- 准备一台1核2G的EC2
2.1 选择系统映像
2.2 选择实例类型和设置密钥
2.3 设置网络
2.4 设置存储
2.5 点击创建
好我们的ec2就创建完成了
- 我们的Hyperledger Fabric 客户端需要安装一些包和示例,我们这时候就使用ec2 + docker compose 和其他一些实用程序来搭建我们的Hyperledger Fabric 客户端
3.1 升级系统和安装相关组件
# 升级下linux系统
sudo yum update -y
# 安装必备组件
sudo yum install jq telnet emacs docker libtool libtool-ltdl-devel git -y
# 启动docker
sudo service docker start
3.2 设置docker的用户权限
sudo usermod -a -G docker ec2-user
3.3 安装docker compose
#安装docker
sudo curl -L \
https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname \
-s`-`uname -m` -o /usr/local/bin/docker-compose
# 设置权限
sudo chmod a+x /usr/local/bin/docker-compose
4 安装golang
- 是的我们的客户端需要用到golang 因为Hyperledger Fabric只提供了java 和go的sdk
# 拉取golang安装包
wget https://dl.google.com/go/go1.14.4.linux-amd64.tar.gz
# 解压
tar -xzf go1.14.4.linux-amd64.tar.gz
# 移动
sudo mv go /usr/local
sudo mv go /usr/local
4.1 创建 .base_profile
# .bash_profile# Get the aliases and functions
if [ -f ~/.bashrc ]; then. ~/.bashrc
fi# User specific environment and startup programs
PATH=$PATH:$HOME/.local/bin:$HOME/bin# GOROOT is the location where Go package is installed on your system
export GOROOT=/usr/local/go# GOPATH is the location of your work directory
export GOPATH=$HOME/go# CASERVICEENDPOINT is the endpoint to reach your member's CA
# for example ca.m-K46ICRRXJRCGRNNS4ES4XUUS5A.n-MWY63ZJZU5HGNCMBQER7IN6OIU.managedblockchain.us-east-1.amazonaws.com:30002
export CASERVICEENDPOINT="Fabric 证书颁发机构终端节点"# ORDERER is the endpoint to reach your network's orderer
# for example orderer.n-MWY63ZJZU5HGNCMBQER7IN6OIU.managedblockchain.amazonaws.com:30001
export ORDERER="排序服务终端节点"# Update PATH so that you can access the go binary system wide
export PATH=$GOROOT/bin:$PATH
export PATH=$PATH:/home/ec2-user/go/src/github.com/hyperledger/fabric-ca/bin
该文件是在给linux 设置环境变量。
source ~/.bash_profile
4.2 配置aws configure
# 通过下面命令在ec2上设置aws的账号
aws configure
4.3 通过aws cli 获取到ca端点
aws managedblockchain get-member \
--network-id n-MWY63ZJZU5HGNCMBQER7IN6OIU \
--member-id m-K46ICRRXJRCGRNNS4ES4XUUS5A
- 返回值
4.4 查看端点是否被解析
curl https://ca.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com:30002/cainfo -k# 返回
{"result":{"CAName":"abcd1efghijkllmn5op3q52rst","CAChain":"LongStringOfCharacters","Version":"1.4.7-snapshot-"}
,"errors":[],"messages":[],"success":true}
- 返回值
4.5 通过telnet 来尝试连接ca
telnet ca.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com 30002
- 返回值
4.6 通一下命令配置ca 客户端
mkdir -p /home/ec2-user/go/src/github.com/hyperledger/fabric-ca
cd /home/ec2-user/go/src/github.com/hyperledger/fabric-ca
wget https://github.com/hyperledger/fabric-ca/releases/download/v1.4.7/hyperledger-fabric-ca-linux-amd64-1.4.7.tar.gz
tar -xzf hyperledger-fabric-ca-linux-amd64-1.4.7.tar.gz
5 clone存储库(账单)
cd /home/ec2-user
git clone --branch v2.2.3 https://github.com/hyperledger/fabric-samples.git
5.1 docker compose 启动 Hyperledger Fabric CLI
- docker compose 文件
version: '2'
services:cli:container_name: cliimage: hyperledger/fabric-tools:2.2.3tty: trueenvironment:- GOPATH=/opt/gopath- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock- FABRIC_LOGGING_SPEC=info # Set logging level to debug for more verbose logging- CORE_PEER_ID=cli- CORE_CHAINCODE_KEEPALIVE=10- CORE_PEER_TLS_ENABLED=true- CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem- CORE_PEER_LOCALMSPID=m-QU2OU7564FCA5PVCGXQKXQRMXA- CORE_PEER_MSPCONFIGPATH=/opt/home/admin-msp- CORE_PEER_ADDRESS=nd-g5tqtfyrgreq5kh4z5aoardm44.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com:30003working_dir: /opt/homecommand: /bin/bashvolumes:- /var/run/:/host/var/run/- /home/ec2-user/fabric-samples/chaincode:/opt/gopath/src/github.com/- /home/ec2-user:/opt/home
# 我们通过该命令来build Hyperledger Fabric iamge
docker-compose -f docker-compose.yaml up -d
# 如果报错请使用
sudo /usr/local/bin/docker-compose -f docker-compose-cli.yaml up -d
6 创建证书文件
aws s3 cp s3://us-east-1.managedblockchain/etc/managedblockchain-tls-chain.pem /home/ec2-user/managedblockchain-tls-chain.pem
6.1 通过openssl 来验证pem
openssl x509 -noout -text -in /home/ec2-user/managedblockchain-tls-chain.pem
6.2 注册管理用户
fabric-ca-client enroll \
-u 'https://test:Testwj123@ca.m-qu2ou7564fca5pvcgxqkxqrmxa.n-adhkyqme4newzibsjedbetdpy4.managedblockchain.us-east-1.amazonaws.com:30002' \
--tls.certfiles /home/ec2-user/managedblockchain-tls-chain.pem -M /home/ec2-user/admin-msp
- 返回值
6.3 复制 MSP 的证书
cp -r /home/ec2-user/admin-msp/signcerts admin-msp/admincerts
到此我们的客户端设置已经全部完成