将超级账本结构部署到 docker 群
[英]Deploy hyperledger fabric to docker swarm
问题描述
I want to deploy a docker swarm network with 2 organizations, 2 peers each and a CA.
我想部署一个 docker 群网络,其中有 2 个组织,每个组织 2 个对等点和一个 CA。 All of the nodes will be connected and communicate via the docker swarm network.所有节点都将通过 docker 群网络连接和通信。 To my understanding, each organization would have a manager with worker and the workers will host the peer and CA containers.据我了解,每个组织都会有一个带工人的经理,工人将托管对等容器和 CA 容器。
But, it seems to me that a leader manager can administer the whole swarm.但是,在我看来,领导经理可以管理整个群体。 That would mean that an organization manager could access another org's workers.这意味着组织经理可以访问另一个组织的工作人员。 This shouldn't be the case, so what am I missing?这不应该是这种情况,所以我错过了什么?
1 个解决方案
解决方案1
1 已采纳 2021-02-10 10:06:20
If you run nodes for multiple organizations on a single Swarm network (or Kube cluster or VMs in the same cloud account, etc), then of course whoever has access rights to the deployment can gain access to the nodes of all organizations.如果您在单个 Swarm 网络(或 Kube 集群或同一云帐户中的 VM 等)上为多个组织运行节点,那么任何有权访问部署的人当然都可以访问所有组织的节点。
This might be ok if a single entity is hosting all the nodes for a given blockchain network (although it does potentially defeat some of the tenets of blockchain) as typically individual orgs will only have access to their blockchain nodes via the Fabric APIs and won't have system-level access.如果单个实体托管给定区块链网络的所有节点(尽管它确实可能违反区块链的某些原则),这可能没问题,因为通常单个组织只能通过 Fabric API 访问其区块链节点并且不会t 具有系统级访问权限。
Typically, deploying multiple orgs to a single cluster is done for development, testing or experimental purposes.通常,将多个组织部署到单个集群是出于开发、测试或实验目的。 In a real-world deployment, each organization is responsible for its own compute infrastructure.在实际部署中,每个组织都负责自己的计算基础架构。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.