Page Comparison

Image Removed

Tip
Step - by - step guide on how to Install Insights Advanced - Hyperledger Fabric Network.

Installing Hyperledger Network covers the initial setup procedures including Installation, Configurations (Hardware, Software, and Network) and various Commands. Please note that these instructions are only for Linux (RHEL 7).

Prerequisites

Expand

title	Hardware Configuration

Hyperledger Fabric Minimum configuration - Pilot/POCNo. of instances1OSUbuntu 16.04 Xenial (64bit) Storage75 GB (Fabric Network Only)Mem (GiB)8 GBvCPU2Hyperledger Fabric Minimum configuration - ProductionNo. of instances1OSUbuntu 16.04 Xenial (64bit) Storage100 GB (Fabric Network Only)Mem (GiB)16 GBvCPU4

Note
Configuration varies depending on the work load.

Expand

title	Software

Docker version 18.03 or later, Docker Compose 1.14.0 or greater (If not, we recommend that you install a more recent version of Docker) , curl
Python 3.x
Node.js Runtime 8.x(8.12.0) and NPM 6.x(6.3.0) - For chaincode
git (git bash to clone the repo)
wget

Refer the link to know the Software component version for latest fabric network

Tip
Step - by - step guide on how to Install Insights Advanced - Hyperledger Fabric Network.

Installing Hyperledger Network covers the initial setup procedures including Installation, Configurations (Hardware, Software, and Network) and various Commands. Please note that these instructions are only for Linux (RHEL 7).

Prerequisites

Expand

title	Hardware Configuration

Hyperledger Fabric Minimum configuration - Pilot/POC
No. of instances	1
OS	Ubuntu 16.04 Xenial (64bit)
Storage	75 GB (Fabric Network Only)
Mem (GiB)	8 GB
vCPU	2

Hyperledger Fabric Minimum configuration - Production
No. of instances	1
OS	Ubuntu 16.04 Xenial (64bit)
Storage	100 GB (Fabric Network Only)
Mem (GiB)	16 GB
vCPU	4

Note
Configuration varies depending on the work load.

Expand

title	Software

Docker version 18.03 or later, Docker Compose 1.14.0 or greater (If not, we recommend that you install a more recent version of Docker) , curl
Python 3.x
Node.js Runtime 8.x(8.12.0) and NPM 6.x(6.3.0) - For chaincode
git (git bash to clone the repo)
wget

Refer the link to know the Software component version for latest fabric network: https://hyperledger-fabric.readthedocs.io/en/latest/prereqs.html

Fabric Version Specific. Change the version in the URL for other versions: https://hyperledger-fabric.readthedocs.io/en/latestrelease-1.4/prereqs.html

Fabric Version Specific. Change the version in the URL for other versions: https://hyperledger-fabric.readthedocs.io/en/release-1.4/prereqs.html

Docker, Docker Compose and curl

On

Docker, Docker Compose and curl

On RHEL/CentOS7:

Docker - https://docs.docker.com/engine/install/centos/

yum update
yum install yum-utils
yum-config-manager --enable rhel-7-server-rhui-extras-rpms
yum install docker
Ensure that docker daemon is running with an option -H unix:///var/run/docker.sock . If not, open the file(vi), add it as shown below and save(:wq). Ensure, only one ExecStart is available in the file.

vi /lib/systemd/system/docker.service

ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H unix:///var/run/docker.sock

:wq

Provide permission "chmod 666 /var/run/docker.sock"
systemctl start docker
systemctl status docker
systemctl enable docker (start docker at system boot)
Add your user to the docker group.
groupadd docker (Do this if not present)
usermod -a -G docker <username>

Example: usermod -aG docker ec2-user

For RHUI 3 repo ID(rhel-7-server-rhui-extras-rpms ) to configure yum-config-manager, please visit - https://access.redhat.com/articles/4599971
For docker commands please visit - https://docs.docker.com/edge/engine/reference/commandline/docker/

Docker Compose

Install docker compose specific version. Any existing installation of Docker is replaced.
1. Specific version of docker-compose installation. Refer current release of docker compose in https://docs.docker.com/compose/install/
2. For example "docker-compose v1.26.2":
  sudo curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/bin/docker-compose
  sudo chmod +x /usr/bin/docker-compose
  docker-compose --version
  systemctl status docke

Reference: https://docs.docker.com/install/linux/docker-ce/ubuntu/

cURL

Download the latest version of cURL (curl) tool if it is not installed - https://curl.haxx.se/download.html

GO

Download the archive: wget https://dl.google.com/go/go1.11.10.linux-amd64.tar.gz
Extract it into /usr/local, creating a Go tree in /usr/local/go.
tar -C /usr/local -xzf go1.11.10.linux-amd64.tar.gz
Add /usr/local/go/bin to the PATH environment variable. You can do this by adding this line to your /etc/profile (for a system-wide installation) or $HOME/.bashprofile: export PATH=$PATH:/usr/local/go/bin
Reference - Section Linux :https://golang.org/doc/install#install

Python

As of Ubuntu 16.04 LTS (xenial), both python 2 and python3 by default. Recommended to use python3. Check and then install if required.

apt-get install python3.5
apt-get install python3-pip

set alias to respectiive python version in ~/.bashrc to avoid error while installing the module.

alias pip=pip3

alias python=python3.5

(OR)

update-alternatives --install /usr/bin/python python /usr/bin/python3.5 10

Reference: https://wiki.ubuntu.com/Python

Node.js Runtime and NPM
The recommended versions for node and npm are Node 8.x.x and npm5.x.x. If you are getting lower versions using apt-get install, remove existing node setup from your machine and then run the following:

curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -

yum install nodejs

Git

As Of RHEL/CentOS7, git is available by default. Check and then install if required.

yum update
yum install git

wget

yum install wget

Following port must be opened to access the fabric network from fabric sdk.

Expand

title	Recommended Network Ports

Environment variable INSIGHTS_HOME

Environment variable INSIGHTS_HOME and $INSIGHTS_HOME/.InSights/server-config.json

Windows: Server 2 - SetEnvVariables.bat
Linux: insights_first.sh

Refer here for installation steps if required.

Expand

title	Recommended Network Ports

Following port must be opened to access the fabric network from fabric sdk.

Source : fabric sdk instance where our Insights is running

Destination: fabric network installed instance - hyperledger network

Example Ports: You can change these ports based on availability and configuration in fabric network. Then, enable connectivity to those ports.

orderer - 7050
peer0.org1 - 7051
peer1.org1 - 8051
peer0.org2 - 9051
peer1.org2 - 10051
ca.org1 - 7054
ca.org2 - 8054

Expand

title	Useful Docker Commands

List active container: docker ps

List active/exited container: docker ps -a

List docker images: docker images

Check container logs: docker logs <container-id>

Connect to Container: docker exec -it <container-id> bash

Remove docker container: docker rmi -f <contianer-id>

Remove docker images: docker rmi -f <image-name/id>

Reference: https://docs.docker.com/engine/reference/commandline/docker/

Hyperledger Fabric Network - - Installation and Configuration

Expand

title	Network: Raft Ordering Service: fabric_version: 2.2.0 fabric-ca_version 1.4.8

Make sure you've done

Expand

title	Raft (etcd/raft) Fabric Network

, deploy Chaincode

Make sure you've done all the Prerequisites. Raft Ordering Service introduced in 1.4.1 (Reference: https://hyperledger-fabric.readthedocs.io/en/latest//whatsnew.html)

Ensure docker images are pulled as per raft supported version ( https://github.com/hyperledger/fabric/releases )

Network Architecture

5 Orderers
2 Organizations
4 peers, 2 for each organization
4 couchdb, one for each peer
2 certificate authority(CA), one for each organization

Setup the Network

Login as non-root user "ec2-user". Navigate to your home directory or any convenient directory and create directory hyperledger:
cd /home/ec2-user/
mkdir hyperledger
cd /home/ec2-user/hyperledger/
Refer for more detailed steps with samples: https://hyperledger-fabric.readthedocs.io/en/latest/install.html?highlight=https%3A%2F%2Fbit.ly%2F2ysbOFE#install-samples-binaries-and-docker-images Followed the steps and created tar ball (insights-fabric-network.tar.gz) with required binaries and docker images.
wget https://infra.cogdevops.com:8443/repository/docroot/insights_install/installationScripts/latest/RHEL/hyperledger/insights-fabric-network.tar.gz
untar the file insights-fabric-network.tar.gz .
cd /home/ec2-user/hyperledger
tar -zxvf insights-fabric-network.tar.gz
cd /home/ec2-user/hyperledger/insights-fabric-network
Following directories (bin , config , insights-network) are available to start the network.
Give permissions to all the executable and shell files which will easily bring up/down the network:
chmod 777 *.sh
chmod -R 755 bin
Get into the directory insights-network : cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network

Required configurations and scripts are already updated for the DOMAIN - cogdevops.com .

Info

title	References - Hyperledger Config Files

configtx.yaml - https://hyperledger-fabric.readthedocs.io/en/latest/create_channel/create_channel_config.html#using-configtx-yaml-to-build-a-channel-configuration

Architecture - https://hyperledger-fabric.readthedocs.io/en/latest/architecture.html

/home/ec2-user/hyperledger/insights-fabric-network/insights-network/.env

Code Block

language	bash
theme	Emacs
title	.env

COMPOSE_PROJECT_NAME=hyperledger
IMAGE_TAG=latest
SYS_CHANNEL=system-channel
DOMAIN=<yourdomain>

Start the network by using the following command. Specify the fabric version, fabric-ca version and couch db as state database :
Code Block
language bash
theme Emacs
title Start fabric network
cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network ./network.sh up -ca -s couchdb -i 2.2.0 -cai 1.4.8
network.sh internally calls the required scripts to perform the following actions: TLS Enabled, required certs, register and enroll users (fabric-ca) - both admin and other users;- these details required to connect from Java sdk while connecting network , pull necessary docker images and start the containers.

Verify if all the docker containers are running:

docker ps -a

Create channel. Following script will create channel , join and update for all peers.
Code Block
language bash
theme Emacs
title Create Channel
cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network ./network.sh createChannel -c insightschannel
Info
title Hint:
Change permission/ownership to non-root user for the directory channel-artifacts if you face any issues in channel creation due to permissions restricted by root user.
Copy (Specify github location for chaincode) the chaincode/contract to the directory /home/ec2-user/hyperledger/insights-fabric-network/insights-network. Directory structure after chaincode copy is : /home/ec2-user/hyperledger/insights-fabric-network/insights-network/chaincode/src/nodejs

Deploy Smart Contract (Chaincode): Run the following command to deploy the smart contract/chaincode.

Code Block

language	bash
theme	Emacs
title	Deploy Smart Contract (Chaincode)

cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
./network.sh deployCC -ccn insightsaudit -ccp ./chaincode/src/nodejs/ -ccv 1 -ccl javascript

Note: ccl parameter can either javascript or typescript. Both will refer to CC_RUNTIME_LANGUAGE=node inside scripts/deployCC.sh file

Info

You will notice some extra containers running other than the ones mentioned in the network architecture with names like this: dev-peer0.org1.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx , dev-peer1.org1.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx, dev-peer0.org2.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx , dev-peer1.org2.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx . It is an expected behavior for the fabric-network. These containers will get spawned whenever chaincode is instantiated(deployed) in a peer.

Set the environments in host machine where you have deployed your network(Don't to get into any peer container). to operate via Org1 or Org2.

Info

title	Important Note

Set either ORG1 or ORG2 in one terminal. Open 2 terminal window then set ORG1 in first terminal and Org2 in second terminal. If you attempt to set continuously then latest one will override all the previous ones.

Code Block

language	bash
theme	Emacs
title	ORG1 admin

export PATH=${PWD}/../bin:${PWD}:$PATH

export FABRIC_CFG_PATH=$PWD/../config/

export CORE_PEER_TLS_ENABLED=true

export CORE_PEER_LOCALMSPID="Org1MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org1.<yourdomain>/peers/peer0.org1.<yourdomain>/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.<yourdomain>/users/Admin@org1.<yourdomain>/msp

export CORE_PEER_ADDRESS=localhost:7051

Code Block

language	bash
theme	Emacs
title	ORG2 admin

export PATH=${PWD}/../bin:${PWD}:$PATH

export FABRIC_CFG_PATH=$PWD/../config/

export CORE_PEER_LOCALMSPID="Org2MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org2.<yourdomain>/peers/peer0.org2.<yourdomain>/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.<yourdomain>/users/Admin@org2.<yourdomain>/msp

export CORE_PEER_ADDRESS=localhost:9051

Info

title	Note

Latest fabric version has feature to execute peer lifecycle commands in host machine itself by setting respective org env variables as specified above.

Sanity testing. Test the Chaincode. Either insert record manually or let the data gets inserted via PlatformEngine with digitalSignature validation. Use the following command to verify network and smart contract functionality are deployed successfully or not.

Before executing the below command in host machine. You must have either ORG1 admin env variables or ORG2 admin env variables set in the terminal.

Manual insertion and read:

Code Block

language	bash
title	Instantiate(write) to Smart Contract insightsaudit

peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer0.<yourdomain> -C insightschannel -n insightsaudit --tls --cafile ${PWD}/organizations/ordererOrganizations/<yourdomain>/orderers/orderer0.<yourdomain>/msp/tlscacerts/tlsca.<yourdomain>-cert.pem --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.<yourdomain>/peers/peer0.org1.<yourdomain>/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.<yourdomain>/peers/peer0.org2.<yourdomain>/tls/ca.crt -c '{"Args":["Instantiate","{\"almAssetID\":\"IN-1\",\"property\":\"ALM\",\"phase\":\"Plan\",\"toolName\":\"JIRA\",\"toolstatus\":\"Done\",\"priority\":\"Medium\",\"sprintNames\":[\"IN Sprint 1\"],\"issueType\":\"Story\",\"attachments\":\"https://<jirahostnameurl>/secure/attachment/10017/test.txt\",\"projectName\":\"InsightsAuditing Testing\",\"createdTime\": 1557741850.0,\"issueAPI\": \"https://bcdevops.atlassian.net/rest/api/2/issue/10013\",\"timestamp\":1557751850.0,\"date\":\"2019-05-13\",\"uplink\":\"null\",\"downlink\":{\"jiraKeys\":\"IN-1\"}}"]}'

Code Block

language	bash
title	Read from Smart Contract - insightsaudit

peer chaincode query -n insightsaudit -c '{"Args":["GetAssetDetails","IN-1"]}' -C insightschannel

Make sure you've done all the Prerequisites. Raft Ordering Service introduced in 1.4.1 (Reference: https://hyperledger-fabric.readthedocs.io/en/latest//whatsnew.html)

Ensure docker images are pulled as per raft supported version ( https://github.com/hyperledger/fabric/releases )

Network Architecture

5 Orderers
2 Organizations
4 peers, 2 for each organization
4 couchdb, one for each peer
2 certificate authority(CA), one for each organization

Setup the Network

Login as non-root user "ec2-user". Navigate to your home directory or any convenient directory and create directory hyperledger:

cd /home/ec2-user/

mkdir hyperledger

cd /home/ec2-user/hyperledger/

Refer for more detailed steps with samples: https://hyperledger-fabric.readthedocs.io/en/latest/install.html?highlight=https%3A%2F%2Fbit.ly%2F2ysbOFE#install-samples-binaries-and-docker-images Followed the steps and created tar ball (insights-fabric-network.tar.gz) with required binaries and docker images.

wget https://infra.cogdevops.com:8443/repository/docroot/insights_install/installationScripts/latest/RHEL/hyperledger/insights-fabric-network.tar.gz

untar the file insights-fabric-network.tar.gz .

cd /home/ec2-user/hyperledger

tar -zxvf insights-fabric-network.tar.gz

cd /home/ec2-user/hyperledger/insights-fabric-network

Following directories (bin , config , insights-network) are available to start the network.

Give permissions to all the executable and shell files which will easily bring up/down the network:
chmod 777 *.sh
chmod -R 755 bin

Get into the directory insights-network : cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network

Required configurations and scripts are already updated for the DOMAIN - cogdevops.com .

Panelexpand

title	SDK: Hyperledger Fabric Network - fabric_version: 2.2.0 fabric-ca_version 1.4.8

Expand

title	Raft (etcd/raft) Fabric Network

Info

title	References - Hyperledger Config Files

configtx.yaml - https://hyperledger-fabric.readthedocs.io/en/latest/create_channel/create_channel_config.html#using-configtx-yaml-to-build-a-channel-configuration

Architecture - https://hyperledger-fabric.readthedocs.io/en/latest/architecture.html

/home/ec2-user/hyperledger/insights-fabric-network/insights-network/.env

Code Block

language	bash
theme	Emacs
title	.env

COMPOSE_PROJECT_NAME=hyperledger
IMAGE_TAG=latest
SYS_CHANNEL=system-channel
DOMAIN=<yourdomain>

Start the network by using the following command. Specify the fabric version, fabric-ca version and couch db as state database :

Code Block

language	bash
theme	Emacs
title	Start fabric network

cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
./network.sh up -ca -s couchdb -i 2.2.0 -cai 1.4.8

network.sh internally calls the required scripts to perform the following actions: TLS Enabled, required certs, register and enroll users (fabric-ca) - both admin and other users;- these details required to connect from Java sdk while connecting network , pull necessary docker images and start the containers.

Verify if all the docker containers are running:

docker ps -a

Create channel. Following script will create channel , join and update for all peers.

Code Block

language	bash
theme	Emacs
title	Create Channel

cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
./network.sh createChannel -c insightschannel

Info

title	Hint:

Change permission/ownership to non-root user for the directory channel-artifacts if you face any issues in channel creation due to permissions restricted by root user.

Copy (Specify github location for chaincode) the chaincode/contract to the directory /home/ec2-user/hyperledger/insights-fabric-network/insights-network. Directory structure after chaincode copy is : /home/ec2-user/hyperledger/insights-fabric-network/insights-network/chaincode/src/nodejs

Deploy Smart Contract (Chaincode): Run the following command to deploy the smart contract/chaincode.

Code Block

language	bash
theme	Emacs
title	Deploy Smart Contract (Chaincode)

cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
./network.sh deployCC -ccn insightsaudit -ccp ./chaincode/src/nodejs/ -ccv 1 -ccl javascript

Note: ccl parameter can either javascript or typescript. Both will refer to CC_RUNTIME_LANGUAGE=node inside scripts/deployCC.sh file

Info

You will notice some extra containers running other than the ones mentioned in the network architecture with names like this: dev-peer0.org1.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx , dev-peer1.org1.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx, dev-peer0.org2.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx , dev-peer1.org2.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx . It is an expected behavior for the fabric-network. These containers will get spawned whenever chaincode is instantiated(deployed) in a peer.

Set the environments in host machine where you have deployed your network(Don't to get into any peer container). to operate via Org1 or Org2.

Info

title	Important Note

Set either ORG1 or ORG2 in one terminal. Open 2 terminal window then set ORG1 in first terminal and Org2 in second terminal. If you attempt to set continuously then latest one will override all the previous ones.

Code Block

language	bash
theme	Emacs
title	ORG1 admin

export PATH=${PWD}/../bin:${PWD}:$PATH

export FABRIC_CFG_PATH=$PWD/../config/

export CORE_PEER_TLS_ENABLED=true

export CORE_PEER_LOCALMSPID="Org1MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org1.<yourdomain>/peers/peer0.org1.<yourdomain>/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.<yourdomain>/users/Admin@org1.<yourdomain>/msp

export CORE_PEER_ADDRESS=localhost:7051

Code Block

language	bash
theme	Emacs
title	ORG2 admin

export PATH=${PWD}/../bin:${PWD}:$PATH

export FABRIC_CFG_PATH=$PWD/../config/

export CORE_PEER_LOCALMSPID="Org2MSP"

export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org2.<yourdomain>/peers/peer0.org2.<yourdomain>/tls/ca.crt

export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.<yourdomain>/users/Admin@org2.<yourdomain>/msp

export CORE_PEER_ADDRESS=localhost:9051

Info

title	Note

Latest fabric version has feature to execute peer lifecycle commands in host machine itself by setting respective org env variables as specified above.

Sanity testing. Test the Chaincode. Either insert record manually or let the data gets inserted via PlatformEngine with digitalSignature validation. Use the following command to verify network and smart contract functionality are deployed successfully or not.

Before executing the below command in host machine. You must have either ORG1 admin env variables or ORG2 admin env variables set in the terminal.

Manual insertion and read:

Code Block

language	bash
title	Instantiate(write) to Smart Contract insightsaudit

peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer0.<yourdomain> -C insightschannel -n insightsaudit --tls --cafile ${PWD}/organizations/ordererOrganizations/<yourdomain>/orderers/orderer0.<yourdomain>/msp/tlscacerts/tlsca.<yourdomain>-cert.pem --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.<yourdomain>/peers/peer0.org1.<yourdomain>/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.<yourdomain>/peers/peer0.org2.<yourdomain>/tls/ca.crt -c '{"Args":["Instantiate","{\"almAssetID\":\"IN-1\",\"property\":\"ALM\",\"phase\":\"Plan\",\"toolName\":\"JIRA\",\"toolstatus\":\"Done\",\"priority\":\"Medium\",\"sprintNames\":[\"IN Sprint 1\"],\"issueType\":\"Story\",\"attachments\":\"https://<jirahostnameurl>/secure/attachment/10017/test.txt\",\"projectName\":\"InsightsAuditing Testing\",\"createdTime\": 1557741850.0,\"issueAPI\": \"https://bcdevops.atlassian.net/rest/api/2/issue/10013\",\"timestamp\":1557751850.0,\"date\":\"2019-05-13\",\"uplink\":\"null\",\"downlink\":{\"jiraKeys\":\"IN-1\"}}"]}'

Code Block

language	bash
title	Read from Smart Contract - insightsaudit

peer chaincode query -n insightsaudit -c '{"Args":["GetAssetDetails","IN-1"]}' -C insightschannel

Java SDK to connect hyperledger fabric network

Prerequisites:

Fabric network must be running and with smart contract/chaincode deployed into it, to establish the fabric network connection from fabric Java sdk.
Required network ports must be opened (Refer: "Recommended Network Ports" section in this page)

Configuration Steps:

Download connections-tls.json from Nexus3 docroot repo and keep it inside the instance where our Insights application is running. Path: $INSIGHTS_HOME/.InSights/connections-tls.json
Keep the required certs inside the path $INSIGHTS_HOME/.InSights/BlockChainCerts/etcdraft-certs. Certs generated while creating fabric network.
Update the path of the json and certs locations in connections-tls.json.
Replace <yourdomain> by your actual domain name. (For example: orderer0.example.com)
Update enrollSecret value which is password for ca-org1 and ca-org2.
Finally, keep this updated connections-tls.json inside the path INSIGHTS_HOME. Parallel to server-config.json
Download other config files datamodel.json and Process.json used for logic construction. Keep these files inside the path INSIGHTS_HOME. Parallel to server-config.json

Config files	Explanation
datamodel.json	datamodelDescription
Process.json	ProcessDescription

Set flag as true for AuditEngine in "server-config.json" as mentioned below:

Info

{

"enableAuditEngine":true,

}

Set flag as true for "showAuditReporting" in uiConfig.json (Path: TOMCAT/webapps/app/config/uiConfig.json) as mentioned below to enable the "Audit Reporting" in UI.

Info

{

"showAuditReporting": true,

}

Restart Tomcat service for the changes to be refreshed in Insights application.
Restart PlatformEngine for the engine to include audit/hyperledger functionalities.

Expand

title	digitalSignature

Prerequisites:

Following value must be configured "enableAuditEngine":true in server-config.json

Configure digitalSignature:

The hash value of each node is encrypted using the public key at agent(python) side and decrypted using private key at the platformengine(java) side.
BaseAgent has digitalSignature encryption function invoked from publishToolsData and tool agents(Example: JenkinsAgent3.py) will invoke publishToolsData with third parameter auditing as True. Default publishToolsData without sending this parameter will perform the usual publish data to MQ without digitalSignature.
Public/Private keys are generated using the same RSA algorithm by executing a simple python script GenerateKeys.py where Insights is installed and INSIGHTS_HOME is set in environment. This is a one time execution.
Public/Private keys are placed inside */$INSIGHTS_HOME/.InSights/BlockChainCerts/* folder by the python script mentioned in previous point.
Each agent config.json contains an additional property called "publicKeyPath" containing the path of the public key ($INSIGHTS_HOME/.InSights/BlockChainCerts/public_key.pem) used for encryption.
The connections-tls.json contains an additional variable called "ENGINE_PRIVATE_KEY" containing the path of the private key ($INSIGHTS_HOME/.InSights/BlockChainCerts/private_key.pem) used for decryption.
If a node doesn't contain digitalSignature, PlatformEngine will reject it and inform the corresponding uuid in console output.

The tool agents(written in python) will perform the following:

Calculates the hash from all the property values of each node
Encrypts the hash using *RSA* algorithm with MGF1 padding
Adds the encrypted hash as "digitalSignature" field to respective nodes and push to Neo4j.

PlatformEngine with Audit enabled does the following:

PlatformEngine will consume the nodes from Neo4j. Decrypt digitalSignature of each node and obtain the hash value of the corresponding node
Re-calculate the hash value from the corresponding node's properties
if hash obtained in step 1 is equal to calculated hash value in step 2 then respective node is inserted into ledger, else node is not inserted into ledger & the corresponding uuid is logged into console output.

Info

title	Note

Restart respective service(Tomcat/Engine/Agent) whenever config files are modified.

Version	Old Version 63	New Version Current
Changes made by	Jeyanthi (Unlicensed)	Vishwajit Mankar (Unlicensed)
Saved on	Oct 20, 2020	Mar 01, 2022

Page Comparison

Versions Compared

Key

Prerequisites

Prerequisites

Docker, Docker Compose and curl

Docker, Docker Compose and curl

On RHEL/CentOS7:

cURL

GO

Python

Node.js Runtime and NPMThe recommended versions for node and npm are Node 8.x.x and npm5.x.x. If you are getting lower versions using apt-get install, remove existing node setup from your machine and then run the following:

Git

wget

Node.js Runtime and NPM
The recommended versions for node and npm are Node 8.x.x and npm5.x.x. If you are getting lower versions using apt-get install, remove existing node setup from your machine and then run the following: