Hyperledger Composer-Docker集群 [英] Hyperledger Composer - Docker Swarm
问题描述
我一直在尝试Hyperledger Composer和官方的多组织教程。我成功地修改了给定的演示,添加了第三个组织,最后安装了自己的bna。
I've been experimenting with Hyperledger Composer and with the official multi org tutorial. I was successful in modifying the given demo, adding a third organisation and finally installing my own bna.
下一步是完全了解如何部署Fabric网络和Composer。在多个物理计算机上。而且我浏览了有关部署此过程的所有可用信息,但运气不佳。
The next step was to fully understand how to deploy the Fabric network and Composer on multiple physical machines. And I went through all the available info about deploying such a process but without much luck.
让我们假设:
PC1:1个订购者,1个组织,一个cli容器;
PC1: 1 Orderer, 1 Organisation, One cli container;
PC2:1个组织;
PC2: 1 Organisation;
PC3: 1个组织;
PC3: 1 Organization;
我可以将3台机器组合在一起。
I'm able to put the 3 machines in a swarm.
我知道我需要为所有机器生成证书,并且它们应该是相同的。
I know that I need to generate the certificates for all the machines and that they should be identical.
但是从那里我还不完全了解如何继续操作,或如何添加对撰写文件中的群网...
But from there I don't fully understand how to continue, or how to add references to the swarm network inside the compose files...
#docker-compose-cas-template-0 - This is for PC 1
version: '2'
networks:
example:
services:
ca0:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-manager
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/manager.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerManager
networks:
- example
# docker-compose-base-1.yaml - This is for PC1
version: '2'
services:
orderer.proa.com:
container_name: orderer.proa.com
image: hyperledger/fabric-orderer:$IMAGE_TAG
environment:
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/proa.com/orderers/orderer.proa.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/proa.com/orderers/orderer.proa.com/tls/:/var/hyperledger/orderer/tls
- orderer.proa.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
peer0.manager.proa.com:
container_name: peer0.manager.proa.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.manager.proa.com
- CORE_PEER_ADDRESS=peer0.manager.proa.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.manager.proa.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.manager.proa.com:7051
- CORE_PEER_LOCALMSPID=ManagerMSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer0.manager.proa.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer0.manager.proa.com/tls:/etc/hyperledger/fabric/tls
- peer0.manager.proa.com:/var/hyperledger/production
ports:
- 7051:7051
- 7053:7053
peer1.manager.proa.com:
container_name: peer1.manager.proa.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.manager.proa.com
- CORE_PEER_ADDRESS=peer1.manager.proa.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.manager.proa.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.manager.proa.com:7051
- CORE_PEER_LOCALMSPID=ManagerMSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer1.manager.proa.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer1.manager.proa.com/tls:/etc/hyperledger/fabric/tls
- peer1.manager.proa.com:/var/hyperledger/production
ports:
- 8051:7051
- 8053:7053
使用docker-compose-cli.yaml更新-适用于ORG2和PC2
UPDATED with docker-compose-cli.yaml - for ORG2 and PC2
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
peer0.sponsor.example.com:
peer1.sponsor.example.com:
networks:
example:
external:
name: example
services:
peer0.sponsor.example.com:
container_name: peer0.sponsor.example.com
extends:
file: base/docker-compose-base-2.yaml
service: peer0.sponsor.example.com
networks:
- example
peer1.sponsor.example.com:
container_name: peer1.sponsor.example.com
extends:
file: base/docker-compose-base-2.yaml
service: peer1.sponsor.example.com
networks:
- example
cli2:
container_name: cli2
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- CORE_LOGGING_LEVEL=DEBUG
- CORE_LOGGING_LEVEL=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.sponsor.example.com:7051
- CORE_PEER_LOCALMSPID=SponsorMSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/users/Admin@sponsor.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.sponsor.example.com
- peer1.sponsor.example.com
networks:
- example
推荐答案
您步入正轨。我将列出以下步骤:
You're on right track. I'll list down the steps below:
-
我们创建一个docker swarm并连接这些主机。由于您已经创建了一个群集,因此我假设您的主机已连接。
We create a docker swarm and connect these hosts. Since you've already created a swarm, I assume your hosts are connected.
我们从其中一台主机创建一个覆盖网络。在我们的例子中,这是示例网络。
We create an overlay network from one of the hosts. In our case, it is "example" network.
docker network create --attachable --driver overlay example
现在,该覆盖网络将在所有主机中可用。您可以在每个主机中运行以下命令:
Now, this overlay network will be available in all the hosts. You can run the following command in each of the hosts:
docker network ls
在这里,您将看到名称为 example的网络,它是一个覆盖网络。
Here, you'll be able to see the network with the name "example" that is an overlay network.
此外,您还可以使用以下方法检查网络,以查看哪些主机(对等主机)已连接到该网络:
Also, you can inspect the network to see which all hosts (peers) are connected to this network using:
docker network inspect example
旋转容器。但是,在此步骤中,我们需要使这些容器加入现有的覆盖网络,即示例。这样您的撰写文件将类似于:
Spin up the containers. However, in this step, we need to make these containers join the existing overlay network i.e "example". So your compose files will be like:
version: '2'
networks:
example:
external:
name: example
services:
ca0:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-manager
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/manager.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerManager
networks:
- example
对于您的所有docker容器,同位,订购者,ca或cli,此配置将保持相似。另外,此配置将确保您的容器将加入现有网络,而不是创建新网络。
This configuration will remain similar for all your docker containers, be it, peer, orderer, ca or cli. Also, this configuration will make sure that your container will join the existing network instead of creating a new one.
注意:以群体模式运行docker需要打开几个端口。您可以找到本文中的引用。
Note: Running the docker in swarm mode requires few ports to be opened up. You can find those references in this article.
这篇关于Hyperledger Composer-Docker集群的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!