Hyperledger Composer - Docker Swarm
[英]Hyperledger Composer - Docker Swarm
问题描述
I've been experimenting with Hyperledger Composer and with the official multi org tutorial. 
我一直在尝试使用Hyperledger Composer和官方的多组织教程。 I was successful in modifying the given demo, adding a third organisation and finally installing my own bna. 我成功地修改了给定的演示,添加了第三个组织,最后安装了我自己的bna。
The next step was to fully understand how to deploy the Fabric network and Composer on multiple physical machines. 下一步是完全了解如何在多台物理计算机上部署Fabric网络和Composer。 And I went through all the available info about deploying such a process but without much luck. 我查看了有关部署此类流程的所有可用信息,但没有太多运气。
Let suppose: 让我们假设:
PC1: 1 Orderer, 1 Organisation, One cli container; PC1:1个Orderer,1个组织,一个cli容器;
PC2: 1 Organisation; PC2:1组织;
PC3: 1 Organization; PC3:1组织;
I'm able to put the 3 machines in a swarm. 我可以把3台机器放进一个群里。
I know that I need to generate the certificates for all the machines and that they should be identical. 我知道我需要为所有机器生成证书,并且它们应该是相同的。
But from there I don't fully understand how to continue, or how to add references to the swarm network inside the compose files... 但是从那里我不完全了解如何继续,或者如何在compose文件中添加对swarm网络的引用...
#docker-compose-cas-template-0 - This is for PC 1
version: '2'
networks:
example:
services:
ca0:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-manager
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem
- FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/manager.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca_peerManager
networks:
- example
# docker-compose-base-1.yaml - This is for PC1
version: '2'
services:
orderer.proa.com:
container_name: orderer.proa.com
image: hyperledger/fabric-orderer:$IMAGE_TAG
environment:
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/proa.com/orderers/orderer.proa.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/proa.com/orderers/orderer.proa.com/tls/:/var/hyperledger/orderer/tls
- orderer.proa.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
peer0.manager.proa.com:
container_name: peer0.manager.proa.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.manager.proa.com
- CORE_PEER_ADDRESS=peer0.manager.proa.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.manager.proa.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.manager.proa.com:7051
- CORE_PEER_LOCALMSPID=ManagerMSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer0.manager.proa.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer0.manager.proa.com/tls:/etc/hyperledger/fabric/tls
- peer0.manager.proa.com:/var/hyperledger/production
ports:
- 7051:7051
- 7053:7053
peer1.manager.proa.com:
container_name: peer1.manager.proa.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.manager.proa.com
- CORE_PEER_ADDRESS=peer1.manager.proa.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.manager.proa.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.manager.proa.com:7051
- CORE_PEER_LOCALMSPID=ManagerMSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer1.manager.proa.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/manager.proa.com/peers/peer1.manager.proa.com/tls:/etc/hyperledger/fabric/tls
- peer1.manager.proa.com:/var/hyperledger/production
ports:
- 8051:7051
- 8053:7053
UPDATED with docker-compose-cli.yaml - for ORG2 and PC2 更新了docker-compose-cli.yaml - 用于ORG2和PC2
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
volumes:
peer0.sponsor.example.com:
peer1.sponsor.example.com:
networks:
example:
external:
name: example
services:
peer0.sponsor.example.com:
container_name: peer0.sponsor.example.com
extends:
file: base/docker-compose-base-2.yaml
service: peer0.sponsor.example.com
networks:
- example
peer1.sponsor.example.com:
container_name: peer1.sponsor.example.com
extends:
file: base/docker-compose-base-2.yaml
service: peer1.sponsor.example.com
networks:
- example
cli2:
container_name: cli2
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- CORE_LOGGING_LEVEL=DEBUG
- CORE_LOGGING_LEVEL=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.sponsor.example.com:7051
- CORE_PEER_LOCALMSPID=SponsorMSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/sponsor.example.com/users/Admin@sponsor.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.sponsor.example.com
- peer1.sponsor.example.com
networks:
- example
1 个解决方案
解决方案1
3 已采纳 2018-09-13 06:09:07
You're on right track. 你走在正确的轨道上。 I'll list down the steps below: 我将列出以下步骤:
We create a docker swarm and connect these hosts.
我们创建了一个docker swarm并连接这些主机。 Since you've already created a swarm, I assume your hosts are connected. 由于您已经创建了一个群,我假设您的主机已连接。 We create an overlay network from one of the hosts.
我们从其中一个主机创建一个覆盖网络。 In our case, it is "example" network. 在我们的例子中,它是“示例”网络。 docker network create --attachable --driver overlay exampleNow, this overlay network will be available in all the hosts.
现在,这个覆盖网络将在所有主机中可用。 You can run the following command in each of the hosts: 您可以在每个主机中运行以下命令: docker network lsHere, you'll be able to see the network with the name "example" that is an overlay network.
在这里,您将能够看到名为“example”的网络,这是一个覆盖网络。 Also, you can inspect the network to see which all hosts (peers) are connected to this network using:
此外,您可以使用以下方法检查网络以查看所有主机(对等方)连接到此网络: docker network inspect exampleSpin up the containers.
旋转容器。 However, in this step, we need to make these containers join the existing overlay network ie "example". 但是,在此步骤中,我们需要使这些容器加入现有的覆盖网络,即“示例”。 So your compose files will be like: 所以你的撰写文件就像: version: '2' networks: example: external: name: example services: ca0: image: hyperledger/fabric-ca environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-manager - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY ports: - "7054:7054" command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.manager.example.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/CA1_PRIVATE_KEY -b admin:adminpw -d' volumes: - ./crypto-config/peerOrganizations/manager.example.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerManager networks: - exampleThis configuration will remain similar for all your docker containers, be it, peer, orderer, ca or cli.
对于所有docker容器,无论是peer,peer,orderer,ca还是cli,此配置都将保持相似。 Also, this configuration will make sure that your container will join the existing network instead of creating a new one. 此外,此配置将确保您的容器将加入现有网络而不是创建新网络。
Note: Running the docker in swarm mode requires few ports to be opened up. 注意:以群集模式运行docker需要打开很少的端口。 You can find those references in this article . 您可以在本文中找到这些参考 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.