Fabric 网络动态添加组织

1.环境准备

如果存在fabric网络环境可不执行,若不存在可以安装下列进行准备

  • 下载fabric-sample,fabric
https://github.com/hyperledger/fabric-samples.git
https://github.com/hyperledger/fabric-samples.git
  • 构建fabric镜像
cd fabric
make all
  • 创建fabric网络
cd fabric-sample/first-network
./byfn.sh up

2.org3配置文件准备

  • org3configtx.yaml
Organizations:
    - &Org3
        # DefaultOrg defines the organization which is used in the sampleconfig
        # of the fabric.git development environment
        Name: Org3MSP

        # ID to load the MSP definition as
        ID: Org3MSP

        MSPDir: crypto-config/peerOrganizations/org3.example.com/msp

        AnchorPeers:
            # AnchorPeers defines the location of peers which can be used
            # for cross org gossip communication.  Note, this value is only
            # encoded in the genesis block in the Application section context
            - Host: peer0.org3.example.com
              Port: 7051
  • org3crypto.yaml
PeerOrgs:
  # ---------------------------------------------------------------------------
  # Org3
  # ---------------------------------------------------------------------------
  - Name: Org3
    Domain: org3.example.com
    EnableNodeOUs: true
    Template:
      Count: 2
    Users:
      Count: 1

3.生成配置文件

  • 生成证书文件
../../bin/cryptogen generate --config=./org3-crypto.yaml

Eggsy:org3-artifacts eggsy$ tree crypto-config/ -L 4
crypto-config/
└── peerOrganizations
    └── org3.example.com
        ├── ca
        │   ├── 9854e971baa1c6e918365e3c320850c759b446a98d991804d1d3eec157bf37c8_sk
        │   └── ca.org3.example.com-cert.pem
        ├── msp
        │   ├── admincerts
        │   ├── cacerts
        │   ├── config.yaml
        │   └── tlscacerts
        ├── peers
        │   ├── peer0.org3.example.com
        │   └── peer1.org3.example.com
        ├── tlsca
        │   ├── 657d29b05f08772be7fc354dc79c34e5b2f4a4c455dda10342f66692a7a83ff7_sk
        │   └── tlsca.org3.example.com-cert.pem
        └── users
            ├── Admin@org3.example.com
            └── User1@org3.example.com
  • 生成组织配置信息
export FABRIC_CFG_PATH=$PWD && ../../bin/configtxgen -printOrg Org3MSP > ../channel-artifacts/org3.json

此文件包含Org3的策略定义,以及以base 64格式呈现的三个重要证书:管理员用户证书(稍后将充当Org3的管理员),CA根证书和TLS根目录证书。

4.修改mychannel最新配置块

  • 获取最新的配置块
peer channel fetch config config_block.pb -o orderer.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA

2019-07-17 06:48:28.073 UTC [cli.common] readBlock -> INFO 002 Received block: 4
2019-07-17 06:48:28.075 UTC [cli.common] readBlock -> INFO 003 Received block: 2

# 将config转换成json格式
configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json
  • 将org3配置加入配置块
jq -s '.[0] * {"channel_group":{"groups":{"Application":{"groups": {"Org3MSP":.[1]}}}}}' config.json ./channel-artifacts/org3.json > modified_config.json
  • 计算配置块增量更新
# 将config.json转换为config.pb
configtxlator proto_encode --input config.json --type common.Config --output config.pb
# 将modified_config.json转换为modified_config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
# 计算增量
configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output org3_update.pb
# 转换成json格式
configtxlator proto_decode --input org3_update.pb --type common.ConfigUpdate | jq . > org3_update.json
  • 构建envelope message
echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat org3_update.json)'}}}' | jq . > org3_update_in_envelope.json
configtxlator proto_encode --input org3_update_in_envelope.json --type common.Envelope --output org3_update_in_envelope.pb
  • 签名及更新
However, we need signatures from the requisite Admin users before the config can be written to the ledger. The modification policy (mod_policy) for our channel Application group is set to the default of “MAJORITY”, which means that we need a majority of existing org admins to sign it. 

peer channel signconfigtx -f org3_update_in_envelope.pb
peer channel update -f org3_update_in_envelope.pb -c $CHANNEL_NAME -o orderer.example.com:7050 --tls --cafile $ORDERER_CA

5. 启动org3及加入通道

docker-compose -f docker-compose-org3.yaml up -d
docker exec -it Org3cli bash
peer channel fetch 0 mychannel.block -o orderer.example.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA
peer channel join -b mychannel.block

最新文章

  1. 最近使用JQuery Easyui 碰到的几个奇怪问题
  2. C++二级指针第二种内存模型(二维数组)
  3. JS中NULL和undifined区别及NULL的作用
  4. C#将十六进制的文本转换到整型数据
  5. SGU 187.Twist and whirl - want to cheat( splay )
  6. Java 获取到配置文件信息
  7. Hibernate基本原理
  8. PL/SQL简单实现数据库的连接
  9. Android开发相关的Blog推荐——跟随大神的脚步才能成长为大神
  10. 【性能测试】LoadRunner11安装(包含破解、汉化)
  11. JavaScript 对象属性底层原理
  12. checkstyle.xml Code Style for Eclipse
  13. 【九校3D2T3】世界第一的猛汉王
  14. .Net Framework4.5.2 源码命名空间简析
  15. angular指令中使用ngModelController
  16. for练习相关
  17. shell 12输入输出重定向
  18. python list添加元素的几种方法
  19. 《Implementing QuantLib》译后记
  20. COGS 08-备用交换机 题解——S.B.S.

热门文章

  1. springboot管理类,springboot注入类
  2. FTP服务端部署
  3. 【杂项】关于NOIP2018复赛若干巧合的声明
  4. 算法与数据结构基础 - 合并查找(Union Find)
  5. 前端插件之Datatables使用--下篇
  6. 记一次JPA遇到的奇葩错误——本地sql不识别表名的别名
  7. Unity进阶之ET网络游戏开发框架 06-游客登录
  8. CZGL.Auth: ASP.NET Core Jwt角色授权快速配置库
  9. Java网络编程 -- NIO非阻塞网络编程
  10. Keras实例教程(1)