This project contains scripts that let you define, create, and test a Hyperledger Fabric network based on a set of parameters as specified in a sample network, netop1.env.
The scripts support both docker-compose
and kubernetes
. All steps are done in docker containers, and thus you can get a Fabric network running without pre-downloading anything.
- Your workstation must support
bash
shell scripts. - If you want to create and test a Fabric network on local host, you need to install docker-compose and/or kubernetes locally, i.e.,
- If you want to create and test a Fabric network in a cloud, you would not need to download anything except a
CLI
required to access the corresponding cloud service. We currently support Amazon EKS, and Azure AKS. Other cloud services will be supported in the future as well.- For AWS, refer the scripts and instructions in the aws folder.
- For Azure, refer the scripts and instructions in the az folder.
Following steps start fabric-ca
PODs in Kubernetes and generate crypto data required by the sample network, netop1
.
cd ./ca
./start-ca.sh
./bootstrap.sh
./stop-ca.sh
You can edit the network specification netop1.env if you want to use a different operator name, or make it run more orderer or peer nodes. The generated crypto data will be stored in the folder netop1.com on localhost, or in the cloud, such as Amazon EFS file system, or an Azure File storage.
These scripts take 2 additional parameters, e.g.,
./start-ca.sh config_file env_type
where config_file
is file in the config folder with a suffix .env
that contains the fabric network specification; env_type
can be k8s
, docker
, aws
, or az
.
k8s
uses the localdocker-desktop
kubernetes on Mac,docker
usesdocker-compose
, andaws
uses AWS EKS when executed on abastion
host of an EC2 instance.az
uses Azure AKS when executed on abastion
VM instance in Azure. More cloud support will be added in the future.
When the above steps are executed on localhost, the crypto data will be stored in netop1.com. The resulting crypto data is similar to that generated by the fabric cryptogen
tool as demonstrated by fabric-samples. However, by using a fabric CA server in the above step, the generated certificates will include a few extra attributes that would make them usable for cloud deployment using kubernetes, as well as attribute-based-access-control (ABAC). Besides, CA server is also more flexible for generating certificates for more nodes and users in production environment as the network grows.
You may test how the generated crypto data work using a preconfigured sample network as described in docker-netop1. However, if you do not have a local hyperledger fabric environment, you can skip the test and read on. The following steps will show you how to start a fabric network by using a few simple scripts even if you do not have a fabric development environment.
The following script generates a genesis block for the sample network for Kubernetes using 2 peers and 3 orderers with etcd raft
consensus.
cd ./msp
./bootstrap.sh
It also generates transactions for creating a test channel, mychannel
, for smoke tests. Similar to other scripts, this command also accepts 2 parameters, config-file
and env-type
for using different network definition file, or generating artifacts for other deployment environment, e.g., docker
, aws
, or az
.
The following script will start and test the sample fabric network by using the docker-desktop
Kubernetes on a Mac:
cd ./network
./start-k8s.sh
./k8s-test.sh
./stop-k8s.sh
Before you shutdown the network by using stop-k8s.sh
, you can verify the running fabric containers by using kubectl
, e.g.,
kubectl get pod,svc --namespace netop1
Note that the scripts use the operating company name, netop1
, as a Kubernetes namespace, and so they can support multiple member organizations.
If you are not using a Mac, you can run these scripts using docker-compose
, Amazon EKS
, or Azure AKS
. Simply add 2 parameters to all the commands, e.g.,
./start-ca.sh netop1 docker
to usedocker-composer
, or./start-ca.sh netop1 aws
when executing the commands on abastion host
of EC2 instance, which is described in the folder aws, or./start-ca.sh netop1 az
when executing the commands on thebastion host
of Azure VM intance, which is described in the folder az. You may also try to verify if the scripts would work on Minikube.
After the smoke test succeeds, you should see a test result of 90
printed on the screen. If you used docker-compose
for this excersize, you can look at the blockchain state via the CouchDB
futon UI at http://localhost:7056/_utils
, which is exposed for docker-compose
only because it is not recommended to expose CouchDB
in production configuration using Kubernetes.
Stay tuned for more updates on the following items:
- Add new orderer org and orderer nodes;
- Add new peer org and peer nodes;
- Support Google GKE
- Deploy new chaincode