Fabric 搭建测试网络并部署智能合约

1.搭建网络: 详见博客

2.对Test Network的创建和关闭

cd ${
    
    HOME}/fabric-samples/test-network
创建网络:
./network.sh up

关闭网络:
./network.sh down

创建通道:
./network.sh createChannel  -c xxx :创建名为xxx的通道

3.Starting a chaincode on the channel:

智能合约(Smart Contract): 包含管理区块链账本上assets的逻辑。在Fabric上智能合约就是链码的形式存在. 当网络运行后,链码会被部署到网络中节点和通道上.

应用(Application): 由区块链系统的成员执行,通过应用来触发智能合约,然后实现链上的操作,比如对账本的增删改查.

./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go

Explanation:将asset-transfer(basic)链码安装在 peer0.org1.example.com andpeer0.org2.example.com 两个节点上

Note: -ccn:链码命名 -ccp:链码路径 -ccl:如果第一次部署链码,需要安装链码的依赖即语言类型,此处选择的是Go .下面将会解释如何手动部署自己写的智能合约(链码),即5. 在测试网络上部署自己的智能合约其实是在解释./network.sh 脚本中deployCC函数执行的步骤
因此如果在测试环境中部署自己的智能合约，只要指定-ccn:链码名；-ccp:链码路径 -ccl:链码编写语言即可用./network.sh deployCC来完成“链码打包、链码安装、链码批准、链码提交以及触发链码这些步骤”自动部署

4. Interacting with the network:

当测试网络开启后,我们可以用peer CLI和你的测试网络交互.即用peer CLI充当客户端
peer CLI作用: 通过peer CLI可以调用已经部署的智能合约、更新通道或安装与部署新的智能合约
requirement:

1. 先设置环境变量PATH

export PATH=${
    
    HOME}/fabric-samples/bin:$PATH

2. 设置变量FABRIC_CFG_PATH

export FABRIC_CFG_PATH=${
    
    HOME}/fabric-samples/config

3. 先进入test-network文件夹中,然后按照下面的命令行设置环境变量(目的: operate the peer CLI as the Org1 and Org2 admin user)

# Environment variables for Org1

export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:7051

# Environment variables for Org2

export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org2MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:9051

CORE_PEER_TLS_ROOTCERT_FILE 和 CORE_PEER_MSPCONFIGPATH这两个环境变量都是指向/test-network/organizations文件夹的Org1的加密材料

Peer CLI的使用:
1.调用初始化账本的链码

peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" --peerAddresses localhost:9051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt" -c '{"function":"InitLedger","Args":[]}'

2.实现的是查询链上的所有资产信息

peer chaincode query -C mychannel -n basic -c '{"Args":["GetAllAssets"]}'

Explanation:-C:通道名 -n:链码名 -c:用json格式写参数
3. 调用转移asset6资产的链码

peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" --peerAddresses localhost:9051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt" -c '{"function":"TransferAsset","Args":["asset6","Christopher"]}'

Explanation:本测试网络中背书策略是需要both peer0.org1.example.com and peer0.org2.example.com背书,因此需要用 两个**–peerAddresses分别指定Org1和Org2的背书节点的IP地址和端口号**

-C:通道名 -n:链码名 --peerAddress:指明背书节点的IP地址和端口号, --tlsRootCertFiles:由于本测试网络中开启了TLS(Transport Layer Security)安全传输层协议 因此需要用–tlsRootCertFiles标签为每个peer指定TLS的证书位置. -c :为链码参数的json格式

5. 在测试网络上部署自己的智能合约

require: 创建网络并创建通道

Optional: 日志输出(Logsout)功能:This step is not required but is extremely useful for troubleshooting chaincode.作用:检测智能合约的日志,管理员可以看到多个节点容器集成的日志输出(by logspout tool.).
安装步骤:

cd fabric-samples/test-network
# 把安装Logsout tool的脚本复制到当前目录下
cp ../commercial-paper/organization/digibank/configuration/cli/monitordocker.sh .

运行步骤:

./monitordocker.sh fabric_test

接下来就进入正题

5.1.Package the smart contract: 将链码安装到各个节点上前需要对我们的合约进行打包

智能合约可以用Go、JavaScript和TypeScript三种语言写,下面介绍Go的智能合约部署

1. 写完智能合约(Go 的Fabric智能合约API文档后,对Go采用Go module包管理器(go mod init),然后在module目录下执行命名(go mod vendor),下载依赖至module的目录下其中Module和Vendor部分我写在Go Module一篇就够

2. 需要用Peer CLI与测试网络进行交互所以

cd ${
    
    HOME}/fabric-samples/test-network
#然后设置环境变量,
export PATH=${
    
    PWD}/../bin:$PATH
export FABRIC_CFG_PATH=$PWD/../config/

3. 利用Peer CLI创建Go package

peer lifecycle chaincode package basic.tar.gz --path ../asset-transfer-basic/chaincode-go/ --lang golang --label basic_1.0

–path路径下的智能合约源码打包成名为basic.tar.gz的包,指定语言(–lang) golang,并将这个智能合约记为(–label)basic_1.0

5.2. Install the chaincode package

After we package the asset-transfer (basic) smart contract, we can install the chaincode on our peers.

本测试网络中有两个组织Org1和Org2,因此需要分别对这两个组织部署链码,现在以Org1为例

1. 设置环境变量

# 设置环境变量,使得以Org1 admin user的身份操作Peer CLI
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:7051

# 设置环境变量,使得以Org2 admin user的身份操作Peer CLI
export CORE_PEER_LOCALMSPID="Org2MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org2.example.com/users/[email protected]/msp
export CORE_PEER_ADDRESS=localhost:9051

2. 在Org1上安装链码

peer lifecycle chaincode install basic.tar.gz

basic.tar.gz是已经打包后的链码名

对于Org2的安装重复以上两个步骤.

5.3. Approve a chaincode definition

定义了链码治理的重要参数,比如名字、版本以及链码的背书策略.链码在一个通道中使用之前要求足够的通道成员批准链码. Because we have only two organizations on the channel, and a majority of 2 is 2, we need approve a chaincode definition of asset-transfer (basic) as Org1 and Org2.

具体过程:

1. 查询链码的包ID(Package ID):由链码label和二进制标识组成

   peer lifecycle chaincode queryinstalled
   

2. 把package id存放在环境变量中(注意:下面的命令中package ID需要自行修改)

 export CC_PACKAGE_ID=basic_1.0:69de748301770f6ef64b42aa6bb6cb291df20aa39542c3ef94008615704007f3

3. 批准链码

  peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --channelID mychannel --name basic --version 1.0 --package-id $CC_PACKAGE_ID --sequence 1 --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"

注意的是我们需要对Org1和Org2分别批准链码,切换至Org1的命令行如下:

export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_MSPCONFIGPATH=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/users/[email protected]/msp
export CORE_PEER_TLS_ROOTCERT_FILE=${
    
    PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_ADDRESS=localhost:7051

peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --channelID mychannel --name basic --version 1.0 --package-id $CC_PACKAGE_ID --sequence 1 --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"

5.4. Committing the chaincode definition to the channel

当链码被网络中的绝大多数组织认可批准后,只需要其中一个组织提交链码定义至通道上即可.(one organization can commit the chaincode definition to the channel.)

如何查看组织对某链码的批准情况呢? 利用peer lifecycle chaincode checkcommitreadiness

peer lifecycle chaincode checkcommitreadiness  --channelID mychannel --name basic --version 1.0 --sequence 1 --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" --output json

上面的都是True,因此可以Committing the chaincode defination to the channel

peer lifecycle chaincode commit -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --channelID mychannel --name basic --version 1.0 --sequence 1 --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" --peerAddresses localhost:7051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" --peerAddresses localhost:9051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt"

以上这笔Transaction使用了--peerAddressed flag即发向peer0.org1.example.com from Org1和peer0.org2.example.comfrom Org2.

查询链码提交情况?

peer lifecycle chaincode querycommitted --channelID mychannel --name basic --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"

提交成功!

5.Invoking the chaincode

The asset-transfer (basic) chaincode is now ready to be invoked by client applications

peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile "${
     
     PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem" -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt" --peerAddresses localhost:9051 --tlsRootCertFiles "${
     
     PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt" -c '{"function":"InitLedger","Args":[]}'

6. Upgrading a smart contract

7.Clean Up

如果完成了网络的相关操作,需要停止logspout tool和关闭网络

docker stop logsout
docker rm logsout

# 进入test-network文件夹然后关闭网络
cd ${
    
    HOME}/fabric-samples/test-network
./network.sh down