Owner: "Brad"}, + Car{Make: "Hyundai", Model: "Tucson", Colour: "green", Owner: "Jin Soo"}, + Car{Make: "Volkswagen", Model: "Passat", Colour: "yellow", Owner: "Max"}, + Car{Make: "Tesla", Model: "S", Colour: "black", Owner: "Adriana"}, + Car{Make: "Peugeot", Model: "205", Colour: "purple", Owner: "Michel"}, + Car{Make: "Chery", Model: "S22L", Colour: "white", Owner: "Aarav"}, + Car{Make: "Fiat", Model: "Punto", Colour: "violet", Owner: "Pari"}, + Car{Make: "Tata", Model: "Nano", Colour: "indigo", Owner: "Valeria"}, + Car{Make: "Holden", Model: "Barina", Colour: "brown", Owner: "Shotaro"}, + } + + for i, car := range cars { + carAsBytes, _ := json.Marshal(car) + err := ctx.GetStub().PutState("CAR"+strconv.Itoa(i), carAsBytes) + + if err != nil { + return fmt.Errorf("Failed to put to world state. %s", err.Error()) + } + } + + return nil + } + + // CreateCar adds a new car to the world state with given details + func (s *SmartContract) CreateCar(ctx contractapi.TransactionContextInterface, carNumber string, make string, model string, colour string, owner string) error { + car := Car{ + Make: make, + Model: model, + Colour: colour, + Owner: owner, + } + + carAsBytes, _ := json.Marshal(car) + + return ctx.GetStub().PutState(carNumber, carAsBytes) + } + + // QueryCar returns the car stored in the world state with given id + func (s *SmartContract) QueryCar(ctx contractapi.TransactionContextInterface, carNumber string) (*Car, error) { + carAsBytes, err := ctx.GetStub().GetState(carNumber) + + if err != nil { + return nil, fmt.Errorf("Failed to read from world state. %s", err.Error()) + } + + if carAsBytes == nil { + return nil, fmt.Errorf("%s does not exist", carNumber) + } + + car := new(Car) + _ = json.Unmarshal(carAsBytes, car) + + return car, nil + } + + // QueryAllCars returns all cars found in world state + func (s *SmartContract) QueryAllCars(ctx contractapi.TransactionContextInterface) ([]QueryResult, error) { + startKey := "CAR0" + endKey := "CAR99" + + resultsIterator, err := ctx.GetStub().GetStateByRange(startKey, endKey) + + if err != nil { + return nil, err + } + defer resultsIterator.Close() + + results := []QueryResult{} + + for resultsIterator.HasNext() { + queryResponse, err := resultsIterator.Next() + + if err != nil { + return nil, err + } + + car := new(Car) + _ = json.Unmarshal(queryResponse.Value, car) + + queryResult := QueryResult{Key: queryResponse.Key, Record: car} + results = append(results, queryResult) + } + + return results, nil + } + + // ChangeCarOwner updates the owner field of car with given id in world state + func (s *SmartContract) ChangeCarOwner(ctx contractapi.TransactionContextInterface, carNumber string, newOwner string) error { + car, err := s.QueryCar(ctx, carNumber) + + if err != nil { + return err + } + + car.Owner = newOwner + + carAsBytes, _ := json.Marshal(car) + + return ctx.GetStub().PutState(carNumber, carAsBytes) + } + + // func main() { + + // chaincode, err := contractapi.NewChaincode(new(SmartContract)) + + // if err != nil { + // fmt.Printf("Error create fabcar chaincode: %s", err.Error()) + // return + // } + + // if err := chaincode.Start(); err != nil { + // fmt.Printf("Error starting fabcar chaincode: %s", err.Error()) + // } + // } + \ No newline at end of file diff --git a/mamba/example/external-chaincode/fabcar/go.mod b/mamba/example/external-chaincode/fabcar/go.mod new file mode 100644 index 0000000..bb2d208 --- /dev/null +++ b/mamba/example/external-chaincode/fabcar/go.mod @@ -0,0 +1,12 @@ +module github.com/fabcar + +go 1.14 + +require ( + github.com/hyperledger/fabric-chaincode-go v0.0.0-20200424173110-d7076418f212 + github.com/hyperledger/fabric-contract-api-go v1.1.0 + golang.org/x/net v0.0.0-20200202094626-16171245cfb2 // indirect + golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4 // indirect + golang.org/x/text v0.3.2 // indirect + google.golang.org/genproto v0.0.0-20200218151345-dad8c97a84f5 // indirect +) \ No newline at end of file From 41d7ba39c2c7174009d35c150974632b46b0b9dc Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 29 Jul 2020 09:07:54 +0000 Subject: [PATCH 23/52] Add external chaincode materials --- mamba/blockchain/start_network/commands.py | 19 +- mamba/config/core.yaml | 734 ++++++++++++++++++ mamba/scripts/buildpack/bin/build | 34 + mamba/scripts/buildpack/bin/detect | 25 + mamba/scripts/buildpack/bin/release | 33 + .../external-chaincode/chaincode-service.yaml | 16 + .../chaincode-stateful.yaml | 30 + mamba/template/peer-sts/peer-stateful.yaml | 21 +- 8 files changed, 897 insertions(+), 15 deletions(-) create mode 100644 mamba/config/core.yaml create mode 100755 mamba/scripts/buildpack/bin/build create mode 100755 mamba/scripts/buildpack/bin/detect create mode 100755 mamba/scripts/buildpack/bin/release create mode 100644 mamba/template/external-chaincode/chaincode-service.yaml create mode 100644 mamba/template/external-chaincode/chaincode-stateful.yaml diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index e21f818..9410f66 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -56,23 +56,16 @@ def start_network(): time.sleep(5) - # # Create crypto-config folder to contains artifacts - # update_folder() - - # if settings.ORDERER_TYPE == 'kafka': - # # Create new Zookeeper services - # setup_zookeeper() - # # Create new Kafka services - # setup_kafka() - # Run job to generate channel.tx, genesis.block gen_channel_artifact() - # Create new StatefullSet orderers - setup_all_orderer() + #TODO: Auto generate cpp, builder config map and apply external builder config map - # Create new StatefullSet peers - setup_all_peer() + # # Create new StatefullSet orderers + # setup_all_orderer() + + # # Create new StatefullSet peers + # setup_all_peer() # # Run jobs to generate application artifacts # generate_artifact() diff --git a/mamba/config/core.yaml b/mamba/config/core.yaml new file mode 100644 index 0000000..c383a30 --- /dev/null +++ b/mamba/config/core.yaml @@ -0,0 +1,734 @@ +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +############################################################################### +# +# Peer section +# +############################################################################### +peer: + + # The peer id provides a name for this peer instance and is used when + # naming docker resources. + id: jdoe + + # The networkId allows for logical separation of networks and is used when + # naming docker resources. + networkId: dev + + # The Address at local network interface this Peer will listen on. + # By default, it will listen on all network interfaces + listenAddress: 0.0.0.0:7051 + + # The endpoint this peer uses to listen for inbound chaincode connections. + # If this is commented-out, the listen address is selected to be + # the peer's address (see below) with port 7052 + # chaincodeListenAddress: 0.0.0.0:7052 + + # The endpoint the chaincode for this peer uses to connect to the peer. + # If this is not specified, the chaincodeListenAddress address is selected. + # And if chaincodeListenAddress is not specified, address is selected from + # peer address (see below). If specified peer address is invalid then it + # will fallback to the auto detected IP (local IP) regardless of the peer + # addressAutoDetect value. + # chaincodeAddress: 0.0.0.0:7052 + + # When used as peer config, this represents the endpoint to other peers + # in the same organization. For peers in other organization, see + # gossip.externalEndpoint for more info. + # When used as CLI config, this means the peer's endpoint to interact with + address: 0.0.0.0:7051 + + # Whether the Peer should programmatically determine its address + # This case is useful for docker containers. + # When set to true, will override peer address. + addressAutoDetect: false + + # Keepalive settings for peer server and clients + keepalive: + # Interval is the duration after which if the server does not see + # any activity from the client it pings the client to see if it's alive + interval: 7200s + # Timeout is the duration the server waits for a response + # from the client after sending a ping before closing the connection + timeout: 20s + # MinInterval is the minimum permitted time between client pings. + # If clients send pings more frequently, the peer server will + # disconnect them + minInterval: 60s + # Client keepalive settings for communicating with other peer nodes + client: + # Interval is the time between pings to peer nodes. This must + # greater than or equal to the minInterval specified by peer + # nodes + interval: 60s + # Timeout is the duration the client waits for a response from + # peer nodes before closing the connection + timeout: 20s + # DeliveryClient keepalive settings for communication with ordering + # nodes. + deliveryClient: + # Interval is the time between pings to ordering nodes. This must + # greater than or equal to the minInterval specified by ordering + # nodes. + interval: 60s + # Timeout is the duration the client waits for a response from + # ordering nodes before closing the connection + timeout: 20s + + + # Gossip related configuration + gossip: + # Bootstrap set to initialize gossip with. + # This is a list of other peers that this peer reaches out to at startup. + # Important: The endpoints here have to be endpoints of peers in the same + # organization, because the peer would refuse connecting to these endpoints + # unless they are in the same organization as the peer. + bootstrap: 127.0.0.1:7051 + + # NOTE: orgLeader and useLeaderElection parameters are mutual exclusive. + # Setting both to true would result in the termination of the peer + # since this is undefined state. If the peers are configured with + # useLeaderElection=false, make sure there is at least 1 peer in the + # organization that its orgLeader is set to true. + + # Defines whenever peer will initialize dynamic algorithm for + # "leader" selection, where leader is the peer to establish + # connection with ordering service and use delivery protocol + # to pull ledger blocks from ordering service. + useLeaderElection: false + # Statically defines peer to be an organization "leader", + # where this means that current peer will maintain connection + # with ordering service and disseminate block across peers in + # its own organization. Multiple peers or all peers in an organization + # may be configured as org leaders, so that they all pull + # blocks directly from ordering service. + orgLeader: true + + # Interval for membershipTracker polling + membershipTrackerInterval: 5s + + # Overrides the endpoint that the peer publishes to peers + # in its organization. For peers in foreign organizations + # see 'externalEndpoint' + endpoint: + # Maximum count of blocks stored in memory + maxBlockCountToStore: 10 + # Max time between consecutive message pushes(unit: millisecond) + maxPropagationBurstLatency: 10ms + # Max number of messages stored until a push is triggered to remote peers + maxPropagationBurstSize: 10 + # Number of times a message is pushed to remote peers + propagateIterations: 1 + # Number of peers selected to push messages to + propagatePeerNum: 3 + # Determines frequency of pull phases(unit: second) + # Must be greater than digestWaitTime + responseWaitTime + pullInterval: 4s + # Number of peers to pull from + pullPeerNum: 3 + # Determines frequency of pulling state info messages from peers(unit: second) + requestStateInfoInterval: 4s + # Determines frequency of pushing state info messages to peers(unit: second) + publishStateInfoInterval: 4s + # Maximum time a stateInfo message is kept until expired + stateInfoRetentionInterval: + # Time from startup certificates are included in Alive messages(unit: second) + publishCertPeriod: 10s + # Should we skip verifying block messages or not (currently not in use) + skipBlockVerification: false + # Dial timeout(unit: second) + dialTimeout: 3s + # Connection timeout(unit: second) + connTimeout: 2s + # Buffer size of received messages + recvBuffSize: 20 + # Buffer size of sending messages + sendBuffSize: 200 + # Time to wait before pull engine processes incoming digests (unit: second) + # Should be slightly smaller than requestWaitTime + digestWaitTime: 1s + # Time to wait before pull engine removes incoming nonce (unit: milliseconds) + # Should be slightly bigger than digestWaitTime + requestWaitTime: 1500ms + # Time to wait before pull engine ends pull (unit: second) + responseWaitTime: 2s + # Alive check interval(unit: second) + aliveTimeInterval: 5s + # Alive expiration timeout(unit: second) + aliveExpirationTimeout: 25s + # Reconnect interval(unit: second) + reconnectInterval: 25s + # Max number of attempts to connect to a peer + maxConnectionAttempts: 120 + # Message expiration factor for alive messages + msgExpirationFactor: 20 + # This is an endpoint that is published to peers outside of the organization. + # If this isn't set, the peer will not be known to other organizations. + externalEndpoint: + # Leader election service configuration + election: + # Longest time peer waits for stable membership during leader election startup (unit: second) + startupGracePeriod: 15s + # Interval gossip membership samples to check its stability (unit: second) + membershipSampleInterval: 1s + # Time passes since last declaration message before peer decides to perform leader election (unit: second) + leaderAliveThreshold: 10s + # Time between peer sends propose message and declares itself as a leader (sends declaration message) (unit: second) + leaderElectionDuration: 5s + + pvtData: + # pullRetryThreshold determines the maximum duration of time private data corresponding for a given block + # would be attempted to be pulled from peers until the block would be committed without the private data + pullRetryThreshold: 60s + # As private data enters the transient store, it is associated with the peer's ledger's height at that time. + # transientstoreMaxBlockRetention defines the maximum difference between the current ledger's height upon commit, + # and the private data residing inside the transient store that is guaranteed not to be purged. + # Private data is purged from the transient store when blocks with sequences that are multiples + # of transientstoreMaxBlockRetention are committed. + transientstoreMaxBlockRetention: 1000 + # pushAckTimeout is the maximum time to wait for an acknowledgement from each peer + # at private data push at endorsement time. + pushAckTimeout: 3s + # Block to live pulling margin, used as a buffer + # to prevent peer from trying to pull private data + # from peers that is soon to be purged in next N blocks. + # This helps a newly joined peer catch up to current + # blockchain height quicker. + btlPullMargin: 10 + # the process of reconciliation is done in an endless loop, while in each iteration reconciler tries to + # pull from the other peers the most recent missing blocks with a maximum batch size limitation. + # reconcileBatchSize determines the maximum batch size of missing private data that will be reconciled in a + # single iteration. + reconcileBatchSize: 10 + # reconcileSleepInterval determines the time reconciler sleeps from end of an iteration until the beginning + # of the next reconciliation iteration. + reconcileSleepInterval: 1m + # reconciliationEnabled is a flag that indicates whether private data reconciliation is enable or not. + reconciliationEnabled: true + # skipPullingInvalidTransactionsDuringCommit is a flag that indicates whether pulling of invalid + # transaction's private data from other peers need to be skipped during the commit time and pulled + # only through reconciler. + skipPullingInvalidTransactionsDuringCommit: false + # implicitCollectionDisseminationPolicy specifies the dissemination policy for the peer's own implicit collection. + # When a peer endorses a proposal that writes to its own implicit collection, below values override the default values + # for disseminating private data. + # Note that it is applicable to all channels the peer has joined. The implication is that requiredPeerCount has to + # be smaller than the number of peers in a channel that has the lowest numbers of peers from the organization. + implicitCollectionDisseminationPolicy: + # requiredPeerCount defines the minimum number of eligible peers to which the peer must successfully + # disseminate private data for its own implicit collection during endorsement. Default value is 0. + requiredPeerCount: 0 + # maxPeerCount defines the maximum number of eligible peers to which the peer will attempt to + # disseminate private data for its own implicit collection during endorsement. Default value is 1. + maxPeerCount: 1 + + # Gossip state transfer related configuration + state: + # indicates whenever state transfer is enabled or not + # default value is true, i.e. state transfer is active + # and takes care to sync up missing blocks allowing + # lagging peer to catch up to speed with rest network + enabled: false + # checkInterval interval to check whether peer is lagging behind enough to + # request blocks via state transfer from another peer. + checkInterval: 10s + # responseTimeout amount of time to wait for state transfer response from + # other peers + responseTimeout: 3s + # batchSize the number of blocks to request via state transfer from another peer + batchSize: 10 + # blockBufferSize reflects the size of the re-ordering buffer + # which captures blocks and takes care to deliver them in order + # down to the ledger layer. The actual buffer size is bounded between + # 0 and 2*blockBufferSize, each channel maintains its own buffer + blockBufferSize: 20 + # maxRetries maximum number of re-tries to ask + # for single state transfer request + maxRetries: 3 + + # TLS Settings + tls: + # Require server-side TLS + enabled: false + # Require client certificates / mutual TLS. + # Note that clients that are not configured to use a certificate will + # fail to connect to the peer. + clientAuthRequired: false + # X.509 certificate used for TLS server + cert: + file: tls/server.crt + # Private key used for TLS server (and client if clientAuthEnabled + # is set to true + key: + file: tls/server.key + # Trusted root certificate chain for tls.cert + rootcert: + file: tls/ca.crt + # Set of root certificate authorities used to verify client certificates + clientRootCAs: + files: + - tls/ca.crt + # Private key used for TLS when making client connections. If + # not set, peer.tls.key.file will be used instead + clientKey: + file: + # X.509 certificate used for TLS when making client connections. + # If not set, peer.tls.cert.file will be used instead + clientCert: + file: + + # Authentication contains configuration parameters related to authenticating + # client messages + authentication: + # the acceptable difference between the current server time and the + # client's time as specified in a client request message + timewindow: 15m + + # Path on the file system where peer will store data (eg ledger). This + # location must be access control protected to prevent unintended + # modification that might corrupt the peer operations. + fileSystemPath: /var/hyperledger/production + + # BCCSP (Blockchain crypto provider): Select which crypto implementation or + # library to use + BCCSP: + Default: SW + # Settings for the SW crypto provider (i.e. when DEFAULT: SW) + SW: + # TODO: The default Hash and Security level needs refactoring to be + # fully configurable. Changing these defaults requires coordination + # SHA2 is hardcoded in several places, not only BCCSP + Hash: SHA2 + Security: 256 + # Location of Key Store + FileKeyStore: + # If "", defaults to 'mspConfigPath'/keystore + KeyStore: + # Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11) + PKCS11: + # Location of the PKCS11 module library + Library: + # Token Label + Label: + # User PIN + Pin: + Hash: + Security: + + # Path on the file system where peer will find MSP local configurations + mspConfigPath: msp + + # Identifier of the local MSP + # ----!!!!IMPORTANT!!!-!!!IMPORTANT!!!-!!!IMPORTANT!!!!---- + # Deployers need to change the value of the localMspId string. + # In particular, the name of the local MSP ID of a peer needs + # to match the name of one of the MSPs in each of the channel + # that this peer is a member of. Otherwise this peer's messages + # will not be identified as valid by other nodes. + localMspId: SampleOrg + + # CLI common client config options + client: + # connection timeout + connTimeout: 3s + + # Delivery service related config + deliveryclient: + # It sets the total time the delivery service may spend in reconnection + # attempts until its retry logic gives up and returns an error + reconnectTotalTimeThreshold: 3600s + + # It sets the delivery service <-> ordering service node connection timeout + connTimeout: 3s + + # It sets the delivery service maximal delay between consecutive retries + reConnectBackoffThreshold: 3600s + + # A list of orderer endpoint addresses which should be overridden + # when found in channel configurations. + addressOverrides: + # - from: + # to: + # caCertsFile: + # - from: + # to: + # caCertsFile: + + # Type for the local MSP - by default it's of type bccsp + localMspType: bccsp + + # Used with Go profiling tools only in none production environment. In + # production, it should be disabled (eg enabled: false) + profile: + enabled: false + listenAddress: 0.0.0.0:6060 + + # Handlers defines custom handlers that can filter and mutate + # objects passing within the peer, such as: + # Auth filter - reject or forward proposals from clients + # Decorators - append or mutate the chaincode input passed to the chaincode + # Endorsers - Custom signing over proposal response payload and its mutation + # Valid handler definition contains: + # - A name which is a factory method name defined in + # core/handlers/library/library.go for statically compiled handlers + # - library path to shared object binary for pluggable filters + # Auth filters and decorators are chained and executed in the order that + # they are defined. For example: + # authFilters: + # - + # name: FilterOne + # library: /opt/lib/filter.so + # - + # name: FilterTwo + # decorators: + # - + # name: DecoratorOne + # - + # name: DecoratorTwo + # library: /opt/lib/decorator.so + # Endorsers are configured as a map that its keys are the endorsement system chaincodes that are being overridden. + # Below is an example that overrides the default ESCC and uses an endorsement plugin that has the same functionality + # as the default ESCC. + # If the 'library' property is missing, the name is used as the constructor method in the builtin library similar + # to auth filters and decorators. + # endorsers: + # escc: + # name: DefaultESCC + # library: /etc/hyperledger/fabric/plugin/escc.so + handlers: + authFilters: + - + name: DefaultAuth + - + name: ExpirationCheck # This filter checks identity x509 certificate expiration + decorators: + - + name: DefaultDecorator + endorsers: + escc: + name: DefaultEndorsement + library: + validators: + vscc: + name: DefaultValidation + library: + + # library: /etc/hyperledger/fabric/plugin/escc.so + # Number of goroutines that will execute transaction validation in parallel. + # By default, the peer chooses the number of CPUs on the machine. Set this + # variable to override that choice. + # NOTE: overriding this value might negatively influence the performance of + # the peer so please change this value only if you know what you're doing + validatorPoolSize: + + # The discovery service is used by clients to query information about peers, + # such as - which peers have joined a certain channel, what is the latest + # channel config, and most importantly - given a chaincode and a channel, + # what possible sets of peers satisfy the endorsement policy. + discovery: + enabled: true + # Whether the authentication cache is enabled or not. + authCacheEnabled: true + # The maximum size of the cache, after which a purge takes place + authCacheMaxSize: 1000 + # The proportion (0 to 1) of entries that remain in the cache after the cache is purged due to overpopulation + authCachePurgeRetentionRatio: 0.75 + # Whether to allow non-admins to perform non channel scoped queries. + # When this is false, it means that only peer admins can perform non channel scoped queries. + orgMembersAllowedAccess: false + + # Limits is used to configure some internal resource limits. + limits: + # Concurrency limits the number of concurrently running requests to a service on each peer. + # Currently this option is only applied to endorser service and deliver service. + # When the property is missing or the value is 0, the concurrency limit is disabled for the service. + concurrency: + # endorserService limits concurrent requests to endorser service that handles chaincode deployment, query and invocation, + # including both user chaincodes and system chaincodes. + endorserService: 2500 + # deliverService limits concurrent event listeners registered to deliver service for blocks and transaction events. + deliverService: 2500 + +############################################################################### +# +# VM section +# +############################################################################### +vm: + + # Endpoint of the vm management system. For docker can be one of the following in general + # unix:///var/run/docker.sock + # http://localhost:2375 + # https://localhost:2376 + endpoint: unix:///var/run/docker.sock + + # settings for docker vms + docker: + tls: + enabled: false + ca: + file: docker/ca.crt + cert: + file: docker/tls.crt + key: + file: docker/tls.key + + # Enables/disables the standard out/err from chaincode containers for + # debugging purposes + attachStdout: false + + # Parameters on creating docker container. + # Container may be efficiently created using ipam & dns-server for cluster + # NetworkMode - sets the networking mode for the container. Supported + # standard values are: `host`(default),`bridge`,`ipvlan`,`none`. + # Dns - a list of DNS servers for the container to use. + # Note: `Privileged` `Binds` `Links` and `PortBindings` properties of + # Docker Host Config are not supported and will not be used if set. + # LogConfig - sets the logging driver (Type) and related options + # (Config) for Docker. For more info, + # https://docs.docker.com/engine/admin/logging/overview/ + # Note: Set LogConfig using Environment Variables is not supported. + hostConfig: + NetworkMode: host + Dns: + # - 192.168.0.1 + LogConfig: + Type: json-file + Config: + max-size: "50m" + max-file: "5" + Memory: 2147483648 + +############################################################################### +# +# Chaincode section +# +############################################################################### +chaincode: + + # The id is used by the Chaincode stub to register the executing Chaincode + # ID with the Peer and is generally supplied through ENV variables + # the `path` form of ID is provided when installing the chaincode. + # The `name` is used for all other requests and can be any string. + id: + path: + name: + + # Generic builder environment, suitable for most chaincode types + builder: $(DOCKER_NS)/fabric-ccenv:$(TWO_DIGIT_VERSION) + + # Enables/disables force pulling of the base docker images (listed below) + # during user chaincode instantiation. + # Useful when using moving image tags (such as :latest) + pull: false + + golang: + # golang will never need more than baseos + runtime: $(DOCKER_NS)/fabric-baseos:$(TWO_DIGIT_VERSION) + + # whether or not golang chaincode should be linked dynamically + dynamicLink: false + + java: + # This is an image based on java:openjdk-8 with addition compiler + # tools added for java shim layer packaging. + # This image is packed with shim layer libraries that are necessary + # for Java chaincode runtime. + runtime: $(DOCKER_NS)/fabric-javaenv:$(TWO_DIGIT_VERSION) + + node: + # This is an image based on node:$(NODE_VER)-alpine + runtime: $(DOCKER_NS)/fabric-nodeenv:$(TWO_DIGIT_VERSION) + + # List of directories to treat as external builders and launchers for + # chaincode. The external builder detection processing will iterate over the + # builders in the order specified below. + externalBuilders: + - path: /builders/external + name: external-builder + propagateEnvironment: + - GOPROXY + + # The maximum duration to wait for the chaincode build and install process + # to complete. + installTimeout: 300s + + # Timeout duration for starting up a container and waiting for Register + # to come through. + startuptimeout: 300s + + # Timeout duration for Invoke and Init calls to prevent runaway. + # This timeout is used by all chaincodes in all the channels, including + # system chaincodes. + # Note that during Invoke, if the image is not available (e.g. being + # cleaned up when in development environment), the peer will automatically + # build the image, which might take more time. In production environment, + # the chaincode image is unlikely to be deleted, so the timeout could be + # reduced accordingly. + executetimeout: 30s + + # There are 2 modes: "dev" and "net". + # In dev mode, user runs the chaincode after starting peer from + # command line on local machine. + # In net mode, peer will run chaincode in a docker container. + mode: net + + # keepalive in seconds. In situations where the communication goes through a + # proxy that does not support keep-alive, this parameter will maintain connection + # between peer and chaincode. + # A value <= 0 turns keepalive off + keepalive: 0 + + # enabled system chaincodes + system: + _lifecycle: enable + cscc: enable + lscc: enable + escc: enable + vscc: enable + qscc: enable + + # Logging section for the chaincode container + logging: + # Default level for all loggers within the chaincode container + level: info + # Override default level for the 'shim' logger + shim: warning + # Format for the chaincode container logs + format: '%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}' + +############################################################################### +# +# Ledger section - ledger configuration encompasses both the blockchain +# and the state +# +############################################################################### +ledger: + + blockchain: + + state: + # stateDatabase - options are "goleveldb", "CouchDB" + # goleveldb - default state database stored in goleveldb. + # CouchDB - store state database in CouchDB + stateDatabase: goleveldb + # Limit on the number of records to return per query + totalQueryLimit: 100000 + couchDBConfig: + # It is recommended to run CouchDB on the same server as the peer, and + # not map the CouchDB container port to a server port in docker-compose. + # Otherwise proper security must be provided on the connection between + # CouchDB client (on the peer) and server. + couchDBAddress: 127.0.0.1:5984 + # This username must have read and write authority on CouchDB + username: + # The password is recommended to pass as an environment variable + # during start up (eg CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD). + # If it is stored here, the file must be access control protected + # to prevent unintended users from discovering the password. + password: + # Number of retries for CouchDB errors + maxRetries: 3 + # Number of retries for CouchDB errors during peer startup. + # The delay between retries doubles for each attempt. + # Default of 10 retries results in 11 attempts over 2 minutes. + maxRetriesOnStartup: 10 + # CouchDB request timeout (unit: duration, e.g. 20s) + requestTimeout: 35s + # Limit on the number of records per each CouchDB query + # Note that chaincode queries are only bound by totalQueryLimit. + # Internally the chaincode may execute multiple CouchDB queries, + # each of size internalQueryLimit. + internalQueryLimit: 1000 + # Limit on the number of records per CouchDB bulk update batch + maxBatchUpdateSize: 1000 + # Warm indexes after every N blocks. + # This option warms any indexes that have been + # deployed to CouchDB after every N blocks. + # A value of 1 will warm indexes after every block commit, + # to ensure fast selector queries. + # Increasing the value may improve write efficiency of peer and CouchDB, + # but may degrade query response time. + warmIndexesAfterNBlocks: 1 + # Create the _global_changes system database + # This is optional. Creating the global changes database will require + # additional system resources to track changes and maintain the database + createGlobalChangesDB: false + # CacheSize denotes the maximum mega bytes (MB) to be allocated for the in-memory state + # cache. Note that CacheSize needs to be a multiple of 32 MB. If it is not a multiple + # of 32 MB, the peer would round the size to the next multiple of 32 MB. + # To disable the cache, 0 MB needs to be assigned to the cacheSize. + cacheSize: 64 + + history: + # enableHistoryDatabase - options are true or false + # Indicates if the history of key updates should be stored. + # All history 'index' will be stored in goleveldb, regardless if using + # CouchDB or alternate database for the state. + enableHistoryDatabase: true + + pvtdataStore: + # the maximum db batch size for converting + # the ineligible missing data entries to eligible missing data entries + collElgProcMaxDbBatchSize: 5000 + # the minimum duration (in milliseconds) between writing + # two consecutive db batches for converting the ineligible missing data entries to eligible missing data entries + collElgProcDbBatchesInterval: 1000 + +############################################################################### +# +# Operations section +# +############################################################################### +operations: + # host and port for the operations server + listenAddress: 127.0.0.1:9443 + + # TLS configuration for the operations endpoint + tls: + # TLS enabled + enabled: false + + # path to PEM encoded server certificate for the operations server + cert: + file: + + # path to PEM encoded server key for the operations server + key: + file: + + # most operations service endpoints require client authentication when TLS + # is enabled. clientAuthRequired requires client certificate authentication + # at the TLS layer to access all resources. + clientAuthRequired: false + + # paths to PEM encoded ca certificates to trust for client authentication + clientRootCAs: + files: [] + +############################################################################### +# +# Metrics section +# +############################################################################### +metrics: + # metrics provider is one of statsd, prometheus, or disabled + provider: disabled + + # statsd configuration + statsd: + # network type: tcp or udp + network: udp + + # statsd server address + address: 127.0.0.1:8125 + + # the interval at which locally cached counters and gauges are pushed + # to statsd; timings are pushed immediately + writeInterval: 10s + + # prefix is prepended to all emitted statsd metrics + prefix: diff --git a/mamba/scripts/buildpack/bin/build b/mamba/scripts/buildpack/bin/build new file mode 100755 index 0000000..d8e65b6 --- /dev/null +++ b/mamba/scripts/buildpack/bin/build @@ -0,0 +1,34 @@ +#!/bin/sh + +# The bin/build script is responsible for building, compiling, or transforming the contents +# of a chaincode package into artifacts that can be used by release and run. +# +# The peer invokes build with three arguments: +# bin/build CHAINCODE_SOURCE_DIR CHAINCODE_METADATA_DIR BUILD_OUTPUT_DIR +# +# When build is invoked, CHAINCODE_SOURCE_DIR contains the chaincode source and +# CHAINCODE_METADATA_DIR contains the metadata.json file from the chaincode package installed to the peer. +# BUILD_OUTPUT_DIR is the directory where build must place artifacts needed by release and run. +# The build script should treat the input directories CHAINCODE_SOURCE_DIR and +# CHAINCODE_METADATA_DIR as read only, but the BUILD_OUTPUT_DIR is writeable. + +CHAINCODE_SOURCE_DIR="$1" +CHAINCODE_METADATA_DIR="$2" +BUILD_OUTPUT_DIR="$3" + +set -euo pipefail + +#external chaincodes expect connection.json file in the chaincode package +if [ ! -f "$CHAINCODE_SOURCE_DIR/connection.json" ]; then + >&2 echo "$CHAINCODE_SOURCE_DIR/connection.json not found" + exit 1 +fi + +#simply copy the endpoint information to specified output location +cp $CHAINCODE_SOURCE_DIR/connection.json $BUILD_OUTPUT_DIR/connection.json + +if [ -d "$CHAINCODE_SOURCE_DIR/metadata" ]; then + cp -a $CHAINCODE_SOURCE_DIR/metadata $BUILD_OUTPUT_DIR/metadata +fi + +exit 0 \ No newline at end of file diff --git a/mamba/scripts/buildpack/bin/detect b/mamba/scripts/buildpack/bin/detect new file mode 100755 index 0000000..8ba529d --- /dev/null +++ b/mamba/scripts/buildpack/bin/detect @@ -0,0 +1,25 @@ +#!/bin/sh + +# The bin/detect script is responsible for determining whether or not a buildpack +# should be used to build a chaincode package and launch it. +# +# The peer invokes detect with two arguments: +# bin/detect CHAINCODE_SOURCE_DIR CHAINCODE_METADATA_DIR +# +# When detect is invoked, CHAINCODE_SOURCE_DIR contains the chaincode source and +# CHAINCODE_METADATA_DIR contains the metadata.json file from the chaincode package installed to the peer. +# The CHAINCODE_SOURCE_DIR and CHAINCODE_METADATA_DIR should be treated as read only inputs. +# If the buildpack should be applied to the chaincode source package, detect must return an exit code of 0; +# any other exit code will indicate that the buildpack should not be applied. + +CHAINCODE_METADATA_DIR="$2" + +set -euo pipefail + +# use jq to extract the chaincode type from metadata.json and exit with +# success if the chaincode type is golang +if [ "$(cat "$CHAINCODE_METADATA_DIR/metadata.json" | sed -e 's/[{}]/''/g' | awk -F"[,:}]" '{for(i=1;i<=NF;i++){if($i~/'type'\042/){print $(i+1)}}}' | tr -d '"')" = "external" ]; then + exit 0 +fi + +exit 1 \ No newline at end of file diff --git a/mamba/scripts/buildpack/bin/release b/mamba/scripts/buildpack/bin/release new file mode 100755 index 0000000..42d0d1b --- /dev/null +++ b/mamba/scripts/buildpack/bin/release @@ -0,0 +1,33 @@ +#!/bin/sh + +# The bin/release script is responsible for providing chaincode metadata to the peer. +# bin/release is optional. If it is not provided, this step is skipped. +# +# The peer invokes release with two arguments: +# bin/release BUILD_OUTPUT_DIR RELEASE_OUTPUT_DIR +# +# When release is invoked, BUILD_OUTPUT_DIR contains the artifacts +# populated by the build program and should be treated as read only input. +# RELEASE_OUTPUT_DIR is the directory where release must place artifacts to be consumed by the peer. + +set -euo pipefail + +BUILD_OUTPUT_DIR="$1" +RELEASE_OUTPUT_DIR="$2" + +# copy indexes from metadata/* to the output directory +# if [ -d "$BUILD_OUTPUT_DIR/metadata" ] ; then +# cp -a "$BUILD_OUTPUT_DIR/metadata/"* "$RELEASE_OUTPUT_DIR/" +# fi + +#external chaincodes expect artifacts to be placed under "$RELEASE_OUTPUT_DIR"/chaincode/server +if [ -f $BUILD_OUTPUT_DIR/connection.json ]; then + mkdir -p "$RELEASE_OUTPUT_DIR"/chaincode/server + cp $BUILD_OUTPUT_DIR/connection.json "$RELEASE_OUTPUT_DIR"/chaincode/server + + #if tls_required is true, copy TLS files (using above example, the fully qualified path for these fils would be "$RELEASE_OUTPUT_DIR"/chaincode/server/tls) + + exit 0 +fi + +exit 1 \ No newline at end of file diff --git a/mamba/template/external-chaincode/chaincode-service.yaml b/mamba/template/external-chaincode/chaincode-service.yaml new file mode 100644 index 0000000..3ad4aea --- /dev/null +++ b/mamba/template/external-chaincode/chaincode-service.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: v1 +kind: Service +metadata: + namespace: {{ORG_DOMAIN}} + name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} +spec: + selector: + app: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + tier: {{ORG_DOMAIN}} + type: NodePort + ports: + - name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}}-port + protocol: TCP + port: 7052 + targetPort: 7052 diff --git a/mamba/template/external-chaincode/chaincode-stateful.yaml b/mamba/template/external-chaincode/chaincode-stateful.yaml new file mode 100644 index 0000000..bcd200b --- /dev/null +++ b/mamba/template/external-chaincode/chaincode-stateful.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + namespace: {{ORG_DOMAIN}} + name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} +spec: + serviceName: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + replicas: 1 + selector: + matchLabels: + app: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + tier: {{ORG_DOMAIN}} + template: + metadata: + labels: + app: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + tier: {{ORG_DOMAIN}} + spec: + containers: + - name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + image: {{CHAINCODE_IMAGE}} + env: + - name: CHAINCODE_CCID + value: {{CHAINCODE_PACKAGE_ID}} + - name: CHAINCODE_ADDRESS + value: "0.0.0.0:7052" + ports: + - containerPort: 7052 + imagePullPolicy: Always diff --git a/mamba/template/peer-sts/peer-stateful.yaml b/mamba/template/peer-sts/peer-stateful.yaml index 9e1cff3..6f52991 100644 --- a/mamba/template/peer-sts/peer-stateful.yaml +++ b/mamba/template/peer-sts/peer-stateful.yaml @@ -90,6 +90,8 @@ spec: # cpu: "200m" command: ["sh", "-c", "peer node start"] env: + - name: CORE_CHAINCODE_BUILDER + value: hyperledger/fabric-ccenv:{{FABRIC_TAG}} - name: CORE_PEER_ID value: peer{{PEER_INDEX}}-{{PEER_ORG}}.{{PEER_DOMAIN}} - name: CORE_PEER_GOSSIP_BOOTSTRAP @@ -155,8 +157,13 @@ spec: volumeMounts: - name: crypto-config mountPath: /shared - - mountPath: /host/var/run/docker.sock - name: dockersocket + - name: builders-config + mountPath: /etc/hyperledger/fabric/core.yaml + subPath: core.yaml + - name: external-builder + mountPath: /builders/external/bin + - name: dockersocket + mountPath: /host/var/run/docker.sock - name: peer{{PEER_INDEX}}-pvc-{{PEER_DOMAIN}} mountPath: /var/hyperledger/production volumes: @@ -164,6 +171,16 @@ spec: nfs: server: {{EFS_SERVER}} path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/crypto-config/{{PEER_ORG}}.{{PEER_DOMAIN}} + - name: builders-config + configMap: + name: builders-config + items: + - key: core.yaml + path: core.yaml + - name: external-builder + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-scripts/buildpack/bin/ - name: dockersocket hostPath: path: /var/run/docker.sock From 5435b0dc6cd68eb90a79db4bb5d8783a4a8774c5 Mon Sep 17 00:00:00 2001 From: harisato Date: Wed, 29 Jul 2020 09:12:22 +0000 Subject: [PATCH 24/52] Update admin template --- mamba/template/admin/admin-deployment.yaml | 64 ++++++++++++++-------- mamba/template/admin/admin-service.yaml | 9 ++- 2 files changed, 46 insertions(+), 27 deletions(-) diff --git a/mamba/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml index 0fe8ad4..61de779 100644 --- a/mamba/template/admin/admin-deployment.yaml +++ b/mamba/template/admin/admin-deployment.yaml @@ -2,37 +2,63 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - namespace: {{ORDERER_DOMAIN}} - name: admin-rca-ica + namespace: {{ORG_DOMAIN}} + name: admin-v2 spec: - serviceName: admin-rca-ica + serviceName: admin-v2 replicas: 1 selector: matchLabels: - app: admin-rca-ica - tier: {{ORDERER_DOMAIN}} + app: admin-v2 + tier: {{ORG_DOMAIN}} template: metadata: labels: - app: admin-rca-ica - tier: {{ORDERER_DOMAIN}} + app: admin-v2 + tier: {{ORG_DOMAIN}} spec: containers: - - name: admin-rca-ica - image: docker.pkg.github.com/akachain/akc-admin/master:v1.5.2 + - name: admin-v2 + image: docker.pkg.github.com/akachain/akc-admin/develop:2.0 ports: - containerPort: 4001 imagePullPolicy: Always env: + - name: CRYPTO_TYPE + value: mamba + - name: ORGS + value: "{{ORGDERER_NAME}} {{ORG_NAME}}" + - name: DOMAINS + value: "{{ORDERER_DOMAIN}} {{ORG_DOMAIN}}" - name: NODE_ENV value: development + - name: GOPATH + value: /data/app/artfifacts + - name: CORE_VM_ENDPOINT + value: unix:///host/var/run/docker.sock + - name: FABRIC_LOGGING_SPEC + value: INFO + - name: CORE_PEER_ID + value: cli + - name: CORE_PEER_ADDRESS + value: peer0-{{ORG_NAME}}.{{ORG_DOMAIN}}:7051 + - name: CORE_PEER_LOCALMSPID + value: {{ORG_NAME}}MSP + - name: CORE_PEER_TLS_ENABLED + value: "true" + - name: CORE_PEER_TLS_CERT_FILE + value: /shared/crypto-config/{{ORG_NAME}}.{{ORG_DOMAIN}}/peers/peer0-{{ORG_NAME}}.{{ORG_DOMAIN}}/tls/server.crt + - name: CORE_PEER_TLS_KEY_FILE + value: /shared/crypto-config/{{ORG_NAME}}.{{ORG_DOMAIN}}/peers/peer0-{{ORG_NAME}}.{{ORG_DOMAIN}}/tls/server.key + - name: CORE_PEER_TLS_ROOTCERT_FILE + value: /shared/crypto-config/{{ORG_NAME}}.{{ORG_DOMAIN}}/peers/peer0-{{ORG_NAME}}.{{ORG_DOMAIN}}/tls/tlsintermediatecerts/tls-ica-{{ORG_NAME}}-{{ORG_DOMAIN}}-7054.pem + - name: CORE_PEER_MSPCONFIGPATH + value: /shared/crypto-config/{{ORG_NAME}}.{{ORG_DOMAIN}}/users/admin/msp + - name: ORDERER_CA + value: /shared/crypto-config/{{ORGDERER_NAME}}.{{ORDERER_DOMAIN}}/orderers/orderer0-{{ORGDERER_NAME}}.{{ORDERER_DOMAIN}}/msp/tlsintermediatecerts/ica-{{ORGDERER_NAME}}-{{ORDERER_DOMAIN}}-7054.pem volumeMounts: - name: akc-ca-data mountPath: /shared/ - - name: crypto-store-efs - mountPath: /tmp/crypto-store/ - - name: crypto-path-efs - mountPath: /data/app/crypto-path/ - name: artifacts-efs mountPath: /data/app/artifacts/ volumes: @@ -40,18 +66,12 @@ spec: nfs: server: {{EFS_SERVER}} path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ - - name: crypto-store-efs - nfs: - server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/crypto-store/ - - name: crypto-path-efs - nfs: - server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/crypto-path/ - name: artifacts-efs nfs: server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/artifacts/ + # TODO: Wait for automation generate cpp + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ + # path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/artifacts/ imagePullSecrets: - name: mamba diff --git a/mamba/template/admin/admin-service.yaml b/mamba/template/admin/admin-service.yaml index ae3f8ef..e08af4a 100644 --- a/mamba/template/admin/admin-service.yaml +++ b/mamba/template/admin/admin-service.yaml @@ -2,16 +2,15 @@ apiVersion: v1 kind: Service metadata: - namespace: {{ORDERER_DOMAIN}} - name: admin-rca-ica + namespace: {{ORG_DOMAIN}} + name: admin-v2 spec: selector: - app: admin-rca-ica - tier: {{ORDERER_DOMAIN}} + app: admin-v2 + tier: {{ORG_DOMAIN}} type: NodePort ports: - name: admin-port protocol: TCP port: 4001 targetPort: 4001 - # nodePort: 32330 From f03572b86b1ac96c23c05edb320b97ca4c052f55 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 10:31:15 +0000 Subject: [PATCH 25/52] Add external chaincode service --- .../blockchain/external_chaincode/__init__.py | 0 .../blockchain/external_chaincode/commands.py | 82 +++++++++++++++++++ mamba/mamba.py | 3 + .../external-chaincode/chaincode-service.yaml | 10 +-- .../chaincode-stateful.yaml | 16 ++-- 5 files changed, 98 insertions(+), 13 deletions(-) create mode 100644 mamba/blockchain/external_chaincode/__init__.py create mode 100644 mamba/blockchain/external_chaincode/commands.py diff --git a/mamba/blockchain/external_chaincode/__init__.py b/mamba/blockchain/external_chaincode/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/external_chaincode/commands.py b/mamba/blockchain/external_chaincode/commands.py new file mode 100644 index 0000000..31b7f56 --- /dev/null +++ b/mamba/blockchain/external_chaincode/commands.py @@ -0,0 +1,82 @@ +import click +from kubernetes import client +from os import path +from utils import hiss, util +import settings + +def deploy_external_cc(peer, cc_name, cc_image, cc_package_id): + # Get domain + domain = util.get_domain(peer) + + # Create temp folder & namespace + settings.k8s.prereqs(domain) + + # Create config map + k8s_template_file = '%s/external-chaincode/chaincode-stateful.yaml' % util.get_k8s_template_path() + dict_env = { + 'PEER_NAME': peer, + 'PEER_DOMAIN': domain, + 'CHAINCODE_NAME': cc_name, + 'CHAINCODE_IMAGE': cc_image, + 'CHAINCODE_PACKAGE_ID': cc_package_id + } + settings.k8s.apply_yaml_from_template( + namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) + + chaincode_service = '%s/external-chaincode/chaincode-service.yaml' % util.get_k8s_template_path() + settings.k8s.apply_yaml_from_template( + namespace=domain, k8s_template_file=chaincode_service, dict_env=dict_env) + +def config_peer(peer): + # Get domain + domain = util.get_domain(peer) + + # Create temp folder & namespace + settings.k8s.prereqs(domain) + + # Create config map + k8s_template_file = '%s/external-chaincode/builders-config.yaml' % util.get_k8s_template_path() + dict_env = { + 'PEER_DOMAIN': domain + } + settings.k8s.apply_yaml_from_template( + namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) + +def deploy_all_external_cc(ccname, ccimage, packageid): + orgs = settings.PEER_ORGS.split(' ') + # TODO: Multiprocess + for org in orgs: + deploy_external_cc(org, ccname, ccimage, packageid) + +def config_all_peer(): + orgs = settings.PEER_ORGS.split(' ') + # TODO: Multiprocess + for org in orgs: + config_peer(org) + +def del_config(): + print('TODO') + +@click.group() + +def externalCC(): + """External Chaincode""" + pass + +@externalCC.command('config', short_help="Create config map") +def config(): + hiss.rattle('Create config map') + config_all_peer() + +@externalCC.command('deploy', short_help="Deploy external chaincode") +@click.option('--ccname', help="Chaincode name") +@click.option('--ccimage', help="Chaincode image") +@click.option('--packageid', help="Chaincode package Id") +def deploy(ccname, ccimage, packageid): + hiss.rattle('Deploy external chaincode') + deploy_all_external_cc(ccname, ccimage, packageid) + +@externalCC.command('delConfig', short_help="Delete config map") +def delete(): + hiss.rattle('Delete config map') + del_config() diff --git a/mamba/mamba.py b/mamba/mamba.py index 2a0ef4a..f17c34a 100644 --- a/mamba/mamba.py +++ b/mamba/mamba.py @@ -36,6 +36,8 @@ from blockchain.create_org.commands import create_org from blockchain.update_channel_config.commands import channel_config +from blockchain.external_chaincode.commands import externalCC + @click.group(invoke_without_command=True) @click.option('-config', default='config/.env') @@ -77,6 +79,7 @@ def mamba(config, set_default): mamba.add_command(create_org) mamba.add_command(channel_config) mamba.add_command(anchor_peer) +mamba.add_command(externalCC) if __name__ == '__main__': mamba() \ No newline at end of file diff --git a/mamba/template/external-chaincode/chaincode-service.yaml b/mamba/template/external-chaincode/chaincode-service.yaml index 3ad4aea..b218710 100644 --- a/mamba/template/external-chaincode/chaincode-service.yaml +++ b/mamba/template/external-chaincode/chaincode-service.yaml @@ -2,15 +2,15 @@ apiVersion: v1 kind: Service metadata: - namespace: {{ORG_DOMAIN}} - name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + namespace: {{PEER_DOMAIN}} + name: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} spec: selector: - app: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} - tier: {{ORG_DOMAIN}} + app: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} + tier: {{PEER_DOMAIN}} type: NodePort ports: - - name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}}-port + - name: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}}-port protocol: TCP port: 7052 targetPort: 7052 diff --git a/mamba/template/external-chaincode/chaincode-stateful.yaml b/mamba/template/external-chaincode/chaincode-stateful.yaml index bcd200b..13927f6 100644 --- a/mamba/template/external-chaincode/chaincode-stateful.yaml +++ b/mamba/template/external-chaincode/chaincode-stateful.yaml @@ -2,23 +2,23 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - namespace: {{ORG_DOMAIN}} - name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + namespace: {{PEER_DOMAIN}} + name: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} spec: - serviceName: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + serviceName: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} replicas: 1 selector: matchLabels: - app: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} - tier: {{ORG_DOMAIN}} + app: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} + tier: {{PEER_DOMAIN}} template: metadata: labels: - app: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} - tier: {{ORG_DOMAIN}} + app: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} + tier: {{PEER_DOMAIN}} spec: containers: - - name: chaincode-{{CHAINCODE_NAME}}-{{ORG_NAME}} + - name: chaincode-{{CHAINCODE_NAME}}-{{PEER_NAME}} image: {{CHAINCODE_IMAGE}} env: - name: CHAINCODE_CCID From 8b8d64f83177d7348d01bae41629f68a6ea8b3eb Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 10:31:48 +0000 Subject: [PATCH 26/52] Add builder config template --- .../external-chaincode/builders-config.yaml | 743 ++++++++++++++++++ 1 file changed, 743 insertions(+) create mode 100644 mamba/template/external-chaincode/builders-config.yaml diff --git a/mamba/template/external-chaincode/builders-config.yaml b/mamba/template/external-chaincode/builders-config.yaml new file mode 100644 index 0000000..924f6b9 --- /dev/null +++ b/mamba/template/external-chaincode/builders-config.yaml @@ -0,0 +1,743 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: builders-config + namespace: {{PEER_DOMAIN}} + labels: + app: hyperledger +data: + core.yaml: | + # Copyright IBM Corp. All Rights Reserved. + # + # SPDX-License-Identifier: Apache-2.0 + # + + ############################################################################### + # + # Peer section + # + ############################################################################### + peer: + + # The peer id provides a name for this peer instance and is used when + # naming docker resources. + id: jdoe + + # The networkId allows for logical separation of networks and is used when + # naming docker resources. + networkId: dev + + # The Address at local network interface this Peer will listen on. + # By default, it will listen on all network interfaces + listenAddress: 0.0.0.0:7051 + + # The endpoint this peer uses to listen for inbound chaincode connections. + # If this is commented-out, the listen address is selected to be + # the peer's address (see below) with port 7052 + # chaincodeListenAddress: 0.0.0.0:7052 + + # The endpoint the chaincode for this peer uses to connect to the peer. + # If this is not specified, the chaincodeListenAddress address is selected. + # And if chaincodeListenAddress is not specified, address is selected from + # peer address (see below). If specified peer address is invalid then it + # will fallback to the auto detected IP (local IP) regardless of the peer + # addressAutoDetect value. + # chaincodeAddress: 0.0.0.0:7052 + + # When used as peer config, this represents the endpoint to other peers + # in the same organization. For peers in other organization, see + # gossip.externalEndpoint for more info. + # When used as CLI config, this means the peer's endpoint to interact with + address: 0.0.0.0:7051 + + # Whether the Peer should programmatically determine its address + # This case is useful for docker containers. + # When set to true, will override peer address. + addressAutoDetect: false + + # Keepalive settings for peer server and clients + keepalive: + # Interval is the duration after which if the server does not see + # any activity from the client it pings the client to see if it's alive + interval: 7200s + # Timeout is the duration the server waits for a response + # from the client after sending a ping before closing the connection + timeout: 20s + # MinInterval is the minimum permitted time between client pings. + # If clients send pings more frequently, the peer server will + # disconnect them + minInterval: 60s + # Client keepalive settings for communicating with other peer nodes + client: + # Interval is the time between pings to peer nodes. This must + # greater than or equal to the minInterval specified by peer + # nodes + interval: 60s + # Timeout is the duration the client waits for a response from + # peer nodes before closing the connection + timeout: 20s + # DeliveryClient keepalive settings for communication with ordering + # nodes. + deliveryClient: + # Interval is the time between pings to ordering nodes. This must + # greater than or equal to the minInterval specified by ordering + # nodes. + interval: 60s + # Timeout is the duration the client waits for a response from + # ordering nodes before closing the connection + timeout: 20s + + + # Gossip related configuration + gossip: + # Bootstrap set to initialize gossip with. + # This is a list of other peers that this peer reaches out to at startup. + # Important: The endpoints here have to be endpoints of peers in the same + # organization, because the peer would refuse connecting to these endpoints + # unless they are in the same organization as the peer. + bootstrap: 127.0.0.1:7051 + + # NOTE: orgLeader and useLeaderElection parameters are mutual exclusive. + # Setting both to true would result in the termination of the peer + # since this is undefined state. If the peers are configured with + # useLeaderElection=false, make sure there is at least 1 peer in the + # organization that its orgLeader is set to true. + + # Defines whenever peer will initialize dynamic algorithm for + # "leader" selection, where leader is the peer to establish + # connection with ordering service and use delivery protocol + # to pull ledger blocks from ordering service. + useLeaderElection: false + # Statically defines peer to be an organization "leader", + # where this means that current peer will maintain connection + # with ordering service and disseminate block across peers in + # its own organization. Multiple peers or all peers in an organization + # may be configured as org leaders, so that they all pull + # blocks directly from ordering service. + orgLeader: true + + # Interval for membershipTracker polling + membershipTrackerInterval: 5s + + # Overrides the endpoint that the peer publishes to peers + # in its organization. For peers in foreign organizations + # see 'externalEndpoint' + endpoint: + # Maximum count of blocks stored in memory + maxBlockCountToStore: 10 + # Max time between consecutive message pushes(unit: millisecond) + maxPropagationBurstLatency: 10ms + # Max number of messages stored until a push is triggered to remote peers + maxPropagationBurstSize: 10 + # Number of times a message is pushed to remote peers + propagateIterations: 1 + # Number of peers selected to push messages to + propagatePeerNum: 3 + # Determines frequency of pull phases(unit: second) + # Must be greater than digestWaitTime + responseWaitTime + pullInterval: 4s + # Number of peers to pull from + pullPeerNum: 3 + # Determines frequency of pulling state info messages from peers(unit: second) + requestStateInfoInterval: 4s + # Determines frequency of pushing state info messages to peers(unit: second) + publishStateInfoInterval: 4s + # Maximum time a stateInfo message is kept until expired + stateInfoRetentionInterval: + # Time from startup certificates are included in Alive messages(unit: second) + publishCertPeriod: 10s + # Should we skip verifying block messages or not (currently not in use) + skipBlockVerification: false + # Dial timeout(unit: second) + dialTimeout: 3s + # Connection timeout(unit: second) + connTimeout: 2s + # Buffer size of received messages + recvBuffSize: 20 + # Buffer size of sending messages + sendBuffSize: 200 + # Time to wait before pull engine processes incoming digests (unit: second) + # Should be slightly smaller than requestWaitTime + digestWaitTime: 1s + # Time to wait before pull engine removes incoming nonce (unit: milliseconds) + # Should be slightly bigger than digestWaitTime + requestWaitTime: 1500ms + # Time to wait before pull engine ends pull (unit: second) + responseWaitTime: 2s + # Alive check interval(unit: second) + aliveTimeInterval: 5s + # Alive expiration timeout(unit: second) + aliveExpirationTimeout: 25s + # Reconnect interval(unit: second) + reconnectInterval: 25s + # Max number of attempts to connect to a peer + maxConnectionAttempts: 120 + # Message expiration factor for alive messages + msgExpirationFactor: 20 + # This is an endpoint that is published to peers outside of the organization. + # If this isn't set, the peer will not be known to other organizations. + externalEndpoint: + # Leader election service configuration + election: + # Longest time peer waits for stable membership during leader election startup (unit: second) + startupGracePeriod: 15s + # Interval gossip membership samples to check its stability (unit: second) + membershipSampleInterval: 1s + # Time passes since last declaration message before peer decides to perform leader election (unit: second) + leaderAliveThreshold: 10s + # Time between peer sends propose message and declares itself as a leader (sends declaration message) (unit: second) + leaderElectionDuration: 5s + + pvtData: + # pullRetryThreshold determines the maximum duration of time private data corresponding for a given block + # would be attempted to be pulled from peers until the block would be committed without the private data + pullRetryThreshold: 60s + # As private data enters the transient store, it is associated with the peer's ledger's height at that time. + # transientstoreMaxBlockRetention defines the maximum difference between the current ledger's height upon commit, + # and the private data residing inside the transient store that is guaranteed not to be purged. + # Private data is purged from the transient store when blocks with sequences that are multiples + # of transientstoreMaxBlockRetention are committed. + transientstoreMaxBlockRetention: 1000 + # pushAckTimeout is the maximum time to wait for an acknowledgement from each peer + # at private data push at endorsement time. + pushAckTimeout: 3s + # Block to live pulling margin, used as a buffer + # to prevent peer from trying to pull private data + # from peers that is soon to be purged in next N blocks. + # This helps a newly joined peer catch up to current + # blockchain height quicker. + btlPullMargin: 10 + # the process of reconciliation is done in an endless loop, while in each iteration reconciler tries to + # pull from the other peers the most recent missing blocks with a maximum batch size limitation. + # reconcileBatchSize determines the maximum batch size of missing private data that will be reconciled in a + # single iteration. + reconcileBatchSize: 10 + # reconcileSleepInterval determines the time reconciler sleeps from end of an iteration until the beginning + # of the next reconciliation iteration. + reconcileSleepInterval: 1m + # reconciliationEnabled is a flag that indicates whether private data reconciliation is enable or not. + reconciliationEnabled: true + # skipPullingInvalidTransactionsDuringCommit is a flag that indicates whether pulling of invalid + # transaction's private data from other peers need to be skipped during the commit time and pulled + # only through reconciler. + skipPullingInvalidTransactionsDuringCommit: false + # implicitCollectionDisseminationPolicy specifies the dissemination policy for the peer's own implicit collection. + # When a peer endorses a proposal that writes to its own implicit collection, below values override the default values + # for disseminating private data. + # Note that it is applicable to all channels the peer has joined. The implication is that requiredPeerCount has to + # be smaller than the number of peers in a channel that has the lowest numbers of peers from the organization. + implicitCollectionDisseminationPolicy: + # requiredPeerCount defines the minimum number of eligible peers to which the peer must successfully + # disseminate private data for its own implicit collection during endorsement. Default value is 0. + requiredPeerCount: 0 + # maxPeerCount defines the maximum number of eligible peers to which the peer will attempt to + # disseminate private data for its own implicit collection during endorsement. Default value is 1. + maxPeerCount: 1 + + # Gossip state transfer related configuration + state: + # indicates whenever state transfer is enabled or not + # default value is true, i.e. state transfer is active + # and takes care to sync up missing blocks allowing + # lagging peer to catch up to speed with rest network + enabled: false + # checkInterval interval to check whether peer is lagging behind enough to + # request blocks via state transfer from another peer. + checkInterval: 10s + # responseTimeout amount of time to wait for state transfer response from + # other peers + responseTimeout: 3s + # batchSize the number of blocks to request via state transfer from another peer + batchSize: 10 + # blockBufferSize reflects the size of the re-ordering buffer + # which captures blocks and takes care to deliver them in order + # down to the ledger layer. The actual buffer size is bounded between + # 0 and 2*blockBufferSize, each channel maintains its own buffer + blockBufferSize: 20 + # maxRetries maximum number of re-tries to ask + # for single state transfer request + maxRetries: 3 + + # TLS Settings + tls: + # Require server-side TLS + enabled: false + # Require client certificates / mutual TLS. + # Note that clients that are not configured to use a certificate will + # fail to connect to the peer. + clientAuthRequired: false + # X.509 certificate used for TLS server + cert: + file: tls/server.crt + # Private key used for TLS server (and client if clientAuthEnabled + # is set to true + key: + file: tls/server.key + # Trusted root certificate chain for tls.cert + rootcert: + file: tls/ca.crt + # Set of root certificate authorities used to verify client certificates + clientRootCAs: + files: + - tls/ca.crt + # Private key used for TLS when making client connections. If + # not set, peer.tls.key.file will be used instead + clientKey: + file: + # X.509 certificate used for TLS when making client connections. + # If not set, peer.tls.cert.file will be used instead + clientCert: + file: + + # Authentication contains configuration parameters related to authenticating + # client messages + authentication: + # the acceptable difference between the current server time and the + # client's time as specified in a client request message + timewindow: 15m + + # Path on the file system where peer will store data (eg ledger). This + # location must be access control protected to prevent unintended + # modification that might corrupt the peer operations. + fileSystemPath: /var/hyperledger/production + + # BCCSP (Blockchain crypto provider): Select which crypto implementation or + # library to use + BCCSP: + Default: SW + # Settings for the SW crypto provider (i.e. when DEFAULT: SW) + SW: + # TODO: The default Hash and Security level needs refactoring to be + # fully configurable. Changing these defaults requires coordination + # SHA2 is hardcoded in several places, not only BCCSP + Hash: SHA2 + Security: 256 + # Location of Key Store + FileKeyStore: + # If "", defaults to 'mspConfigPath'/keystore + KeyStore: + # Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11) + PKCS11: + # Location of the PKCS11 module library + Library: + # Token Label + Label: + # User PIN + Pin: + Hash: + Security: + + # Path on the file system where peer will find MSP local configurations + mspConfigPath: msp + + # Identifier of the local MSP + # ----!!!!IMPORTANT!!!-!!!IMPORTANT!!!-!!!IMPORTANT!!!!---- + # Deployers need to change the value of the localMspId string. + # In particular, the name of the local MSP ID of a peer needs + # to match the name of one of the MSPs in each of the channel + # that this peer is a member of. Otherwise this peer's messages + # will not be identified as valid by other nodes. + localMspId: SampleOrg + + # CLI common client config options + client: + # connection timeout + connTimeout: 3s + + # Delivery service related config + deliveryclient: + # It sets the total time the delivery service may spend in reconnection + # attempts until its retry logic gives up and returns an error + reconnectTotalTimeThreshold: 3600s + + # It sets the delivery service <-> ordering service node connection timeout + connTimeout: 3s + + # It sets the delivery service maximal delay between consecutive retries + reConnectBackoffThreshold: 3600s + + # A list of orderer endpoint addresses which should be overridden + # when found in channel configurations. + addressOverrides: + # - from: + # to: + # caCertsFile: + # - from: + # to: + # caCertsFile: + + # Type for the local MSP - by default it's of type bccsp + localMspType: bccsp + + # Used with Go profiling tools only in none production environment. In + # production, it should be disabled (eg enabled: false) + profile: + enabled: false + listenAddress: 0.0.0.0:6060 + + # Handlers defines custom handlers that can filter and mutate + # objects passing within the peer, such as: + # Auth filter - reject or forward proposals from clients + # Decorators - append or mutate the chaincode input passed to the chaincode + # Endorsers - Custom signing over proposal response payload and its mutation + # Valid handler definition contains: + # - A name which is a factory method name defined in + # core/handlers/library/library.go for statically compiled handlers + # - library path to shared object binary for pluggable filters + # Auth filters and decorators are chained and executed in the order that + # they are defined. For example: + # authFilters: + # - + # name: FilterOne + # library: /opt/lib/filter.so + # - + # name: FilterTwo + # decorators: + # - + # name: DecoratorOne + # - + # name: DecoratorTwo + # library: /opt/lib/decorator.so + # Endorsers are configured as a map that its keys are the endorsement system chaincodes that are being overridden. + # Below is an example that overrides the default ESCC and uses an endorsement plugin that has the same functionality + # as the default ESCC. + # If the 'library' property is missing, the name is used as the constructor method in the builtin library similar + # to auth filters and decorators. + # endorsers: + # escc: + # name: DefaultESCC + # library: /etc/hyperledger/fabric/plugin/escc.so + handlers: + authFilters: + - + name: DefaultAuth + - + name: ExpirationCheck # This filter checks identity x509 certificate expiration + decorators: + - + name: DefaultDecorator + endorsers: + escc: + name: DefaultEndorsement + library: + validators: + vscc: + name: DefaultValidation + library: + + # library: /etc/hyperledger/fabric/plugin/escc.so + # Number of goroutines that will execute transaction validation in parallel. + # By default, the peer chooses the number of CPUs on the machine. Set this + # variable to override that choice. + # NOTE: overriding this value might negatively influence the performance of + # the peer so please change this value only if you know what you're doing + validatorPoolSize: + + # The discovery service is used by clients to query information about peers, + # such as - which peers have joined a certain channel, what is the latest + # channel config, and most importantly - given a chaincode and a channel, + # what possible sets of peers satisfy the endorsement policy. + discovery: + enabled: true + # Whether the authentication cache is enabled or not. + authCacheEnabled: true + # The maximum size of the cache, after which a purge takes place + authCacheMaxSize: 1000 + # The proportion (0 to 1) of entries that remain in the cache after the cache is purged due to overpopulation + authCachePurgeRetentionRatio: 0.75 + # Whether to allow non-admins to perform non channel scoped queries. + # When this is false, it means that only peer admins can perform non channel scoped queries. + orgMembersAllowedAccess: false + + # Limits is used to configure some internal resource limits. + limits: + # Concurrency limits the number of concurrently running requests to a service on each peer. + # Currently this option is only applied to endorser service and deliver service. + # When the property is missing or the value is 0, the concurrency limit is disabled for the service. + concurrency: + # endorserService limits concurrent requests to endorser service that handles chaincode deployment, query and invocation, + # including both user chaincodes and system chaincodes. + endorserService: 2500 + # deliverService limits concurrent event listeners registered to deliver service for blocks and transaction events. + deliverService: 2500 + + ############################################################################### + # + # VM section + # + ############################################################################### + vm: + + # Endpoint of the vm management system. For docker can be one of the following in general + # unix:///var/run/docker.sock + # http://localhost:2375 + # https://localhost:2376 + endpoint: unix:///var/run/docker.sock + + # settings for docker vms + docker: + tls: + enabled: false + ca: + file: docker/ca.crt + cert: + file: docker/tls.crt + key: + file: docker/tls.key + + # Enables/disables the standard out/err from chaincode containers for + # debugging purposes + attachStdout: false + + # Parameters on creating docker container. + # Container may be efficiently created using ipam & dns-server for cluster + # NetworkMode - sets the networking mode for the container. Supported + # standard values are: `host`(default),`bridge`,`ipvlan`,`none`. + # Dns - a list of DNS servers for the container to use. + # Note: `Privileged` `Binds` `Links` and `PortBindings` properties of + # Docker Host Config are not supported and will not be used if set. + # LogConfig - sets the logging driver (Type) and related options + # (Config) for Docker. For more info, + # https://docs.docker.com/engine/admin/logging/overview/ + # Note: Set LogConfig using Environment Variables is not supported. + hostConfig: + NetworkMode: host + Dns: + # - 192.168.0.1 + LogConfig: + Type: json-file + Config: + max-size: "50m" + max-file: "5" + Memory: 2147483648 + + ############################################################################### + # + # Chaincode section + # + ############################################################################### + chaincode: + + # The id is used by the Chaincode stub to register the executing Chaincode + # ID with the Peer and is generally supplied through ENV variables + # the `path` form of ID is provided when installing the chaincode. + # The `name` is used for all other requests and can be any string. + id: + path: + name: + + # Generic builder environment, suitable for most chaincode types + builder: $(DOCKER_NS)/fabric-ccenv:$(TWO_DIGIT_VERSION) + + # Enables/disables force pulling of the base docker images (listed below) + # during user chaincode instantiation. + # Useful when using moving image tags (such as :latest) + pull: false + + golang: + # golang will never need more than baseos + runtime: $(DOCKER_NS)/fabric-baseos:$(TWO_DIGIT_VERSION) + + # whether or not golang chaincode should be linked dynamically + dynamicLink: false + + java: + # This is an image based on java:openjdk-8 with addition compiler + # tools added for java shim layer packaging. + # This image is packed with shim layer libraries that are necessary + # for Java chaincode runtime. + runtime: $(DOCKER_NS)/fabric-javaenv:$(TWO_DIGIT_VERSION) + + node: + # This is an image based on node:$(NODE_VER)-alpine + runtime: $(DOCKER_NS)/fabric-nodeenv:$(TWO_DIGIT_VERSION) + + # List of directories to treat as external builders and launchers for + # chaincode. The external builder detection processing will iterate over the + # builders in the order specified below. + externalBuilders: + - path: /builders/external + name: external-builder + propagateEnvironment: + - GOPROXY + + # The maximum duration to wait for the chaincode build and install process + # to complete. + installTimeout: 300s + + # Timeout duration for starting up a container and waiting for Register + # to come through. + startuptimeout: 300s + + # Timeout duration for Invoke and Init calls to prevent runaway. + # This timeout is used by all chaincodes in all the channels, including + # system chaincodes. + # Note that during Invoke, if the image is not available (e.g. being + # cleaned up when in development environment), the peer will automatically + # build the image, which might take more time. In production environment, + # the chaincode image is unlikely to be deleted, so the timeout could be + # reduced accordingly. + executetimeout: 30s + + # There are 2 modes: "dev" and "net". + # In dev mode, user runs the chaincode after starting peer from + # command line on local machine. + # In net mode, peer will run chaincode in a docker container. + mode: net + + # keepalive in seconds. In situations where the communication goes through a + # proxy that does not support keep-alive, this parameter will maintain connection + # between peer and chaincode. + # A value <= 0 turns keepalive off + keepalive: 0 + + # enabled system chaincodes + system: + _lifecycle: enable + cscc: enable + lscc: enable + escc: enable + vscc: enable + qscc: enable + + # Logging section for the chaincode container + logging: + # Default level for all loggers within the chaincode container + level: info + # Override default level for the 'shim' logger + shim: warning + # Format for the chaincode container logs + format: '%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}' + + ############################################################################### + # + # Ledger section - ledger configuration encompasses both the blockchain + # and the state + # + ############################################################################### + ledger: + + blockchain: + + state: + # stateDatabase - options are "goleveldb", "CouchDB" + # goleveldb - default state database stored in goleveldb. + # CouchDB - store state database in CouchDB + stateDatabase: goleveldb + # Limit on the number of records to return per query + totalQueryLimit: 100000 + couchDBConfig: + # It is recommended to run CouchDB on the same server as the peer, and + # not map the CouchDB container port to a server port in docker-compose. + # Otherwise proper security must be provided on the connection between + # CouchDB client (on the peer) and server. + couchDBAddress: 127.0.0.1:5984 + # This username must have read and write authority on CouchDB + username: + # The password is recommended to pass as an environment variable + # during start up (eg CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD). + # If it is stored here, the file must be access control protected + # to prevent unintended users from discovering the password. + password: + # Number of retries for CouchDB errors + maxRetries: 3 + # Number of retries for CouchDB errors during peer startup. + # The delay between retries doubles for each attempt. + # Default of 10 retries results in 11 attempts over 2 minutes. + maxRetriesOnStartup: 10 + # CouchDB request timeout (unit: duration, e.g. 20s) + requestTimeout: 35s + # Limit on the number of records per each CouchDB query + # Note that chaincode queries are only bound by totalQueryLimit. + # Internally the chaincode may execute multiple CouchDB queries, + # each of size internalQueryLimit. + internalQueryLimit: 1000 + # Limit on the number of records per CouchDB bulk update batch + maxBatchUpdateSize: 1000 + # Warm indexes after every N blocks. + # This option warms any indexes that have been + # deployed to CouchDB after every N blocks. + # A value of 1 will warm indexes after every block commit, + # to ensure fast selector queries. + # Increasing the value may improve write efficiency of peer and CouchDB, + # but may degrade query response time. + warmIndexesAfterNBlocks: 1 + # Create the _global_changes system database + # This is optional. Creating the global changes database will require + # additional system resources to track changes and maintain the database + createGlobalChangesDB: false + # CacheSize denotes the maximum mega bytes (MB) to be allocated for the in-memory state + # cache. Note that CacheSize needs to be a multiple of 32 MB. If it is not a multiple + # of 32 MB, the peer would round the size to the next multiple of 32 MB. + # To disable the cache, 0 MB needs to be assigned to the cacheSize. + cacheSize: 64 + + history: + # enableHistoryDatabase - options are true or false + # Indicates if the history of key updates should be stored. + # All history 'index' will be stored in goleveldb, regardless if using + # CouchDB or alternate database for the state. + enableHistoryDatabase: true + + pvtdataStore: + # the maximum db batch size for converting + # the ineligible missing data entries to eligible missing data entries + collElgProcMaxDbBatchSize: 5000 + # the minimum duration (in milliseconds) between writing + # two consecutive db batches for converting the ineligible missing data entries to eligible missing data entries + collElgProcDbBatchesInterval: 1000 + + ############################################################################### + # + # Operations section + # + ############################################################################### + operations: + # host and port for the operations server + listenAddress: 127.0.0.1:9443 + + # TLS configuration for the operations endpoint + tls: + # TLS enabled + enabled: false + + # path to PEM encoded server certificate for the operations server + cert: + file: + + # path to PEM encoded server key for the operations server + key: + file: + + # most operations service endpoints require client authentication when TLS + # is enabled. clientAuthRequired requires client certificate authentication + # at the TLS layer to access all resources. + clientAuthRequired: false + + # paths to PEM encoded ca certificates to trust for client authentication + clientRootCAs: + files: [] + + ############################################################################### + # + # Metrics section + # + ############################################################################### + metrics: + # metrics provider is one of statsd, prometheus, or disabled + provider: disabled + + # statsd configuration + statsd: + # network type: tcp or udp + network: udp + + # statsd server address + address: 127.0.0.1:8125 + + # the interval at which locally cached counters and gauges are pushed + # to statsd; timings are pushed immediately + writeInterval: 10s + + # prefix is prepended to all emitted statsd metrics + prefix: From 30bb8b8825c747db5aab619248cbcbb88b7514a1 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 10:33:12 +0000 Subject: [PATCH 27/52] Optimize log --- mamba/blockchain/start_network/commands.py | 32 ++++++++----- mamba/utils/kube.py | 54 +++++++++++++++++----- mamba/utils/util.py | 10 ++-- 3 files changed, 68 insertions(+), 28 deletions(-) diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 9410f66..69c20f0 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -23,8 +23,9 @@ from blockchain.peer.commands import setup_all_peer from blockchain.gen_artifact.commands import generate_artifact from k8s.secret.commands import create_all_docker_secret -from blockchain.admin.commands import setup_admin +from blockchain.admin.commands import setup_all_admin from blockchain.bootstrap_network.commands import bootstrap_network +from blockchain.external_chaincode.commands import config_all_peer def start_network(): @@ -34,38 +35,47 @@ def start_network(): copy_scripts() # Create a new Root Certificate Authority service + hiss.rattle('Create a new Root Certificate Authority service') setup_rca() # Create new Intermediate Certificate Authority services + hiss.rattle('Create new Intermediate Certificate Authority services') setup_all_ica() # Run jobs to register organizations + hiss.rattle('Run jobs to register organizations') reg_all_org() # Run jobs to register orderers + hiss.rattle('Run jobs to register orderers') reg_all_orderer() # Run jobs to register peers + hiss.rattle('Run jobs to register peers') reg_all_peer() - # Run jobs to enroll orderers + hiss.rattle('Run jobs to enroll orderers') enroll_all_orderer() - # Run jobs to enroll peers + hiss.rattle('Run jobs to enroll peers') enroll_all_peer() time.sleep(5) - # Run job to generate channel.tx, genesis.block + hiss.rattle('Run job to generate channel.tx, genesis.block') gen_channel_artifact() + hiss.rattle('Config map for external chaincode') + config_all_peer() + #TODO: Auto generate cpp, builder config map and apply external builder config map + #TODO: Auto generate connection config file and metadata config of external chaincode - # # Create new StatefullSet orderers - # setup_all_orderer() + hiss.rattle('Create new StatefullSet orderers') + setup_all_orderer() - # # Create new StatefullSet peers - # setup_all_peer() + hiss.rattle('Create new StatefullSet peers') + setup_all_peer() # # Run jobs to generate application artifacts # generate_artifact() @@ -74,9 +84,9 @@ def start_network(): # if settings.PRIVATE_DOCKER_IMAGE == 'true': # create_all_docker_secret('mamba') - # # Create new a new Admin service - # time.sleep(1) - # setup_admin() + # Create new a new Admin service + time.sleep(1) + setup_all_admin() # # Bootrap network # time.sleep(1) diff --git a/mamba/utils/kube.py b/mamba/utils/kube.py index e9bdd97..e051ed8 100644 --- a/mamba/utils/kube.py +++ b/mamba/utils/kube.py @@ -91,6 +91,7 @@ def check_pod_status_by_keyword(self, keyword, namespace, is_delete=False, check # Check status count = 0 # Use count variable to detect replica + msg = '' # Message show the status of the pod while True: time.sleep(1) # Find efs pod @@ -98,15 +99,17 @@ def check_pod_status_by_keyword(self, keyword, namespace, is_delete=False, check namespace=namespace, keyword=keyword) if not pods: if is_delete: - hiss.sub_echo('done') + hiss.sub_echo('Done') break hiss.sub_echo('cannot find tiller pod when check status.. retry') - time.sleep(1) continue if is_delete: - hiss.sub_echo('%s terminating' % keyword) - time.sleep(3) + newMsg = '%s terminating' % keyword + if msg != newMsg: + msg = newMsg + hiss.sub_echo(msg) + time.sleep(1) continue # Check replication @@ -116,17 +119,24 @@ def check_pod_status_by_keyword(self, keyword, namespace, is_delete=False, check while True: resp = self.coreApi.read_namespaced_pod_status(name=pods[count], namespace=namespace) - hiss.sub_echo('%s %s' % (pods[count], resp.status.phase)) + + # Manage notify display + newMsg = '%s %s' % (pods[count], resp.status.phase) + if msg != newMsg: + msg = newMsg + hiss.sub_echo(msg) + + # hiss.sub_echo('%s %s' % (pods[count], resp.status.phase)) if check_job_success: if resp.status.phase == condition_status: count += 1 break - time.sleep(3) + time.sleep(1) else: if resp.status.phase != condition_status: count += 1 break - time.sleep(3) + time.sleep(1) def prereqs(self, namespace): # Create temp folder @@ -135,12 +145,29 @@ def prereqs(self, namespace): # Create namespace settings.k8s.create_namespace(namespace) + def remove_pvc(self, doc): + if "volumeClaimTemplates" in doc['spec']: + volume_claim_templates = doc['spec']['volumeClaimTemplates'] + for vct in volume_claim_templates: + vct_name = vct['metadata']['name'] + + # Get containers in doc + containers = doc['spec']['template']['spec']['containers'] + for container in containers: + volume_mounts = container['volumeMounts'] + # Find and remove volume mount + volume = next((volume for volume in volume_mounts if volume['name'] == vct_name), None) + volume_mounts.remove(volume) + + # Remove volume claim template + volume_claim_templates.remove(vct) + def apply_yaml_from_template(self, namespace, k8s_template_file, dict_env): yaml_path, _ = util.load_yaml_config_template(k8s_template_file, dict_env) hiss.sub_echo('Create %s successfully' % yaml_path) # Execute yaml - hiss.echo('Apply yaml file') + # hiss.echo('Apply yaml file') stream = open(yaml_path, 'r') docs = yaml.safe_load_all(stream) @@ -149,12 +176,15 @@ def apply_yaml_from_template(self, namespace, k8s_template_file, dict_env): try: if doc['kind'] == 'Service': self.coreApi.create_namespaced_service(namespace, body=doc) + print("Create service successfully!") continue except ApiException as e: print("Service already deployed!") continue try: if doc['kind'] == 'StatefulSet': + if settings.DEPLOYMENT_ENV == 'develop': + self.remove_pvc(doc) self.appsApi.create_namespaced_stateful_set( namespace, body=doc) self.check_pod_status_by_keyword(keyword=doc['metadata']['name'], namespace=namespace) @@ -165,6 +195,8 @@ def apply_yaml_from_template(self, namespace, k8s_template_file, dict_env): if doc['kind'] == 'Job': self.batchApi.create_namespaced_job(namespace, body=doc) self.check_pod_status_by_keyword(keyword=doc['metadata']['name'], namespace=namespace, check_job_success=True) + if doc['kind'] == 'ConfigMap': + self.coreApi.create_namespaced_config_map(namespace, body=doc) except ApiException as e: print("Exception when apply yaml: %s\n" % e) success = False @@ -174,14 +206,12 @@ def apply_yaml_from_template(self, namespace, k8s_template_file, dict_env): def create_namespace(self, name): hiss.echo('Create Namespace %s' % name) ns = Namespace(name) - # ns.create() if not ns.get(): hiss.sub_echo('Namespace %s does not exist. Creating...' % name) ns.create() - else: - hiss.sub_echo('Namespace %s already exists' % name) + # else: + # hiss.sub_echo('Namespace %s already exists' % name) - # ns.delete() def show_all_pods(self): ret = self.coreApi.list_pod_for_all_namespaces(watch=False) diff --git a/mamba/utils/util.py b/mamba/utils/util.py index 73dd226..d74b84a 100644 --- a/mamba/utils/util.py +++ b/mamba/utils/util.py @@ -30,7 +30,7 @@ def load_yaml_config_template(yaml_template_path, dict_env): current_time = split_timenow_utc() # Create yaml_path - hiss.echo('Create yaml file') + # hiss.echo('Create yaml file') yaml_path = '%s/%s/%s_%s' % (get_temp_path(), current_time[0], current_time[1], new_yaml_file_name) # Write yaml -> yaml_path @@ -73,12 +73,12 @@ def make_folder(path_folder): hiss.sub_echo('Folder %s does not exists. \n\tCreating...' % path_folder) os.mkdir(path_folder) - else: - hiss.sub_echo('Folder temp %s exists.' % path_folder) + # else: + # hiss.sub_echo('Folder temp %s exists.' % path_folder) def make_temp_folder(): - hiss.echo('Create Folder temp') + # hiss.echo('Create Folder temp') temp_path = get_temp_path() make_folder(temp_path) @@ -113,4 +113,4 @@ def get_peer_external_domain(peer, index_peer): else: return '' else: - return hiss.hiss('peer: %s does not exists in env file' % peer) + return hiss.hiss('peer: %s does not exists in env file' % peer) \ No newline at end of file From 53b453ea31d5357a90213c01fb48c9c8b282fcb7 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 10:35:13 +0000 Subject: [PATCH 28/52] Add DEPLOYMENT_ENV in env --- mamba/config/operator.env-template | 2 ++ mamba/settings.py | 3 +++ 2 files changed, 5 insertions(+) diff --git a/mamba/config/operator.env-template b/mamba/config/operator.env-template index d0e2433..5228afa 100644 --- a/mamba/config/operator.env-template +++ b/mamba/config/operator.env-template @@ -8,6 +8,8 @@ EKS_REGION="ap-southeast-1" EKS_AUTO_SCALING_GROUP="eksctl-example-nodegroup-NodeGroup1-example-NodeGroup-XXXXXXX" EKS_SCALING_SIZE="2:10" +DEPLOYMENT_ENV="develop" + # RootCA configuration RCA_NAME="rca-akc" RCA_DOMAIN="akachain" diff --git a/mamba/settings.py b/mamba/settings.py index 389e7ac..9e6d008 100644 --- a/mamba/settings.py +++ b/mamba/settings.py @@ -112,3 +112,6 @@ def init(dotenv_path, set_default): global ORGS, DOMAINS ORGS = (ORDERER_ORGS+' ' +PEER_ORGS).strip() DOMAINS = (ORDERER_DOMAINS+' '+PEER_DOMAINS).strip() + + global DEPLOYMENT_ENV + DEPLOYMENT_ENV = os.getenv('DEPLOYMENT_ENV') From 9d107f120f6493f2cc989a264180f2a5880e600f Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 10:35:52 +0000 Subject: [PATCH 29/52] Remove unuse file --- .../fabric-deployment-enroll-orderer.yaml | 41 --------- .../orderer-sts/orderer-service-nlb.yaml | 20 ---- .../template/orderer-sts/orderer-service.yaml | 21 ----- .../orderer-sts/orderer-stateful.yaml | 92 ------------------- 4 files changed, 174 deletions(-) delete mode 100644 mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml delete mode 100644 mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml delete mode 100644 mamba/blockchain/template/orderer-sts/orderer-service.yaml delete mode 100644 mamba/blockchain/template/orderer-sts/orderer-stateful.yaml diff --git a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml b/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml deleted file mode 100644 index 8809e51..0000000 --- a/mamba/blockchain/template/enroll-orderer/fabric-deployment-enroll-orderer.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - namespace: {{ENROLL_DOMAIN}} - name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} -spec: - template: - metadata: - labels: - app: hyperledger - role: {{ORDERER}} - org: {{ENROLL_DOMAIN}} - name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} - spec: - restartPolicy: "Never" - containers: - - name: enroll-o{{ORDERER_INDEX}}-{{ORDERER}} - image: hyperledger/fabric-ca:{{FABRIC_CA_TAG}} - env: - - name: ORDERERORG - value: {{ORDERER}} - - name: FABRIC_CA_CLIENT_TLS_CERTFILES - value: /data/ica-{{ORDERER}}-ca-chain.pem - - name: ORDERER_HOME - value: /etc/hyperledger/orderer - command: ["sh"] - args: ["-c", "/scripts/enroll-orderer.sh {{ORDERER_INDEX}} 2>&1;"] - volumeMounts: - - mountPath: /scripts - name: rca-scripts - - mountPath: /data - name: rca-data - volumes: - - name: rca-scripts - nfs: - server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-scripts/ - - name: rca-data - nfs: - server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ diff --git a/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml b/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml deleted file mode 100644 index c03d8fd..0000000 --- a/mamba/blockchain/template/orderer-sts/orderer-service-nlb.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: orderer{{ORDERER_INDEX}}-{{ORDERER}}-nlb - namespace: {{ORDERER_DOMAIN}} - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: "nlb" -spec: - selector: - app: hyperledger - role: {{ORDERER}} - orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} - org: {{ORDERER_DOMAIN}} - ports: - - name: listen-endpoint - protocol: TCP - port: 7050 - targetPort: 7050 - type: LoadBalancer diff --git a/mamba/blockchain/template/orderer-sts/orderer-service.yaml b/mamba/blockchain/template/orderer-sts/orderer-service.yaml deleted file mode 100644 index 7c99911..0000000 --- a/mamba/blockchain/template/orderer-sts/orderer-service.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: orderer{{ORDERER_INDEX}}-{{ORDERER}} - namespace: {{ORDERER_DOMAIN}} -spec: - selector: - app: hyperledger - role: {{ORDERER}} - orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} - org: {{ORDERER_DOMAIN}} - type: NodePort - ports: - - name: listen-endpoint - protocol: TCP - port: 7050 - targetPort: 7050 - - name: prometheus-listen-endpoint - protocol: TCP - port: 10443 diff --git a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml b/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml deleted file mode 100644 index 26b9323..0000000 --- a/mamba/blockchain/template/orderer-sts/orderer-stateful.yaml +++ /dev/null @@ -1,92 +0,0 @@ ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - namespace: {{ORDERER_DOMAIN}} - name: orderer{{ORDERER_INDEX}}-{{ORDERER}} -spec: - serviceName: orderer{{ORDERER_INDEX}}-{{ORDERER}} - replicas: 1 - selector: - matchLabels: - app: hyperledger - role: {{ORDERER}} - org: {{ORDERER_DOMAIN}} - orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} - template: - metadata: - labels: - app: hyperledger - role: {{ORDERER}} - org: {{ORDERER_DOMAIN}} - orderer-id: orderer{{ORDERER_INDEX}}-{{ORDERER}} - spec: - containers: - - name: orderer{{ORDERER_INDEX}}-orderer-akc - image: hyperledger/fabric-orderer:{{FABRIC_TAG}} - # resources: - # requests: - # memory: "150Mi" - # cpu: "50m" - # limits: - # memory: "3000Mi" - # cpu: "2" - command: ["sh", "-c", "orderer"] - env: - - name: FABRIC_LOGGING_SPEC - #value: info - value: DEBUG - - name: ORDERER_CFG_PATH - value: /shared/ - - name: ORDERER_GENERAL_LEDGERTYPE - value: file - - name: ORDERER_FILELEDGER_LOCATION - value: /var/ledger/orderer{{ORDERER_INDEX}} - - name: ORDERER_GENERAL_LISTENADDRESS - value: 0.0.0.0 - - name: ORDERER_GENERAL_LOCALMSPDIR - value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/msp - - name: ORDERER_GENERAL_LOCALMSPID - value: ordererMSP - - name: ORDERER_GENERAL_GENESISMETHOD - value: file - - name: ORDERER_GENERAL_GENESISFILE - value: /shared/genesis.block - - name: ORDERER_GENERAL_TLS_ENABLED - value: "true" - - name: ORDERER_GENERAL_TLS_PRIVATEKEY - value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.key - - name: ORDERER_GENERAL_TLS_CERTIFICATE - value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.crt - # THIS IS BROKEN: * 'General.TLS.RootCAs': source data must be an array or slice, got string - - name: ORDERER_GENERAL_TLS_ROOTCAS - value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/tlscacerts/tls-ica-{{ORDERER}}-{{ORDERER_DOMAIN}}-7054.pem - - name: GODEBUG - value: netdns=go - - name: ORDERER_OPERATIONS_LISTENADDRESS - value: 0.0.0.0:10443 - - name: ORDERER_METRICS_PROVIDER - value: prometheus - workingDir: /opt/gopath/src/github.com/hyperledger/fabric/orderer - ports: - - containerPort: 7050 - - containerPort: 10443 - volumeMounts: - - name: crypto-config - mountPath: /shared - - name: orderer{{ORDERER_INDEX}}-{{ORDERER_DOMAIN}}-pvc-akc - mountPath: /var/ledger/orderer{{ORDERER_INDEX}} - volumes: - - name: crypto-config - nfs: - server: {{EFS_SERVER}} - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ - volumeClaimTemplates: - - metadata: - name: orderer{{ORDERER_INDEX}}-{{ORDERER_DOMAIN}}-pvc-akc - spec: - accessModes: [ "ReadWriteOnce" ] - storageClassName: gp2 - resources: - requests: - storage: 5Gi From 39a0494b08811c279ec81aee49f84e4200906039 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 10:36:20 +0000 Subject: [PATCH 30/52] Optimize register peer service --- mamba/blockchain/reg_peers/commands.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mamba/blockchain/reg_peers/commands.py b/mamba/blockchain/reg_peers/commands.py index 3e783e8..8a0cf2b 100644 --- a/mamba/blockchain/reg_peers/commands.py +++ b/mamba/blockchain/reg_peers/commands.py @@ -36,13 +36,13 @@ def del_reg_peer(org): return settings.k8s.delete_job(name=jobname, namespace=domain) def reg_all_peer(): - orgs = settings.ORGS.split(' ') + orgs = settings.PEER_ORGS.split(' ') # TODO: Multiprocess for org in orgs: reg_peer(org) def del_all_reg_peer(): - orgs = settings.ORGS.split(' ') + orgs = settings.PEER_ORGS.split(' ') # TODO: Multiprocess for org in orgs: del_reg_peer(org) From b7274d16349c3d35355bf6bbce76e3c69fa21c4d Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 4 Aug 2020 11:00:16 +0000 Subject: [PATCH 31/52] Update admin-v2 --- mamba/blockchain/admin/commands.py | 71 ++++++++++++------- .../blockchain/terminate_network/commands.py | 4 +- mamba/template/admin/admin-deployment.yaml | 12 ++-- mamba/template/admin/admin-service.yaml | 4 +- 4 files changed, 54 insertions(+), 37 deletions(-) diff --git a/mamba/blockchain/admin/commands.py b/mamba/blockchain/admin/commands.py index 9bce725..157fcc6 100644 --- a/mamba/blockchain/admin/commands.py +++ b/mamba/blockchain/admin/commands.py @@ -6,12 +6,14 @@ from utils import hiss, util import settings -def setup_admin(): +def setup_admin(org): - print('settings.ORDERER_DOMAINS: ', settings.ORDERER_DOMAINS) - domains = settings.ORDERER_DOMAINS.split(' ') - if len(domains) == 0: - domains = settings.PEER_DOMAINS.split(' ') + # Get domain + domain = util.get_domain(org) + + # Get orderer information + orderer_names = settings.ORDERER_ORGS.split(' ') + orderer_domains = settings.ORDERER_DOMAINS.split(' ') # Create application artifact folder hiss.echo('Create application artifact folder') @@ -20,23 +22,26 @@ def setup_admin(): if not pods: return hiss.hiss('cannot find tiller pod') - mkdir_cmd = ('mkdir -p '+settings.EFS_ROOT+'/admin/crypto-path;' - 'mkdir -p '+settings.EFS_ROOT+'/admin/crypto-store;') + # mkdir_cmd = ('mkdir -p '+settings.EFS_ROOT+'/admin/crypto-path;' + # 'mkdir -p '+settings.EFS_ROOT+'/admin/crypto-store;') ## Exec command - exec_command = [ - '/bin/bash', - '-c', - '%s' % (mkdir_cmd)] + # exec_command = [ + # '/bin/bash', + # '-c', + # '%s' % (mkdir_cmd)] - result_get_folder = settings.k8s.exec_pod( - podName=pods[0], namespace="default", command=exec_command) - hiss.sub_echo(result_get_folder.data) + # result_get_folder = settings.k8s.exec_pod( + # podName=pods[0], namespace="default", command=exec_command) + # hiss.sub_echo(result_get_folder.data) # Create temp folder & namespace - settings.k8s.prereqs(domains[0]) + settings.k8s.prereqs(domain) dict_env = { - 'ORDERER_DOMAIN': domains[0], + 'ORG_NAME': org, + 'ORG_DOMAIN': domain, + 'ORDERER_DOMAIN': orderer_domains[0], + 'ORGDERER_NAME': orderer_names[0], 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND @@ -45,21 +50,33 @@ def setup_admin(): # Apply deployment k8s_template_file = '%s/admin/admin-deployment.yaml' % util.get_k8s_template_path() settings.k8s.apply_yaml_from_template( - namespace=domains[0], k8s_template_file=k8s_template_file, dict_env=dict_env) + namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) # Apply service k8s_template_file = '%s/admin/admin-service.yaml' % util.get_k8s_template_path() settings.k8s.apply_yaml_from_template( - namespace=domains[0], k8s_template_file=k8s_template_file, dict_env=dict_env) + namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) -def del_admin(): +def del_admin(org): - domains = settings.ORDERER_DOMAINS.split(' ') - jobname = 'admin-rca-ica' + # Get domain + domain = util.get_domain(org) + name = 'admin-v2-%s' % org # Delete job pod - return settings.k8s.delete_stateful(name=jobname, namespace=domains[0]) - + return settings.k8s.delete_stateful(name=name, namespace=domain) + +def setup_all_admin(): + orgs = settings.PEER_ORGS.split(' ') + # TODO: Multiprocess + for org in orgs: + setup_admin(org) + +def delete_all_admin(): + orgs = settings.PEER_ORGS.split(' ') + # TODO: Multiprocess + for org in orgs: + del_admin(org) @click.group() def admin(): @@ -68,12 +85,12 @@ def admin(): @admin.command('setup', short_help='Create new a new Admin service') def setup(): - hiss.rattle('Create new a new Admin service') + hiss.rattle('Create new Admin service in all org') - setup_admin() + setup_all_admin() @admin.command('delete', short_help='Delete the Admin service') def delete(): - hiss.rattle('Delete the Admin service') + hiss.rattle('Delete the Admin service in all org') - del_admin() + delete_all_admin() diff --git a/mamba/blockchain/terminate_network/commands.py b/mamba/blockchain/terminate_network/commands.py index 56beddd..b9057b3 100644 --- a/mamba/blockchain/terminate_network/commands.py +++ b/mamba/blockchain/terminate_network/commands.py @@ -21,7 +21,7 @@ from blockchain.kafka.commands import terminate_kafka from blockchain.orderer.commands import terminate_all_orderer from blockchain.peer.commands import terminate_all_peer -from blockchain.admin.commands import del_admin +from blockchain.admin.commands import delete_all_admin def remove_cert(): ## Find explorer_db pod @@ -43,7 +43,7 @@ def terminate_network(): result = [] # Delete job - util.smart_append(result, del_admin()) + util.smart_append(result, delete_all_admin()) util.smart_append(result, del_bootstrap_network()) util.smart_append(result, del_gen_channel_artifact()) util.smart_append(result, del_generate_artifact()) diff --git a/mamba/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml index 61de779..63047a9 100644 --- a/mamba/template/admin/admin-deployment.yaml +++ b/mamba/template/admin/admin-deployment.yaml @@ -3,22 +3,22 @@ apiVersion: apps/v1 kind: StatefulSet metadata: namespace: {{ORG_DOMAIN}} - name: admin-v2 + name: admin-v2-{{ORG_NAME}} spec: - serviceName: admin-v2 + serviceName: admin-v2-{{ORG_NAME}} replicas: 1 selector: matchLabels: - app: admin-v2 + app: admin-v2-{{ORG_NAME}} tier: {{ORG_DOMAIN}} template: metadata: labels: - app: admin-v2 + app: admin-v2-{{ORG_NAME}} tier: {{ORG_DOMAIN}} spec: containers: - - name: admin-v2 + - name: admin-v2-{{ORG_NAME}} image: docker.pkg.github.com/akachain/akc-admin/develop:2.0 ports: - containerPort: 4001 @@ -70,7 +70,7 @@ spec: nfs: server: {{EFS_SERVER}} # TODO: Wait for automation generate cpp - path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ + path: /pvs/{{EFS_PATH}}/admin-v2/artifacts/ # path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/artifacts/ imagePullSecrets: - name: mamba diff --git a/mamba/template/admin/admin-service.yaml b/mamba/template/admin/admin-service.yaml index e08af4a..ea2fdc9 100644 --- a/mamba/template/admin/admin-service.yaml +++ b/mamba/template/admin/admin-service.yaml @@ -3,10 +3,10 @@ apiVersion: v1 kind: Service metadata: namespace: {{ORG_DOMAIN}} - name: admin-v2 + name: admin-v2-{{ORG_NAME}} spec: selector: - app: admin-v2 + app: admin-v2-{{ORG_NAME}} tier: {{ORG_DOMAIN}} type: NodePort ports: From dc6975617462d6b59c9a0b48cfc08d4da3640e3b Mon Sep 17 00:00:00 2001 From: harisato Date: Thu, 13 Aug 2020 07:41:12 +0000 Subject: [PATCH 32/52] Add generate connection profile function --- mamba/blockchain/copyscripts/commands.py | 2 +- mamba/blockchain/generate_ccp/__init__.py | 0 mamba/blockchain/generate_ccp/commands.py | 65 +++++++++++++++++++ mamba/mamba.py | 2 + mamba/requirements.txt | 1 + .../connection-profile/generate-ccp-job.yaml | 43 ++++++++++++ 6 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 mamba/blockchain/generate_ccp/__init__.py create mode 100644 mamba/blockchain/generate_ccp/commands.py create mode 100644 mamba/template/connection-profile/generate-ccp-job.yaml diff --git a/mamba/blockchain/copyscripts/commands.py b/mamba/blockchain/copyscripts/commands.py index a167bd1..8d82cf1 100644 --- a/mamba/blockchain/copyscripts/commands.py +++ b/mamba/blockchain/copyscripts/commands.py @@ -27,7 +27,7 @@ def copy_scripts(): exec_command = [ '/bin/bash', '-c', - 'mkdir -p %s/admin; mkdir -p %s/akc-ca-data' % (settings.EFS_ROOT, settings.EFS_ROOT)] + 'mkdir -p %s/admin-v2/artifacts; mkdir -p %s/akc-ca-data' % (settings.EFS_ROOT, settings.EFS_ROOT)] # Create folder in efs result_create_folder = settings.k8s.exec_pod( diff --git a/mamba/blockchain/generate_ccp/__init__.py b/mamba/blockchain/generate_ccp/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/generate_ccp/commands.py b/mamba/blockchain/generate_ccp/commands.py new file mode 100644 index 0000000..66b813a --- /dev/null +++ b/mamba/blockchain/generate_ccp/commands.py @@ -0,0 +1,65 @@ +import click +import yaml +import re +from kubernetes import client +from os import path +from utils import hiss, util +import settings + +def generate_ccp(org): + + # Get domain + domain = util.get_domain(org) + + # Create temp folder & namespace + settings.k8s.prereqs(domain) + + k8s_template_file = '%s/connection-profile/generate-ccp-job.yaml' % util.get_k8s_template_path() + dict_env = { + 'ORG_NAME': org, + 'ORG_DOMAIN': domain, + 'EFS_SERVER': settings.EFS_SERVER, + 'EFS_PATH': settings.EFS_PATH, + 'EFS_EXTEND': settings.EFS_EXTEND + } + + settings.k8s.apply_yaml_from_template( + namespace=domain, k8s_template_file=k8s_template_file, dict_env=dict_env) + +def del_generate_ccp(org): + + # Get domain + domain = util.get_domain(org) + jobname = 'generate-ccp-%s' % org + + # Delete job pod + return settings.k8s.delete_job(name=jobname, namespace=domain) + +def generate_all_ccp(): + orgs = settings.PEER_ORGS.split(' ') + # TODO: Multiprocess + for org in orgs: + generate_ccp(org) + +def delete_all_ccp(): + orgs = settings.PEER_ORGS.split(' ') + # TODO: Multiprocess + for org in orgs: + del_generate_ccp(org) + +@click.group() +def ccp(): + """Generate connection profiles""" + pass + +@ccp.command('generate', short_help="Run job to generate connection profiles") +def generate(): + hiss.rattle('Generate connection profiles') + + generate_all_ccp() + +@ccp.command('delete', short_help="Delete job generate connection profiles") +def delete(): + hiss.rattle('Delete job generate connection profiles') + + delete_all_ccp() diff --git a/mamba/mamba.py b/mamba/mamba.py index f17c34a..52cec24 100644 --- a/mamba/mamba.py +++ b/mamba/mamba.py @@ -37,6 +37,7 @@ from blockchain.update_channel_config.commands import channel_config from blockchain.external_chaincode.commands import externalCC +from blockchain.generate_ccp.commands import ccp @click.group(invoke_without_command=True) @@ -80,6 +81,7 @@ def mamba(config, set_default): mamba.add_command(channel_config) mamba.add_command(anchor_peer) mamba.add_command(externalCC) +mamba.add_command(ccp) if __name__ == '__main__': mamba() \ No newline at end of file diff --git a/mamba/requirements.txt b/mamba/requirements.txt index a2f1321..49d215b 100644 --- a/mamba/requirements.txt +++ b/mamba/requirements.txt @@ -42,3 +42,4 @@ urllib3==1.24.2 virtualenv==16.7.9 websocket-client==0.57.0 wrapt==1.11.2 +tika==1.24 \ No newline at end of file diff --git a/mamba/template/connection-profile/generate-ccp-job.yaml b/mamba/template/connection-profile/generate-ccp-job.yaml new file mode 100644 index 0000000..e0d22bb --- /dev/null +++ b/mamba/template/connection-profile/generate-ccp-job.yaml @@ -0,0 +1,43 @@ +apiVersion: batch/v1 +kind: Job +metadata: + namespace: {{ORG_DOMAIN}} + name: generate-ccp-{{ORG_NAME}} +spec: + template: + metadata: + labels: + app: hyperledger + role: peer + org: {{ORG_NAME}} + name: generate-ccp-{{ORG_NAME}} + spec: + restartPolicy: "Never" + containers: + - name: generate-ccp-{{ORG_NAME}} + image: alpine + env: + - name: ORG + value: {{ORG_NAME}} + command: ["sh"] + args: ["-c", "apk add bash; ./scripts/generate-ccp.sh 2>&1;"] + volumeMounts: + - mountPath: /scripts + name: scripts + - mountPath: /data + name: data + - mountPath: /shared/admin-v2/artifacts + name: artifacts + volumes: + - name: scripts + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-scripts/ + - name: data + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ + - name: artifacts + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ \ No newline at end of file From 01d8f2be58e45de3d74d579da6deb33859449b91 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 14 Aug 2020 04:28:04 +0000 Subject: [PATCH 33/52] Add generate cpp svc and update bootstrap script --- .../blockchain/bootstrap_network/commands.py | 16 ++- .../blockchain/external_chaincode/commands.py | 26 ++++ mamba/blockchain/start_network/commands.py | 19 +-- .../blockchain/terminate_network/commands.py | 6 + mamba/scripts/bootstrap-network.sh | 111 ++++++++++-------- mamba/scripts/generate-ccp.sh | 74 ++++++++++++ mamba/template/admin/admin-deployment.yaml | 10 +- .../fabric-deployment-bootstrap-network.yaml | 11 +- .../fabric-deployment-anchor-peer.yaml | 2 +- mamba/utils/kube.py | 12 ++ mamba/utils/util.py | 9 +- 11 files changed, 232 insertions(+), 64 deletions(-) create mode 100755 mamba/scripts/generate-ccp.sh diff --git a/mamba/blockchain/bootstrap_network/commands.py b/mamba/blockchain/bootstrap_network/commands.py index 07733c1..de2b88d 100644 --- a/mamba/blockchain/bootstrap_network/commands.py +++ b/mamba/blockchain/bootstrap_network/commands.py @@ -8,21 +8,29 @@ def bootstrap_network(): - domains = settings.ORDERER_DOMAINS.split(' ') + orderer_orgs = settings.ORDERER_ORGS.split(' ') + orderer_domains = settings.ORDERER_DOMAINS.split(' ') + + peer_orgs = settings.PEER_ORGS.split(' ') + peer_domains = settings.PEER_DOMAINS.split(' ') + # Create temp folder & namespace - settings.k8s.prereqs(domains[0]) + settings.k8s.prereqs(orderer_domains[0]) k8s_template_file = '%s/bootstrap-network/fabric-deployment-bootstrap-network.yaml' % util.get_k8s_template_path() dict_env = { - 'ORDERER_DOMAIN': domains[0], + 'ORDERER_NAME': orderer_orgs[0], + 'ORDERER_DOMAIN': orderer_domains[0], + 'ORG_NAME': peer_orgs[0], + 'ORG_DOMAIN': peer_domains[0], 'EFS_SERVER': settings.EFS_SERVER, 'EFS_PATH': settings.EFS_PATH, 'EFS_EXTEND': settings.EFS_EXTEND } settings.k8s.apply_yaml_from_template( - namespace=domains[0], k8s_template_file=k8s_template_file, dict_env=dict_env) + namespace=orderer_domains[0], k8s_template_file=k8s_template_file, dict_env=dict_env) def del_bootstrap_network(): diff --git a/mamba/blockchain/external_chaincode/commands.py b/mamba/blockchain/external_chaincode/commands.py index 31b7f56..5a56af3 100644 --- a/mamba/blockchain/external_chaincode/commands.py +++ b/mamba/blockchain/external_chaincode/commands.py @@ -27,6 +27,17 @@ def deploy_external_cc(peer, cc_name, cc_image, cc_package_id): settings.k8s.apply_yaml_from_template( namespace=domain, k8s_template_file=chaincode_service, dict_env=dict_env) +def delete_external_cc(peer): + ## Find explorer_db pod + domain = util.get_domain(peer) + list_stateful_set = settings.k8s.find_stateful_set(namespace=domain, keyword="chaincode") + # Remove chaincode container of another org + for sts in list_stateful_set: + if peer not in sts: list_stateful_set.remove(sts) + for sts in list_stateful_set: + # Delete stateful set + return settings.k8s.delete_stateful(name=sts, namespace=domain) + def config_peer(peer): # Get domain domain = util.get_domain(peer) @@ -57,6 +68,16 @@ def config_all_peer(): def del_config(): print('TODO') +def delete_all_external_cc(): + + peers = settings.PEER_ORGS.split(' ') + results = [] + for peer in peers: + domain = util.get_domain(peer) + results.append(delete_external_cc(peer)) + return results + + @click.group() def externalCC(): @@ -76,6 +97,11 @@ def deploy(ccname, ccimage, packageid): hiss.rattle('Deploy external chaincode') deploy_all_external_cc(ccname, ccimage, packageid) +@externalCC.command('delete', short_help="Delete external chaincode") +def delete(): + hiss.rattle('Delete external chaincode') + delete_all_external_cc() + @externalCC.command('delConfig', short_help="Delete config map") def delete(): hiss.rattle('Delete config map') diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 69c20f0..3a7b84c 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -26,6 +26,8 @@ from blockchain.admin.commands import setup_all_admin from blockchain.bootstrap_network.commands import bootstrap_network from blockchain.external_chaincode.commands import config_all_peer +from blockchain.generate_ccp.commands import generate_all_ccp +from blockchain.update_anchor_peer.commands import setup_all def start_network(): @@ -69,7 +71,6 @@ def start_network(): config_all_peer() #TODO: Auto generate cpp, builder config map and apply external builder config map - #TODO: Auto generate connection config file and metadata config of external chaincode hiss.rattle('Create new StatefullSet orderers') setup_all_orderer() @@ -79,18 +80,22 @@ def start_network(): # # Run jobs to generate application artifacts # generate_artifact() + generate_all_ccp() - # # Create secret if use private docker hub - # if settings.PRIVATE_DOCKER_IMAGE == 'true': - # create_all_docker_secret('mamba') + # Create secret if use private docker hub + if settings.PRIVATE_DOCKER_IMAGE == 'true': + create_all_docker_secret('mamba') # Create new a new Admin service time.sleep(1) setup_all_admin() + time.sleep(1) + + # Setup anchor peer + setup_all() - # # Bootrap network - # time.sleep(1) - # bootstrap_network() + # Bootrap network + bootstrap_network() # # cat log # domains = settings.ORDERER_DOMAINS.split(' ') diff --git a/mamba/blockchain/terminate_network/commands.py b/mamba/blockchain/terminate_network/commands.py index b9057b3..12d30fe 100644 --- a/mamba/blockchain/terminate_network/commands.py +++ b/mamba/blockchain/terminate_network/commands.py @@ -7,6 +7,7 @@ from utils import hiss, util from blockchain.bootstrap_network.commands import del_bootstrap_network +from blockchain.generate_ccp.commands import delete_all_ccp from blockchain.channel_artifact.commands import del_gen_channel_artifact from blockchain.gen_artifact.commands import del_generate_artifact from blockchain.reg_orgs.commands import del_all_reg_org @@ -22,6 +23,7 @@ from blockchain.orderer.commands import terminate_all_orderer from blockchain.peer.commands import terminate_all_peer from blockchain.admin.commands import delete_all_admin +from blockchain.external_chaincode.commands import delete_all_external_cc def remove_cert(): ## Find explorer_db pod @@ -45,6 +47,7 @@ def terminate_network(): # Delete job util.smart_append(result, delete_all_admin()) util.smart_append(result, del_bootstrap_network()) + util.smart_append(result, delete_all_ccp()) util.smart_append(result, del_gen_channel_artifact()) util.smart_append(result, del_generate_artifact()) util.smart_append(result, del_all_reg_org()) @@ -71,6 +74,9 @@ def terminate_network(): # Terminate StatefullSet peers util.smart_append(result, terminate_all_peer()) + # Terminate External chaincode + util.smart_append(result, delete_all_external_cc()) + # Remove old cert util.smart_append(result, remove_cert()) diff --git a/mamba/scripts/bootstrap-network.sh b/mamba/scripts/bootstrap-network.sh index aac7140..961515e 100755 --- a/mamba/scripts/bootstrap-network.sh +++ b/mamba/scripts/bootstrap-network.sh @@ -1,6 +1,7 @@ #!/bin/bash source $(dirname "$0")/env.sh +set -e function logResult { local RESULT=$1 @@ -15,26 +16,41 @@ function logResult { } function main { - local ADMIN_URL="http://admin-rca-ica.${ORDERER_DOMAINS}:4001" - local ORG="" + local ORG="" - # Register user for each org + # Enroll admin for each org for PEER_ORG in $PEER_ORGS do ORG=$PEER_ORG - log "REGISTER USER: $PEER_ORG" - REGISTER_USER=$(curl -s -X POST ${ADMIN_URL}/registerUser -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'" + initOrgVars $ORG + log "Enroll Admin: $PEER_ORG" + ENROLL_ADMIN=$(curl -s -X POST ${ADMIN_URL}/api/v2/cas/enrollAdmin -H "content-type: application/json" -d '{ + "orgName":"'"${PEER_ORG}"'", + "adminName": "'"${INT_CA_ADMIN_USER}"'", + "adminPassword": "'"${INT_CA_ADMIN_PASS}"'" }'); - logResult "$REGISTER_USER" + logResult "$ENROLL_ADMIN" + + log "Register User: $PEER_ORG" + REGISTER_USER=$(curl -s -X POST ${ADMIN_URL}/api/v2/cas/registerUser -H "content-type: application/json" -d '{ + "orgName":"'"${PEER_ORG}"'", + "affiliation":"'"${PEER_ORG}"'.akc", + "affiliation":"'"${PEER_ORG}"'.akc", + "userName": "'"${PEER_ORG}"'", + "role": "client", + "adminName": "'"${INT_CA_ADMIN_USER}"'" + }'); + logResult "$ENROLL_ADMIN" done # Create channel log "CREATE CHANNEL: $CHANNEL_NAME" - CREATE_CHANNEL_CC=$(curl -s -X POST ${ADMIN_URL}/channels -H "content-type: application/json" -d '{ - "orgname":"'"${ORG}"'", + CREATE_CHANNEL_CC=$(curl -s -X POST ${ADMIN_URL}/api/v2/channels/create -H "content-type: application/json" -d '{ + "orgName":"'"${ORG}"'", + "peerIndex":"0", "channelName":"'"${CHANNEL_NAME}"'", - "channelConfigPath":"../../../shared/channel.tx" + "ordererAddress":"'"${ORDERER_ADDRESS}"'", + "channelConfig":"/shared/channel.tx" }'); logResult "$CREATE_CHANNEL_CC" sleep 3s @@ -47,8 +63,9 @@ function main { log "Org ${PEER_ORG} join the channel ${CHANNEL_NAME}" for (( h=0; h<=$MAX_RETRY; h++ )) do - JOINCHANNEL=$(curl -s -X POST ${ADMIN_URL}/joinchannel -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", + JOINCHANNEL=$(curl -s -X POST ${ADMIN_URL}/api/v2/channels/join -H "content-type: application/json" -d '{ + "orgName":"'"${PEER_ORG}"'", + "peerIndex":"0", "channelName":"'"${CHANNEL_NAME}"'" }'); logResult "$JOINCHANNEL" @@ -62,41 +79,41 @@ function main { done done - # Install sample chaincode - log "INSTALL CHAINCODE" - for PEER_ORG in $PEER_ORGS - do - INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/chaincodes -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", - "chaincodePath":"chaincodes/fabcar/", - "chaincodeId":"fabcar1", - "chaincodeVersion":"v1.0", - "chaincodeType":"golang" - }'); - logResult "$INSTALL_CHAINCODE" - done + # # Install sample chaincode + # log "INSTALL CHAINCODE" + # for PEER_ORG in $PEER_ORGS + # do + # INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/chaincodes -H "content-type: application/json" -d '{ + # "orgname":"'"${PEER_ORG}"'", + # "chaincodePath":"chaincodes/fabcar/", + # "chaincodeId":"fabcar1", + # "chaincodeVersion":"v1.0", + # "chaincodeType":"golang" + # }'); + # logResult "$INSTALL_CHAINCODE" + # done - # Init sample chaincode - log "INIT CHAINCODE" - INIT_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/initchaincodes -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", - "channelName":"'"${CHANNEL_NAME}"'", - "chaincodeId":"fabcar1", - "chaincodeVersion":"v1.0", - "chaincodeType":"golang", - "args":[] - }'); - logResult "$INIT_CHAINCODE" - sleep 3s - # Invoke - log "INVOKE CHAINCODE" - INVOKE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/invokeChainCode -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", - "channelName":"'"${CHANNEL_NAME}"'", - "chaincodeId":"fabcar1", - "args": ["CAR1", "a", "b", "c", "d"], - "fcn": "createCar" - }'); - logResult "$INVOKE_CHAINCODE" + # # Init sample chaincode + # log "INIT CHAINCODE" + # INIT_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/initchaincodes -H "content-type: application/json" -d '{ + # "orgname":"'"${PEER_ORG}"'", + # "channelName":"'"${CHANNEL_NAME}"'", + # "chaincodeId":"fabcar1", + # "chaincodeVersion":"v1.0", + # "chaincodeType":"golang", + # "args":[] + # }'); + # logResult "$INIT_CHAINCODE" + # sleep 3s + # # Invoke + # log "INVOKE CHAINCODE" + # INVOKE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/invokeChainCode -H "content-type: application/json" -d '{ + # "orgname":"'"${PEER_ORG}"'", + # "channelName":"'"${CHANNEL_NAME}"'", + # "chaincodeId":"fabcar1", + # "args": ["CAR1", "a", "b", "c", "d"], + # "fcn": "createCar" + # }'); + # logResult "$INVOKE_CHAINCODE" } main \ No newline at end of file diff --git a/mamba/scripts/generate-ccp.sh b/mamba/scripts/generate-ccp.sh new file mode 100755 index 0000000..8c66134 --- /dev/null +++ b/mamba/scripts/generate-ccp.sh @@ -0,0 +1,74 @@ +#!/bin/bash + +function one_line_pem { + awk 'NF {sub(/\\n/, ""); printf "%s\\\\\\",$0;}' $1 > /tmp/one_line.pem +} + +function generate_json_ccp { + one_line_pem $CA_CHAINFILE + local PEER_PEM=$(cat /tmp/one_line.pem) + # CA and Peer using same public key + local CA_PEM=$(cat /tmp/one_line.pem) + + echo " +{ + \"name\": \"${CLUSTER_NAME}-${ORG}\", + \"version\": \"1.0.0\", + \"client\": { + \"organization\": \"${ORG}\", + \"connection\": { + \"timeout\": { + \"peer\": { + \"endorser\": \"300\" + } + } + } + }, + \"organizations\": { + \"${ORG}\": { + \"mspid\": \"${ORG}MSP\", + \"peers\": [ + \"peer0-${ORG}.${DOMAIN}\" + ], + \"certificateAuthorities\": [ + \"ica-${ORG}.${DOMAIN}\" + ] + } + }, + \"peers\": { + \"peer0-${ORG}.${DOMAIN}\": { + \"url\": \"grpcs://peer0-${ORG}.${DOMAIN}:7051\", + \"tlsCACerts\": { + \"pem\": \"${PEER_PEM}\" + }, + \"grpcOptions\": { + \"ssl-target-name-override\": \"peer0-${ORG}.${DOMAIN}\", + \"hostnameOverride\": \"peer0-${ORG}.${DOMAIN}\" + } + } + }, + \"certificateAuthorities\": { + \"ica-${ORG}.${DOMAIN}\": { + \"url\": \"https://ica-${ORG}.${DOMAIN}:7054\", + \"caName\": \"ica-${ORG}.${DOMAIN}\", + \"tlsCACerts\": { + \"pem\": \"${CA_PEM}\" + }, + \"httpOptions\": { + \"verify\": false + } + } + } +} +" | sed -e 's/\\\\\\/\\n/g' > /shared/admin-v2/artifacts/connection-${ORG}.json +cat /shared/admin-v2/artifacts/connection-${ORG}.json +} + +function main { + initOrgVars $ORG + generate_json_ccp +} + +source $(dirname "$0")/env.sh +OUTPUT=/shared/admin-v2/artifacts/connection-${ORG}.json +main diff --git a/mamba/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml index 63047a9..14c427c 100644 --- a/mamba/template/admin/admin-deployment.yaml +++ b/mamba/template/admin/admin-deployment.yaml @@ -59,6 +59,8 @@ spec: volumeMounts: - name: akc-ca-data mountPath: /shared/ + - name: akc-ca-data + mountPath: /data/app/artifacts/src/chaincodes - name: artifacts-efs mountPath: /data/app/artifacts/ volumes: @@ -66,12 +68,16 @@ spec: nfs: server: {{EFS_SERVER}} path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ + - name: chaincodes + nfs: + server: {{EFS_SERVER}} + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/chaincodes/ - name: artifacts-efs nfs: server: {{EFS_SERVER}} # TODO: Wait for automation generate cpp - path: /pvs/{{EFS_PATH}}/admin-v2/artifacts/ - # path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/artifacts/ + # path: /pvs/{{EFS_PATH}}/admin-v2/artifacts/ + path: /pvs/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ imagePullSecrets: - name: mamba diff --git a/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml index 9e68906..8e11899 100644 --- a/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml +++ b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml @@ -12,11 +12,18 @@ spec: tier: {{ORDERER_DOMAIN}} spec: restartPolicy: "Never" + suspend: "true" containers: - name: bootstrap-network - image: alpine + image: alpine:3.12.0 + env: + - name: ORDERER_ADDRESS + value: orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}:7050 + - name: ADMIN_URL + value: http://admin-v2-{{ORG_NAME}}.{{ORG_DOMAIN}}:4001 command: ["sh"] - args: ["-c", "apk add bash; apk add curl; ./scripts/bootstrap-network.sh 2>&1;"] + args: ["-c", "apk add bash; apk add curl; tail -f /etc/hosts; ./scripts/bootstrap-network.sh 2>&1;"] + # args: ["-c", "apk add bash; apk add curl; ./scripts/bootstrap-network.sh 2>&1;"] volumeMounts: - name: rca-scripts mountPath: /scripts diff --git a/mamba/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml b/mamba/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml index 6b6ecfa..9046eb6 100644 --- a/mamba/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml +++ b/mamba/template/update-anchor-peer/fabric-deployment-anchor-peer.yaml @@ -24,7 +24,7 @@ spec: - name: ORDERER_ADDRESS value: orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}:7050 - name: ADMIN_URL - value: admin-v2.{{ORG_DOMAIN}}:4001 + value: admin-v2-{{ORG_NAME}}.{{ORG_DOMAIN}}:4001 # command: ["printenv"] command: ["sh"] # args: ["-c", "tail -f /dev/null"] diff --git a/mamba/utils/kube.py b/mamba/utils/kube.py index e051ed8..d0b0d68 100644 --- a/mamba/utils/kube.py +++ b/mamba/utils/kube.py @@ -240,6 +240,18 @@ def find_pod(self, namespace, keyword): hiss.hiss("Exception when calling Api: %s\n" % e) return mypods + # Find name of the stateful set in a namespace with a specific keyword + def find_stateful_set(self, namespace, keyword): + mypods = [] + try: + ret = self.appsApi.list_namespaced_stateful_set(namespace) + for item in ret.items: + if keyword in item.metadata.name: + mypods.append(item.metadata.name) + except ApiException as e: + hiss.hiss("Exception when calling Api: %s\n" % e) + return mypods + # Find name of the persistent volume claim in a namespace with a specific keyword def find_pvc(self, namespace, keyword): list_pvc = [] diff --git a/mamba/utils/util.py b/mamba/utils/util.py index d74b84a..c551b29 100644 --- a/mamba/utils/util.py +++ b/mamba/utils/util.py @@ -3,6 +3,7 @@ import json import re import yaml +from tika import parser from utils import hiss import settings @@ -113,4 +114,10 @@ def get_peer_external_domain(peer, index_peer): else: return '' else: - return hiss.hiss('peer: %s does not exists in env file' % peer) \ No newline at end of file + return hiss.hiss('peer: %s does not exists in env file' % peer) + +def replace_all_new_line(file_path): + parsered = parser.from_file(file_path) + content = parsered['content'] + content = content.replace('\n', '\\n') + return content \ No newline at end of file From 690a2afacfe95478c6fac66e7158b5e2b5851284 Mon Sep 17 00:00:00 2001 From: harisato Date: Mon, 17 Aug 2020 10:27:57 +0000 Subject: [PATCH 34/52] Add fabcar chaincode --- .../artifacts/src/chaincodes/fabcar/fabcar.go | 167 ++++++++++++++++++ .../artifacts/src/chaincodes/fabcar/go.mod | 5 + .../artifacts/src/chaincodes/fabcar/go.sum | 141 +++++++++++++++ 3 files changed, 313 insertions(+) create mode 100644 mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go create mode 100644 mamba/blockchain/artifacts/src/chaincodes/fabcar/go.mod create mode 100644 mamba/blockchain/artifacts/src/chaincodes/fabcar/go.sum diff --git a/mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go b/mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go new file mode 100644 index 0000000..7167d93 --- /dev/null +++ b/mamba/blockchain/artifacts/src/chaincodes/fabcar/fabcar.go @@ -0,0 +1,167 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package main + + import ( + "encoding/json" + "fmt" + "strconv" + + "github.com/hyperledger/fabric-contract-api-go/contractapi" + ) + + // SmartContract provides functions for managing a car + type SmartContract struct { + contractapi.Contract + } + + // Car describes basic details of what makes up a car + type Car struct { + Make string `json:"make"` + Model string `json:"model"` + Colour string `json:"colour"` + Owner string `json:"owner"` + } + + // QueryResult structure used for handling result of query + type QueryResult struct { + Key string `json:"Key"` + Record *Car + } + + // InitLedger adds a base set of cars to the ledger + func (s *SmartContract) InitLedger(ctx contractapi.TransactionContextInterface) error { + cars := []Car{ + Car{Make: "Toyota", Model: "Prius", Colour: "blue", Owner: "Tomoko"}, + Car{Make: "Ford", Model: "Mustang", Colour: "red", Owner: "Brad"}, + Car{Make: "Hyundai", Model: "Tucson", Colour: "green", Owner: "Jin Soo"}, + Car{Make: "Volkswagen", Model: "Passat", Colour: "yellow", Owner: "Max"}, + Car{Make: "Tesla", Model: "S", Colour: "black", Owner: "Adriana"}, + Car{Make: "Peugeot", Model: "205", Colour: "purple", Owner: "Michel"}, + Car{Make: "Chery", Model: "S22L", Colour: "white", Owner: "Aarav"}, + Car{Make: "Fiat", Model: "Punto", Colour: "violet", Owner: "Pari"}, + Car{Make: "Tata", Model: "Nano", Colour: "indigo", Owner: "Valeria"}, + Car{Make: "Holden", Model: "Barina", Colour: "brown", Owner: "Shotaro"}, + } + + for i, car := range cars { + carAsBytes, _ := json.Marshal(car) + err := ctx.GetStub().PutState("CAR"+strconv.Itoa(i), carAsBytes) + + if err != nil { + return fmt.Errorf("Failed to put to world state. %s", err.Error()) + } + } + + return nil + } + + // CreateCar adds a new car to the world state with given details + func (s *SmartContract) CreateCar(ctx contractapi.TransactionContextInterface, carNumber string, make string, model string, colour string, owner string) error { + car := Car{ + Make: make, + Model: model, + Colour: colour, + Owner: owner, + } + + carAsBytes, _ := json.Marshal(car) + + return ctx.GetStub().PutState(carNumber, carAsBytes) + } + + // QueryCar returns the car stored in the world state with given id + func (s *SmartContract) QueryCar(ctx contractapi.TransactionContextInterface, carNumber string) (*Car, error) { + carAsBytes, err := ctx.GetStub().GetState(carNumber) + + if err != nil { + return nil, fmt.Errorf("Failed to read from world state. %s", err.Error()) + } + + if carAsBytes == nil { + return nil, fmt.Errorf("%s does not exist", carNumber) + } + + car := new(Car) + _ = json.Unmarshal(carAsBytes, car) + + return car, nil + } + + // QueryAllCars returns all cars found in world state + func (s *SmartContract) QueryAllCars(ctx contractapi.TransactionContextInterface) ([]QueryResult, error) { + startKey := "CAR0" + endKey := "CAR99" + + resultsIterator, err := ctx.GetStub().GetStateByRange(startKey, endKey) + + if err != nil { + return nil, err + } + defer resultsIterator.Close() + + results := []QueryResult{} + + for resultsIterator.HasNext() { + queryResponse, err := resultsIterator.Next() + + if err != nil { + return nil, err + } + + car := new(Car) + _ = json.Unmarshal(queryResponse.Value, car) + + queryResult := QueryResult{Key: queryResponse.Key, Record: car} + results = append(results, queryResult) + } + + return results, nil + } + + // ChangeCarOwner updates the owner field of car with given id in world state + func (s *SmartContract) ChangeCarOwner(ctx contractapi.TransactionContextInterface, carNumber string, newOwner string) error { + car, err := s.QueryCar(ctx, carNumber) + + if err != nil { + return err + } + + car.Owner = newOwner + + carAsBytes, _ := json.Marshal(car) + + return ctx.GetStub().PutState(carNumber, carAsBytes) + } + + func main() { + + chaincode, err := contractapi.NewChaincode(new(SmartContract)) + + if err != nil { + fmt.Printf("Error create fabcar chaincode: %s", err.Error()) + return + } + + if err := chaincode.Start(); err != nil { + fmt.Printf("Error starting fabcar chaincode: %s", err.Error()) + } + } + \ No newline at end of file diff --git a/mamba/blockchain/artifacts/src/chaincodes/fabcar/go.mod b/mamba/blockchain/artifacts/src/chaincodes/fabcar/go.mod new file mode 100644 index 0000000..7a75ea1 --- /dev/null +++ b/mamba/blockchain/artifacts/src/chaincodes/fabcar/go.mod @@ -0,0 +1,5 @@ +module github.com/hyperledger/fabric-samples/chaincode/fabcar/go + +go 1.13 + +require github.com/hyperledger/fabric-contract-api-go v1.0.0 diff --git a/mamba/blockchain/artifacts/src/chaincodes/fabcar/go.sum b/mamba/blockchain/artifacts/src/chaincodes/fabcar/go.sum new file mode 100644 index 0000000..9503ddd --- /dev/null +++ b/mamba/blockchain/artifacts/src/chaincodes/fabcar/go.sum @@ -0,0 +1,141 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DATA-DOG/godog v0.7.13/go.mod h1:z2OZ6a3X0/YAKVqLfVzYBwFt3j6uSt3Xrqa7XTtcQE0= +github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= +github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.2 h1:o20suLFB4Ri0tuzpWtyHlh7E7HnkqTNLq6aR6WVNS1w= +github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= +github.com/go-openapi/spec v0.19.4 h1:ixzUSnHTd6hCemgtAJgluaTSGYpLNpJY4mA2DIkdOAo= +github.com/go-openapi/spec v0.19.4/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gobuffalo/envy v1.7.0 h1:GlXgaiBkmrYMHco6t4j7SacKO4XUjvh5pwXh0f4uxXU= +github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= +github.com/gobuffalo/logger v1.0.0/go.mod h1:2zbswyIUa45I+c+FLXuWl9zSWEiVuthsk8ze5s8JvPs= +github.com/gobuffalo/packd v0.3.0 h1:eMwymTkA1uXsqxS0Tpoop3Lc0u3kTfiMBE6nKtQU4g4= +github.com/gobuffalo/packd v0.3.0/go.mod h1:zC7QkmNkYVGKPw4tHpBQ+ml7W/3tIebgeo1b36chA3Q= +github.com/gobuffalo/packr v1.30.1 h1:hu1fuVR3fXEZR7rXNW3h8rqSML8EVAf6KNm0NKO/wKg= +github.com/gobuffalo/packr v1.30.1/go.mod h1:ljMyFO2EcrnzsHsN99cvbq055Y9OhRrIaviy289eRuk= +github.com/gobuffalo/packr/v2 v2.5.1/go.mod h1:8f9c96ITobJlPzI44jj+4tHnEKNt0xXWSVlXRN9X1Iw= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hyperledger/fabric-chaincode-go v0.0.0-20191108205148-17c4b2760b56 h1:BUCrT0VEO4ryJ7DAEGccqnEJcdHydx7wIJQ0ZGFEjJM= +github.com/hyperledger/fabric-chaincode-go v0.0.0-20191108205148-17c4b2760b56/go.mod h1:HZK6PKLWrvdD/t0oSLiyaRaUM6fZ7qjJuOlb0zrn0mo= +github.com/hyperledger/fabric-chaincode-go v0.0.0-20200128192331-2d899240a7ed/go.mod h1:N7H3sA7Tx4k/YzFq7U0EPdqJtqvM4Kild0JoCc7C0Dc= +github.com/hyperledger/fabric-contract-api-go v0.0.0-20191118113407-4c6ff12b4f96 h1:1PaDE2QfQB/5ZnvlrYZNH62xMtKE/9cjwIzy9fjpJmg= +github.com/hyperledger/fabric-contract-api-go v0.0.0-20191118113407-4c6ff12b4f96/go.mod h1:SdJkyS7/oJltu5Ap//5sCEdNlvj+ZzD3TwnJOt3zf4c= +github.com/hyperledger/fabric-contract-api-go v1.0.0 h1:ma1nQX1S/a3zDkfkTb0QXQHNGgJUmEfqHA9/CWmz8Y0= +github.com/hyperledger/fabric-contract-api-go v1.0.0/go.mod h1:PHF7I0hYI0cZF2j7cdyNHaY5FJD3Q49qnnNgsmxEPbM= +github.com/hyperledger/fabric-protos-go v0.0.0-20190821214336-621b908d5022/go.mod h1:xVYTjK4DtZRBxZ2D9aE4y6AbLaPwue2o/criQyQbVD0= +github.com/hyperledger/fabric-protos-go v0.0.0-20190919234611-2a87503ac7c9/go.mod h1:xVYTjK4DtZRBxZ2D9aE4y6AbLaPwue2o/criQyQbVD0= +github.com/hyperledger/fabric-protos-go v0.0.0-20191114160927-6bee4929a99f h1:t6+iLphkbJrM8i6YB0T/XxvoTlo50FglEf2hMJHxuOo= +github.com/hyperledger/fabric-protos-go v0.0.0-20191114160927-6bee4929a99f/go.mod h1:xVYTjK4DtZRBxZ2D9aE4y6AbLaPwue2o/criQyQbVD0= +github.com/hyperledger/fabric-protos-go v0.0.0-20200124220212-e9cfc186ba7b/go.mod h1:xVYTjK4DtZRBxZ2D9aE4y6AbLaPwue2o/criQyQbVD0= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= +github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= +github.com/karrick/godirwalk v1.10.12/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e h1:hB2xlXdHp/pmPZq0y3QnmWAArdw9PqbmotexnWx/FU8= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.3.0 h1:RR9dF3JtopPvtkroDZuVD7qquD0bnHlKSqaQhgwt8yk= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= +github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= +golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190515120540-06a5c4944438/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190710143415-6ec70d6a5542 h1:6ZQFf1D2YYDDI7eSwW8adlkkavTB9sw5I24FVtEvNUQ= +golang.org/x/sys v0.0.0-20190710143415-6ec70d6a5542/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190624180213-70d37148ca0c/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20180831171423-11092d34479b h1:lohp5blsw53GBXtLyLNaTXPXS9pJ1tiTw61ZHUoE9Qw= +google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/grpc v1.23.0 h1:AzbTB6ux+okLTzP8Ru1Xs41C303zdcfEht7MQnYJt5A= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= From 4b7628f4473a1f956992ad5cab0f970feb8a78a8 Mon Sep 17 00:00:00 2001 From: harisato Date: Mon, 17 Aug 2020 10:28:48 +0000 Subject: [PATCH 35/52] Fix some bugs --- mamba/blockchain/admin/commands.py | 10 +++--- mamba/blockchain/copyscripts/commands.py | 7 ++-- mamba/blockchain/start_network/commands.py | 6 ++-- .../blockchain/terminate_network/commands.py | 4 ++- mamba/scripts/bootstrap-network.sh | 35 +++++++++++++++++-- .../fabric-deployment-bootstrap-network.yaml | 8 +++-- 6 files changed, 53 insertions(+), 17 deletions(-) diff --git a/mamba/blockchain/admin/commands.py b/mamba/blockchain/admin/commands.py index 157fcc6..e7729f2 100644 --- a/mamba/blockchain/admin/commands.py +++ b/mamba/blockchain/admin/commands.py @@ -16,11 +16,11 @@ def setup_admin(org): orderer_domains = settings.ORDERER_DOMAINS.split(' ') # Create application artifact folder - hiss.echo('Create application artifact folder') - ## Find efs pod - pods = settings.k8s.find_pod(namespace="default", keyword="test-efs") - if not pods: - return hiss.hiss('cannot find tiller pod') + # hiss.echo('Create application artifact folder') + # ## Find efs pod + # pods = settings.k8s.find_pod(namespace="default", keyword="test-efs") + # if not pods: + # return hiss.hiss('cannot find tiller pod') # mkdir_cmd = ('mkdir -p '+settings.EFS_ROOT+'/admin/crypto-path;' # 'mkdir -p '+settings.EFS_ROOT+'/admin/crypto-store;') diff --git a/mamba/blockchain/copyscripts/commands.py b/mamba/blockchain/copyscripts/commands.py index 8d82cf1..a9d9314 100644 --- a/mamba/blockchain/copyscripts/commands.py +++ b/mamba/blockchain/copyscripts/commands.py @@ -22,7 +22,8 @@ def copy_scripts(): result_get_folder = settings.k8s.exec_pod( podName=pods[0], namespace="default", command=exec_command) - if int(result_get_folder.data) < 1: + print(result_get_folder.data) + if int(result_get_folder.data) < 3: hiss.sub_echo('Folder %s not found. Creating...' % settings.EFS_ROOT) exec_command = [ '/bin/bash', @@ -76,8 +77,8 @@ def copy_scripts(): # Copy test chaincode to efs hiss.sub_echo('Copy test chaincode to efs') artifacts_path = os.path.abspath(os.path.join( - __package__, "../blockchain/artifacts")) - if not settings.k8s.cp_to_pod(podName=pods[0], namespace='default', source=artifacts_path, target='%s/admin/artifacts' % settings.EFS_ROOT): + __package__, "../blockchain/artifacts/src/chaincodes")) + if not settings.k8s.cp_to_pod(podName=pods[0], namespace='default', source=artifacts_path, target='%s/admin-v2/chaincodes' % settings.EFS_ROOT): return hiss.hiss('connot copy test chaincode to pod %s' % pods[0]) return True diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 3a7b84c..df9a2d2 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -91,12 +91,12 @@ def start_network(): setup_all_admin() time.sleep(1) - # Setup anchor peer - setup_all() - # Bootrap network bootstrap_network() + # Setup anchor peer + setup_all() + # # cat log # domains = settings.ORDERER_DOMAINS.split(' ') # settings.k8s.read_pod_log('bootstrap-network', domains[0]) diff --git a/mamba/blockchain/terminate_network/commands.py b/mamba/blockchain/terminate_network/commands.py index 12d30fe..c2bf330 100644 --- a/mamba/blockchain/terminate_network/commands.py +++ b/mamba/blockchain/terminate_network/commands.py @@ -24,6 +24,7 @@ from blockchain.peer.commands import terminate_all_peer from blockchain.admin.commands import delete_all_admin from blockchain.external_chaincode.commands import delete_all_external_cc +from blockchain.update_anchor_peer.commands import del_all_job def remove_cert(): ## Find explorer_db pod @@ -31,7 +32,7 @@ def remove_cert(): if not pods: return hiss.hiss('cannot find tiller pod') - remove_cert = 'rm -rf %s/akc-ca-data/*; rm -rf %s/admin/*' % (settings.EFS_ROOT, settings.EFS_ROOT) + remove_cert = 'rm -rf %s/*' % (settings.EFS_ROOT) exec_command = [ '/bin/bash', '-c', @@ -55,6 +56,7 @@ def terminate_network(): util.smart_append(result, del_all_reg_peer()) util.smart_append(result, del_all_enroll_orderer()) util.smart_append(result, del_all_enroll_peer()) + util.smart_append(result, del_all_job()) # Terminate Root Certificate Authority service util.smart_append(result, terminate_rca()) diff --git a/mamba/scripts/bootstrap-network.sh b/mamba/scripts/bootstrap-network.sh index 961515e..7234d22 100755 --- a/mamba/scripts/bootstrap-network.sh +++ b/mamba/scripts/bootstrap-network.sh @@ -79,11 +79,42 @@ function main { done done - # # Install sample chaincode + # # Package sample chaincode + # log "PACKAGE CHAINCODE" + # PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ + # "orgname":"'"${ORG}"'", + # "chaincodePath":"chaincodes/fabcar", + # "chaincodeId":"fabcar", + # "chaincodeVersion":"1", + # "chaincodeType":"golang", + # "peerIndex": "0" + # }'); + # logResult "$PACKAGE_CHAINCODE" + + # # Install and approve sample chaincode # log "INSTALL CHAINCODE" # for PEER_ORG in $PEER_ORGS # do - # INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/chaincodes -H "content-type: application/json" -d '{ + # INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/install -H "content-type: application/json" -d '{ + # "orgname":"'"${PEER_ORG}"'", + # "chaincodeName":"fabcar", + # "chaincodePath":"fabcar.tar.gz", + # "peerIndex":"0" + # }'); + # logResult "$INSTALL_CHAINCODE" + + # log "APPROVE CHAINCODE" + # QUERY_PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/queryInstalled -H "content-type: application/json" -d '{ + # "orgname":"'"${PEER_ORG}"'", + # "peerIndex":"0 + # }'); + # logResult "$INSTALL_CHAINCODE" + # done + # # Package sample chaincode + # log "PACKAGE CHAINCODE" + # for PEER_ORG in $PEER_ORGS + # do + # PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ # "orgname":"'"${PEER_ORG}"'", # "chaincodePath":"chaincodes/fabcar/", # "chaincodeId":"fabcar1", diff --git a/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml index 8e11899..471dbb8 100644 --- a/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml +++ b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml @@ -5,6 +5,8 @@ metadata: namespace: {{ORDERER_DOMAIN}} name: bootstrap-network spec: + concurrencyPolicy: Forbid + failedJobsHistoryLimit: 1 template: metadata: labels: @@ -12,7 +14,7 @@ spec: tier: {{ORDERER_DOMAIN}} spec: restartPolicy: "Never" - suspend: "true" + backoffLimit: "0" containers: - name: bootstrap-network image: alpine:3.12.0 @@ -22,8 +24,8 @@ spec: - name: ADMIN_URL value: http://admin-v2-{{ORG_NAME}}.{{ORG_DOMAIN}}:4001 command: ["sh"] - args: ["-c", "apk add bash; apk add curl; tail -f /etc/hosts; ./scripts/bootstrap-network.sh 2>&1;"] - # args: ["-c", "apk add bash; apk add curl; ./scripts/bootstrap-network.sh 2>&1;"] + # args: ["-c", "apk add bash; apk add curl; tail -f /etc/hosts; ./scripts/bootstrap-network.sh 2>&1;"] + args: ["-c", "apk add bash; apk add curl; ./scripts/bootstrap-network.sh 2>&1;"] volumeMounts: - name: rca-scripts mountPath: /scripts From f90bb7e89c0771ee549af65d112c58b9e0b4a132 Mon Sep 17 00:00:00 2001 From: harisato Date: Mon, 17 Aug 2020 10:29:26 +0000 Subject: [PATCH 36/52] Specify alpine image version --- mamba/template/add-org/0create-configtx.yaml | 2 +- mamba/template/connection-profile/generate-ccp-job.yaml | 2 +- .../template/gen-artifacts/fabric-deployment-gen-artifacts.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/mamba/template/add-org/0create-configtx.yaml b/mamba/template/add-org/0create-configtx.yaml index dcbdd95..b4c4f14 100644 --- a/mamba/template/add-org/0create-configtx.yaml +++ b/mamba/template/add-org/0create-configtx.yaml @@ -14,7 +14,7 @@ spec: restartPolicy: "Never" containers: - name: create-configtx - image: alpine + image: alpine:3.12.0 command: ["sh"] # args: ["-c", "ls -al /scripts/;"] args: ["-c", "apk add bash; ./scripts/gen-configtx.sh 2>&1;"] diff --git a/mamba/template/connection-profile/generate-ccp-job.yaml b/mamba/template/connection-profile/generate-ccp-job.yaml index e0d22bb..72ed043 100644 --- a/mamba/template/connection-profile/generate-ccp-job.yaml +++ b/mamba/template/connection-profile/generate-ccp-job.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: "Never" containers: - name: generate-ccp-{{ORG_NAME}} - image: alpine + image: alpine:3.12.0 env: - name: ORG value: {{ORG_NAME}} diff --git a/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml b/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml index 215f8b3..01eb1f0 100644 --- a/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml +++ b/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml @@ -14,7 +14,7 @@ spec: restartPolicy: "Never" containers: - name: generate-artifacts - image: alpine + image: alpine:3.12.0 command: ["sh"] # args: ["-c", "ls -al /scripts/;"] args: ["-c", "apk add bash; ./scripts/gen-network-config.sh 2>&1;"] From 248f16d0202eea74b305279150c597e2039088ee Mon Sep 17 00:00:00 2001 From: harisato Date: Mon, 17 Aug 2020 10:30:37 +0000 Subject: [PATCH 37/52] Update admin template --- mamba/template/admin/admin-deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mamba/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml index 14c427c..28642ae 100644 --- a/mamba/template/admin/admin-deployment.yaml +++ b/mamba/template/admin/admin-deployment.yaml @@ -33,7 +33,7 @@ spec: - name: NODE_ENV value: development - name: GOPATH - value: /data/app/artfifacts + value: /go - name: CORE_VM_ENDPOINT value: unix:///host/var/run/docker.sock - name: FABRIC_LOGGING_SPEC @@ -59,8 +59,8 @@ spec: volumeMounts: - name: akc-ca-data mountPath: /shared/ - - name: akc-ca-data - mountPath: /data/app/artifacts/src/chaincodes + - name: chaincodes + mountPath: /go/src/chaincodes - name: artifacts-efs mountPath: /data/app/artifacts/ volumes: From 1c81d0d764d90a06bdd320c6988aedfdd6685b71 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 18 Aug 2020 03:33:59 +0000 Subject: [PATCH 38/52] Remove tika --- mamba/requirements.txt | 3 +-- mamba/utils/util.py | 7 ------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/mamba/requirements.txt b/mamba/requirements.txt index 49d215b..833114e 100644 --- a/mamba/requirements.txt +++ b/mamba/requirements.txt @@ -41,5 +41,4 @@ typed-ast==1.4.0 urllib3==1.24.2 virtualenv==16.7.9 websocket-client==0.57.0 -wrapt==1.11.2 -tika==1.24 \ No newline at end of file +wrapt==1.11.2 \ No newline at end of file diff --git a/mamba/utils/util.py b/mamba/utils/util.py index c551b29..dba2001 100644 --- a/mamba/utils/util.py +++ b/mamba/utils/util.py @@ -3,7 +3,6 @@ import json import re import yaml -from tika import parser from utils import hiss import settings @@ -115,9 +114,3 @@ def get_peer_external_domain(peer, index_peer): return '' else: return hiss.hiss('peer: %s does not exists in env file' % peer) - -def replace_all_new_line(file_path): - parsered = parser.from_file(file_path) - content = parsered['content'] - content = content.replace('\n', '\\n') - return content \ No newline at end of file From 51eb3cf49331c6d1cdfa994f7d695d19e47978d6 Mon Sep 17 00:00:00 2001 From: harisato Date: Tue, 18 Aug 2020 09:14:05 +0000 Subject: [PATCH 39/52] Update bootstrap and admin --- mamba/blockchain/admin/commands.py | 35 ++++---- mamba/scripts/bootstrap-network.sh | 128 ++++++++++++++--------------- 2 files changed, 81 insertions(+), 82 deletions(-) diff --git a/mamba/blockchain/admin/commands.py b/mamba/blockchain/admin/commands.py index e7729f2..0050f56 100644 --- a/mamba/blockchain/admin/commands.py +++ b/mamba/blockchain/admin/commands.py @@ -16,24 +16,23 @@ def setup_admin(org): orderer_domains = settings.ORDERER_DOMAINS.split(' ') # Create application artifact folder - # hiss.echo('Create application artifact folder') - # ## Find efs pod - # pods = settings.k8s.find_pod(namespace="default", keyword="test-efs") - # if not pods: - # return hiss.hiss('cannot find tiller pod') - - # mkdir_cmd = ('mkdir -p '+settings.EFS_ROOT+'/admin/crypto-path;' - # 'mkdir -p '+settings.EFS_ROOT+'/admin/crypto-store;') - - ## Exec command - # exec_command = [ - # '/bin/bash', - # '-c', - # '%s' % (mkdir_cmd)] - - # result_get_folder = settings.k8s.exec_pod( - # podName=pods[0], namespace="default", command=exec_command) - # hiss.sub_echo(result_get_folder.data) + hiss.echo('Create wallet folder') + ## Find efs pod + pods = settings.k8s.find_pod(namespace="default", keyword="test-efs") + if not pods: + return hiss.hiss('cannot find tiller pod') + + mkdir_cmd = ('mkdir -p '+settings.EFS_ROOT+'/admin-v2/wallet;') + + # Exec command + exec_command = [ + '/bin/bash', + '-c', + '%s' % (mkdir_cmd)] + + result_get_folder = settings.k8s.exec_pod( + podName=pods[0], namespace="default", command=exec_command) + hiss.sub_echo(result_get_folder.data) # Create temp folder & namespace settings.k8s.prereqs(domain) diff --git a/mamba/scripts/bootstrap-network.sh b/mamba/scripts/bootstrap-network.sh index 7234d22..4d5d411 100755 --- a/mamba/scripts/bootstrap-network.sh +++ b/mamba/scripts/bootstrap-network.sh @@ -79,72 +79,72 @@ function main { done done - # # Package sample chaincode - # log "PACKAGE CHAINCODE" - # PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ - # "orgname":"'"${ORG}"'", - # "chaincodePath":"chaincodes/fabcar", - # "chaincodeId":"fabcar", - # "chaincodeVersion":"1", - # "chaincodeType":"golang", - # "peerIndex": "0" - # }'); - # logResult "$PACKAGE_CHAINCODE" + # Package sample chaincode + log "PACKAGE CHAINCODE" + PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ + "orgname":"'"${ORG}"'", + "chaincodePath":"chaincodes/fabcar", + "chaincodeId":"fabcar", + "chaincodeVersion":"1", + "chaincodeType":"golang", + "peerIndex": "0" + }'); + logResult "$PACKAGE_CHAINCODE" - # # Install and approve sample chaincode - # log "INSTALL CHAINCODE" - # for PEER_ORG in $PEER_ORGS - # do - # INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/install -H "content-type: application/json" -d '{ - # "orgname":"'"${PEER_ORG}"'", - # "chaincodeName":"fabcar", - # "chaincodePath":"fabcar.tar.gz", - # "peerIndex":"0" - # }'); - # logResult "$INSTALL_CHAINCODE" + # Install and approve sample chaincode + log "INSTALL CHAINCODE" + for PEER_ORG in $PEER_ORGS + do + INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/install -H "content-type: application/json" -d '{ + "orgname":"'"${PEER_ORG}"'", + "chaincodeName":"fabcar", + "chaincodePath":"fabcar.tar.gz", + "peerIndex":"0" + }'); + logResult "$INSTALL_CHAINCODE" - # log "APPROVE CHAINCODE" - # QUERY_PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/queryInstalled -H "content-type: application/json" -d '{ - # "orgname":"'"${PEER_ORG}"'", - # "peerIndex":"0 - # }'); - # logResult "$INSTALL_CHAINCODE" - # done - # # Package sample chaincode - # log "PACKAGE CHAINCODE" - # for PEER_ORG in $PEER_ORGS - # do - # PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ - # "orgname":"'"${PEER_ORG}"'", - # "chaincodePath":"chaincodes/fabcar/", - # "chaincodeId":"fabcar1", - # "chaincodeVersion":"v1.0", - # "chaincodeType":"golang" - # }'); - # logResult "$INSTALL_CHAINCODE" - # done + echo $QUERY_PACKAGE_CHAINCODE + log "QUERY PACKAGE CHAINCODE" + QUERY_PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/queryInstalled -H "content-type: application/json" -d '{ + "orgname":"'"${PEER_ORG}"'", + "peerIndex":"0" + }' | jq -r '.data[0].packageId'); + echo $QUERY_PACKAGE_CHAINCODE - # # Init sample chaincode - # log "INIT CHAINCODE" - # INIT_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/initchaincodes -H "content-type: application/json" -d '{ - # "orgname":"'"${PEER_ORG}"'", - # "channelName":"'"${CHANNEL_NAME}"'", - # "chaincodeId":"fabcar1", - # "chaincodeVersion":"v1.0", - # "chaincodeType":"golang", - # "args":[] - # }'); - # logResult "$INIT_CHAINCODE" - # sleep 3s - # # Invoke - # log "INVOKE CHAINCODE" - # INVOKE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/invokeChainCode -H "content-type: application/json" -d '{ - # "orgname":"'"${PEER_ORG}"'", - # "channelName":"'"${CHANNEL_NAME}"'", - # "chaincodeId":"fabcar1", - # "args": ["CAR1", "a", "b", "c", "d"], - # "fcn": "createCar" - # }'); - # logResult "$INVOKE_CHAINCODE" + APPROVE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/approveForMyOrg -H "content-type: application/json" -d '{ + "orgname":"'"${PEER_ORG}"'", + "peerIndex":"0", + "chaincodeName":"fabcar", + "chaincodeVersion":1, + "channelName":"'"${CHANNEL_NAME}"'", + "packageId":"'"${QUERY_PACKAGE_CHAINCODE}"'", + "ordererAddress":"'"${ORDERER_ADDRESS}"'" + }'); + logResult "$APPROVE_CHAINCODE" + done + + # Commit chaincode + log "COMMIT CHAINCODE" + COMMIT_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/commitChaincodeDefinition -H "content-type: application/json" -d '{ + "chaincodeName":"fabcar", + "chaincodeVersion":1, + "channelName":"'"${CHANNEL_NAME}"'", + "target": "'"0 ${ORG}"'", + "ordererAddress": "'"${ORDERER_ADDRESS}"'" + }'); + logResult "$COMMIT_CHAINCODE" + + # Invoke sample chaincode + log "INVOKE CHAINCODE" + INVOKE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/invokeCLI -H "content-type: application/json" -d '{ + "chaincodeName": "fabcar", + "channelName": "'"${CHANNEL_NAME}"'", + "target": "'"0 ${ORG}"'", + "ordererAddress": "'"${ORDERER_ADDRESS}"'", + "args": [], + "fcn": "initLedger", + "isInit": "0" + }'); + logResult "$INVOKE_CHAINCODE" } main \ No newline at end of file From 1bf5fc0eb1091ae8477a84b67a52415b1d3a780b Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 02:44:17 +0000 Subject: [PATCH 40/52] Remove debug code --- mamba/blockchain/copyscripts/commands.py | 1 - 1 file changed, 1 deletion(-) diff --git a/mamba/blockchain/copyscripts/commands.py b/mamba/blockchain/copyscripts/commands.py index a9d9314..41cd9bb 100644 --- a/mamba/blockchain/copyscripts/commands.py +++ b/mamba/blockchain/copyscripts/commands.py @@ -22,7 +22,6 @@ def copy_scripts(): result_get_folder = settings.k8s.exec_pod( podName=pods[0], namespace="default", command=exec_command) - print(result_get_folder.data) if int(result_get_folder.data) < 3: hiss.sub_echo('Folder %s not found. Creating...' % settings.EFS_ROOT) exec_command = [ From 41063cf7e0b01b7b3338c26a430da65d9c62bc6c Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 02:44:35 +0000 Subject: [PATCH 41/52] Optimize bootstrap command --- mamba/scripts/bootstrap-network.sh | 4 +++- .../fabric-deployment-bootstrap-network.yaml | 4 +--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mamba/scripts/bootstrap-network.sh b/mamba/scripts/bootstrap-network.sh index 4d5d411..28904c1 100755 --- a/mamba/scripts/bootstrap-network.sh +++ b/mamba/scripts/bootstrap-network.sh @@ -84,7 +84,7 @@ function main { PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ "orgname":"'"${ORG}"'", "chaincodePath":"chaincodes/fabcar", - "chaincodeId":"fabcar", + "chaincodeName":"fabcar", "chaincodeVersion":"1", "chaincodeType":"golang", "peerIndex": "0" @@ -147,4 +147,6 @@ function main { }'); logResult "$INVOKE_CHAINCODE" } + +apk add jq main \ No newline at end of file diff --git a/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml index 471dbb8..c79dbe7 100644 --- a/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml +++ b/mamba/template/bootstrap-network/fabric-deployment-bootstrap-network.yaml @@ -5,8 +5,7 @@ metadata: namespace: {{ORDERER_DOMAIN}} name: bootstrap-network spec: - concurrencyPolicy: Forbid - failedJobsHistoryLimit: 1 + backoffLimit: 0 template: metadata: labels: @@ -14,7 +13,6 @@ spec: tier: {{ORDERER_DOMAIN}} spec: restartPolicy: "Never" - backoffLimit: "0" containers: - name: bootstrap-network image: alpine:3.12.0 From 50b0fc3d18e984f944245cb43d6aa9c04399a6d2 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 04:01:32 +0000 Subject: [PATCH 42/52] Update binary config path --- mamba/blockchain/copyscripts/commands.py | 4 ++-- mamba/utils/util.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/mamba/blockchain/copyscripts/commands.py b/mamba/blockchain/copyscripts/commands.py index 7ccb06b..922f0a2 100644 --- a/mamba/blockchain/copyscripts/commands.py +++ b/mamba/blockchain/copyscripts/commands.py @@ -39,7 +39,7 @@ def copy_scripts(): # Copy config to scripts/env hiss.sub_echo('Copy config to scripts/env') config_file = expanduser('~/.akachain/akc-mamba/mamba/config/.env') - env_script_File = expanduser('~/.akachain/akc-mamba/mamba/blockchain/scripts/env-scripts.sh') + env_script_File = expanduser('~/.akachain/akc-mamba/mamba/scripts/env-scripts.sh') copyfile(config_file, env_script_File) # Remove old script folder in efs @@ -56,7 +56,7 @@ def copy_scripts(): # Copy scripts folder to efs hiss.sub_echo('Copy scripts folder to efs') - script_path = expanduser('~/.akachain/akc-mamba/mamba/blockchain/scripts') + script_path = expanduser('~/.akachain/akc-mamba/mamba/scripts') if not settings.k8s.cp_to_pod(podName=pods[0], namespace='default', source=script_path, target='%s/akc-ca-scripts' % settings.EFS_ROOT): return hiss.hiss('connot copy scripts folder to pod %s' % pods[0]) diff --git a/mamba/utils/util.py b/mamba/utils/util.py index c2ea548..750a7b2 100644 --- a/mamba/utils/util.py +++ b/mamba/utils/util.py @@ -57,7 +57,7 @@ def get_temp_path(): def get_k8s_template_path(): - return expanduser('~/.akachain/akc-mamba/mamba/blockchain/template') + return expanduser('~/.akachain/akc-mamba/mamba/template') def split_timenow_utc(): From 2821e8e5f746f636de5d8d8d014a02731ac075b5 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 04:01:53 +0000 Subject: [PATCH 43/52] Fix settings path --- mamba/blockchain/external_chaincode/commands.py | 2 +- mamba/blockchain/generate_ccp/commands.py | 2 +- mamba/blockchain/update_anchor_peer/commands.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/mamba/blockchain/external_chaincode/commands.py b/mamba/blockchain/external_chaincode/commands.py index 5a56af3..1608c80 100644 --- a/mamba/blockchain/external_chaincode/commands.py +++ b/mamba/blockchain/external_chaincode/commands.py @@ -2,7 +2,7 @@ from kubernetes import client from os import path from utils import hiss, util -import settings +from settings import settings def deploy_external_cc(peer, cc_name, cc_image, cc_package_id): # Get domain diff --git a/mamba/blockchain/generate_ccp/commands.py b/mamba/blockchain/generate_ccp/commands.py index dea8947..4618de0 100644 --- a/mamba/blockchain/generate_ccp/commands.py +++ b/mamba/blockchain/generate_ccp/commands.py @@ -4,7 +4,7 @@ from kubernetes import client from os import path from utils import hiss, util -import settings +from settings import settings def generate_ccp(org): diff --git a/mamba/blockchain/update_anchor_peer/commands.py b/mamba/blockchain/update_anchor_peer/commands.py index 3bfa2e5..e8b8ae0 100644 --- a/mamba/blockchain/update_anchor_peer/commands.py +++ b/mamba/blockchain/update_anchor_peer/commands.py @@ -1,7 +1,7 @@ import click import os import time -import settings +from settings import settings from os import path from utils import hiss, util From ff7dd4eed8e5192b639279ee815f6ef25cb48019 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 04:02:07 +0000 Subject: [PATCH 44/52] Update env template --- mamba/config/operator.env-template | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mamba/config/operator.env-template b/mamba/config/operator.env-template index 9ddf666..f7b38af 100644 --- a/mamba/config/operator.env-template +++ b/mamba/config/operator.env-template @@ -1,7 +1,7 @@ ##--START REPLACE CONTENTS--## # K8s type: minikube or eks -K8S_TYPE="minikube" +K8S_TYPE="eks" # If you run mamba with K8S_TYPE="eks" # EKS Cluster information, include: From 8fb7eaef7036f7727f1c77e9a3b01331c4d105f0 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 05:00:16 +0000 Subject: [PATCH 45/52] Using binary config v2 branch --- mamba/settings/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mamba/settings/settings.py b/mamba/settings/settings.py index 02d4aa8..3a6dee1 100644 --- a/mamba/settings/settings.py +++ b/mamba/settings/settings.py @@ -23,7 +23,7 @@ def init(dotenv_path, set_default): mamba_path = expanduser('~/.akachain') if not os.path.isdir(mamba_path): os.makedirs(mamba_path) - git.Git(mamba_path).clone('https://github.com/Akachain/akc-mamba.git', branch='binary-config') + git.Git(mamba_path).clone('https://github.com/Akachain/akc-mamba.git', branch='binary-config-v2') env_template_path = expanduser('~/.akachain/akc-mamba/mamba/config/operator.env-template') shutil.copy(env_template_path, default_path) bashCommand = 'sudo vi ' + default_path From ef611a2c7c553c5642e72201cbfcf9603d611b34 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 06:32:32 +0000 Subject: [PATCH 46/52] Update admin image --- mamba/template/admin/admin-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mamba/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml index d0c0915..e09becb 100644 --- a/mamba/template/admin/admin-deployment.yaml +++ b/mamba/template/admin/admin-deployment.yaml @@ -19,7 +19,7 @@ spec: spec: containers: - name: admin-v2-{{ORG_NAME}} - image: docker.pkg.github.com/akachain/akc-admin/develop:2.0 + image: docker.pkg.github.com/akachain/akc-admin/master:2.0 ports: - containerPort: 4001 imagePullPolicy: Always From 2a2325175e469964d013bcbac9374c32ada29a68 Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 06:41:29 +0000 Subject: [PATCH 47/52] Update README --- mamba/README.md | 31 ++++++++++++------------------- 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/mamba/README.md b/mamba/README.md index a16815c..f92a68d 100644 --- a/mamba/README.md +++ b/mamba/README.md @@ -2,45 +2,37 @@ ## 1. Installation Instructions -### a. Edit configuration files -First, copy the content of `config/operator.env-template` to be `config/.env`. This file will contain all modifiable configuration of Mamba. +### a. Install AKC-Mamba +Install AKC-Mamba with ``` -cp ./config/operator.env-template ./config/.env -``` - -Update configuration parameters in `config/.env`, the file content is pretty much self-explained. - -### b. Install required packages -Install required Python3 modules with - -``` -pip3 install -r requirements.txt +pip3 install akc-mamba ``` We now can use the Mamba tool to prepare required helm and k8s components ``` find . -type f -iname "*.sh" -exec chmod +x {} \; -python3 mamba.py environment +mamba environment ``` +Configuration parameters in `~/.akachain/akc-mamba/mamba/config/.env`, the file content is pretty much self-explained. -### c. Deploy and bootstrap network +### b. Deploy and bootstrap network ``` -python3 mamba.py start +mamba start ``` The `mamba start` command executes a series of sub commands that installs various network components. For more information on each command for individual components, please refer to help section ``` -python3 mamba.py help +mamba --help ``` To terminate the network, just run ``` -python3 mamba.py terminate +mamba terminate ``` ## 2. Development Guide @@ -59,13 +51,14 @@ Mamba makes use of [Click_](http://click.palletsprojects.com/en/7.x/), an elegan │ ├── kube.py │ ├── mamba.py -├── settings.py +├── settings +├ ├──settings.py ``` There are 4 main components: - mamba.py : The bootstrap instance module of Mamba -- settings.py : Contains global variables that are shared accross all sub modules +- settings/settings.py : Contains global variables that are shared accross all sub modules - command_group : Each command group is separated into its own directory. - utils : helper functions that must be initialized via settings.py From 08135e553669205cf72f1c674b3d5aa38aee69fa Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 07:16:53 +0000 Subject: [PATCH 48/52] Add guideline external chaincode --- EXTERNAL_CHAINCODE.md | 110 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 EXTERNAL_CHAINCODE.md diff --git a/EXTERNAL_CHAINCODE.md b/EXTERNAL_CHAINCODE.md new file mode 100644 index 0000000..5e86d4c --- /dev/null +++ b/EXTERNAL_CHAINCODE.md @@ -0,0 +1,110 @@ +## 1. BOOTSTRAP NETWORK + You should start network by command: ```mamba start``` +## 2. Packaging chaincode + ### a. Using AKC-Admin + - Deploy akc-admin in repo: https://github.com/Akachain/akc-admin + - Call api package external chaincode: + ``` + curl --location --request POST http://localhost:4001/api/v2/chaincodes/packageExternalCC \ + --header 'content-type: application/json' \ + --data-raw '{ + "orgname":"akc", + "chaincodeName":"fabcar" + }' + ``` + ### b. Manual + - You should prepare files bellow: + - ```connection.json```: Connection to the external chaincode service: + ``` + { + "address": "chaincode-fabcar-org1.akc:7052", + "dial_timeout": "10s", + "tls_required": false, + "client_auth_required": false, + "client_key": "-----BEGIN EC PRIVATE KEY----- ... -----END EC PRIVATE KEY-----", + "client_cert": "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----", + "root_cert": "-----BEGIN CERTIFICATE---- ... -----END CERTIFICATE-----" + } + ``` + - ```metadata.json```: Includes information of chaincode + ``` + {"path":"","type":"external","label":"fabcar"} + ``` + - Package: With the Fabric v2.0 chaincode lifecycle, chaincode is packaged and installed in a .tar.gz format. + ``` + tar cfz code.tar.gz connection.json + tar cfz fabcar.tgz code.tar.gz metadata.json + ``` + +## 3. Building and deploying the External Chaincode +#### a. Writing chaincode to run as an external service + - Write chaincode: See detail in [Hyperledger Fabric](https://hyperledger-fabric.readthedocs.io/en/release-2.2/cc_service.html#writing-chaincode-to-run-as-an-external-service) + - Build chaincode: Using docker to build chaincode to a image. Image tag used in ```Deploy chaincode``` step. +#### b. Deploying the chaincode using AKC-Admin + - Install package: + ``` + curl --location --request POST http://localhost:4001/api/v2/chaincodes/install \ + --header 'content-type: application/json' \ + --data-raw '{ + "orgname":"akc", + "chaincodeName":"fabcar", + "chaincodePath":"fabcar.tgz", + "peerIndex": "0" + }' + ``` + - Query Package ID: + ``` + curl --location --request POST http://localhost:4001/api/v2/chaincodes/queryInstalled \ + --header 'content-type: application/json' \ + --data-raw '{ + "orgname":"akc", + "peerIndex": "0" + }' + ``` + - Use package ID in previous step to deploy chaincode as stateful set in kubectl by using command bellow: + ``` + mamba externalcc deploy --ccname fabcar --ccimage "$IMAGE_TAG" --packageid "$PACKAGE_ID" + ``` + - Approve the chaincode and commit it to the channel + ``` + curl --location --request POST http://localhost:4001/api/v2/chaincodes/approveForMyOrg \ + --header 'content-type: application/json' \ + --data-raw '{ + "orgname":"akc", + "peerIndex": "0", + "chaincodeName": "fabcar", + "chaincodeVersion": 1, + "channelName": "akcchannel", + "packageId": "fabcar:64abc178ac22334e3c30a42af36d688e83cbe9eb428a018a2def426ec3cfd5ea", + "ordererAddress": "orderer0-orderer.akc:7050", + "initRequired": 0 + }' + + curl --location --request POST http://localhost:4001/api/v2/chaincodes/commitChaincodeDefinition \ + --header 'content-type: application/json' \ + --data-raw '{ + "chaincodeName": "fabcar", + "chaincodeVersion": 1, + "channelName": "akctestchannel", + "target": "0 akc", + "ordererAddress": "orderer0-orderer.akc:7050", + "initRequired": 0 + }' + ``` + + - Invoke the chaincode + ``` + curl --location --request POST http://localhost:4001/api/v2/chaincodes/invokeCLI \ + --header 'content-type: application/json' \ + --data-raw '{ + "chaincodeName": "fabcar", + "channelName": "akcchannel", + "target": "0 akc", + "ordererAddress": "orderer0-orderer.akc:7050", + "isInit": "0" + }' + + - Query the chaincode + ``` + peer chaincode query -C akcchannel -n fabcar -c '{"Args":["queryAllCars"]}' + ``` \ No newline at end of file From 91829d7a6b0b8e51a6f213c817d27de265b7a7eb Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 07:24:51 +0000 Subject: [PATCH 49/52] Update Guideline --- EXTERNAL_CHAINCODE.md | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/EXTERNAL_CHAINCODE.md b/EXTERNAL_CHAINCODE.md index 5e86d4c..e696d2f 100644 --- a/EXTERNAL_CHAINCODE.md +++ b/EXTERNAL_CHAINCODE.md @@ -1,9 +1,9 @@ ## 1. BOOTSTRAP NETWORK You should start network by command: ```mamba start``` ## 2. Packaging chaincode - ### a. Using AKC-Admin - - Deploy akc-admin in repo: https://github.com/Akachain/akc-admin - - Call api package external chaincode: +### a. Using AKC-Admin +- Deploy akc-admin in repo: https://github.com/Akachain/akc-admin +- Call api package external chaincode: ``` curl --location --request POST http://localhost:4001/api/v2/chaincodes/packageExternalCC \ --header 'content-type: application/json' \ @@ -12,9 +12,9 @@ "chaincodeName":"fabcar" }' ``` - ### b. Manual - - You should prepare files bellow: - - ```connection.json```: Connection to the external chaincode service: +### b. Manual +- You should prepare files bellow: +- ```connection.json```: Connection to the external chaincode service: ``` { "address": "chaincode-fabcar-org1.akc:7052", @@ -26,7 +26,7 @@ "root_cert": "-----BEGIN CERTIFICATE---- ... -----END CERTIFICATE-----" } ``` - - ```metadata.json```: Includes information of chaincode +- ```metadata.json```: Includes information of chaincode ``` {"path":"","type":"external","label":"fabcar"} ``` @@ -37,11 +37,11 @@ ``` ## 3. Building and deploying the External Chaincode -#### a. Writing chaincode to run as an external service - - Write chaincode: See detail in [Hyperledger Fabric](https://hyperledger-fabric.readthedocs.io/en/release-2.2/cc_service.html#writing-chaincode-to-run-as-an-external-service) - - Build chaincode: Using docker to build chaincode to a image. Image tag used in ```Deploy chaincode``` step. -#### b. Deploying the chaincode using AKC-Admin - - Install package: +### a. Writing chaincode to run as an external service +- Write chaincode: See detail in [Hyperledger Fabric](https://hyperledger-fabric.readthedocs.io/en/release-2.2/cc_service.html#writing-chaincode-to-run-as-an-external-service) +- Build chaincode: Using docker to build chaincode to a image. Image tag used in ```Deploy chaincode``` step. +### b. Deploying the chaincode using AKC-Admin +- Install package: ``` curl --location --request POST http://localhost:4001/api/v2/chaincodes/install \ --header 'content-type: application/json' \ @@ -52,7 +52,7 @@ "peerIndex": "0" }' ``` - - Query Package ID: +- Query Package ID: ``` curl --location --request POST http://localhost:4001/api/v2/chaincodes/queryInstalled \ --header 'content-type: application/json' \ @@ -61,11 +61,11 @@ "peerIndex": "0" }' ``` - - Use package ID in previous step to deploy chaincode as stateful set in kubectl by using command bellow: +- Use package ID in previous step to deploy chaincode as stateful set in kubectl by using command bellow: ``` mamba externalcc deploy --ccname fabcar --ccimage "$IMAGE_TAG" --packageid "$PACKAGE_ID" ``` - - Approve the chaincode and commit it to the channel +- Approve the chaincode and commit it to the channel ``` curl --location --request POST http://localhost:4001/api/v2/chaincodes/approveForMyOrg \ --header 'content-type: application/json' \ @@ -92,7 +92,7 @@ }' ``` - - Invoke the chaincode +- Invoke the chaincode ``` curl --location --request POST http://localhost:4001/api/v2/chaincodes/invokeCLI \ --header 'content-type: application/json' \ @@ -104,7 +104,7 @@ "isInit": "0" }' - - Query the chaincode +- Query the chaincode ``` peer chaincode query -C akcchannel -n fabcar -c '{"Args":["queryAllCars"]}' ``` \ No newline at end of file From ebdad089c5270b8791d6f315d1226f60f0b67bfd Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 21 Aug 2020 07:26:02 +0000 Subject: [PATCH 50/52] Update Guideline --- EXTERNAL_CHAINCODE.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/EXTERNAL_CHAINCODE.md b/EXTERNAL_CHAINCODE.md index e696d2f..e3acb4e 100644 --- a/EXTERNAL_CHAINCODE.md +++ b/EXTERNAL_CHAINCODE.md @@ -14,7 +14,7 @@ ``` ### b. Manual - You should prepare files bellow: -- ```connection.json```: Connection to the external chaincode service: + - ```connection.json```: Connection to the external chaincode service: ``` { "address": "chaincode-fabcar-org1.akc:7052", @@ -26,11 +26,11 @@ "root_cert": "-----BEGIN CERTIFICATE---- ... -----END CERTIFICATE-----" } ``` -- ```metadata.json```: Includes information of chaincode + - ```metadata.json```: Includes information of chaincode ``` {"path":"","type":"external","label":"fabcar"} ``` - - Package: With the Fabric v2.0 chaincode lifecycle, chaincode is packaged and installed in a .tar.gz format. +- Package: With the Fabric v2.0 chaincode lifecycle, chaincode is packaged and installed in a .tar.gz format. ``` tar cfz code.tar.gz connection.json tar cfz fabcar.tgz code.tar.gz metadata.json From 46c43a35c647bde512f10c10ee9fc2bc173c7fcf Mon Sep 17 00:00:00 2001 From: Hai Date: Fri, 21 Aug 2020 14:27:52 +0700 Subject: [PATCH 51/52] Update REMOTE_ORG.md --- REMOTE_ORG.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/REMOTE_ORG.md b/REMOTE_ORG.md index 661c896..3b1f36d 100644 --- a/REMOTE_ORG.md +++ b/REMOTE_ORG.md @@ -1,8 +1,8 @@ -1. Start network +## 1. Start network ```bash mamba start ``` -2. Prepare merchant config in '/home/hainq/.akachain/akc-mamba/mamba/config/merchant.env' +## 2. Prepare merchant config in '/home/hainq/.akachain/akc-mamba/mamba/config/merchant.env' - In merchant env, must fill: - EXTERNAL_ORDERER_ADDRESSES, EXTERNAL_RCA_ADDRESSES - ENDORSEMENT_ORG_NAME, ENDORSEMENT_ORG_ADDRESS, ENDORSEMENT_ORG_TLSCERT @@ -15,29 +15,29 @@ cp /home/hainq/.akachain/akc-mamba/mamba/config/merchant.env /home/hainq/.akacha ``` mamba copyscripts ``` -3. Copy signed cert of root ca to merchant cluster +## 3. Copy signed cert of root ca to merchant cluster ``` kubectl exec -it test-efs-7759545f7-b5ffw bash cp /tmp/artifact/akc-network/akc-ca-data/rca-akc-cert.pem /tmp/artifact/merchant-network/akc-ca-data/ ``` -4. Create new org in new cluster +## 4. Create new org in new cluster ``` mamba create-org ``` -> Automation generate to merchant.json -4. Copy merchant.json to operator cluster +## 4. Copy merchant.json to operator cluster ``` cp /tmp/artifact/merchant-network/akc-ca-data/merchant.json /tmp/artifact/akc-network/akc-ca-data/ ``` -5. In operator cluster, add merchant to channel +## 5. In operator cluster, add merchant to channel Must specify env: NEW_ORG_NAME="merchant" in operator.env file ``` cp /home/hainq/.akachain/akc-mamba/mamba/config/operator.env /home/hainq/.akachain/akc-mamba/mamba/config/.env mamba channel-config auto-update ``` -6. Install chaincode test +## 6. Install chaincode test ``` curl -s -X POST http://admin-rca-ica.akc:4001/chaincodes -H "content-type: application/json" -d '{ "orgname":"akc", @@ -48,13 +48,13 @@ curl -s -X POST http://admin-rca-ica.akc:4001/chaincodes -H "content-type: a }' ``` -7. Copy signed cert of orderer and akc org to merchant cluster +## 7. Copy signed cert of orderer and akc org to merchant cluster ``` cp /tmp/artifact/akc-network/akc-ca-data/ica-orderer-ca-chain.pem /tmp/artifact/merchant-network/akc-ca-data/ cp /tmp/artifact/akc-network/akc-ca-data/ica-akc-ca-chain.pem /tmp/artifact/merchant-network/akc-ca-data/ ``` -8. Join merchant to channel +## 8. Join merchant to channel ``` curl -s -X POST http://admin-rca-ica.default:4001/registerUser -H "content-type: application/json" -d '{ "orgname":"merchant" @@ -72,7 +72,7 @@ curl -s -X POST http://admin-rca-ica.default:4001/chaincodes -H "content-typ }' ``` -9. Init or upgrade chaincode on operator cluster +## 9. Init or upgrade chaincode on operator cluster - Init ``` curl -s -X POST http://admin-rca-ica.akc:4001/initchaincodes -H "content-type: application/json" -d '{ @@ -96,7 +96,7 @@ curl -s -X POST http://admin-rca-ica.ordererhai:4001/upgradeChainCode -H "co }' ``` -10. Try invoke chaincode on merchant cluster: +## 10. Try invoke chaincode on merchant cluster: ``` curl -s -X POST http://admin-rca-ica.default:4001/invokeChainCode -H "content-type: application/json" -d '{ "orgname":"merchant", From e22e4c946458d5247eba507dee3337b10d97d3aa Mon Sep 17 00:00:00 2001 From: harisato Date: Fri, 28 Aug 2020 10:29:49 +0700 Subject: [PATCH 52/52] Update script path in environment command --- mamba/k8s/environment/setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mamba/k8s/environment/setup.sh b/mamba/k8s/environment/setup.sh index 549180a..5921799 100755 --- a/mamba/k8s/environment/setup.sh +++ b/mamba/k8s/environment/setup.sh @@ -178,5 +178,5 @@ function environment { # environment source ./config/.env -source ./blockchain/scripts/utilities.sh +source ./scripts/utilities.sh environment