Installing Hyperledger Fabric

• Docker version 18.03 or later, Docker Compose  1.14.0 or greater (If not, we recommend that you install a more recent version of Docker) , curl
• Python 3.x
• Node.js Runtime 8.x(8.12.0) and NPM 6.x(6.3.0) - For chaincode
• git (git bash to clone the repo)
• wget

Refer the link to know the Software component version for latest fabric network: https://hyperledger-fabric.readthedocs.io/en/latest/prereqs.html

Fabric Version Specific. Change the version in the URL for other versions: https://hyperledger-fabric.readthedocs.io/en/release-1.4/prereqs.html

Docker, Docker Compose and curl

On RHEL/CentOS7:

Docker - https://docs.docker.com/engine/install/centos/

• yum update

• yum install yum-utils

• yum-config-manager --enable rhel-7-server-rhui-extras-rpms 
• yum install docker
• Ensure that docker daemon is running with an option -H unix:///var/run/docker.sock  . If not, open the file(vi), add it as shown below and save(:wq). Ensure, only one ExecStart is available in the file. 

          vi /lib/systemd/system/docker.service

          ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H unix:///var/run/docker.sock

          :wq

• Provide permission "chmod 666 /var/run/docker.sock"
• systemctl start docker
• systemctl status docker
• systemctl enable docker (start docker at system boot)
• Add your user to the docker group.
• groupadd docker (Do this if not present)
  usermod -a -G docker <username>

                     Example: usermod -aG docker ec2-user

1. For RHUI 3 repo ID(rhel-7-server-rhui-extras-rpms ) to configure yum-config-manager, please visit - https://access.redhat.com/articles/4599971

2. For docker commands please visit -  https://docs.docker.com/edge/engine/reference/commandline/docker/

Docker Compose

1. Install docker compose specific version. Any existing installation of Docker is replaced.           
   1. Specific version of docker-compose installation. Refer current release of docker compose in https://docs.docker.com/compose/install/
   2. For example "docker-compose v1.26.2": 

      sudo curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/bin/docker-compose

      sudo chmod +x /usr/bin/docker-compose

      docker-compose --version

      systemctl status docke

Reference: https://docs.docker.com/install/linux/docker-ce/ubuntu/

cURL

Download the latest version of cURL (curl) tool if it is not installed - https://curl.haxx.se/download.html

GO

1. Download the archive: wget https://dl.google.com/go/go1.11.10.linux-amd64.tar.gz
2. Extract it into /usr/local, creating a Go tree in /usr/local/go. 
3. tar -C /usr/local -xzf go1.11.10.linux-amd64.tar.gz
4. Add /usr/local/go/bin to the PATH environment variable. You can do this by adding this line to your /etc/profile (for a system-wide installation) or $HOME/.bashprofile:                  export PATH=$PATH:/usr/local/go/bin
   Reference - Section Linux :https://golang.org/doc/install#install

Python

As of Ubuntu 16.04 LTS (xenial),  both python 2 and python3 by default. Recommended to use python3. Check and then install if required.

1. apt-get install python3.5
2. apt-get install python3-pip

set alias to respectiive python version in ~/.bashrc to avoid error while installing the module.

alias pip=pip3

alias python=python3.5

(OR)

update-alternatives --install /usr/bin/python python /usr/bin/python3.5 10

Reference: https://wiki.ubuntu.com/Python

Node.js Runtime and NPM
The recommended versions for node and npm are Node 8.x.x and npm5.x.x. If you are getting lower versions using apt-get install, remove existing node setup from your machine and then run the following:

curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -

yum install nodejs

Git

As Of RHEL/CentOS7, git is available by default. Check and then install if required.

1. yum update
2. yum install git

wget

       yum install wget

Following port must be opened to access the fabric network from fabric sdk.

Source : fabric sdk instance where our Insights is running

Destination: fabric network installed instance - hyperledger network

Example Ports: You can change these ports based on availability and configuration in fabric network. Then, enable connectivity to those ports.

• orderer - 7050 
• peer0.org1 - 7051
• peer1.org1 - 8051
• peer0.org2 - 9051
• peer1.org2 - 10051
• ca.org1 - 7054
• ca.org2 - 8054

List active container: docker ps

List active/exited container: docker ps -a

List docker images: docker images

Check container logs: docker logs <container-id>

Connect to Container: docker exec -it <container-id> bash

Remove docker container: docker rmi -f <contianer-id>

Remove docker images: docker rmi -f <image-name/id>

Reference: https://docs.docker.com/engine/reference/commandline/docker/

Make sure you've done all the Prerequisites. Raft Ordering Service introduced in 1.4.1 (Reference: https://hyperledger-fabric.readthedocs.io/en/latest//whatsnew.html)

Ensure docker images are pulled as per raft supported version ( https://github.com/hyperledger/fabric/releases )

Network Architecture

• 5 Orderers
• 2 Organizations
• 4 peers, 2 for each organization
• 4 couchdb, one for each peer
• 2 certificate authority(CA), one for each organization

Setup the Network

1. Login as non-root user "ec2-user". Navigate to your home directory or any convenient directory and create directory hyperledger:

2. cd /home/ec2-user/

   mkdir hyperledger

   cd /home/ec2-user/hyperledger/

   
   

3. Refer for more detailed steps with samples: https://hyperledger-fabric.readthedocs.io/en/latest/install.html?highlight=https%3A%2F%2Fbit.ly%2F2ysbOFE#install-samples-binaries-and-docker-images Followed the steps and created tar ball (insights-fabric-network.tar.gz) with required binaries and docker images.

   wget https://infra.cogdevops.com:8443/repository/docroot/insights_install/installationScripts/latest/RHEL/hyperledger/insights-fabric-network.tar.gz

   
   

4. untar the file insights-fabric-network.tar.gz .   

   cd /home/ec2-user/hyperledger

   tar -zxvf insights-fabric-network.tar.gz

   cd /home/ec2-user/hyperledger/insights-fabric-network

      
5. Following directories (bin , config , insights-network) are available to start the network.

6. Give permissions to all the executable and shell files which will easily bring up/down the network:
   chmod 777 *.sh
   chmod -R 755 bin

7. Get into the directory insights-network : cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network

8. Required configurations and scripts are already updated for the DOMAIN - cogdevops.com .   

   References - Hyperledger Config Files

   configtx.yaml - https://hyperledger-fabric.readthedocs.io/en/latest/create_channel/create_channel_config.html#using-configtx-yaml-to-build-a-channel-configuration

   Architecture - https://hyperledger-fabric.readthedocs.io/en/latest/architecture.html

   /home/ec2-user/hyperledger/insights-fabric-network/insights-network/.env

   .env

   COMPOSE_PROJECT_NAME=hyperledger
   IMAGE_TAG=latest
   SYS_CHANNEL=system-channel
   DOMAIN=<yourdomain>

9. Start the network by  using the following command. Specify the fabric version, fabric-ca version and couch db as state database : 
   Start fabric network

   cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
   ./network.sh up -ca -s couchdb -i 2.2.0 -cai 1.4.8

   network.sh internally calls the required scripts to perform the following actions: TLS Enabled, required certs, register and enroll users (fabric-ca) - both admin and other users;- these details required to connect from Java sdk while connecting network , pull necessary docker images and start the containers. 

          Verify if all the docker containers are running:

          docker ps -a

2. Create channel. Following script will create channel , join and update for all peers.                                                                                                                                                            

   Create Channel

   cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
   ./network.sh createChannel -c insightschannel

   Hint:

   Change permission/ownership to non-root user for the directory channel-artifacts if you face any issues in channel creation due to permissions restricted by root user.

3. Copy (Specify github location for chaincode) the chaincode/contract to the directory /home/ec2-user/hyperledger/insights-fabric-network/insights-network. Directory structure after chaincode copy is : /home/ec2-user/hyperledger/insights-fabric-network/insights-network/chaincode/src/nodejs

4. Deploy Smart Contract (Chaincode): Run the following command to deploy the smart contract/chaincode. 

   Deploy Smart Contract (Chaincode)

   cd /home/ec2-user/hyperledger/insights-fabric-network/insights-network
   ./network.sh deployCC -ccn insightsaudit -ccp ./chaincode/src/nodejs/ -ccv 1 -ccl javascript

   Note: ccl parameter can either javascript or typescript. Both will refer to CC_RUNTIME_LANGUAGE=node inside scripts/deployCC.sh file

   You will notice some extra containers running other than the ones mentioned in the network architecture with names like this: dev-peer0.org1.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx , dev-peer1.org1.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx, dev-peer0.org2.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx , dev-peer1.org2.<yourdomain>-insightsaudit_1-xxxxxxxxxxxxxxxx . It is an expected behavior for the fabric-network. These containers will get spawned whenever chaincode is instantiated(deployed) in a peer. 

5. Set the environments in host machine where you have deployed your network(Don't to get into any peer container). to operate via Org1 or Org2. 

   Important Note

   Set either ORG1 or ORG2 in one terminal. Open 2 terminal window then set ORG1 in first terminal and Org2 in second terminal. If you attempt to set continuously then latest one will override all the previous ones.

   ORG1 admin

   export PATH=${PWD}/../bin:${PWD}:$PATH
   
   export FABRIC_CFG_PATH=$PWD/../config/
   
   export CORE_PEER_TLS_ENABLED=true
   
   export CORE_PEER_LOCALMSPID="Org1MSP"
   
   export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org1.<yourdomain>/peers/peer0.org1.<yourdomain>/tls/ca.crt
   
   export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org1.<yourdomain>/users/Admin@org1.<yourdomain>/msp
   
   export CORE_PEER_ADDRESS=localhost:7051

   
   

   ORG2 admin

   export PATH=${PWD}/../bin:${PWD}:$PATH
   
   export FABRIC_CFG_PATH=$PWD/../config/
   
   export CORE_PEER_LOCALMSPID="Org2MSP"
   
   export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/organizations/peerOrganizations/org2.<yourdomain>/peers/peer0.org2.<yourdomain>/tls/ca.crt
   
   export CORE_PEER_MSPCONFIGPATH=${PWD}/organizations/peerOrganizations/org2.<yourdomain>/users/Admin@org2.<yourdomain>/msp
   
   export CORE_PEER_ADDRESS=localhost:9051

   Note

   Latest fabric version has feature to execute peer lifecycle commands in host machine itself by setting respective org env variables as specified above.

6. Sanity testing. Test the Chaincode. Either insert record manually or let the data gets inserted via PlatformEngine with digitalSignature validation. Use the following command to verify network and smart contract functionality are deployed successfully or not.

   Before executing the below command in host machine. You must have either ORG1 admin env variables or ORG2 admin env variables set in the terminal.

   Manual insertion and read:

   Instantiate(write) to Smart Contract insightsaudit

   peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer0.<yourdomain> -C insightschannel -n insightsaudit --tls --cafile ${PWD}/organizations/ordererOrganizations/<yourdomain>/orderers/orderer0.<yourdomain>/msp/tlscacerts/tlsca.<yourdomain>-cert.pem --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.<yourdomain>/peers/peer0.org1.<yourdomain>/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.<yourdomain>/peers/peer0.org2.<yourdomain>/tls/ca.crt -c '{"Args":["Instantiate","{\"almAssetID\":\"IN-1\",\"property\":\"ALM\",\"phase\":\"Plan\",\"toolName\":\"JIRA\",\"toolstatus\":\"Done\",\"priority\":\"Medium\",\"sprintNames\":[\"IN Sprint 1\"],\"issueType\":\"Story\",\"attachments\":\"https://<jirahostnameurl>/secure/attachment/10017/test.txt\",\"projectName\":\"InsightsAuditing Testing\",\"createdTime\": 1557741850.0,\"issueAPI\": \"https://bcdevops.atlassian.net/rest/api/2/issue/10013\",\"timestamp\":1557751850.0,\"date\":\"2019-05-13\",\"uplink\":\"null\",\"downlink\":{\"jiraKeys\":\"IN-1\"}}"]}'

   Read from Smart Contract - insightsaudit

   peer chaincode query -n insightsaudit -c '{"Args":["GetAssetDetails","IN-1"]}' -C insightschannel