From ee4ca2244bf4d31a4658496470e19aa459f7acd2 Mon Sep 17 00:00:00 2001 From: Nikhil Chawla Date: Sun, 13 Aug 2017 13:52:04 +0530 Subject: [PATCH] [CE-96] Debugging Scripts and manifests Added Kube-Dns settings and Nginx conf files, which will create a proxy for Kube-Dns which later can be added to Docker-DNS to support chaincode-container to peer-pod communication. Signed-off-by: Nikhil Chawla Change-Id: I754c47a8e65e3fbe0c8907efc0254e1c9f9e0e3e Signed-off-by: Nikhil Chawla --- src/agent/k8s/README.md | 52 +++++ src/agent/k8s/cluster-Down.sh | 27 +++ src/agent/k8s/deploy.sh | 39 ++++ src/agent/k8s/driving-files/configtx.yaml | 180 ++++++++++++++++ .../k8s/driving-files/crypto-config.yaml | 76 +++++++ .../k8s/driving-files/generateArtifacts.sh | 78 +++++++ src/agent/k8s/driving-files/prepare-files.sh | 32 +++ src/agent/k8s/driving-files/scripts/header.sh | 25 +++ .../k8s/driving-files/scripts/initialize.sh | 194 ++++++++++++++++++ .../k8s/driving-files/scripts/test_1peer.sh | 146 +++++++++++++ .../k8s/driving-files/scripts/test_4peers.sh | 137 +++++++++++++ .../manifests/Kube-DNS/kube-dns-nodeport.yaml | 25 +++ .../k8s/manifests/fabric-1.0/local/peer0.yaml | 29 +-- .../k8s/manifests/fabric-1.0/local/peer1.yaml | 17 +- .../k8s/manifests/fabric-1.0/local/peer2.yaml | 17 +- .../k8s/manifests/fabric-1.0/local/peer3.yaml | 17 +- src/agent/k8s/nginx/deploy.sh | 10 + src/agent/k8s/nginx/nginx.conf | 38 ++++ src/agent/k8s/run.sh | 20 ++ 19 files changed, 1123 insertions(+), 36 deletions(-) create mode 100644 src/agent/k8s/README.md create mode 100755 src/agent/k8s/cluster-Down.sh create mode 100755 src/agent/k8s/deploy.sh create mode 100644 src/agent/k8s/driving-files/configtx.yaml create mode 100644 src/agent/k8s/driving-files/crypto-config.yaml create mode 100644 src/agent/k8s/driving-files/generateArtifacts.sh create mode 100644 src/agent/k8s/driving-files/prepare-files.sh create mode 100755 src/agent/k8s/driving-files/scripts/header.sh create mode 100755 src/agent/k8s/driving-files/scripts/initialize.sh create mode 100755 src/agent/k8s/driving-files/scripts/test_1peer.sh create mode 100755 src/agent/k8s/driving-files/scripts/test_4peers.sh create mode 100644 src/agent/k8s/manifests/Kube-DNS/kube-dns-nodeport.yaml create mode 100644 src/agent/k8s/nginx/deploy.sh create mode 100644 src/agent/k8s/nginx/nginx.conf create mode 100644 src/agent/k8s/run.sh diff --git a/src/agent/k8s/README.md b/src/agent/k8s/README.md new file mode 100644 index 000000000..cb91b7436 --- /dev/null +++ b/src/agent/k8s/README.md @@ -0,0 +1,52 @@ + +# Copyright IBM Corp., All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +##This part of Cello deploys **Fabric over Kubernetes** +--- +Note: This guide assumes that you already have running Kubernetes Cluster with a master and n-minions. + +###--Steps to Deploy-- + +1. Prepare crypto-config.yaml and configtx.yaml in "driving-files" Directory. + +2. Run "generateArtifacts.sh" script in "driving-files" directory to create "orderer.genesis.block" + ``` + $ cd driving-files + $ bash generateArtifacts.sh + + note: If you don't wish to provide a channel-name, then + by default, genesis block will be created for a channel name "mychannel" + ``` + +3. Now, all the artifacts are generated, finally run: + ```$ bash prepare-files.sh``` + +4. Now, Copy "driving-files" directory to all the nodes, i.e. + Master along with all the Minions. + +5. On Master, run "run.sh" + ```$ bash run.sh``` + +6. Now, Kube-DNS and Nginx Stream Proxy has been setted up. + +7. Setting up the environment variables +```$ export NGINX_PROXY_DNS=``` + +8. Add this setting to Docker running on all nodes + ``` Environment=DOCKER_OPT_DNS=--dns= + + ExecStart=/usr/bin/dockerd -H fd:// \ + $DOCKER_OPTS $DOCKER_OPT_BIP $DOCKER_OPT_MTU \ + $DOCKER_OPT_DNS +``` + +9. Now, time to restart the docker daemon +```$ systemctl daemon-reload && systemctl restart docker``` + +10. Deploy the cluster +```$ bash run deploy.sh``` + +Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License. diff --git a/src/agent/k8s/cluster-Down.sh b/src/agent/k8s/cluster-Down.sh new file mode 100755 index 000000000..aec1ef609 --- /dev/null +++ b/src/agent/k8s/cluster-Down.sh @@ -0,0 +1,27 @@ + +#!/usr/bin/env bash + +# Copyright IBM Corp., All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +#This is a one step script to delete all the deployment and +#services executed during the execution of the cluster + +kubectl delete deployment hyperledger-fabric-ca +kubectl delete deployment hyperledger-fabric-cli +kubectl delete deployment hyperledger-orderer +kubectl delete deployment hyperledger-peer0-org1 +kubectl delete deployment hyperledger-peer0-org2 +kubectl delete deployment hyperledger-peer1-org1 +kubectl delete deployment hyperledger-peer1-org2 + +kubectl delete svc orderer-service +kubectl delete svc peer0-org1 +kubectl delete svc peer1-org1 +kubectl delete svc peer0-org2 +kubectl delete svc peer1-org2 +kubectl delete svc ca + +echo "CLUSTER Down Completed" diff --git a/src/agent/k8s/deploy.sh b/src/agent/k8s/deploy.sh new file mode 100755 index 000000000..10926c793 --- /dev/null +++ b/src/agent/k8s/deploy.sh @@ -0,0 +1,39 @@ + +#!/usr/bin/env bash + +# Copyright IBM Corp., All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +#comment this if you don't want to use the default CHANNEL_NAME "mychannel" +#to create your channel, mannually run: + +# bash generateArtifacts.sh +bash driving-files/generateArtifacts.sh + +bash driving-files/prepare-files.sh + + +echo "Deploying ca" +kubectl create -f local/ca.yaml +sleep 5 + +echo "Deploying orderer" +kubectl create -f local/orderer.yaml +sleep 5 + + +echo "Deploying Peer0" +kubectl create -f local/peer0.yaml +sleep 5 + +echo "Deploying rest of the Peers" +kubectl create -f local/peer1.yaml -f local/peer2.yaml -f local/peer3.yaml + +sleep 5 + +echo "Deploying Cli" +kubectl create -f local/cli.yaml + +echo "**********Deployment done successfully**********" diff --git a/src/agent/k8s/driving-files/configtx.yaml b/src/agent/k8s/driving-files/configtx.yaml new file mode 100644 index 000000000..075c3f185 --- /dev/null +++ b/src/agent/k8s/driving-files/configtx.yaml @@ -0,0 +1,180 @@ +--- +################################################################################ +# +# Profile +# +# - Different configuration profiles may be encoded here to be specified +# as parameters to the configtxgen tool +# +################################################################################ +Profiles: + + TwoOrgsOrdererGenesis: + Orderer: + <<: *OrdererDefaults + Organizations: + - *OrdererOrg + Consortiums: + SampleConsortium: + Organizations: + - *Org1 + - *Org2 + TwoOrgsChannel: + Consortium: SampleConsortium + Application: + <<: *ApplicationDefaults + Organizations: + - *Org1 + - *Org2 + +################################################################################ +# +# Section: Organizations +# +# - This section defines the different organizational identities which will +# be referenced later in the configuration. +# +################################################################################ +Organizations: + + # SampleOrg defines an MSP using the sampleconfig. It should never be used + # in production but may be used as a template for other definitions + - &OrdererOrg + # DefaultOrg defines the organization which is used in the sampleconfig + # of the fabric.git development environment + Name: OrdererOrg + + # ID to load the MSP definition as + ID: OrdererMSP + + # MSPDir is the filesystem path which contains the MSP configuration + MSPDir: crypto-config/ordererOrganizations/example.com/msp + + # BCCSP (Blockchain crypto provider): Select which crypto implementation or + # library to use + # BCCSP: + # Default: SW + # SW: + # Hash: SHA2 + # Security: 256 + # # Location of Key Store. If this is unset, a location will + # # be chosen using 'MSPDir'/keystore + # FileKeyStore: + # KeyStore: + + - &Org1 + # DefaultOrg defines the organization which is used in the sampleconfig + # of the fabric.git development environment + Name: Org1MSP + + # ID to load the MSP definition as + ID: Org1MSP + + MSPDir: crypto-config/peerOrganizations/org1.example.com/msp + + # BCCSP (Blockchain crypto provider): Select which crypto implementation or + # library to use + # BCCSP: + # Default: SW + # SW: + # Hash: SHA2 + # Security: 256 + # # Location of Key Store. If this is unset, a location will + # # be chosen using 'MSPDir'/keystore + # FileKeyStore: + # KeyStore: + + AnchorPeers: + # AnchorPeers defines the location of peers which can be used + # for cross org gossip communication. Note, this value is only + # encoded in the genesis block in the Application section context + - Host: peer0-org1 + Port: 7051 + + - &Org2 + # DefaultOrg defines the organization which is used in the sampleconfig + # of the fabric.git development environment + Name: Org2MSP + + # ID to load the MSP definition as + ID: Org2MSP + + MSPDir: crypto-config/peerOrganizations/org2.example.com/msp + + # BCCSP (Blockchain crypto provider): Select which crypto implementation or + # library to use + # BCCSP: + # Default: SW + # SW: + # Hash: SHA2 + # Security: 256 + # # Location of Key Store. If this is unset, a location will + # # be chosen using 'MSPDir'/keystore + # FileKeyStore: + # KeyStore: + + AnchorPeers: + # AnchorPeers defines the location of peers which can be used + # for cross org gossip communication. Note, this value is only + # encoded in the genesis block in the Application section context + - Host: peer0-org2 + Port: 7051 + +################################################################################ +# +# SECTION: Orderer +# +# - This section defines the values to encode into a config transaction or +# genesis block for orderer related parameters +# +################################################################################ +Orderer: &OrdererDefaults + + # Orderer Type: The orderer implementation to start + # Available types are "solo" and "kafka" + OrdererType: solo + + Addresses: + - orderer-service:7050 + + # Batch Timeout: The amount of time to wait before creating a batch + BatchTimeout: 2s + + # Batch Size: Controls the number of messages batched into a block + BatchSize: + + # Max Message Count: The maximum number of messages to permit in a batch + MaxMessageCount: 10 + + # Absolute Max Bytes: The absolute maximum number of bytes allowed for + # the serialized messages in a batch. + AbsoluteMaxBytes: 99 MB + + # Preferred Max Bytes: The preferred maximum number of bytes allowed for + # the serialized messages in a batch. A message larger than the preferred + # max bytes will result in a batch larger than preferred max bytes. + PreferredMaxBytes: 512 KB + + Kafka: + # Brokers: A list of Kafka brokers to which the orderer connects + # NOTE: Use IP:port notation + Brokers: + - 127.0.0.1:9092 + + # Organizations is the list of orgs which are defined as participants on + # the orderer side of the network + Organizations: + +################################################################################ +# +# SECTION: Application +# +# - This section defines the values to encode into a config transaction or +# genesis block for application related parameters +# +################################################################################ +Application: &ApplicationDefaults + + # Organizations is the list of orgs which are defined as participants on + # the application side of the network + Organizations: diff --git a/src/agent/k8s/driving-files/crypto-config.yaml b/src/agent/k8s/driving-files/crypto-config.yaml new file mode 100644 index 000000000..821e2c95a --- /dev/null +++ b/src/agent/k8s/driving-files/crypto-config.yaml @@ -0,0 +1,76 @@ +# --------------------------------------------------------------------------- +# "OrdererOrgs" - Definition of organizations managing orderer nodes +# --------------------------------------------------------------------------- +OrdererOrgs: + # --------------------------------------------------------------------------- + # Orderer + # --------------------------------------------------------------------------- + - Name: orderer + Domain: example.com + # --------------------------------------------------------------------------- + # "Specs" - See PeerOrgs below for complete description + # --------------------------------------------------------------------------- + Specs: + - Hostname: orderer +# --------------------------------------------------------------------------- +# "PeerOrgs" - Definition of organizations managing peer nodes +# --------------------------------------------------------------------------- +PeerOrgs: + # --------------------------------------------------------------------------- + # Org1 + # --------------------------------------------------------------------------- + - Name: Org1 + Domain: org1.example.com + # --------------------------------------------------------------------------- + # "Specs" + # --------------------------------------------------------------------------- + # Uncomment this section to enable the explicit definition of hosts in your + # configuration. Most users will want to use Template, below + # + # Specs is an array of Spec entries. Each Spec entry consists of two fields: + # - Hostname: (Required) The desired hostname, sans the domain. + # - CommonName: (Optional) Specifies the template or explicit override for + # the CN. By default, this is the template: + # + # "{{.Hostname}}.{{.Domain}}" + # + # which obtains its values from the Spec.Hostname and + # Org.Domain, respectively. + # --------------------------------------------------------------------------- + # Specs: + # - Hostname: foo # implicitly "foo.org1.example.com" + # CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above + # - Hostname: bar + # - Hostname: baz + # --------------------------------------------------------------------------- + # "Template" + # --------------------------------------------------------------------------- + # Allows for the definition of 1 or more hosts that are created sequentially + # from a template. By default, this looks like "peer%d" from 0 to Count-1. + # You may override the number of nodes (Count), the starting index (Start) + # or the template used to construct the name (Hostname). + # + # Note: Template and Specs are not mutually exclusive. You may define both + # sections and the aggregate nodes will be created for you. Take care with + # name collisions + # --------------------------------------------------------------------------- + Template: + Count: 2 + # Start: 5 + # Hostname: {{.Prefix}}{{.Index}} # default + # --------------------------------------------------------------------------- + # "Users" + # --------------------------------------------------------------------------- + # Count: The number of user accounts _in addition_ to Admin + # --------------------------------------------------------------------------- + Users: + Count: 1 + # --------------------------------------------------------------------------- + # Org2: See "Org1" for full specification + # --------------------------------------------------------------------------- + - Name: Org2 + Domain: org2.example.com + Template: + Count: 2 + Users: + Count: 1 diff --git a/src/agent/k8s/driving-files/generateArtifacts.sh b/src/agent/k8s/driving-files/generateArtifacts.sh new file mode 100644 index 000000000..e0083fa95 --- /dev/null +++ b/src/agent/k8s/driving-files/generateArtifacts.sh @@ -0,0 +1,78 @@ +#!/bin/bash +x +# +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + + +#set -e + +CHANNEL_NAME=$1 +: ${CHANNEL_NAME:="mychannel"} +echo $CHANNEL_NAME + +export FABRIC_ROOT=$PWD/../.. +export FABRIC_CFG_PATH=$PWD +echo + +OS_ARCH=$(echo "$(uname -s|tr '[:upper:]' '[:lower:]'|sed 's/mingw64_nt.*/windows/')-$(uname -m | sed 's/x86_64/amd64/g')" | awk '{print tolower($0)}') +## Generates Org certs using cryptogen tool +function generateCerts (){ + CRYPTOGEN=bin/cryptogen + + if [ -f "$CRYPTOGEN" ]; then + echo "Using cryptogen -> $CRYPTOGEN" + else + echo "Building cryptogen" + make -C $FABRIC_ROOT release + fi + + echo + echo "##########################################################" + echo "##### Generate certificates using cryptogen tool #########" + echo "##########################################################" + $CRYPTOGEN generate --config=./crypto-config.yaml + echo +} + +## Generate orderer genesis block , channel configuration transaction and anchor peer update transactions +function generateChannelArtifacts() { + + CONFIGTXGEN=bin/configtxgen + if [ -f "$CONFIGTXGEN" ]; then + echo "Using configtxgen -> $CONFIGTXGEN" + else + echo "Building configtxgen" + make -C $FABRIC_ROOT release + fi + + echo "##########################################################" + echo "######### Generating Orderer Genesis block ##############" + echo "##########################################################" + # Note: For some unknown reason (at least for now) the block file can't be + # named orderer.genesis.block or the orderer will fail to launch! + $CONFIGTXGEN -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block + + echo + echo "#################################################################" + echo "### Generating channel configuration transaction 'channel.tx' ###" + echo "#################################################################" + $CONFIGTXGEN -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME + + echo + echo "#################################################################" + echo "####### Generating anchor peer update for Org1MSP ##########" + echo "#################################################################" + $CONFIGTXGEN -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP + + echo + echo "#################################################################" + echo "####### Generating anchor peer update for Org2MSP ##########" + echo "#################################################################" + $CONFIGTXGEN -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP + echo +} + +generateCerts +generateChannelArtifacts diff --git a/src/agent/k8s/driving-files/prepare-files.sh b/src/agent/k8s/driving-files/prepare-files.sh new file mode 100644 index 000000000..5859a091d --- /dev/null +++ b/src/agent/k8s/driving-files/prepare-files.sh @@ -0,0 +1,32 @@ + +#!/usr/bin/env bash + +# Copyright IBM Corp., All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# +#This script setup the required files at the /data directory which +# will further be used by Kubernetes manifests to run +# make sure you are sudo while executing + +# export PATH=$(pwd)/bin:$PATH +# +# bash byfn.sh -m generate -c businesschannel + +rm -rf orderer/* +rm -rf fabric-peer/peer0-org1/* +rm -rf fabric-peer/peer1-org1/* +rm -rf fabric-peer/peer0-org2/* +rm -rf fabric-peer/peer1-org2/* + +cp -r ./channel-artifacts/genesis.block ./orderer/orderer.genesis.block +cp -r ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/* ./orderer/ + +cp -r ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/* ./fabric-peer/peer0-org1/ +cp -r ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/* ./fabric-peer/peer1-org1/ +cp -r ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/* ./fabric-peer/peer0-org2/ +cp -r ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/* ./fabric-peer/peer1-org2/ + +sudo cp -r ../driving-files /data + +echo "Files are transferred to /data directory successfully." diff --git a/src/agent/k8s/driving-files/scripts/header.sh b/src/agent/k8s/driving-files/scripts/header.sh new file mode 100755 index 000000000..8c5e74a02 --- /dev/null +++ b/src/agent/k8s/driving-files/scripts/header.sh @@ -0,0 +1,25 @@ + +#!/usr/bin/env bash + +# Copyright IBM Corp., All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +## DO NOT MODIFY THE FOLLOWING PART, UNLESS YOU KNOW WHAT IT MEANS ## +echo_r () { + [ $# -ne 1 ] && return 0 + echo -e "\033[31m$1\033[0m" +} +echo_g () { + [ $# -ne 1 ] && return 0 + echo -e "\033[32m$1\033[0m" +} +echo_y () { + [ $# -ne 1 ] && return 0 + echo -e "\033[33m$1\033[0m" +} +echo_b () { + [ $# -ne 1 ] && return 0 + echo -e "\033[34m$1\033[0m" +} diff --git a/src/agent/k8s/driving-files/scripts/initialize.sh b/src/agent/k8s/driving-files/scripts/initialize.sh new file mode 100755 index 000000000..c8ceeeb02 --- /dev/null +++ b/src/agent/k8s/driving-files/scripts/initialize.sh @@ -0,0 +1,194 @@ +#!/bin/bash + +echo +echo " ============================================== " +echo " ==========initialize businesschannel========== " +echo " ============================================== " +echo + +source scripts/header.sh + +CHANNEL_NAME="$1" +: ${CHANNEL_NAME:="businesschannel"} +: ${TIMEOUT:="60"} +COUNTER=1 +MAX_RETRY=5 +ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem + +echo_b "Channel name : "$CHANNEL_NAME + +verifyResult () { + if [ $1 -ne 0 ] ; then + echo_b "!!!!!!!!!!!!!!! "$2" !!!!!!!!!!!!!!!!" + echo_r "================== ERROR !!! FAILED to execute End-2-End Scenario ==================" + echo + exit 1 + fi +} + +setGlobals () { + + if [ $1 -eq 0 -o $1 -eq 1 ] ; then + CORE_PEER_LOCALMSPID="Org1MSP" + CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt + CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp + if [ $1 -eq 0 ]; then + CORE_PEER_ADDRESS=peer0-org1:7051 + else + CORE_PEER_ADDRESS=peer1-org1:7051 + CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp + fi + else + CORE_PEER_LOCALMSPID="Org2MSP" + CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt + CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp + if [ $1 -eq 2 ]; then + CORE_PEER_ADDRESS=peer0-org2:7051 + else + CORE_PEER_ADDRESS=peer1-org2:7051 + fi + fi + + env |grep CORE +} + +createChannel() { + setGlobals 0 + + if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then + peer channel create -o orderer-service:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx >&log.txt + else + peer channel create -o orderer-service:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA >&log.txt + fi + res=$? + cat log.txt + verifyResult $res "Channel creation failed" + echo_g "===================== Channel \"$CHANNEL_NAME\" is created successfully ===================== " + echo +} + +updateAnchorPeers() { + PEER=$1 + setGlobals $PEER + + if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then + peer channel update -o orderer-service:7050 -c $CHANNEL_NAME -f ./channel-artifacts/${CORE_PEER_LOCALMSPID}anchors.tx >&log.txt + else + peer channel update -o orderer-service:7050 -c $CHANNEL_NAME -f ./channel-artifacts/${CORE_PEER_LOCALMSPID}anchors.tx --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA >&log.txt + fi + res=$? + cat log.txt + verifyResult $res "Anchor peer update failed" + echo_g "===================== Anchor peers for org \"$CORE_PEER_LOCALMSPID\" on \"$CHANNEL_NAME\" is updated successfully ===================== " + echo +} + +## Sometimes Join takes time hence RETRY atleast for 5 times +joinWithRetry () { + peer channel join -b $CHANNEL_NAME.block >&log.txt + res=$? + cat log.txt + if [ $res -ne 0 -a $COUNTER -lt $MAX_RETRY ]; then + COUNTER=` expr $COUNTER + 1` + echo_b "PEER$1 failed to join the channel, Retry after 2 seconds" + sleep 2 + joinWithRetry $1 + else + COUNTER=1 + fi + verifyResult $res "After $MAX_RETRY attempts, PEER$ch has failed to Join the Channel" +} + +joinChannel () { + for ch in 0 1 2 3; do + setGlobals $ch + joinWithRetry $ch + echo_g "===================== PEER$ch joined on the channel \"$CHANNEL_NAME\" ===================== " + sleep 2 + echo + done +} + +installChaincode () { + PEER=$1 + setGlobals $PEER + peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 >&log.txt + res=$? + cat log.txt + verifyResult $res "Chaincode installation on remote peer PEER$PEER has Failed" + echo_g "===================== Chaincode is installed on remote peer PEER$PEER ===================== " + echo +} + +instantiateChaincode () { + PEER=$1 + setGlobals $PEER + CORE_PEER_CHAINCODELISTENADDRESS=$PEER:8000 + echo ***************** + echo chaincode instantiation + echo $PEER + echo CORE_PEER_CHAINCODELISTENADDRESS + echo ***************** + echo $PEER + # while 'peer chaincode' command can get the orderer endpoint from the peer (if join was successful), + # lets supply it directly as we know it using the "-o" option + if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then + peer chaincode instantiate -o orderer-service:7050 -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member','Org2MSP.member')" >&log.txt + else + peer chaincode instantiate -o orderer-service:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member','Org2MSP.member')" >&log.txt + fi + res=$? + cat log.txt + verifyResult $res "Chaincode instantiation on PEER$PEER on channel '$CHANNEL_NAME' failed" + echo_g "===================== Chaincode Instantiation on PEER$PEER on channel '$CHANNEL_NAME' is successful ===================== " + echo +} + + +## Create channel +echo_b "Creating channel..." +createChannel + +## Join all the peers to the channel +echo_b "Having all peers join the channel..." +joinChannel + +## Set the anchor peers for each org in the channel +echo_b "Updating anchor peers for org1..." +updateAnchorPeers 0 +echo_b "Updating anchor peers for org2..." +updateAnchorPeers 2 + +## Install chaincode on Peer0/Org1 and Peer2/Org2 +echo_b "Installing chaincode on org1/peer0..." +installChaincode 0 + +echo_b "Install chaincode on org1/peer1..." +installChaincode 1 + +echo_b "Install chaincode on org2/peer0..." +installChaincode 2 + +echo_b "Install chaincode on org2/peer1..." +installChaincode 3 + + +# Instantiate chaincode on Peer0/Org1 +# Instantiate can only be executed once on any node +echo_b "Instantiating chaincode on peer0/org1..." +instantiateChaincode 0 + + +echo +echo_g "===================== All GOOD, initialization completed ===================== " +echo + +echo +echo " _____ _ _ ____ " +echo "| ____| | \ | | | _ \ " +echo "| _| | \| | | | | |" +echo "| |___ | |\ | | |_| |" +echo "|_____| |_| \_| |____/ " +echo + +exit 0 diff --git a/src/agent/k8s/driving-files/scripts/test_1peer.sh b/src/agent/k8s/driving-files/scripts/test_1peer.sh new file mode 100755 index 000000000..cecff77db --- /dev/null +++ b/src/agent/k8s/driving-files/scripts/test_1peer.sh @@ -0,0 +1,146 @@ +#!/bin/bash + +source scripts/header.sh + +CHANNEL_NAME="$1" +: ${CHANNEL_NAME:="businesschannel"} +: ${TIMEOUT:="60"} +COUNTER=0 +MAX_RETRY=5 +CC_PATH=github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 + +echo_b "Channel name : "$CHANNEL_NAME + +verifyResult () { + if [ $1 -ne 0 ] ; then + echo_b "!!!!!!!!!!!!!!! "$2" !!!!!!!!!!!!!!!!" + echo_r "================== ERROR !!! FAILED to execute MVE ==================" + echo + exit 1 + fi +} + +createChannel() { + peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./channel-artifacts/channel.tx >&log.txt + res=$? + cat log.txt + + verifyResult $res "Channel creation failed" + echo + + # verify file newchannel.block exist + if [ -s mychannel.block ]; then + res=$? + verifyResult $res "Channel created failed" + fi + echo_g "================channel \"$CHANNEL_NAME\" is created successfully ===============" +} + +## Sometimes Join takes time hence RETRY atleast for 5 times + +joinChannel () { + echo_b "===================== PEER0 joined on the channel \"$CHANNEL_NAME\" ===================== " + peer channel join -b ${CHANNEL_NAME}.block -o orderer.example.com:7050 >&log.txt + res=$? + cat log.txt + if [ $res -ne 0 -a $COUNTER -lt $MAX_RETRY ]; then + COUNTER=` expr $COUNTER + 1` + echo_r "PEER0 failed to join the channel, Retry after 2 seconds" + sleep 2 + joinWithRetry + else + COUNTER=0 + fi + verifyResult $res "After $MAX_RETRY attempts, PEER0 has failed to Join the Channel" +} + +updateAnchorPeers() { + peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./channel-artifacts/Org1MSPanchors.tx >&log.txt + res=$? + cat log.txt + verifyResult $res "Anchor peer update failed" + echo_g "==== Anchor peers for org1 on mychannel is updated successfully======" + echo +} + +installChaincode () { + peer chaincode install -n mycc -v 1.0 -p ${CC_PATH} -o orderer.example.com:7050 >&log.txt + res=$? + cat log.txt + verifyResult $res "Chaincode installation on remote peer0 has Failed" + echo_g "===================== Chaincode is installed success on remote peer0===================== " + echo +} + +instantiateChaincode () { + local starttime=$(date +%s) + peer chaincode instantiate -o orderer.example.com:7050 -C ${CHANNEL_NAME} -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR ('Org1MSP.member')" >&log.txt + res=$? + cat log.txt + verifyResult $res "Chaincode instantiation on pee0.org1 on channel '$CHANNEL_NAME' failed" + echo_g "=========== Chaincode Instantiation on peer0-org1 on channel '$CHANNEL_NAME' is successful ========== " + echo_b "Instantiate spent $(($(date +%s)-starttime)) secs" + echo +} + +chaincodeQuery () { + local rc=1 + local starttime=$(date +%s) + + while test "$(($(date +%s)-starttime))" -lt "$TIMEOUT" -a $rc -ne 0 + do + sleep 3 + echo_b "Attempting to Query peer0-org1 ...$(($(date +%s)-starttime)) secs" + peer chaincode query -C ${CHANNEL_NAME} -n mycc -c '{"Args":["query","a"]}' >&log.txt + test $? -eq 0 && VALUE=$(cat log.txt | awk '/Query Result/ {print $NF}') + test "$VALUE" = "$1" && let rc=0 + done + echo + cat log.txt + if test $rc -eq 0 ; then + echo_g "===================== Query on peer0-org1 on channel '$CHANNEL_NAME' is successful ===================== " + + else + echo_r "!!!!!!!!!!!!!!! Query result on peer0-org1 is INVALID !!!!!!!!!!!!!!!!" + echo_r "================== ERROR !!! FAILED to execute MVE test ==================" + echo + fi +} + +chaincodeInvoke () { + peer chaincode invoke -o orderer.example.com:7050 -C ${CHANNEL_NAME} -n mycc -c '{"Args":["invoke","a","b","10"]}' >&log.txt + res=$? + cat log.txt + verifyResult $res "Invoke execution on peer0-org1 failed " + echo_g "========= Invoke transaction on peer0-org1 on channel '$CHANNEL_NAME' is successful ===== " + echo +} + +echo_b "====================1.Create channel(default newchannel) =============================" +createChannel + +echo_b "====================2.Join pee0 to the channel ======================================" +joinChannel + +echo_b "====================3.set anchor peers for org1 in the channel===========================" +updateAnchorPeers + +echo_b "=====================4.Install chaincode test_cc on Peer0/Org0========================" +installChaincode + +echo_b "=====================5.Instantiate chaincode, this will take a while, pls waiting...===" +instantiateChaincode + +echo_b "====================6.Query the existing value of a====================================" +chaincodeQuery 100 + +echo_b "=====================7.Invoke a transaction to transfer 10 from a to b==================" +chaincodeInvoke + +echo_b "=====================8.Check if the result of a is 90===================================" +chaincodeQuery 90 + +echo +echo_g "=====================9.All GOOD, MVE Test completed ===================== " +echo +exit 0 diff --git a/src/agent/k8s/driving-files/scripts/test_4peers.sh b/src/agent/k8s/driving-files/scripts/test_4peers.sh new file mode 100755 index 000000000..f9f2cba3a --- /dev/null +++ b/src/agent/k8s/driving-files/scripts/test_4peers.sh @@ -0,0 +1,137 @@ +#!/bin/bash + +source scripts/header.sh + +echo +echo " ______ __ __ _ _____ ____ _ ______ ______ ______ _____ " +echo " / _____| | | | | / \ |_ _| | |\ \ | | / _____| / ______ \ | ___\ \ | ____|" +echo "/ / | |---| | / _ \ | | | | \ \ | | / / / / \ \ | | \ \ | _| " +echo "\ \_____ | |---| | / ___ \ _| |_ | | \ \ | | \ \_____ \ \______/ / | |____/ / | |___ " +echo " \______| |__| |__| /_/ \_\ |_____| |_| \_\|_| \______| \ ______ / |_______/ |_____|" +echo + + +CHANNEL_NAME="$1" +: ${CHANNEL_NAME:="businesschannel"} +: ${TIMEOUT:="60"} +COUNTER=1 +MAX_RETRY=5 +ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem + +echo "Channel name : "$CHANNEL_NAME + +verifyResult () { + if [ $1 -ne 0 ] ; then + echo "!!!!!!!!!!!!!!! "$2" !!!!!!!!!!!!!!!!" + echo_r "================== ERROR !!! FAILED to execute End-2-End Scenario ==================" + echo + exit 1 + fi +} + +setGlobals () { + + if [ $1 -eq 0 -o $1 -eq 1 ] ; then + CORE_PEER_LOCALMSPID="Org1MSP" + CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt + CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp + if [ $1 -eq 0 ]; then + CORE_PEER_ADDRESS=peer0-org1:7051 + else + CORE_PEER_ADDRESS=peer1-org1:7051 + CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp + fi + else + CORE_PEER_LOCALMSPID="Org2MSP" + CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt + CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp + if [ $1 -eq 2 ]; then + CORE_PEER_ADDRESS=peer0-org2:7051 + else + CORE_PEER_ADDRESS=peer1-org2:7051 + fi + fi + + env |grep CORE +} + +chaincodeQuery () { + PEER=$1 + echo "===================== Querying on PEER$PEER on channel '$CHANNEL_NAME'... ===================== " + setGlobals $PEER + local rc=1 + local starttime=$(date +%s) + + # continue to poll + # we either get a successful response, or reach TIMEOUT + while test "$(($(date +%s)-starttime))" -lt "$TIMEOUT" -a $rc -ne 0 + do + sleep 3 + echo "Attempting to Query PEER$PEER ...$(($(date +%s)-starttime)) secs" + peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}' >&log.txt + test $? -eq 0 && VALUE=$(cat log.txt | awk '/Query Result/ {print $NF}') + test "$VALUE" = "$2" && let rc=0 + done + echo + cat log.txt + if test $rc -eq 0 ; then + echo_g "===================== Query on PEER$PEER on channel '$CHANNEL_NAME' is successful ===================== " + else + echo_r "!!!!!!!!!!!!!!! Query result on PEER$PEER is INVALID !!!!!!!!!!!!!!!!" + echo_r "================== ERROR !!! FAILED to execute End-2-End Scenario ==================" + echo + exit 1 + fi +} + +chaincodeInvoke () { + PEER=$1 + setGlobals $PEER + # while 'peer chaincode' command can get the orderer endpoint from the peer (if join was successful), + # lets supply it directly as we know it using the "-o" option + if [ -z "$CORE_PEER_TLS_ENABLED" -o "$CORE_PEER_TLS_ENABLED" = "false" ]; then + peer chaincode invoke -o orderer.example.com:7050 -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}' >&log.txt + else + peer chaincode invoke -o orderer.example.com:7050 --tls $CORE_PEER_TLS_ENABLED --cafile $ORDERER_CA -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}' >&log.txt + fi + res=$? + cat log.txt + verifyResult $res "Invoke execution on PEER$PEER failed " + echo_g "===================== Invoke transaction on PEER$PEER on channel '$CHANNEL_NAME' is successful ===================== " + echo +} + + +#Query on chaincode on Peer0/Org1 +echo "Querying chaincode on org1/peer0..." +chaincodeQuery 2 100 + +#Invoke on chaincode on Peer0/Org1 +echo "Sending invoke transaction on org1/peer0..." +chaincodeInvoke 1 + +#Query on chaincode on Peer1/Org2, check if the result is 90 +echo "Querying chaincode on org2/peer1..." +chaincodeQuery 3 90 + +#Invoke on chaincode on Peer1/Org2 +echo "Sending invoke transaction on org2/peer1..." +chaincodeInvoke 3 + +#Query on chaincode on Peer1/Org2, check if the result is 80 +echo "Querying chaincode on org2/peer1..." +chaincodeQuery 3 80 + +echo +echo_g "===================== All GOOD, End-2-End execution completed ===================== " +echo + +echo +echo " _____ _ _ ____ " +echo "| ____| | \ | | | _ \ " +echo "| _| | \| | | | | |" +echo "| |___ | |\ | | |_| |" +echo "|_____| |_| \_| |____/ " +echo + +exit 0 diff --git a/src/agent/k8s/manifests/Kube-DNS/kube-dns-nodeport.yaml b/src/agent/k8s/manifests/Kube-DNS/kube-dns-nodeport.yaml new file mode 100644 index 000000000..291ebcc37 --- /dev/null +++ b/src/agent/k8s/manifests/Kube-DNS/kube-dns-nodeport.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-dns + namespace: kube-system + labels: + k8s-app: kube-dns + kubernetes.io/cluster-service: "true" + kubernetes.io/name: "KubeDNS" +spec: + selector: + k8s-app: kube-dns + clusterIP: #in my case it was 10.0.0.1, Please check yours by "Kubectl describe svc --namespace=kube-system kube-dns" + type: NodePort + ports: + - name: dns + port: 53 + targetPort: 53 + nodePort: 30053 + protocol: UDP + - name: dns-tcp + port: 53 + targetPort: 53 + nodePort: 30053 + protocol: TCP diff --git a/src/agent/k8s/manifests/fabric-1.0/local/peer0.yaml b/src/agent/k8s/manifests/fabric-1.0/local/peer0.yaml index 976b15064..2421d9abb 100755 --- a/src/agent/k8s/manifests/fabric-1.0/local/peer0.yaml +++ b/src/agent/k8s/manifests/fabric-1.0/local/peer0.yaml @@ -29,21 +29,23 @@ spec: name: fabric-vol-msp - mountPath: /etc/hyperledger/fabric/tls name: fabric-vol-tls - - mountPath: /var/run/docker.sock + - mountPath: /host/var/run/docker.sock name: docker-sock env: - name: CORE_VM_ENDPOINT - value: unix:///var/run/docker.sock + value: unix:///host/var/run/docker.sock - name: CORE_PEER_ID value: "peer0-org1" - name: CORE_PEER_ADDRESS value: "peer0-org1:7051" - # - name: CORE_PEER_CHAINCODELISTENADDRESS - # value: "peer0-org1:7052" - name: CORE_PEER_GOSSIP_EXTERNALENDPOINT value: "peer0-org1:7051" - name: CORE_PEER_GOSSIP_BOOTSTRAP value: "peer0-org1:7051" + - name: CHAINCODE_LISTEN_ADDRESS + value: "0.0.0.0:8000" + - name: CORE_VM_HOSTCONFIG_DNS + value: $NGINX_PROXY_DNS - name: CORE_PEER_LOCALMSPID value: "Org1MSP" - name: CORE_PEER_GOSSIP_ORGLEADER @@ -51,7 +53,7 @@ spec: - name: CORE_LOGGING_LEVEL value: "DEBUG" - name: CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE - value: "10_default" + value: "bridge" - name: CORE_PEER_GOSSIP_USELEADERELECTION value: "true" - name: CORE_PEER_GOSSIP_ORGLEADER @@ -69,23 +71,14 @@ spec: - name: CORE_PEER_TLS_ROOTCERT_FILE value: "/etc/hyperledger/fabric/tls/ca.crt" ports: - #- containerPort: 7050 - containerPort: 7051 - containerPort: 7052 - containerPort: 7053 - # - containerPort: 7054 - # - containerPort: 7055 - # - containerPort: 7056 - # - containerPort: 7057 - # - containerPort: 7058 - # - containerPort: 7059 + - containerPort: 8000 command: - peer - node - start - # - /bin/bash - # - -nltpu - # - "7052" volumes: - name: fabric-vol-msp hostPath: @@ -106,9 +99,6 @@ metadata: spec: type: ClusterIP ports: - #- name: "7050" - # targetPort: 7050 - # port: 7050 - name: "7051" targetPort: 7051 port: 7051 @@ -118,6 +108,9 @@ spec: - name: "7053" targetPort: 7053 port: 7053 + - name: "chaincode-listen-address" + targetPort: 8000 + port: 8000 selector: app: hyperledger role: peer diff --git a/src/agent/k8s/manifests/fabric-1.0/local/peer1.yaml b/src/agent/k8s/manifests/fabric-1.0/local/peer1.yaml index 656111385..31afd26c5 100755 --- a/src/agent/k8s/manifests/fabric-1.0/local/peer1.yaml +++ b/src/agent/k8s/manifests/fabric-1.0/local/peer1.yaml @@ -29,29 +29,31 @@ spec: name: fabric-vol-msp - mountPath: /etc/hyperledger/fabric/tls name: fabric-vol-tls - - mountPath: /var/run/docker.sock + - mountPath: /host/var/run/docker.sock name: docker-sock env: - name: CORE_VM_ENDPOINT - value: unix:///var/run/docker.sock + value: unix:///host/var/run/docker.sock - name: CORE_PEER_ID value: "peer1-org1" - name: CORE_PEER_ADDRESS value: "peer1-org1:7051" - # - name: CORE_PEER_CHAINCODELISTENADDRESS - # value: "peer1-org1:7052" - name: CORE_PEER_GOSSIP_EXTERNALENDPOINT value: "peer1-org1:7051" - name: CORE_PEER_GOSSIP_BOOTSTRAP value: "peer0-org1:7051" - name: CORE_PEER_LOCALMSPID value: "Org1MSP" + - name: CHAINCODE_LISTEN_ADDRESS + value: "0.0.0.0:8000" + - name: CORE_VM_HOSTCONFIG_DNS + value: $NGINX_PROXY_DNS - name: CORE_PEER_GOSSIP_ORGLEADER value: "false" - name: CORE_LOGGING_LEVEL value: "DEBUG" - name: CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE - value: "10_default" + value: "bridge" - name: CORE_PEER_GOSSIP_USELEADERELECTION value: "true" - name: CORE_PEER_GOSSIP_ORGLEADER @@ -73,7 +75,7 @@ spec: - containerPort: 7051 - containerPort: 7052 - containerPort: 7053 - # - containerPort: 7054 + - containerPort: 8000 # - containerPort: 7055 # - containerPort: 7056 # - containerPort: 7057 @@ -123,6 +125,9 @@ spec: - name: "7053" targetPort: 7053 port: 7053 + - name: "chaincode-listen-address" + targetPort: 8000 + port: 8000 selector: app: hyperledger role: peer diff --git a/src/agent/k8s/manifests/fabric-1.0/local/peer2.yaml b/src/agent/k8s/manifests/fabric-1.0/local/peer2.yaml index aa28eada2..1102e087f 100755 --- a/src/agent/k8s/manifests/fabric-1.0/local/peer2.yaml +++ b/src/agent/k8s/manifests/fabric-1.0/local/peer2.yaml @@ -29,21 +29,23 @@ spec: name: fabric-vol-msp - mountPath: /etc/hyperledger/fabric/tls name: fabric-vol-tls - - mountPath: /var/run/docker.sock + - mountPath: /host/var/run/docker.sock name: docker-sock env: - name: CORE_VM_ENDPOINT - value: unix:///var/run/docker.sock + value: unix:///host/var/run/docker.sock - name: CORE_PEER_ID value: "peer0-org2" - name: CORE_PEER_ADDRESS value: "peer0-org2:7051" - # - name: CORE_PEER_CHAINCODELISTENADDRESS - # value: "peer0-org2:7052" - name: CORE_PEER_GOSSIP_EXTERNALENDPOINT value: "peer0-org2:7051" - name: CORE_PEER_GOSSIP_BOOTSTRAP value: "peer0-org2:7051" + - name: CHAINCODE_LISTEN_ADDRESS + value: "0.0.0.0:8000" + - name: CORE_VM_HOSTCONFIG_DNS + value: $NGINX_PROXY_DNS - name: CORE_PEER_LOCALMSPID value: "Org2MSP" - name: CORE_PEER_GOSSIP_ORGLEADER @@ -51,7 +53,7 @@ spec: - name: CORE_LOGGING_LEVEL value: "DEBUG" - name: CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE - value: "10_default" + value: "bridge" - name: CORE_PEER_GOSSIP_USELEADERELECTION value: "true" - name: CORE_PEER_GOSSIP_ORGLEADER @@ -73,7 +75,7 @@ spec: - containerPort: 7051 - containerPort: 7052 - containerPort: 7053 - # - containerPort: 7054 + - containerPort: 8000 # - containerPort: 7055 # - containerPort: 7056 # - containerPort: 7057 @@ -123,6 +125,9 @@ spec: - name: "7053" targetPort: 7053 port: 7053 + - name: "chaincode-listen-address" + targetPort: 8000 + port: 8000 selector: app: hyperledger role: peer diff --git a/src/agent/k8s/manifests/fabric-1.0/local/peer3.yaml b/src/agent/k8s/manifests/fabric-1.0/local/peer3.yaml index deb42220e..bd0560640 100755 --- a/src/agent/k8s/manifests/fabric-1.0/local/peer3.yaml +++ b/src/agent/k8s/manifests/fabric-1.0/local/peer3.yaml @@ -29,29 +29,31 @@ spec: name: fabric-vol-msp - mountPath: /etc/hyperledger/fabric/tls name: fabric-vol-tls - - mountPath: /var/run/docker.sock + - mountPath: /host/var/run/docker.sock name: docker-sock env: - name: CORE_VM_ENDPOINT - value: unix:///var/run/docker.sock + value: unix:///host/var/run/docker.sock - name: CORE_PEER_ID value: "peer1-org2" - name: CORE_PEER_ADDRESS value: "peer1-org2:7051" - # - name: CORE_PEER_CHAINCODELISTENADDRESS - # value: "peer1-org2:7052" - name: CORE_PEER_GOSSIP_EXTERNALENDPOINT value: "peer1-org2:7051" - name: CORE_PEER_GOSSIP_BOOTSTRAP value: "peer0-org2:7051" - name: CORE_PEER_LOCALMSPID value: "Org2MSP" + - name: CHAINCODE_LISTEN_ADDRESS + value: "0.0.0.0:8000" + - name: CORE_VM_HOSTCONFIG_DNS + value: $NGINX_PROXY_DNS - name: CORE_PEER_GOSSIP_ORGLEADER value: "false" - name: CORE_LOGGING_LEVEL value: "DEBUG" - name: CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE - value: "10_default" + value: "bridge" - name: CORE_PEER_GOSSIP_USELEADERELECTION value: "true" - name: CORE_PEER_GOSSIP_ORGLEADER @@ -73,7 +75,7 @@ spec: - containerPort: 7051 - containerPort: 7052 - containerPort: 7053 - # - containerPort: 7054 + - containerPort: 8000 # - containerPort: 7055 # - containerPort: 7056 # - containerPort: 7057 @@ -123,6 +125,9 @@ spec: - name: "7053" targetPort: 7053 port: 7053 + - name: "chaincode-listen-address" + targetPort: 8000 + port: 8000 selector: app: hyperledger role: peer diff --git a/src/agent/k8s/nginx/deploy.sh b/src/agent/k8s/nginx/deploy.sh new file mode 100644 index 000000000..3ab1fe8a2 --- /dev/null +++ b/src/agent/k8s/nginx/deploy.sh @@ -0,0 +1,10 @@ +#This script will use the Kubernetes manifests to deploy +#Fabric 1.0 Kubernetes Cluster + +kubectl create -f manifests/fabric-1.0/local/ca.yaml +kubectl create -f manifests/fabric-1.0/local/orderer.yaml +kubectl create -f manifests/fabric-1.0/local/peer0.yaml +kubectl create -f manifests/fabric-1.0/local/peer1.yaml +kubectl create -f manifests/fabric-1.0/local/peer2.yaml +kubectl create -f manifests/fabric-1.0/local/peer3.yaml +kubectl create -f manifests/fabric-1.0/local/cli.yaml diff --git a/src/agent/k8s/nginx/nginx.conf b/src/agent/k8s/nginx/nginx.conf new file mode 100644 index 000000000..4238b098a --- /dev/null +++ b/src/agent/k8s/nginx/nginx.conf @@ -0,0 +1,38 @@ +#This is Nginx proxy configuration file, which will accept TCP and UDP requests on IPv4 address +#and will forward to KUBE-DNS running on . I've purposely exposed Kube-Dns to +#NodePort 30053,since it is easy to figure out. + +load_module /usr/lib64/nginx/modules/ngx_stream_module.so; + + +user nginx; +worker_processes 1; +pid /run/nginx.pid; + + +events { + worker_connections 256; + # multi_accept on; +} + +stream { + + + upstream dns_upstreams { + server 0.0.0.0:30053; + } + + server { + listen 53; + proxy_pass dns_upstreams; + proxy_timeout 1s; + proxy_responses 1; + } + + server { + listen 53 udp; + proxy_pass dns_upstreams; + proxy_timeout 1s; + proxy_responses 1; + } +} diff --git a/src/agent/k8s/run.sh b/src/agent/k8s/run.sh new file mode 100644 index 000000000..4b9242692 --- /dev/null +++ b/src/agent/k8s/run.sh @@ -0,0 +1,20 @@ + +#!/usr/bin/env bash + +# Copyright IBM Corp., All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +#Exposing the Kube-DNS to NodePort 30053 +kubectl apply -f manifests/Kube-DNS/kube-dns-nodeport.yaml + +#GETTING THE NGINX STREAM PROXY READY TO FORWARD THE INCOMING UDP REQUESTS +#AT PORT 53 TO Kube-DNS NodePort 30053 +sudo cp nginx/nginx.conf /etc/nginx/nginx.conf + +echo "Kube-DNS and Nginx Proxy are all set" + +echo "Now Deploying the Fabric-1.0 cluster" + +bash deploy.sh