安装规划

域名说明

域名 说明
orderer.cares.com 排序节点
peer0.nkg.com nkg peer节点
ca.cares.com 排序组织证书颁发节点
ca.nkg.com nkg 证书颁发节点
tls.cares.com 全局 tls证书颁发节点
peer0.weh.com weh peer 节点
ca.weh.com weh 证书颁发节点
peer0.tna.com tna peer节点
ca.tna.com tna证书颁发节点

域名规划

IP 域名
192.168.53.50 orderer.cares.com peer0.nkg.com ca.cares.com ca.nkg.com tls.cares.com
192.168.53.51 peer0.weh.com ca.weh.com
192.168.53.52 peer0.tna.com ca.tna.com

基础软件安装(全部机器相同操作)

1、go

将go的可执行文件路径添加到PATH

export PATH=$PATH:/root/fabric/soft/prereq/go/bin

设置GOROOT环境变量指向GO_HOME

export GOROOT=/root/fabric/soft/prereq/go

设置GOPATH环境变量指向源码编译路径

export GOPATH=/root/fabric/gopath

2、node

将node的可执行文件路径添加到PATH

export PATH=$PATH:/root/fabric/soft/prereq/node-v12.16.1-linux-x64/bin

3、docker

复制docker二进制文件到 /usr/bin
复制docker.service containerd.service docker.socket 到 /lib/systemd/system
添加docker组 

groupadd docker
systemctl enable docker.service
systemctl enable docker.socket
systemctl enable containerd.service

systemctl start docker.service

4、fabric

复制fabric二进制文件到/usr/bin

复制fabric源码到 $GOPATH

fabric 网络搭建

CA 安装

tls-ca

创建目录

mkdir -p /root/workspace/tls-ca/{crypto,admin}

启动 tls-ca

export TLS_CA_HOME=/root/workspace/tls-ca
export FABRIC_CA_SERVER_HOME=$TLS_CA_HOME/crypto
export FABRIC_CA_SERVER_TLS_ENABLED=true
export FABRIC_CA_SERVER_CSR_CN=tls.cares.com
export FABRIC_CA_SERVER_CSR_HOSTS=tls.cares.com
export FABRIC_CA_SERVER_DEBUG=true
export FABRIC_CA_SERVER_OPERATIONS_LISTENADDRESS=0.0.0.0:6053

nohup fabric-ca-server start -d -b tls:tlspw --port 6052 > $TLS_CA_HOME/tls-ca-logs 2>&1 &

注册TLS证书

export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tls-ca/crypto/tls-cert.pem
export FABRIC_CA_CLIENT_HOME=/root/workspace/tls-ca/admin
fabric-ca-client enroll -d -u https://tls:tlspw@tls.cares.com:6052
fabric-ca-client register -d --id.name peer0.nkg.com --id.secret 1 --id.type peer -u https://tls.cares.com:6052
fabric-ca-client register -d --id.name peer0.weh.com --id.secret 1 --id.type peer -u https://tls.cares.com:6052
fabric-ca-client register -d --id.name peer0.tna.com --id.secret 1 --id.type peer -u https://tls.cares.com:6052
fabric-ca-client register -d --id.name orderer.cares.com --id.secret 1 --id.type orderer -u https://tls.cares.com:6052

orderer ca

创建目录

mkdir -p /root/workspace/order-ca/{crypto,admin}

启动orderer ca

export ORDERER_CA_HOME=/root/workspace/order-ca
export FABRIC_CA_SERVER_HOME=$ORDERER_CA_HOME/crypto
export FABRIC_CA_SERVER_TLS_ENABLED=true
export FABRIC_CA_SERVER_CSR_CN=ca.cares.com
export FABRIC_CA_SERVER_CSR_HOSTS=ca.cares.com
export FABRIC_CA_SERVER_DEBUG=true
export FABRIC_CA_SERVER_OPERATIONS_LISTENADDRESS=0.0.0.0:6055

nohup fabric-ca-server start -d -b rca:rcapw --port 6054 > $ORDERER_CA_HOME/orderer-ca-logs 2>&1 &

注册 orderer 组织和orderer admin

export ORDERER_CA_HOME=/root/workspace/order-ca
export FABRIC_CA_CLIENT_TLS_CERTFILES=$ORDERER_CA_HOME/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_HOME=$ORDERER_CA_HOME/admin
fabric-ca-client enroll -d -u https://rca:rcapw@ca.cares.com:6054
fabric-ca-client register -d --id.name orderer.cares.com --id.secret 1 --id.type orderer -u https://ca.cares.com:6054
fabric-ca-client register -d --id.name Admin@orderer.cares.com --id.secret 1 --id.type admin --id.attrs "hf.Registrar.Roles=client,hf.Registrar.Attributes=*,hf.Revoker=true,hf.GenCRL=true,admin=true:ecert,abac.init=true:ecert" -u https://ca.cares.com:6054

nkg ca

创建目录

mkdir -p /root/workspace/nkg-ca/{crypto,admin}

启动nkg ca

export NKG_CA_HOME=/root/workspace/nkg-ca
export FABRIC_CA_SERVER_HOME=$NKG_CA_HOME/crypto
export FABRIC_CA_SERVER_TLS_ENABLED=true
export FABRIC_CA_SERVER_CSR_CN=ca.nkg.com
export FABRIC_CA_SERVER_CSR_HOSTS=ca.nkg.com
export FABRIC_CA_SERVER_DEBUG=true
export FABRIC_CA_SERVER_OPERATIONS_LISTENADDRESS=0.0.0.0:6057

nohup fabric-ca-server start -d -b rca:rcapw --port 6056 > $NKG_CA_HOME/nkg-ca-logs 2>&1 &

注册 nkg peer0,admin,user

export NKG_CA_HOME=/root/workspace/nkg-ca
export FABRIC_CA_CLIENT_TLS_CERTFILES=$NKG_CA_HOME/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_HOME=$NKG_CA_HOME/admin
fabric-ca-client enroll -d -u https://rca:rcapw@ca.nkg.com:6056
fabric-ca-client register -d --id.name peer0.nkg.com --id.secret 1 --id.type peer -u https://ca.nkg.com:6056
fabric-ca-client register -d --id.name Admin@nkg.com --id.secret 1 --id.type user -u https://ca.nkg.com:6056
fabric-ca-client register -d --id.name User1@nkg.com --id.secret 1 --id.type user -u https://ca.nkg.com:6056

weh ca

创建目录

mkdir -p /root/workspace/weh-ca/{crypto,admin}

启动weh ca

export WEH_CA_HOME=/root/workspace/weh-ca
export FABRIC_CA_SERVER_HOME=$WEH_CA_HOME/crypto
export FABRIC_CA_SERVER_TLS_ENABLED=true
export FABRIC_CA_SERVER_CSR_CN=ca.weh.com
export FABRIC_CA_SERVER_CSR_HOSTS=ca.weh.com
export FABRIC_CA_SERVER_DEBUG=true
export FABRIC_CA_SERVER_OPERATIONS_LISTENADDRESS=0.0.0.0:6057

nohup fabric-ca-server start -d -b rca:rcapw --port 6056 > $WEH_CA_HOME/weh-ca-logs 2>&1 &

注册 weh peer0,admin,user

export WEH_CA_HOME=/root/workspace/weh-ca
export FABRIC_CA_CLIENT_TLS_CERTFILES=$WEH_CA_HOME/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_HOME=$WEH_CA_HOME/admin
fabric-ca-client enroll -d -u https://rca:rcapw@ca.weh.com:6056
fabric-ca-client register -d --id.name peer0.weh.com --id.secret 1 --id.type peer -u https://ca.weh.com:6056
fabric-ca-client register -d --id.name Admin@weh.com --id.secret 1 --id.type user -u https://ca.weh.com:6056
fabric-ca-client register -d --id.name User1@weh.com --id.secret 1 --id.type user -u https://ca.weh.com:6056

tna ca

创建目录

mkdir -p /root/workspace/tna-ca/{crypto,admin}

启动tna ca

export TNA_CA_HOME=/root/workspace/tna-ca
export FABRIC_CA_SERVER_HOME=$TNA_CA_HOME/crypto
export FABRIC_CA_SERVER_TLS_ENABLED=true
export FABRIC_CA_SERVER_CSR_CN=ca.tna.com
export FABRIC_CA_SERVER_CSR_HOSTS=ca.tna.com
export FABRIC_CA_SERVER_DEBUG=true
export FABRIC_CA_SERVER_OPERATIONS_LISTENADDRESS=0.0.0.0:6057

nohup fabric-ca-server start -d -b rca:rcapw --port 6056 > $TNA_CA_HOME/tna-ca-logs 2>&1 &

注册 tna peer0,admin,user

export TNA_CA_HOME=/root/workspace/tna-ca
export FABRIC_CA_CLIENT_TLS_CERTFILES=$TNA_CA_HOME/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_HOME=$TNA_CA_HOME/admin
fabric-ca-client enroll -d -u https://rca:rcapw@ca.tna.com:6056
fabric-ca-client register -d --id.name peer0.tna.com --id.secret 1 --id.type peer -u https://ca.tna.com:6056
fabric-ca-client register -d --id.name Admin@tna.com --id.secret 1 --id.type user -u https://ca.tna.com:6056
fabric-ca-client register -d --id.name User1@tna.com --id.secret 1 --id.type user -u https://ca.tna.com:6056

peer节点安装

nkg peer0

创建目录

mkdir -p   /root/workspace/nkg/peer0

颁发 nkg peer0 证书

export FABRIC_CA_CLIENT_HOME=/root/workspace/nkg/peer0
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/nkg-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://peer0.nkg.com:1@ca.nkg.com:6056

颁发 TLS 证书

export FABRIC_CA_CLIENT_MSPDIR=tls-msp
export FABRIC_CA_CLIENT_HOME=/root/workspace/nkg/peer0
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tls-ca/crypto/ca-cert.pem
fabric-ca-client enroll -d -u https://peer0.nkg.com:1@tls.cares.com:6052 --enrollment.profile tls --csr.hosts peer0.nkg.com

将 /root/workspace/nkg/peer0/tls-msp/keystore 下的 key更名为 key.pem

颁发 nkg admin 证书

mkdir -p   /root/workspace/nkg/admin

export FABRIC_CA_CLIENT_HOME=/root/workspace/nkg/admin
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/nkg-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://Admin@nkg.com:1@ca.nkg.com:6056

复制admin证书

mkdir  -p /root/workspace/nkg/peer0/msp/admincerts
cp /root/workspace/nkg/admin/msp/signcerts/cert.pem /root/workspace/nkg/peer0/msp/admincerts/cert.pem

mkdir  -p /root/workspace/nkg/admin/msp/admincerts
cp /root/workspace/nkg/admin/msp/signcerts/cert.pem /root/workspace/nkg/admin/msp/admincerts/cert.pem

启动peer0

export FABRIC_CFG_PATH=/root/fabric/cfg
export CORE_PEER_ID=peer0.nkg.com
export CORE_PEER_ADDRESS=peer0.nkg.com:7051
export CORE_PEER_LOCALMSPID=nkgMSP
export CORE_PEER_MSPCONFIGPATH=/root/workspace/nkg/peer0/msp
export FABRIC_LOGGING_SPEC=info
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_CERT_FILE=/root/workspace/nkg/peer0/tls-msp/signcerts/cert.pem
export CORE_PEER_TLS_KEY_FILE=/root/workspace/nkg/peer0/tls-msp/keystore/key.pem
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_GOSSIP_USELEADERELECTION=true
export CORE_PEER_GOSSIP_ORGLEADER=false
export CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.nkg.com:7051
export CORE_PEER_GOSSIP_SKIPHANDSHAKE=true

nohup peer node start > /root/workspace/nkg/peer0/peer0.log 2>&1 &

weh peer0

创建目录

mkdir -p   /root/workspace/weh/peer0

颁发 weh peer0 证书

export FABRIC_CA_CLIENT_HOME=/root/workspace/weh/peer0
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/weh-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://peer0.weh.com:1@ca.weh.com:6056

颁发 TLS 证书

#sftp复制 tls.cares.com /root/workspace/tls-ca/crypto/ca-cert.pem 文件到 /root/workspace/tls-ca/crypto

mkdir -p /root/workspace/tls-ca/crypto
export FABRIC_CA_CLIENT_MSPDIR=tls-msp
export FABRIC_CA_CLIENT_HOME=/root/workspace/weh/peer0
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tls-ca/crypto/ca-cert.pem
fabric-ca-client enroll -d -u https://peer0.weh.com:1@tls.cares.com:6052 --enrollment.profile tls --csr.hosts peer0.weh.com

将 /root/workspace/weh/peer0/tls-msp/keystore 下的 key更名为 key.pem

颁发 weh admin 证书

mkdir -p   /root/workspace/weh/admin

export FABRIC_CA_CLIENT_HOME=/root/workspace/weh/admin
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/weh-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://Admin@weh.com:1@ca.weh.com:6056

复制admin证书

mkdir  -p /root/workspace/weh/peer0/msp/admincerts
cp /root/workspace/weh/admin/msp/signcerts/cert.pem /root/workspace/weh/peer0/msp/admincerts/cert.pem

mkdir  -p /root/workspace/weh/admin/msp/admincerts
cp /root/workspace/weh/admin/msp/signcerts/cert.pem /root/workspace/weh/admin/msp/admincerts/cert.pem

启动peer0

export FABRIC_CFG_PATH=/root/fabric/cfg
export CORE_PEER_ID=peer0.weh.com
export CORE_PEER_ADDRESS=peer0.weh.com:7051
export CORE_PEER_LOCALMSPID=wehMSP
export CORE_PEER_MSPCONFIGPATH=/root/workspace/weh/peer0/msp
export FABRIC_LOGGING_SPEC=info
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_CERT_FILE=/root/workspace/weh/peer0/tls-msp/signcerts/cert.pem
export CORE_PEER_TLS_KEY_FILE=/root/workspace/weh/peer0/tls-msp/keystore/key.pem
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/weh/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_GOSSIP_USELEADERELECTION=true
export CORE_PEER_GOSSIP_ORGLEADER=false
export CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.weh.com:7051
export CORE_PEER_GOSSIP_SKIPHANDSHAKE=true

nohup peer node start > /root/workspace/weh/peer0/peer0.log 2>&1 &

tna peer0

创建目录

mkdir -p   /root/workspace/tna/peer0

颁发 tna peer0 证书

export FABRIC_CA_CLIENT_HOME=/root/workspace/tna/peer0
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tna-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://peer0.tna.com:1@ca.tna.com:6056

颁发 TLS 证书

#sftp复制 tls.cares.com /root/workspace/tls-ca/crypto/ca-cert.pem 文件到 /root/workspace/tls-ca/crypto

mkdir -p /root/workspace/tls-ca/crypto
export FABRIC_CA_CLIENT_MSPDIR=tls-msp
export FABRIC_CA_CLIENT_HOME=/root/workspace/tna/peer0
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tls-ca/crypto/ca-cert.pem
fabric-ca-client enroll -d -u https://peer0.tna.com:1@tls.cares.com:6052 --enrollment.profile tls --csr.hosts peer0.tna.com

将 /root/workspace/tna/peer0/tls-msp/keystore 下的 key更名为 key.pem

颁发 tna admin 证书

mkdir -p   /root/workspace/tna/admin

export FABRIC_CA_CLIENT_HOME=/root/workspace/tna/admin
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tna-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://Admin@tna.com:1@ca.tna.com:6056

复制admin证书

mkdir  -p /root/workspace/tna/peer0/msp/admincerts
cp /root/workspace/tna/admin/msp/signcerts/cert.pem /root/workspace/tna/peer0/msp/admincerts/cert.pem

mkdir  -p /root/workspace/tna/admin/msp/admincerts
cp /root/workspace/tna/admin/msp/signcerts/cert.pem /root/workspace/tna/admin/msp/admincerts/cert.pem

启动peer0

export FABRIC_CFG_PATH=/root/fabric/cfg
export CORE_PEER_ID=peer0.tna.com
export CORE_PEER_ADDRESS=peer0.tna.com:7051
export CORE_PEER_LOCALMSPID=tnaMSP
export CORE_PEER_MSPCONFIGPATH=/root/workspace/tna/peer0/msp
export FABRIC_LOGGING_SPEC=info
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_CERT_FILE=/root/workspace/tna/peer0/tls-msp/signcerts/cert.pem
export CORE_PEER_TLS_KEY_FILE=/root/workspace/tna/peer0/tls-msp/keystore/key.pem
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/tna/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_GOSSIP_USELEADERELECTION=true
export CORE_PEER_GOSSIP_ORGLEADER=false
export CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.tna.com:7051
export CORE_PEER_GOSSIP_SKIPHANDSHAKE=true

nohup peer node start > /root/workspace/tna/peer0/peer0.log 2>&1 &

orderer 节点安装

orderer.cares.com

创建目录

mkdir -p /root/workspace/cares/orderer

颁发 orderer 证书

export FABRIC_CA_CLIENT_HOME=/root/workspace/cares/orderer
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/order-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://orderer.cares.com:1@ca.cares.com:6054

颁发 TLS 证书

#sftp复制 tls.cares.com /root/workspace/tls-ca/crypto/ca-cert.pem 文件到 /root/workspace/tls-ca/crypto

mkdir -p /root/workspace/tls-ca/crypto
export FABRIC_CA_CLIENT_MSPDIR=tls-msp
export FABRIC_CA_CLIENT_HOME=/root/workspace/cares/orderer
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/tls-ca/crypto/ca-cert.pem
fabric-ca-client enroll -d -u https://orderer.cares.com:1@tls.cares.com:6052 --enrollment.profile tls --csr.hosts orderer.cares.com

将 /root/workspace/cares/orderer/tls-msp/keystore 下的 key更名为 key.pem

颁发 orderer admin 证书

mkdir -p   /root/workspace/cares/admin

export FABRIC_CA_CLIENT_HOME=/root/workspace/cares/admin
export FABRIC_CA_CLIENT_TLS_CERTFILES=/root/workspace/order-ca/crypto/ca-cert.pem
export FABRIC_CA_CLIENT_MSPDIR=msp
fabric-ca-client enroll -d -u https://Admin@orderer.cares.com:1@ca.cares.com:6054

复制admin证书

mkdir  -p /root/workspace/cares/orderer/msp/admincerts
cp /root/workspace/cares/admin/msp/signcerts/cert.pem /root/workspace/cares/orderer/msp/admincerts/cert.pem

mkdir  -p /root/workspace/cares/admin/msp/admincerts
cp /root/workspace/cares/admin/msp/signcerts/cert.pem /root/workspace/cares/admin/msp/admincerts/cert.pem

创建组织msp目录

mkdir -p /root/workspace/orgs-msp/{nkg,weh,tna,cares}

复制各自peer0 下admin 目录msp到上述目录,这里以nkg为例

cp -r /root/workspace/nkg/admin/*  /root/workspace/orgs-msp/nkg
mkdir -p /root/workspace/orgs-msp/nkg/{admincerts,tlscacerts}
cp /root/workspace/orgs-msp/nkg/signcerts/cert.pem /root/workspace/orgs-msp/nkg/admincerts
cp /root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem /root/workspace/orgs-msp/nkg/admincerts/tlscacerts

编写 /root/workspace/cfg/configtx.yaml

Organizations:

  - &cares
     Name: 华东凯亚
     ID: ordererMSP
     MSPDir: /root/workspace/orgs-msp/cares

  - &nkg
     Name: 南京机场
     ID: nkgMSP
     MSPDir: /root/workspace/orgs-msp/nkg
     AnchorPeers:
        - Host: peer0.nkg.com
          Port: 7051

  - &weh
     Name: 威海机场
     ID: wehMSP
     MSPDir: /root/workspace/orgs-msp/weh
     AnchorPeers:
        - Host: peer0.weh.com
          Port: 7051


  - &tna
     Name: 济南机场
     ID: tnaMSP
     MSPDir: /root/workspace/orgs-msp/tna
     AnchorPeers:
        - Host: peer0.tna.com
          Port: 7051
Application: &ApplicationDefaults

   # Organizations is the list of orgs which are defined as participants on
   # the application side of the network
   Organizations:

Profiles:

  OrgsOrdererGenesis:
     Orderer:
        OrdererType: solo
        Addresses:
            - orderer.cares.com:7050
        BatchTimeout: 2s
        BatchSize:
        MaxMessageCount: 10
        AbsoluteMaxBytes: 99 MB
        PreferredMaxBytes: 512 KB
        Organizations:
            - *cares

     Consortiums:
        SampleConsortium:
          Organizations:
             - *nkg
             - *weh
             - *tna

  OrgsChannel:
     Consortium: SampleConsortium
     Application:
        <<: *ApplicationDefaults
        Organizations:
           - *nkg
           - *weh
           - *tna

生成 anchor 节点文件

nkg
export FABRIC_CFG_PATH=/root/workspace/cfg/
configtxgen  -profile OrgsChannel -outputAnchorPeersUpdate /root/workspace/blocks/nkgMSPanchors.tx -channelID securitycheck -asOrg nkg
weh
export FABRIC_CFG_PATH=/root/workspace/cfg/
configtxgen  -profile OrgsChannel -outputAnchorPeersUpdate /root/workspace/blocks/wehMSPanchors.tx -channelID securitycheck -asOrg weh
tna
export FABRIC_CFG_PATH=/root/workspace/cfg/
configtxgen  -profile OrgsChannel -outputAnchorPeersUpdate /root/workspace/blocks/tnaMSPanchors.tx -channelID securitycheck -asOrg tna

创建系统通道和应用通道

export FABRIC_CFG_PATH=/root/workspace/cfg
configtxgen -profile OrgsOrdererGenesis -outputBlock /root/workspace/blocks/genesis.block -channelID syschannel
configtxgen -profile OrgsChannel -outputCreateChannelTx /root/workspace/blocks/channel.tx -channelID securitycheck

启动 orderer

mkdir -p /root/workspace/cares/data
export FABRIC_CFG_PATH=/root/fabric/cfg
export ORDERER_HOME=/root/workspace/cares/data
export ORDERER_HOST=orderer.cares.com
export ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
export ORDERER_GENERAL_GENESISMETHOD=file
export ORDERER_GENERAL_GENESISFILE=/root/workspace/blocks/genesis.block
export ORDERER_GENERAL_LOCALMSPID=ordererMSP
export ORDERER_GENERAL_LOCALMSPDIR=/root/workspace/cares/orderer/msp
export ORDERER_GENERAL_TLS_ENABLED=true
export ORDERER_GENERAL_TLS_CERTIFICATE=/root/workspace/cares/orderer/tls-msp/signcerts/cert.pem
export ORDERER_GENERAL_TLS_PRIVATEKEY=/root/workspace/cares/orderer/tls-msp/keystore/key.pem
export ORDERER_GENERAL_TLS_ROOTCAS=[/root/workspace/cares/orderer/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem]
export ORDERER_GENERAL_LOGLEVEL=debug
export ORDERER_DEBUG_BROADCASTTRACEDIR=/root/workspace/cares/data/logs

nohup orderer start > /root/workspace/cares/orderer/orderer.log 2>&1 &

创建应用通道securitycheck,并加入

nkg 创建 securitycheck

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.nkg.com
export CORE_PEER_ADDRESS=peer0.nkg.com:7051
export CORE_PEER_LOCALMSPID=nkgMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/nkg/admin/msp
peer channel create -c securitycheck -f /root/workspace/blocks/channel.tx -o orderer.cares.com:7050 --outputBlock /root/workspace/blocks/securitycheck.block --tls --cafile /root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem

nkg 加入 securitycheck

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.nkg.com
export CORE_PEER_ADDRESS=peer0.nkg.com:7051
export CORE_PEER_LOCALMSPID=nkgMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/nkg/admin/msp
peer channel join -b /root/workspace/blocks/securitycheck.block
peer channel update -o orderer.cares.com:7050 -c securitycheck -f /root/workspace/blocks/nkgMSPanchors.tx --tls --cafile /root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem

weh 加入 securitycheck

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.weh.com
export CORE_PEER_ADDRESS=peer0.weh.com:7051
export CORE_PEER_LOCALMSPID=wehMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/weh/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/weh/admin/msp
peer channel join -b /root/workspace/blocks/securitycheck.block
peer channel update -o orderer.cares.com:7050 -c securitycheck -f /root/workspace/blocks/wehMSPanchors.tx --tls --cafile /root/workspace/weh/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem

tna 加入 securitycheck

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.tna.com
export CORE_PEER_ADDRESS=peer0.tna.com:7051
export CORE_PEER_LOCALMSPID=tnaMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/tna/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/tna/admin/msp
peer channel join -b /root/workspace/blocks/securitycheck.block
peer channel update -o orderer.cares.com:7050 -c securitycheck -f /root/workspace/blocks/tnaMSPanchors.tx --tls --cafile /root/workspace/tna/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem

安装、初始化链码

nkg 安装链码

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.nkg.com
export CORE_PEER_ADDRESS=peer0.nkg.com:7051
export CORE_PEER_LOCALMSPID=nkgMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/nkg/admin/msp

peer chaincode install  -n test -v 1.0 -p  chaincode_example02 -l golang

weh 安装链码

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.weh.com
export CORE_PEER_ADDRESS=peer0.weh.com:7051
export CORE_PEER_LOCALMSPID=wehMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/weh/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/weh/admin/msp

peer chaincode install  -n test -v 1.0 -p  chaincode_example02 -l golang

tna 安装链码

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.tna.com
export CORE_PEER_ADDRESS=peer0.tna.com:7051
export CORE_PEER_LOCALMSPID=tnaMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/tna/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/tna/admin/msp

peer chaincode install  -n test -v 1.0 -p  chaincode_example02 -l golang

nkg 初始化并调用链码交易

export FABRIC_CFG_PATH=/root/fabric/cfg/
export FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_ID=peer0.nkg.com
export CORE_PEER_ADDRESS=peer0.nkg.com:7051
export CORE_PEER_LOCALMSPID=nkgMSP
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_TLS_ROOTCERT_FILE=/root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem
export CORE_PEER_MSPCONFIGPATH=/root/workspace/nkg/admin/msp

peer chaincode instantiate -o orderer.cares.com:7050 -C securitycheck -n test -l golang -v 1.0 -c '{"Args":["init","a","200","b","200"]}' -P "OR ('tnaMSP.member','wehMSP.member','nkgMSP.member')" --tls --cafile /root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem


peer chaincode query -C securitycheck -n test -c '{"Args":["query","a"]}'

peer chaincode invoke -C securitycheck -n test -c '{"Args":["invoke","a","b","10"]}' --tls --cafile /root/workspace/nkg/peer0/tls-msp/tlscacerts/tls-tls-cares-com-6052.pem

peer chaincode query -C securitycheck -n test -c '{"Args":["query","a"]}'

区块链浏览器

upload successful

编写go语言业务链码


package main


import (
    "bytes"
    "encoding/json"
    "fmt"
    "github.com/hyperledger/fabric/core/chaincode/shim"
    sc "github.com/hyperledger/fabric/protos/peer"
    "strconv"
)

type SecuritySmartContract struct {
}

type SecurityRecord struct {
    Id string `json:"id"`    // 身份证号
    CreateTime   string `json:"createTime"` // 违规时间
    EventType  string `json:"eventType"`   // 违规类型
    Desc string `json:"desc"`    // 违规描述
    Score  int `json:"score"`   // 加减分
    Org    string `json:"org"`     // 组织
}


func (s *SecuritySmartContract) Init(APIstub shim.ChaincodeStubInterface) sc.Response {
    return shim.Success(nil)
}

func (s *SecuritySmartContract) Invoke(APIstub shim.ChaincodeStubInterface) sc.Response {

    function, args := APIstub.GetFunctionAndParameters()
    if function == "add" {
        return s.add(APIstub, args)
    } else if function == "queryById" {
        return s.queryById(APIstub,args)
    }

    return shim.Error("Invalid Smart Contract function name.")
}

func (s *SecuritySmartContract) add(APIstub shim.ChaincodeStubInterface, args []string) sc.Response {

    if len(args) != 6 {
        return shim.Error("Incorrect number of arguments. Expecting 5")
    }
    score,_ := strconv.Atoi(args[4])

    var r = SecurityRecord{Id: args[0], CreateTime: args[1], EventType: args[2], Desc: args[3],Score: score,Org:args[5]}

    carAsBytes, _ := json.Marshal(r)
    APIstub.PutState(args[0], carAsBytes)

    return shim.Success(nil)
}


func (s *SecuritySmartContract) queryById(APIstub shim.ChaincodeStubInterface, args []string) sc.Response {
    if len(args) != 1 {
        return shim.Error("Incorrect number of arguments. Expecting 1")
    }
    var id string = args[0];
    resultsIterator, err :=  APIstub.GetHistoryForKey(id)
    if err != nil {
        return shim.Error(err.Error())
    }
    defer resultsIterator.Close()
    var buffer bytes.Buffer
    buffer.WriteString("[")

    bArrayMemberAlreadyWritten := false
    for resultsIterator.HasNext() {
        queryResponse, err := resultsIterator.Next()
        if err != nil {
            return shim.Error(err.Error())
        }
        // Add a comma before array members, suppress it for the first array member
        if bArrayMemberAlreadyWritten == true {
            buffer.WriteString(",")
        }
        buffer.WriteString(string(queryResponse.Value))
        bArrayMemberAlreadyWritten = true
    }
    buffer.WriteString("]")

    fmt.Printf("- queryById:\n%s\n", buffer.String())

    return shim.Success(buffer.Bytes())
}

func main() {

    err := shim.Start(new(SecuritySmartContract))
    if err != nil {
        fmt.Printf("Error creating new Smart Contract: %s", err)
    }
}

区块链      区块链 内网 无互联网

本博客所有文章除特别声明外,均采用 CC BY-SA 3.0协议 。转载请注明出处!