can two peer containers of the same org share the same CouchDB database on Fabric v2.0?
No, They don't share same couchdb. Every peer maintain its own couchdb and communicate via gossip protocol to be in sync with each other.
Answer is No
Few points to support this, as below:
CouchDB is used as a state database by the peers
Every peer has an identity and it has to be a separate couch instance in order to store the state data
state data may contains public data and private data when you enable private data mode and it has to be separate and dedicated instance
Related
I want to have two peers within an organization in which one peer act as a client that only send transactions without storing the ledger, and the other act as normal peer. I read about having lightweight node and full node. But how to make them both related to the same organization in Hyperledger?
All peer nodes are committers in Hyperledger Fabric. Thus, every peer node stores the ledger. If a node does not store the ledger, it may be a client or some kind of proxy, but not a peer node. Please, refer to the document where you have read about lightweight and full nodes, as it may be not referring to peers.
Anyway, every node is related to its organization through its MSP.
I implemented hyper ledger fabric network on single machine and I am worry about backup of ledger data.
As blockchain network is secure and transaction can not be altered but as a backed developer How can we secure data as backup ?
There are two ways to do that:
Create a new network or node which has access to the same channels as the node whose data you want to backup. This new node will then rebuild its ledger and state DB for all these channels.
Manual backup: Login to peers and go to /var/hyperledger/production and backup the folders like chaincodes , ledgersData and transientStore
You can refer to this JIRA Add ledger backup/restore to Operations Guide
I have two organizations with 2 peers running on each organization. I created a channel and joined all the 4 peers to it. The peers use couchdb as state database. Now if I accidentally modify/delete the data stored in one of the peer's couchdb database, how does this peer recover from the changed state and get synchronized with other peers?
If you modify data in the state database, it will not be propagated to other peers. See the detailed answer in the question: Hyperledger Fabric CouchDB updates through Fauxton treated as valid updates, but no record in blockchain
I have a multi-org fabric network where all the orgs are on a single channel.
I understand that using the composer acl file we can hide data from the users based on their roles and other conditions.
However, the data will be visible when we get into the peer container of any org and issue a peer channel fetch.
So, my question is, is there a way to encrypt this ledger data when the orgs shares the same channel? Here, they mention about encrypting the data. Is there any example/reference that can get me started on that one?
Currently, I'm not planning to use different channels between different orgs.
Yes, there are few ways to protect the ledger data. Like your mentioned in your question, Hyperledger Fabric FAQ, official gives five different ways to help us to achieve security and access control.
In the newest version of Fabric, which is tagged v1.2.0, provided a new definition called private data. I prefer to use this method to build my access control in my apps.
Since I am using Fabric Node SDK to deploy and control the fabric network, and it provides a convenient way for me to embed it into the exists projects.
Using the configuration file to define who can persist data, how many peers the data is distributed to, how many peers are required to disseminate the private data, and how long the private data is persisted in the private database. All the upgrade that you need to do is adding some parameters when install and instantiate, modifying some function to invoke the private data, writing some codes to handle the configuration file and users control.
It gives some examples for us to use this new feature:
Chaincode example
SDK example
I have created a network composed by two nodes using this tutorial: Multiple Machine.
In the node with orderer and ca installed, I can use the composer-playground to interact with the blockchain. Instead, analysing the logs of the docker on the second node, I am able to see the communication between the nodes but I am not able to access the data.
How can I access data on the second machine?
It is a simple node connect to the first node (where is installed the orderer and the ca).
Thanks,
What do you mean by accessing the data?
In Hyperledger Fabric the ledger data is composed of two components i.e. World State and Transaction History Log (the blockchain).
Here World state refers to the most recent (current) state of the assets you have and Transaction History log refers to the transaction executed on these assets. Assets or Key Value set when using CouchDB as the World State allows you to have KeyValue with Value as JSON documents.
The World State by default is stored in levelDB or couchDB, if you have docker containerized network the World State levelDB is stored on the peer container while using couchDB sets up its own couchDB container associated with each peer. The couchdb for each peer can be accessed from host machine using http://couchdbIp:port
The Transaction log get's stored in the underlying file system as blockFiles somewhere under location /var/hyperledger/ledgerdata or something in the peer container.
When you mention Orderer, which is another component like peer, is a docker container assigned the role of making sure that transactions are properly ordered and verified that their endorsement are valid. This gets complicated as you go to having multiple ordering service nodes and requires Kafka implementation rather than the default SOLO implementation. You can read about each of these implementations in Hyperledger Fabric official documentation.
Also CA is associated with each organization responsible for establishing chain of trust is another component of Hyperledger Fabric that signs certificates of network components like organization peers, client and participants following PKI.
The Playground will connect to the Fabric based on the connection profile (connection.json) for the Business Network Cards you have. If you want to specifically connect to second node you could modify a card.
But remember that Playground is a development and test tool not a production tool so you shouldn't worry too much about hitting different containers with it - particularly as the data will be the same replicated across Peers.