Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 34 Next »

Step - by - step guide on how to Install Insights Enterprise - Hyperledger Fabric Network.

Installing Hyperledger Network covers the initial setup procedures including InstallationConfigurations (Hardware, Software, and Network) and various Commands.  Please note that these instructions are only for Linux (Debian & Ubuntu).

Prerequisites


 Hardware Configuration

Hyperledger Fabric Minimum configuration - Pilot/POC
No. of instances1
OSUbuntu 16.04 Xenial (64bit) 
Storage75 GB (Fabric Network Only)
Mem (GiB)8 GB
vCPU2

Hyperledger Fabric Minimum configuration - Production
No. of instances1
OSUbuntu 16.04 Xenial (64bit) 
Storage100 GB (Fabric Network Only)
Mem (GiB)16 GB
vCPU4
Configuration varies depending on the work load.
 Software
  • Docker 17.06.2-ce or greater, Docker Compose  1.14.0 or greater , curl
  • Go 1.11.x
  • Python 3.x
  • Node.js Runtime 8.x and NPM 5.x
  • git (git bash to clone the repo)

Refer the link to know the Software component version for latest fabric network: https://hyperledger-fabric.readthedocs.io/en/latest/prereqs.html

Fabric Version Specific. Change the version in the URL for other versions: https://hyperledger-fabric.readthedocs.io/en/release-1.4/prereqs.html

Docker, Docker Compose and curl

  1. apt-get update
  2. apt-get install apt-transport-https ca-certificates curl software-properties-common
  3. curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
  4. add-apt-repository \
       "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
       $(lsb_release -cs) \
       stable"
  5. apt-get udpate
  6. apt-get install docker.io
  7. apt-get install docker-ce
  8. systemctl status docker

Reference: https://docs.docker.com/install/linux/docker-ce/ubuntu/

GO

  1. Download the archive: wget https://dl.google.com/go/go1.11.10.linux-amd64.tar.gz
  2. Extract it into /usr/local, creating a Go tree in /usr/local/go
  3. tar -C /usr/local -xzf go1.11.10.linux-amd64.tar.gz
  4. Add /usr/local/go/bin to the PATH environment variable. You can do this by adding this line to your /etc/profile (for a system-wide installation) or $HOME/.bashprofile:                  export PATH=$PATH:/usr/local/go/bin
    Reference - Section Linux :https://golang.org/doc/install#install

Python

As of Ubuntu 16.04 LTS (xenial),  both python 2 and python3 by default. Recommended to use python3. Check and then install if required.

  1. apt-get install python3.5
  2. apt-get install python3-pip

set alias to respectiive python version in ~/.bashrc to avoid error while installing the module.

alias pip=pip3

alias python=python3.5

Reference: https://wiki.ubuntu.com/Python

Node.js Runtime and NPM
The recommended versions for node and npm are Node 8.x.x and npm5.x.x. If you are getting lower versions using apt-get install, remove existing node setup from your machine and then run the following:

curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
apt-get install nodejs

Git

As Of Ubuntu, git is available by default. Check and then install if required.

  1. apt-get update
  2. apt-get install git
 Recommended Network Ports

Following port must be opened to access the fabric network from fabric sdk.

Source : fabric sdk instance

Destination: fabric network installed instance

Example Ports: You can change these ports based on availability and configuration in fabric network. Then, enable connectivity to those ports.

  • Orderer - 7050 
  • Peer0.Org1 - 7051
  • EventHub : 7053
  • ca.org1 : 7054

Please browse through the below sections to setup specific Fabric Network

Types of Hyperledger Fabric Network

Different types of hyperledger fabric network

 SOLO Orderer

Make sure you've done all the Prerequisites 

Network Architecture

  • 1 Orderer
  • 1 Organization
  • 3 peers
  • 3 couchdb for each peer
  • 1 ca
  • 1 cli (Optional)

Setup the Network

  1. git clone of Solo Orderer Network:    git clone -b SoloOrdererNetwork https://github.com/TheCognizantFoundry/Insights.git
  2. cd hyperledger-fabric-basic-network
  3. Configuration: Values like DOMAIN, CHANNEL_NAME, FABRIC_VERSION, TIME_ZONE,etc ... can be modified in .env file based on your requirement.
  4. Start network for the first time. 

    network.sh - Generate the crypto-material, start/stop/restart the network.

    ./network.sh -m download

    ./network.sh -m up
  5. Start for the first time:

  6. Start/Stop the Network :

     ./network.sh -m start./network.sh -m stop
  7. Recreate the containers without losing the data.

     ./network.sh -m recreate
  8. Clean and Remove the Network.

     ./network.sh -m down
  9. Verify if all the docker containers are running

    docker ps
  10. Create and Join channel in Anchor peer - peer0.org1:  

      Get into peer0.org1 container: docker exec -it peer0.org1.<DOMAIN> bash

      Create: peer channel create -o orderer0.<DOMAIN>:7050 -c mychannel -f /var/hyperledger/configs/channel.tx


      Join: peer channel join -o orderer0.<DOMAIN> -b mychannel.block
  11. Fetch the block and join channel in other peers: 

    Get into peer0.org1 container: docker exec -it peer0.org1.<DOMAIN> bash


    Fetch block: peer channel fetch 0 mychannel.block --channelID mychannel --orderer orderer0.<DOMAIN>:7050

    Join channel: peer channel join -o orderer0.<DOMAIN> -b mychannel.block

  12. Install,Instantiate the chaincode in Anchor peer - peer0. Get into respective peer containers and use the below install command to install chaincode in other peers.

      Get into peer0.org1 container: docker exec -it peer0.org1.<DOMAIN> bash

      Install: peer chaincode install -n insightsAuditing -p /chaincode/src/node/js -l node -v 1.0

      Instantiate: peer chaincode instantiate -n insightsAuditing -v 1.0 -c '{"Args":["init"]}' -C mychannel

  13. Get into ca container. Create user to connect from fabric sdk by using admin. Fabric sdk network connection requires the user's cert details to get connected to the fabric network.

    docker exec -it ca.org1.<DOMAIN> bash

    fabric-ca-client enroll -u http://Admin:<password>@localhost:7054

    fabric-ca-client register -u "http://localhost:7054" --id.name "newusername" --id.secret "password" --id.type "client" --id.affiliation "org1.department1"

    fabric-ca-client enroll -u "http://newusername:password@localhost:7054"

  14. Test the Chaincode. Either insert record manually or let the data gets inserted via PlatformAuditEngine. Then, query as shown below. Modify ASSET-ID with your Asset ID value.

      Query: peer chaincode query -n insightsAuditing -c '{"Args":["GetAssetDetails","ASSET-ID"]}' -C mychannel

 Kafka Fabric Network

Make sure you've done all the Prerequisites 

Network Architecture

  • 3 Orderers
  • 2 Organizations
  • 4 peers, 2 for each organization
  • 4 couchdb for each peer
  • 2 ca, 1 for each organization
  • 4 Kafka broker instances
  • 3 Zookeper instances
  • 1 cli (Optional)

Setup the Network

  1. Set the GOPATH. You can do this by adding this line to your /etc/environment (for a system-wide installation) or $HOME/.bashprofile : export GOPATH=/opt/gopath Source if you set this in the same linux sesison then, source /etc/environment (OR)  source $HOME/.bashprofile
  2. Keep the hyperledger fabric source under GOPATH. 
    cd $GOPATH/src/github.com/
    mkdir hyperledger
    cd hyperledger
    git clone https://github.com/hyperledger/fabric.git

  3. git clone of Kafka Fabric Network:   git clone -b KafkaFabricNetwork https://github.com/TheCognizantFoundry/Insights.git
  4. cd Hyperledger_fabric_kafka
  5. Configuration: Values like DOMAIN, CORE_PEER configs,etc ... can be modified in .env file based on your requirement.

    .env
    COMPOSE_PROJECT_NAME=<name_of_your_network>
    CONFIGTX_ORDERER_BATCHSIZE_MAXMESSAGECOUNT=10
    CONFIGTX_ORDERER_BATCHTIMEOUT=2s
    KAFKA_DEFAULT_REPLICATION_FACTOR=3
    CORE_LOGGING_GOSSIP=WARNING
    ORDERER_GENERAL_TLS_ENABLED=false
    ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/tls/server.key
    ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/tls/server.crt
    ORDERER_TLS_CLIENTAUTHREQUIRED=false
    CORE_PEER_TLS_ENABLED=false
    CORE_PEER_TLS_CERT_FILE=/var/hyperledger/tls/server.crt
    CORE_PEER_TLS_KEY_FILE=/var/hyperledger/tls/server.key
    CORE_PEER_TLS_CLIENTAUTHREQUIRED=false
    CORE_PEER_GOSSIP_ORGLEADER_PEER0_ORG1=false
    CORE_PEER_GOSSIP_USELEADERELECTION_PEER0_ORG1=true
    CORE_PEER_GOSSIP_ORGLEADER_PEER0_ORG2=false
    CORE_PEER_GOSSIP_USELEADERELECTION_PEER0_ORG2=true
    CORE_PEER_GOSSIP_ORGLEADER_PEER0_ORG3=false
    CORE_PEER_GOSSIP_USELEADERELECTION_PEER0_ORG3=true
    CORE_PEER_GOSSIP_ORGLEADER_PEER1_ORG1=false
    CORE_PEER_GOSSIP_USELEADERELECTION_PEER1_ORG1=true
    CORE_PEER_GOSSIP_ORGLEADER_PEER1_ORG2=false
    CORE_PEER_GOSSIP_USELEADERELECTION_PEER1_ORG2=true
    CORE_PEER_GOSSIP_ORGLEADER_PEER1_ORG3=false
    CORE_PEER_GOSSIP_USELEADERELECTION_PEER1_ORG3=true
    ORDERER_ABSOLUTEMAXBYTES=10 MB
    ORDERER_PREFERREDMAXBYTES=512 KB
    KAFKA_MESSAGE_MAX_BYTES=1000012 B
    KAFKA_REPLICA_FETCH_MAX_BYTES=1048576 B
    KAFKA_REPLICA_FETCH_RESPONSE_MAX_BYTES=10485760 B
    CORE_PEER_NETWORKID=net
    DOMAIN=<your_company_domain>
    FABRIC_CA_SERVER_TLS_ENABLED=false
  6. chmod 777 *.sh
  7. Generate the crypto-material. Input arguments to generate.sh are channelname and domain name : 

    ./generate.sh <channelname> <DOMAIN>

    For Example: ./generate.sh mychannel cogdevops.com
  8. Start/Restart the Network :

    ./start.sh
  9. Verify if all the docker containers are running

    docker ps
  10. Create and Join channel in Anchor peer - peer0.org1:  

      Get into peer0.org1 container: docker exec -it peer0.org1.<DOMAIN> bash

      Create: peer channel create -o orderer0.<DOMAIN>:7050 -c mychannel -f /var/hyperledger/configs/channel.tx


      Join channel: peer channel join -o orderer0.<DOMAIN> -b mychannel.block
  11. Fetch the block and join channel in other peers: 

    Get into peer0.org1 container: docker exec -it peer0.org1.<DOMAIN> bash


    Fetch block: peer channel fetch 0 mychannel.block --channelID mychannel --orderer orderer0.<DOMAIN>:7050

    Join: peer channel join -o orderer0.<DOMAIN> -b mychannel.block

  12. Install,Instantiate the chaincode in Anchor peer - peer0. Get into respective peer containers and use the below install command to install chaincode in other peers.

      Get into peer0.org1 container: docker exec -it peer0.org1.<DOMAIN> bash

      Install: peer chaincode install -n insightsAuditing -p /chaincode/src/nodejs -l node -v 1.0

      Instantiate: peer chaincode instantiate -n insightsAuditing -v 1.0 -c '{"Args":["init"]}' -C mychannel

  13. Get into ca container. Create user to connect from fabric sdk by using admin. Fabric sdk network connection requires the user's cert details to get connected to the fabric network.

    docker exec -it ca.org1.<DOMAIN> bash

    fabric-ca-client enroll -u http://Admin:<password>@localhost:7054

    fabric-ca-client register -u "http://localhost:7054" --id.name "newusername" --id.secret "password" --id.type "client" --id.affiliation "org1.department1"

    fabric-ca-client enroll -u "http://newusername:password@localhost:7054"

  14. Test the Chaincode. Either insert record manually or let the data gets inserted via PlatformAuditEngine. Then, query as shown below. Modify ASSET-ID with your Asset ID value.

      Query: peer chaincode query -n insightsAuditing -c '{"Args":["GetAssetDetails","ASSET-ID"]}' -C mychannel

 Raft (etcd/raft) Fabric Network

Make sure you've done all the Prerequisites 

Network Architecture

  • 5 Orderers
  • 2 Organizations
  • 4 peers, 2 for each organization
  • 4 couchdb, one for each peer
  • 2 certificate authority(CA), one for each organization
  • 1 cli (Optional)

Setup the Network

  1. Set the GOPATH. You can do this by adding this line to your /etc/environment (for a system-wide installation) or $HOME/.bashprofile : export GOPATH=/opt/gopath Source if you set this in the same linux sesison then, source /etc/environment (OR)  source $HOME/.bashprofile
  2. Keep the hyperledger fabric source under GOPATH with the steps mentioned below:

    cd $GOPATH/src/github.com/mkdir hyperledger
    cd hyperledger
    git clone https://github.com/hyperledger/fabric.git
  3. Clone the Hyperledger_Raft branch from our repo: git clone -b Hyperledger_Raft https://github.com/TheCognizantFoundry/Insights2.0.git
  4. Navigate into the raft-with-ca folder: cd Insights2.0/raft-with-ca
  5. Give permissions to all the executables and shell files which will easily bring up/down the network:
    chmod 777 *.sh
    chmod -R 755 bin

  6. Generate the crypto-material. Input arguments to generate.sh are channelname and domain name : 

    ./generate.sh <channelname> <DOMAIN>

    For Example: ./generate.sh mychannel cogdevops.com
  7. Edit the values(DOMAIN, CA_ORG*_KEYFILE etc.) inside the .env file. Refer the list below to know more about the variables of .env:

    .env
    COMPOSE_PROJECT_NAME=<name_of_your_network>
    IMAGE_TAG=<docker_image_tag_to_be_used_for_spawning_containers>
    DOMAIN=<yourCompany_domain_name>
    ORDERER_GENERAL_TLS_ENABLED=true
    CORE_PEER_TLS_ENABLED=true
    FABRIC_CA_SERVER_TLS_ENABLED=true
    ORDERER_TLS_CLIENTAUTHREQUIRED=true
    CA_ORG1_KEYFILE=<name of the keyfile residing inside crypto-config/peerOrganizations/org1.cogdevops.com/ca/>
    CA_ORG2_KEYFILE=<name of the keyfile residing inside crypto-config/peerOrganizations/org2.cogdevops.com/ca/>
    • The tls variables must be set to true as Hyperledger-fabric Raft mandates enabling TLS for better security in network communication. Failing to do so will result in crashing of the orderers.
    • Some of the fields are pre-populated with default values. you may change the values as per requirement. The IMAGE_TAG must be > 1.4.1 or latest to have raft setup.

  8. Start the Network :

    ./start.sh <channelname> <DOMAIN>

    You must use the same  channelname and DOMAIN which you used in step 6.

    If you want to learn more about how the network is setup, then do not execute the start.sh. In stead, run the below commands manually from your terminal:

    Learn more about the steps performed inside start.sh
    #Replace $CHANNEL_NAME and $DOMAIN with your channelname and domain respectively.
    #setup the network
    docker-compose -f docker-compose-cli.yaml -f docker-compose-couch.yaml -f docker-compose-etcdraft2.yaml up -d
    sleep 15
    #create the channel
    docker exec -it peer0.org1.$DOMAIN peer channel create -o orderer.$DOMAIN:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem
    
    #join org1 anchor peer peer0.org1
    docker exec -it peer0.org1.$DOMAIN peer channel join -b $CHANNEL_NAME.block
    #join org2 anchor peer0.org2
    docker exec -it peer0.org2.$DOMAIN peer channel fetch 0 $CHANNEL_NAME.block -c $CHANNEL_NAME -o orderer.$DOMAIN:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem
    docker exec -it peer0.org2.$DOMAIN peer channel join -b $CHANNEL_NAME.block
    
    #join org1 & org2
    docker exec -it peer0.org1.$DOMAIN peer channel update -o orderer.$DOMAIN:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org1MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem
    docker exec -it peer0.org2.$DOMAIN peer channel update -o orderer.$DOMAIN:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org2MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem
    
    #join the other peers to the channel
    docker exec -it peer1.org1.$DOMAIN peer channel fetch 0 $CHANNEL_NAME.block -c $CHANNEL_NAME -o orderer.$DOMAIN:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem
    docker exec -it peer1.org1.$DOMAIN peer channel join -b $CHANNEL_NAME.block
    
    docker exec -it peer1.org2.$DOMAIN peer channel fetch 0 $CHANNEL_NAME.block -c $CHANNEL_NAME -o orderer.$DOMAIN:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem
    docker exec -it peer1.org2.$DOMAIN peer channel join -b $CHANNEL_NAME.block
    
    #install the chaincode into the anchor peers
    docker exec -it peer0.org1.$DOMAIN peer chaincode install -n insightsAudit -v 1.0 -l node -p /chaincode/src/node/
    docker exec -it peer0.org2.$DOMAIN peer chaincode install -n insightsAudit -v 1.0 -l node -p /chaincode/src/node/
    
    #install into the other peers
    docker exec -it peer1.org1.$DOMAIN peer chaincode install -n insightsAudit -v 1.0 -l node -p /chaincode/src/node/
    docker exec -it peer1.org2.$DOMAIN peer chaincode install -n insightsAudit -v 1.0 -l node -p /chaincode/src/node/
    
    #instantiate the chaincode inside one of the anchor (here we are doing for peer0.org1)
    docker exec -it peer0.org1.$DOMAIN peer chaincode instantiate -o orderer.$DOMAIN:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/$DOMAIN/orderers/orderer.$DOMAIN/msp/tlscacerts/tlsca.$DOMAIN-cert.pem -C $CHANNEL_NAME -n insightsAudit -l node -v 1.0 -c '{"Args":["Init"]}'
  9. Verify if all the docker containers are running:

    docker ps -a

    You will notice some extra containers running other than the ones mentioned in the network architecture with names like this: dev-peer0.org1.cogdevops.com-insightsAudit-1.0. It is an expected behaviour for the fabric-network. These containers will get spawned whenever chaincode is instantiated in a peer. Since the start.sh script will instantiate the chaincode inside peer0 by default, therefore this container will get spawned.

    At this point your raft setup is complete. Steps mentioned hereafter are for registration and enrollment of a user to be used with SDK.

  10. Login into the CA container: docker exec -it ca.org1.<DOMAIN> bash
  11. Run the following inside the container:
  • Enroll the admin: fabric-ca-client enroll -u https://Admin:adminpw@localhost:7054 --tls.certfiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.<DOMAIN>/ca/ca.org1.<DOMAIN>-cert.pem
  • Now register a new user: fabric-ca-client register -u https://localhost:7054 --id.name "newusername" --id.secret "password" --id.type "client" --id.affiliation "org1.department1" --tls.certfiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.<DOMAIN>/ca/ca.org1.<DOMAIN>-cert.pem
  • Verify the registration by listing the available users: fabric-ca-client identity list -u https://localhost:7054 --tls.certfiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.<DOMAIN>/ca/ca.org1.<DOMAIN>-cert.pem

You should see the new user inside this list if registration is successful.

     12. Test the Chaincode. Either insert record manually or let the data gets inserted via PlatformAuditEngine. Then run the below query inside any of the peers.             Modify assetID with your Asset ID value and channelname should be the same one used in step 8.

        Query: peer chaincode query -n insightsAuditing -c '{"Args":["GetAssetDetails","<assetID>"]}' -C <channelname>

  • No labels