This project contains scripts that let you define, create, and test a Hyperledger Fabric network based on a set of parameters as specified in a sample network, netop1.env.

The scripts support both docker-compose and kubernetes. All steps are done in docker containers, and thus you can get a Fabric network running without pre-downloading anything.

• Your workstation must support bash shell scripts.
• If you want to create and test a Fabric network on local host, you need to install docker-compose and/or kubernetes locally, i.e.,
  • Install Docker and Docker Compose as described here.
  • Mac user can enable kubernetes as described here.
  • I have not tested the scripts with Minikube, although I would expect it to work without much change.
• If you want to create and test a Fabric network in a cloud, you would not need to download anything except a CLI required to access the corresponding cloud service. We currently support Amazon EKS, and Azure AKS. Other cloud services will be supported in the future as well.
  • For AWS, refer the scripts and instructions in the aws folder.
  • For Azure, refer the scripts and instructions in the az folder.

Following steps start fabric-ca PODs in Kubernetes and generate crypto data required by the sample network, netop1.

cd ./ca
./start-ca.sh
./bootstrap.sh
./stop-ca.sh

You can edit the network specification netop1.env if you want to use a different operator name, or make it run more orderer or peer nodes. The generated crypto data will be stored in the folder netop1.com on localhost, or in the cloud, such as Amazon EFS file system, or an Azure File storage.

These scripts take 2 additional parameters, e.g.,

./start-ca.sh config_file env_type

where config_file is file in the config folder with a suffix .env that contains the fabric network specification; env_type can be k8s, docker, aws, or az.

• k8s uses the local docker-desktop kubernetes on Mac,
• docker uses docker-compose, and
• aws uses AWS EKS when executed on a bastion host of an EC2 instance.
• az uses Azure AKS when executed on a bastion VM instance in Azure. More cloud support will be added in the future.

When the above steps are executed on localhost, the crypto data will be stored in netop1.com. The resulting crypto data is similar to that generated by the fabric cryptogen tool as demonstrated by fabric-samples. However, by using a fabric CA server in the above step, the generated certificates will include a few extra attributes that would make them usable for cloud deployment using kubernetes, as well as attribute-based-access-control (ABAC). Besides, CA server is also more flexible for generating certificates for more nodes and users in production environment as the network grows.

You may test how the generated crypto data work using a preconfigured sample network as described in docker-netop1. However, if you do not have a local hyperledger fabric environment, you can skip the test and read on. The following steps will show you how to start a fabric network by using a few simple scripts even if you do not have a fabric development environment.

The following script generates a genesis block for the sample network for Kubernetes using 2 peers and 3 orderers with etcd raft consensus.

cd ./msp
./bootstrap.sh

It also generates transactions for creating a test channel, mychannel, for smoke tests. Similar to other scripts, this command also accepts 2 parameters, config-file and env-type for using different network definition file, or generating artifacts for other deployment environment, e.g., docker, aws, or az.

The following script will start and test the sample fabric network by using the docker-desktop Kubernetes on a Mac:

cd ./network
./start-k8s.sh
./k8s-test.sh
./stop-k8s.sh

Before you shutdown the network by using stop-k8s.sh, you can verify the running fabric containers by using kubectl, e.g.,

kubectl get pod,svc --namespace netop1

Note that the scripts use the operating company name, netop1, as a Kubernetes namespace, and so they can support multiple member organizations.

If you are not using a Mac, you can run these scripts using docker-compose, Amazon EKS, or Azure AKS. Simply add 2 parameters to all the commands, e.g.,

• ./start-ca.sh netop1 docker to use docker-composer, or
• ./start-ca.sh netop1 aws when executing the commands on a bastion host of EC2 instance, which is described in the folder aws, or
• ./start-ca.sh netop1 az when executing the commands on the bastion host of Azure VM intance, which is described in the folder az. You may also try to verify if the scripts would work on Minikube.

After the smoke test succeeds, you should see a test result of 90 printed on the screen. If you used docker-compose for this excersize, you can look at the blockchain state via the CouchDB futon UI at http://localhost:7056/_utils, which is exposed for docker-compose only because it is not recommended to expose CouchDB in production configuration using Kubernetes.

Stay tuned for more updates on the following items:

• Add new orderer org and orderer nodes;
• Add new peer org and peer nodes;
• Support Google GKE
• Deploy new chaincode