Created
December 23, 2023 12:56
-
-
Save Jviejo/79c56f6e2268a9d87f31a97ffea79e9d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind delete cluster --name=kind | |
cat << EOF > kind-config.yaml | |
kind: Cluster | |
apiVersion: kind.x-k8s.io/v1alpha4 | |
networking: | |
apiServerAddress: "0.0.0.0" | |
apiServerPort: 6443 | |
nodes: | |
- role: control-plane | |
image: kindest/node:v1.25.8 | |
extraPortMappings: | |
- containerPort: 30949 | |
hostPort: 80 | |
- containerPort: 30950 | |
hostPort: 443 | |
EOF | |
kind create cluster --config=./kind-config.yaml | |
helm repo add kfs https://kfsoftware.github.io/hlf-helm-charts --force-update | |
helm install hlf-operator --version=1.9.0 -- kfs/hlf-operator | |
sleep 5 | |
curl -L https://istio.io/downloadIstio | sh - | |
kubectl create namespace istio-system | |
istioctl operator init | |
sleep 5 | |
kubectl apply -f - <<EOF | |
apiVersion: install.istio.io/v1alpha1 | |
kind: IstioOperator | |
metadata: | |
name: istio-gateway | |
namespace: istio-system | |
spec: | |
components: | |
ingressGateways: | |
- enabled: true | |
k8s: | |
service: | |
ports: | |
- name: http | |
port: 80 | |
targetPort: 8080 | |
nodePort: 30949 | |
- name: https | |
port: 443 | |
targetPort: 8443 | |
nodePort: 30950 | |
type: NodePort | |
name: istio-ingressgateway | |
namespace: istio-system | |
EOF | |
export PEER_IMAGE=hyperledger/fabric-peer | |
export PEER_VERSION=2.5.0 | |
export ORDERER_IMAGE=hyperledger/fabric-orderer | |
export ORDERER_VERSION=2.5.0 | |
export CA_IMAGE=hyperledger/fabric-ca | |
export CA_VERSION=1.5.6 | |
sleep 10 | |
CLUSTER_IP=$(kubectl -n istio-system get svc istio-ingressgateway -o json | jq -r .spec.clusterIP) | |
kubectl apply -f - <<EOF | |
kind: ConfigMap | |
apiVersion: v1 | |
metadata: | |
name: coredns | |
namespace: kube-system | |
data: | |
Corefile: | | |
.:53 { | |
errors | |
health { | |
lameduck 5s | |
} | |
rewrite name regex (.*)\.localho\.st host.ingress.internal | |
hosts { | |
${CLUSTER_IP} host.ingress.internal | |
fallthrough | |
} | |
ready | |
kubernetes cluster.local in-addr.arpa ip6.arpa { | |
pods insecure | |
fallthrough in-addr.arpa ip6.arpa | |
ttl 30 | |
} | |
prometheus :9153 | |
forward . /etc/resolv.conf { | |
max_concurrent 1000 | |
} | |
cache 30 | |
loop | |
reload | |
loadbalance | |
} | |
EOF | |
kubectl hlf ca create --image=$CA_IMAGE --version=$CA_VERSION --storage-class=standard --capacity=1Gi --name=org1-ca \ | |
--enroll-id=enroll --enroll-pw=enrollpw --hosts=org1-ca.localho.st --istio-port=443 | |
kubectl wait --timeout=100s --for=condition=Running fabriccas.hlf.kungfusoftware.es --all | |
kubectl hlf ca register --name=org1-ca --user=peer --secret=peerpw --type=peer \ | |
--enroll-id enroll --enroll-secret=enrollpw --mspid Org1MSP | |
kubectl hlf peer create --statedb=couchdb --image=$PEER_IMAGE --version=$PEER_VERSION --storage-class=standard --enroll-id=peer --mspid=Org1MSP \ | |
--enroll-pw=peerpw --capacity=5Gi --name=org1-peer0 --ca-name=org1-ca.default \ | |
--hosts=peer0-org1.localho.st --istio-port=443 | |
kubectl hlf peer create --statedb=couchdb --image=$PEER_IMAGE --version=$PEER_VERSION --storage-class=standard --enroll-id=peer --mspid=Org1MSP \ | |
--enroll-pw=peerpw --capacity=5Gi --name=org1-peer1 --ca-name=org1-ca.default \ | |
--hosts=peer1-org1.localho.st --istio-port=443 | |
kubectl wait --timeout=100s --for=condition=Running fabricpeers.hlf.kungfusoftware.es --all | |
kubectl hlf ca create --image=$CA_IMAGE --version=$CA_VERSION --storage-class=standard --capacity=1Gi --name=ord-ca \ | |
--enroll-id=enroll --enroll-pw=enrollpw --hosts=ord-ca.localho.st --istio-port=443 | |
kubectl wait --timeout=100s --for=condition=Running fabriccas.hlf.kungfusoftware.es --all | |
kubectl hlf ca register --name=ord-ca --user=orderer --secret=ordererpw \ | |
--type=orderer --enroll-id enroll --enroll-secret=enrollpw --mspid=OrdererMSP --ca-url="https://ord-ca.localho.st:443" | |
kubectl hlf ordnode create --image=$ORDERER_IMAGE --version=$ORDERER_VERSION \ | |
--storage-class=standard --enroll-id=orderer --mspid=OrdererMSP \ | |
--enroll-pw=ordererpw --capacity=2Gi --name=ord-node1 --ca-name=ord-ca.default \ | |
--hosts=orderer0-ord.localho.st --istio-port=443 | |
kubectl wait --timeout=100s --for=condition=Running fabricorderernodes.hlf.kungfusoftware.es --all | |
# register | |
kubectl hlf ca register --name=ord-ca --user=admin --secret=adminpw \ | |
--type=admin --enroll-id enroll --enroll-secret=enrollpw --mspid=OrdererMSP | |
# enroll | |
kubectl hlf ca enroll --name=ord-ca --namespace=default \ | |
--user=admin --secret=adminpw --mspid OrdererMSP \ | |
--ca-name tlsca --output orderermsp.yaml | |
# register | |
kubectl hlf ca register --name=org1-ca --namespace=default --user=admin --secret=adminpw \ | |
--type=admin --enroll-id enroll --enroll-secret=enrollpw --mspid=Org1MSP | |
# enroll | |
kubectl hlf ca enroll --name=org1-ca --namespace=default \ | |
--user=admin --secret=adminpw --mspid Org1MSP \ | |
--ca-name ca --output org1msp.yaml | |
sleep 2 | |
kubectl create secret generic wallet --namespace=default \ | |
--from-file=org1msp.yaml=$PWD/org1msp.yaml \ | |
--from-file=orderermsp.yaml=$PWD/orderermsp.yaml | |
sleep 6 | |
export PEER_ORG_SIGN_CERT=$(kubectl get fabriccas org1-ca -o=jsonpath='{.status.ca_cert}') | |
export PEER_ORG_TLS_CERT=$(kubectl get fabriccas org1-ca -o=jsonpath='{.status.tlsca_cert}') | |
export IDENT_8=$(printf "%8s" "") | |
export ORDERER_TLS_CERT=$(kubectl get fabriccas ord-ca -o=jsonpath='{.status.tlsca_cert}' | sed -e "s/^/${IDENT_8}/" ) | |
export ORDERER0_TLS_CERT=$(kubectl get fabricorderernodes ord-node1 -o=jsonpath='{.status.tlsCert}' | sed -e "s/^/${IDENT_8}/" ) | |
export CHANNEL_NAME=demo5 | |
kubectl apply -f - <<EOF | |
apiVersion: hlf.kungfusoftware.es/v1alpha1 | |
kind: FabricMainChannel | |
metadata: | |
name: $CHANNEL_NAME | |
spec: | |
name: $CHANNEL_NAME | |
adminOrdererOrganizations: | |
- mspID: OrdererMSP | |
adminPeerOrganizations: | |
- mspID: Org1MSP | |
channelConfig: | |
application: | |
acls: null | |
capabilities: | |
- V2_0 | |
policies: null | |
capabilities: | |
- V2_0 | |
orderer: | |
batchSize: | |
absoluteMaxBytes: 1048576 | |
maxMessageCount: 10 | |
preferredMaxBytes: 524288 | |
batchTimeout: 2s | |
capabilities: | |
- V2_0 | |
etcdRaft: | |
options: | |
electionTick: 10 | |
heartbeatTick: 1 | |
maxInflightBlocks: 5 | |
snapshotIntervalSize: 16777216 | |
tickInterval: 500ms | |
ordererType: etcdraft | |
policies: null | |
state: STATE_NORMAL | |
policies: null | |
externalOrdererOrganizations: [] | |
peerOrganizations: | |
- mspID: Org1MSP | |
caName: "org1-ca" | |
caNamespace: "default" | |
identities: | |
OrdererMSP: | |
secretKey: orderermsp.yaml | |
secretName: wallet | |
secretNamespace: default | |
Org1MSP: | |
secretKey: org1msp.yaml | |
secretName: wallet | |
secretNamespace: default | |
externalPeerOrganizations: [] | |
ordererOrganizations: | |
- caName: "ord-ca" | |
caNamespace: "default" | |
externalOrderersToJoin: | |
- host: ord-node1 | |
port: 7053 | |
mspID: OrdererMSP | |
ordererEndpoints: | |
- ord-node1:7050 | |
orderersToJoin: [] | |
orderers: | |
- host: ord-node1 | |
port: 7050 | |
tlsCert: |- | |
${ORDERER0_TLS_CERT} | |
EOF | |
sleep 6 | |
export IDENT_8=$(printf "%8s" "") | |
export ORDERER0_TLS_CERT=$(kubectl get fabricorderernodes ord-node1 -o=jsonpath='{.status.tlsCert}' | sed -e "s/^/${IDENT_8}/" ) | |
kubectl apply -f - <<EOF | |
apiVersion: hlf.kungfusoftware.es/v1alpha1 | |
kind: FabricFollowerChannel | |
metadata: | |
name: $CHANNEL_NAME-org1msp | |
spec: | |
anchorPeers: | |
- host: org1-peer0.default | |
port: 7051 | |
hlfIdentity: | |
secretKey: org1msp.yaml | |
secretName: wallet | |
secretNamespace: default | |
mspId: Org1MSP | |
name: $CHANNEL_NAME | |
externalPeersToJoin: [] | |
orderers: | |
- certificate: | | |
${ORDERER0_TLS_CERT} | |
url: grpcs://ord-node1.default:7050 | |
peersToJoin: | |
- name: org1-peer0 | |
namespace: default | |
- name: org1-peer1 | |
namespace: default | |
EOF | |
sllep 5 | |
kubectl hlf inspect --output org1.yaml -o Org1MSP -o OrdererMSP | |
kubectl hlf ca register --name=org1-ca --user=admin --secret=adminpw --type=admin \ | |
--enroll-id enroll --enroll-secret=enrollpw --mspid Org1MSP | |
kubectl hlf ca enroll --name=org1-ca --user=admin --secret=adminpw --mspid Org1MSP \ | |
--ca-name ca --output peer-org1.yaml | |
kubectl hlf utils adduser --userPath=peer-org1.yaml --config=org1.yaml --username=admin --mspid=Org1MSP | |
# remove the code.tar.gz chaincode.tgz if they exist | |
rm code.tar.gz chaincode.tgz | |
export CHAINCODE_NAME=asset2 | |
export CHAINCODE_LABEL=asset2 | |
cat << METADATA-EOF > "metadata.json" | |
{ | |
"type": "ccaas", | |
"label": "${CHAINCODE_LABEL}" | |
} | |
METADATA-EOF | |
## chaincode as a service | |
cat > "connection.json" <<CONN_EOF | |
{ | |
"address": "${CHAINCODE_NAME}:7052", | |
"dial_timeout": "10s", | |
"tls_required": false | |
} | |
CONN_EOF | |
tar cfz code.tar.gz connection.json | |
tar cfz chaincode.tgz metadata.json code.tar.gz | |
export PACKAGE_ID=$(kubectl hlf chaincode calculatepackageid --path=chaincode.tgz --language=node --label=$CHAINCODE_LABEL) | |
echo "PACKAGE_ID=$PACKAGE_ID" | |
kubectl hlf chaincode install --path=./chaincode.tgz \ | |
--config=org1.yaml --language=golang --label=$CHAINCODE_LABEL --user=admin --peer=org1-peer0.default | |
kubectl hlf chaincode install --path=./chaincode.tgz \ | |
--config=org1.yaml --language=golang --label=$CHAINCODE_LABEL --user=admin --peer=org1-peer1.default | |
kubectl hlf externalchaincode sync --image=kfsoftware/chaincode-external:latest \ | |
--name=$CHAINCODE_NAME \ | |
--namespace=default \ | |
--package-id=$PACKAGE_ID \ | |
--tls-required=false \ | |
--replicas=1 | |
export SEQUENCE=1 | |
export VERSION="1.0" | |
kubectl hlf chaincode approveformyorg --config=org1.yaml --user=admin --peer=org1-peer0.default \ | |
--package-id=$PACKAGE_ID \ | |
--version "$VERSION" --sequence "$SEQUENCE" --name=$CHAINCODE_NAME \ | |
--policy="OR('Org1MSP.member')" --channel=$CHANNEL_NAME | |
kubectl hlf chaincode commit --config=org1.yaml --user=admin --mspid=Org1MSP \ | |
--version "$VERSION" --sequence "$SEQUENCE" --name=$CHAINCODE_NAME \ | |
--policy="OR('Org1MSP.member')" --channel=$CHANNEL_NAME | |
sleep 15 | |
kubectl hlf chaincode invoke --config=org1.yaml \ | |
--user=admin --peer=org1-peer0.default \ | |
--chaincode=$CHAINCODE_NAME --channel=$CHANNEL_NAME \ | |
--fcn=initLedger -a '[]' | |
kubectl hlf chaincode query --config=org1.yaml \ | |
--user=admin --peer=org1-peer0.default \ | |
--chaincode=$CHAINCODE_NAME --channel=$CHANNEL_NAME \ | |
--fcn=GetAllAssets -a '[]' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment