はじめに
Hyperledger FabricでMulti Channelを作ってチェーンコードの動きを確認してみた(@shiki_tak)を参考にHyperledger FabricのMulti Channelをつくりました。ヴァージョンの違いから少しやり方が異なってくるので、こうして記事をかくことにしました。
概要
GitHubのhyperledger/fabric-samples/first-network, (release-1.1)を使ってMulti Channelをつくります。そのあとMulti Channelになっていることを簡単に確認します。
Hyperledger FabricでMulti Channelをつくる。
1. GitHubからhyperledger/fabric-samplesをインストールします。
2. Dockerイメージをダウンロードします。
詳しくは公式ドキュメントのBuilding Your First Networkをみてください。
3. first-network/scripts/script.shを書き換えます。
関数joinChannel()をみてください。次のように書き換えます。
script.sh
joinChannel () {
for org in 1; do
for peer in 0 1; do
joinChannelWithRetry $peer $org
echo "===================== peer${peer}.org${org} joined on the channel \"$CHANNEL_NAME\" ===================== "
sleep $DELAY
echo
done
done
}
これから作るmychannel1にorg1のpeerが入り、org2のpeerが入らないようにしています。
4. ./byfn.sh -m generate -c mychannel1を実行してください。
./byfn.sh -m generate -c mychannel1
Generating certs and genesis block for with channel 'mychannel' and CLI timeout of '10' seconds and CLI delay of '3' seconds
Continue? [Y/n] y
proceeding ...
/opt/gopath/src/github.com/hyperledger/fabric-samples/first-network/../bin/cryptogen
##########################################################
##### Generate certificates using cryptogen tool #########
##########################################################
+ cryptogen generate --config=./crypto-config.yaml
org1.example.com
org2.example.com
+ res=0
+ set +x
/opt/gopath/src/github.com/hyperledger/fabric-samples/first-network/../bin/configtxgen
##########################################################
######### Generating Orderer Genesis block ##############
##########################################################
+ configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block
2018-06-13 15:38:56.816 JST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-06-13 15:38:56.835 JST [msp] getMspConfig -> INFO 002 Loading NodeOUs
2018-06-13 15:38:56.836 JST [msp] getMspConfig -> INFO 003 Loading NodeOUs
2018-06-13 15:38:56.836 JST [common/tools/configtxgen] doOutputBlock -> INFO 004 Generating genesis block
2018-06-13 15:38:56.837 JST [common/tools/configtxgen] doOutputBlock -> INFO 005 Writing genesis block
+ res=0
+ set +x
#################################################################
### Generating channel configuration transaction 'channel.tx' ###
#################################################################
+ configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID mychannel
2018-06-13 15:38:56.867 JST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-06-13 15:38:56.888 JST [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 002 Generating new channel configtx
2018-06-13 15:38:56.889 JST [msp] getMspConfig -> INFO 003 Loading NodeOUs
2018-06-13 15:38:56.890 JST [msp] getMspConfig -> INFO 004 Loading NodeOUs
2018-06-13 15:38:56.941 JST [common/tools/configtxgen] doOutputChannelCreateTx -> INFO 005 Writing new channel tx
+ res=0
+ set +x
#################################################################
####### Generating anchor peer update for Org1MSP ##########
#################################################################
+ configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID mychannel -asOrg Org1MSP
2018-06-13 15:38:56.973 JST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-06-13 15:38:56.990 JST [common/tools/configtxgen] doOutputAnchorPeersUpdate -> INFO 002 Generating anchor peer update
2018-06-13 15:38:56.990 JST [common/tools/configtxgen] doOutputAnchorPeersUpdate -> INFO 003 Writing anchor peer update
+ res=0
+ set +x
#################################################################
####### Generating anchor peer update for Org2MSP ##########
#################################################################
+ configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID mychannel -asOrg Org2MSP
2018-06-13 15:38:57.020 JST [common/tools/configtxgen] main -> INFO 001 Loading configuration
2018-06-13 15:38:57.036 JST [common/tools/configtxgen] doOutputAnchorPeersUpdate -> INFO 002 Generating anchor peer update
2018-06-13 15:38:57.037 JST [common/tools/configtxgen] doOutputAnchorPeersUpdate -> INFO 003 Writing anchor peer update
+ res=0
+ set +x
5. ./byfn.sh -m up -c mychannel1を実行してください。
/byfn.sh -m up -c mychannel1
Starting with channel 'mychannel1' and CLI timeout of '10' seconds and CLI delay of '3' seconds
Continue? [Y/n] y
proceeding ...
2018-06-13 07:01:48.323 UTC [main] main -> INFO 001 Exiting.....
LOCAL_VERSION=1.1.0
DOCKER_IMAGE_VERSION=1.1.0
Creating network "net_byfn" with the default driver
Creating volume "net_orderer.example.com" with default driver
Creating volume "net_peer0.org1.example.com" with default driver
Creating volume "net_peer1.org1.example.com" with default driver
Creating volume "net_peer0.org2.example.com" with default driver
Creating volume "net_peer1.org2.example.com" with default driver
Creating peer0.org2.example.com ... done
Creating peer0.org1.example.com ... done
Creating peer1.org2.example.com ... done
Creating peer1.org1.example.com ... done
Creating orderer.example.com ... done
Creating cli ... done
____ _____ _ ____ _____
/ ___| |_ _| / \ | _ \ |_ _|
\___ \ | | / _ \ | |_) | | |
___) | | | / ___ \ | _ < | |
|____/ |_| /_/ \_\ |_| \_\ |_|
Build your first network (BYFN) end-to-end test
Channel name : mychannel1
Creating channel...
+ peer channel create -o orderer.example.com:7050 -c mychannel1 -f ./channel-artifacts/channel.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
CORE_PEER_LOCALMSPID=Org1MSP
CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
CORE_PEER_TLS_ENABLED=true
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
CORE_PEER_ID=cli
CORE_LOGGING_LEVEL=INFO
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
+ res=0
+ set +x
2018-06-13 07:01:54.833 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
2018-06-13 07:01:54.893 UTC [channelCmd] InitCmdFactory -> INFO 002 Endorser and orderer connections initialized
2018-06-13 07:01:55.101 UTC [main] main -> INFO 003 Exiting.....
===================== Channel "mychannel1" is created successfully =====================
<中略>
===================== Chaincode is installed on peer0.org2 =====================
Instantiating chaincode on peer0.org2...
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
CORE_PEER_LOCALMSPID=Org2MSP
CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
CORE_PEER_TLS_ENABLED=true
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
CORE_PEER_ID=cli
CORE_LOGGING_LEVEL=INFO
CORE_PEER_ADDRESS=peer0.org2.example.com:7051
+ peer chaincode instantiate -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel1 -n mycc -l golang -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P 'OR ('\''Org1MSP.peer'\'','\''Org2MSP.peer'\'')'
+ res=1
+ set +x
2018-06-13 07:02:08.488 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2018-06-13 07:02:08.488 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
Error: Error endorsing chaincode: rpc error: code = Unknown desc = access denied: channel [mychannel1] creator org [Org2MSP]
Usage:
peer chaincode instantiate [flags]
Flags:
-C, --channelID string The channel on which this command should be executed
--collections-config string The file containing the configuration for the chaincode's collection
-c, --ctor string Constructor message for the chaincode in JSON format (default "{}")
-E, --escc string The name of the endorsement system chaincode to be used for this chaincode
-l, --lang string Language the chaincode is written in (default "golang")
-n, --name string Name of the chaincode
-P, --policy string The endorsement policy associated to this chaincode
-v, --version string Version of the chaincode specified in install/instantiate/upgrade commands
-V, --vscc string The name of the verification system chaincode to be used for this chaincode
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer.
--tls Use TLS when communicating with the orderer endpoint
--transient string Transient map of arguments in JSON encoding
!!!!!!!!!!!!!!! Chaincode instantiation on peer0.org2 on channel 'mychannel1' failed !!!!!!!!!!!!!!!!
========= ERROR !!! FAILED to execute End-2-End Scenario ===========
ERROR !!!! Test failed
エラーがありますが、必要ではない処理も行っているためです。
6. first-network/byfn.shを書き換えます。
generateCertsと検索してください。
次を参考にして、2つのgenerateCertsをコメントアウトしてください。
byfn.sh
function networkUp () {
checkPrereqs
# generate artifacts if they don't exist
if [ ! -d "crypto-config" ]; then
# generateCerts
replacePrivateKey
generateChannelArtifacts
fi
if [ "${IF_COUCHDB}" == "couchdb" ]; then
IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE -f $COMPOSE_FILE_COUCH up -d 2>&1
else
IMAGE_TAG=$IMAGETAG docker-compose -f $COMPOSE_FILE up -d 2>&1
fi
if [ $? -ne 0 ]; then
echo "ERROR !!!! Unable to start network"
exit 1
fi
# now run the end to end script
docker exec cli scripts/script.sh $CHANNEL_NAME $CLI_DELAY $LANGUAGE $CLI_TIMEOUT
if [ $? -ne 0 ]; then
echo "ERROR !!!! Test failed"
exit 1
fi
}
<中略>
#Create the network using docker compose
if [ "${MODE}" == "up" ]; then
networkUp
elif [ "${MODE}" == "down" ]; then ## Clear the network
networkDown
elif [ "${MODE}" == "generate" ]; then ## Generate Artifacts
# generateCerts
replacePrivateKey
generateChannelArtifacts
elif [ "${MODE}" == "restart" ]; then ## Restart the network
networkDown
networkUp
elif [ "${MODE}" == "upgrade" ]; then ## Upgrade the network from v1.0.x to v1.1
upgradeNetwork
else
printHelp
exit 1
fi
7. first-network/scripts/script.shを書き換えます。
関数joinChannel()をみてください。次のように書き換えます。
script.sh
joinChannel () {
for org in 2; do
for peer in 0 1; do
joinChannelWithRetry $peer $org
echo "===================== peer${peer}.org${org} joined on the channel \"$CHANNEL_NAME\" ===================== "
sleep $DELAY
echo
done
done
}
8. 先ほどと同様に./byfn.sh -m generate -c mychannel2と./byfn.sh -m up -c mychannel2を実行してください。
./byfn.sh -m generate -c mychannel2
./byfn.sh -m up -c mychannel2
9. docker exec -it cli bashを実行してください。コンテナに入ります。
docker exec -it cli bash
10. 次のように環境変数を設定します。
export CORE_PEER_ADDRESS=peer0.org2.example.com:7051
export CORE_PEER_LOCALMSPID=Org2MSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
export CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
export CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
11. peer channel join -b mychannel2.blockを実行してください。
peer channel join -b mychannel2.block
12. Multi Channelを作ることができました。
peer0.org1, peer1.org1はchannel1に、peer0.org2, peer1.org2はchannel2に入っている状態です。
Multi Channelができているか確認する。
13. それぞれのchannelでchaincodeをインスタンス化します。今回はmyccを使います。
次の2つを実行してください。
export CHANNEL_NAME=mychannel1
peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a", "100", "b","200"]}' -P "OR ('Org1MSP.peer','Org2MSP.peer')"
export CHANNEL_NAME=mychannel2
peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a", "100", "b","200"]}' -P "OR ('Org1MSP.peer','Org2MSP.peer')"
環境変数を設定し直すことで、操作するchannelを変更することができます。chaincodeのinstallはcontainerに依存して行われることもあって、すでにinstallされています。
14. それぞれのchannelでqueryを行います。
次の2つを実行してください。
export CHANNEL_NAME=mychannel1
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
export CHANNEL_NAME=mychannel2
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
結果はともに次のようになります。
2018-06-14 05:54:49.617 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2018-06-14 05:54:49.617 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
Query Result: 100
2018-06-14 05:54:49.625 UTC [main] main -> INFO 003 Exiting.....
15. mychannel1でinvokeを行い、そのあとqueryで2つのchannelの結果を比較します。
次を実行してください。
export CHANNEL_NAME=mychannel1
peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}'
それぞれのchannelで先ほどと同様にqueryをします。次のように異なる結果が得られます。
export CHANNEL_NAME=mychannel1
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
2018-06-14 06:00:36.534 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2018-06-14 06:00:36.534 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
Query Result: 90
2018-06-14 06:00:36.540 UTC [main] main -> INFO 003 Exiting.....
export CHANNEL_NAME=mychannel2
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
2018-06-14 06:03:21.902 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2018-06-14 06:03:21.902 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
Query Result: 100
2018-06-14 06:03:21.910 UTC [main] main -> INFO 003 Exiting.....
おわりに
説明を簡単にするために、無駄の多いやり方をしています。
具体的には、公式のシェルスクリプトをそのまま実行しているため、今回の目的に必要のないものも実行してしまっています。
そのために不必要なエラーが出てしまっています。しかし、簡単な説明のためには仕方のないことでしょう。