How to setup multicloud architecture in hyperledger fabric? - azure

I have a peer in google cloud platform. I have to join that peer to the channel in azure network.
What I tried:
Generated crypto-materials for new peer using azure network webclient and used that crypto-config materials in all the peers, orderer and webclient in azure and also in the new peer I have in google cloud. But after that new peer can join the channel of azure but could not install instantiate the chaincodes.

There are two recommended approaches to setting up Hyperledger Fabric Network on Azure. You can use the Hyperledger Fabric template available in the Azure Marketplace to launch your environment on Azure or you can take the hard way and manually commission VM Instances. Using the template is obviously a faster solution. It is also a better solution. If you were to manually set up your environment, you would have to consider 2 cases — using multiple VM instances (usually in a production environment) or a single VM (for a development environment).
In the second case, you would have to set up the communication rules between VM instances if you are using multiple ones. You would have to download and install the Fabric SDKs and configure the channels and peers and every other facet of a typical Hyperledger Fabric network. While that is easy to do for single, Dev mode VM instance, things get really complicated when you have to consider multiple running instances. Hence, it is better to use the Hyperledger Fabric Template to set up your Fabric environment on Azure.
In either approach, Fabric Network generates a channel configuration. This step generates a new channel configuration block that includes the new member belonging to the peer node in GCP. A configuration block is similar to the genesis block, defining the members and policies for a channel. In fact, you can consider a configuration block to be the genesis block plus the delta of configuration changes that have occurred since the channel was created.
Azure VM Fabric Network can shares the genesis block for the channel with Peer Node in GCP. Before the peer node in GCP joins the channel, it must be able to connect to the ordering service. It obtains the ordering service endpoint from the channel genesis block.
If you are facing issues in the GCP peer node, please confirm that the peer node is receiving blocks on the channel, you install chain code. You then run a query against the local ledger on the peer. After installing the chain code, the peer node in GCP can run queries against its own world state database.

Related

Hyperledger fabric create the new block when we use storage

I am using hyper-ledger fabric with 2 organisation and peers with the chain-code installed in all the peers. I am using the storage to keep the state of blockchain on local drive.
If i am using the storage current blockchain state, when i stop all container of peers, orderer and run again, it adds the one extra block without doing the transaction, all the time when i stop and start all the container. How this block is getting created and what is the purpose of this extra block?

Implement the distributed-decentralised ledger for a hyperleder network

Did a small example using the hyperledger composer and then used the composer-rest-server to integrate it with GUI. So in the case of identity, only admin is there. There is also documentation to create and issue other identities to login into the business networks.
But still, the problem is it's only in a single peer, meaning my local machine. To my understanding, for the hyperledger to function as decentralized and distributed ledger system, additional peers have to be added to the channel and then states gets synced in those peers. Hence if one node is down, details can be obtained from other nodes.
I checked some links such as this and this. But all of these point to the things that :
Existing network should be stopped and teared down.
The IP address of the second machine should be manually added to the docker.yml file and then have to be restarted.
My doubts are :
But on doing this, won't the existing ledger stated be cleared? All the data are gone.
So before even creating a dApp using hyperledger, we have to include all the IP address of the machine in the yml and start the network?
How to actually implement the distributed-decentralised ledger system for a hyperleder network?
UPDATE :
I have checked the links mentioned by Paul O'Mahony. The links explains about the peer addition steps. Overall what happens there is :
downloaded the fabric sample as the fabric extension is only possible through the cryptogen version appropriate to the Fabric version.
Currently contains order, org1 & org2 (with 2 peers each).
To add a new peer along with its couchdb, changed the template count in the crypto-config.yaml and created crypto material for the new peer using the extend command.
Then using the docker composer file to spawn a new peer and its couchdb. This will create new containers.
Finally the created peers should be joined to the existing channel for the couch db to get sync. The adding to existing channel is via logging into the docker container and typing some cli commands and adding the peer to channel via channel join command.
Is this recommend way to add peers to the channel ? Suppose i am creating a network and wanted to add peers to the channel based on a condition. Like a user/users can add themselves to the network through a login via composer playground and act as a peer. So i have to follow the same steps to do it ? Is this the recommended way ?
Supporting link : https://chat.hyperledger.org/channel/fabric?msg=KgxFegcZyKEPdo4v2

Hyperledger communication between multiple machine

I have created a network composed by two nodes using this tutorial: Multiple Machine.
In the node with orderer and ca installed, I can use the composer-playground to interact with the blockchain. Instead, analysing the logs of the docker on the second node, I am able to see the communication between the nodes but I am not able to access the data.
How can I access data on the second machine?
It is a simple node connect to the first node (where is installed the orderer and the ca).
Thanks,
What do you mean by accessing the data?
In Hyperledger Fabric the ledger data is composed of two components i.e. World State and Transaction History Log (the blockchain).
Here World state refers to the most recent (current) state of the assets you have and Transaction History log refers to the transaction executed on these assets. Assets or Key Value set when using CouchDB as the World State allows you to have KeyValue with Value as JSON documents.
The World State by default is stored in levelDB or couchDB, if you have docker containerized network the World State levelDB is stored on the peer container while using couchDB sets up its own couchDB container associated with each peer. The couchdb for each peer can be accessed from host machine using http://couchdbIp:port
The Transaction log get's stored in the underlying file system as blockFiles somewhere under location /var/hyperledger/ledgerdata or something in the peer container.
When you mention Orderer, which is another component like peer, is a docker container assigned the role of making sure that transactions are properly ordered and verified that their endorsement are valid. This gets complicated as you go to having multiple ordering service nodes and requires Kafka implementation rather than the default SOLO implementation. You can read about each of these implementations in Hyperledger Fabric official documentation.
Also CA is associated with each organization responsible for establishing chain of trust is another component of Hyperledger Fabric that signs certificates of network components like organization peers, client and participants following PKI.
The Playground will connect to the Fabric based on the connection profile (connection.json) for the Business Network Cards you have. If you want to specifically connect to second node you could modify a card.
But remember that Playground is a development and test tool not a production tool so you shouldn't worry too much about hitting different containers with it - particularly as the data will be the same replicated across Peers.

Hyperledger Fabric development lifecycle

I was wandering what is the "best" practice in ordering the steps for the HF development cycle? Here are some questions organized in different topics.
1. Specification of network infrastructure:
What are the mandatory members in one business
network definition (organizations, peers, ca)?
How many pears do we need in our business network (bn)?
I am aware of the semantic in
relationship between the channel and the peer, but I am not sure
about the relationship between the peer and the organization? Also,
what if just one organization (org1.example.com) will use the
developed network, how to specify the endorsement policy in that use
case (since we need at least two organization in chaincode
instantiate command specification)?
2. SDK development lifecycle
When we develop SDK (Node.js), in order to interact with our BN what are required CA certificates needed for our SDK app to be able to connect and issue chain-code functions?
How to issue the CA certificates needed for SDK app?
3. Chain-code development lifecycle
1.If I am using the CLI docker container for management of my BN, is it a good practice to git clone my chain-code to CLI and then to install it and instantiate it to certain peer node?
2.After I change my go chain-code, do I need to install it again with the different id to the same peer, or I can just update the existing instance of my chain-code?
My idea is to make this question sort of place where we can add all the relevant questions about these three topics, so please edit and add additional questions! Thank you for your answers.
Let me try to answer your questions:
What are the mandatory members in one business network definition (organizations, peers, ca)?
The only mandatory network entities are peers and ordering service. Of course to be able to define anything you should have a notion of organizations the parties which are going to transact. Each such party expected to have a number of peers which running chaincodes (smartcontracts) on organization behalf. CA is required to issue certificates and bind peers and clients identities to certain organization.
How many pears do we need in our business network (bn)?
The desired number of peers is completely up to your business logic and requirements, need to accommodate expectations for availability, scalability and your trust model (endorsement policies).
I am aware of the semantic in relationship between the channel and the peer, but I am not sure about the relationship between the peer and the organization?
Peer is the network entity which executes chaincodes on behalf of given organization increasing the organization confidence in correctness of execution results.
Also, what if just one organization (org1.example.com) will use the developed network, how to specify the endorsement policy in that use case (since we need at least two organization in chaincode instantiate command specification)?
You do not have to have at least two organizations to define endorsement policy, while with one org is a bit redundant since, default endorsement policy is to have some peer from the channel to sign on endorsement request.
When we develop SDK (Node.js), in order to interact with our BN what are required CA certificates needed for our SDK app to be able to connect and issue chain-code functions?
You do not need CA certificate, but you need a client certificated signed by root CA to prove client identity and enable peer to validate whenever client has correct access rights.
How to issue the CA certificates needed for SDK app?
You can use fabric-ca to enroll use and get client certificate, or you can simply leverage cryptogen to produce client certs for you.
If I am using the CLI docker container for management of my BN, is it a good practice to git clone my chain-code to CLI and then to install it and instantiate it to certain peer node?
Here is the thing, peer cli is a bit abused, since it's primary usage is to rapid testing in development and for demoing. The proper way to communicate with Hyperledger Fabric is by using SDK's, e.g. you basically need to implement a client which will be capable to install and instantiate chaincodes based on your own logic and parameters relevant for your application.
After I change my go chain-code, do I need to install it again with the different id to the same peer, or I can just update the existing instance of my chain-code?
You have an upgrade procedure which pretty well covered in Hyperledger Fabric documentation. Or you can see a short demo on video.
My idea is to make this question sort of place where we can add all the relevant questions about these three topics, so please edit and add additional questions!
Please consider to login into Rocket.Chat and use #fabric channel to ask your questions.
Additionally please take a look on documentation, since most of the information and details about your questions could be found there and it constantly being updated.

Hyperledger Composer model not persisted

I'm using Hyperledger Composer on Fabric v1.0. When stopping Fabric with fabric-tools/stopFabric.sh and then starting with startFabric.sh, the deployed model (.bna file) is no longer there.
How do I set the system up so that data will stay there after a system reboot?
This is an operational consideration for how to set up a fabric environment and as you correctly observe, because our fabric dev server just start up fabric containers, if those containers are destroyed for any reason then their internal filesystem are lost.
In the hyperledger fabric documentation they describe a simple way to make the fabric containers persist their data outside of their isolated file systems.
see
http://hyperledger-fabric.readthedocs.io/en/latest/build_network.html
and the section called "A Note on Data Persistence" which provide detail on this. In this case you would need to apply the concepts described there to the docker-compose.yml file in the hlfv1/composer directory in our fabric dev server.
If you were deploying using the composer playground, you can save your bna using the export button on the lower left of the playground define interface.
If you want to persist your deployment itself, you can modify the docker-compose files to persist the data in the /var/hyperledger/production on the peer and orderer containers using a data volume. This will persist the ledger and credentials the next time you bring up the network.

Resources