I am using the hyper-ledger fabric project, It works well, if i have all the keys and certificate of peers and orderer. I can create the channel and install chain-code.
I came across the scenario.
Let Assume, that we have 4 organisation A,B,C,D. Each one is in different region with different CA (Total 4 CA).
Each organisation consist of 2 peers, 3 orderer and have there own channel, Let's assume ChannelA, ChannelB, ChannelC, ChannelD. This structure work well because everything is internal setup.
Now,Assuming that If organisation A and B become partner wanna do business. They have to communicate the each other. How the work flow go.Because the A and B already have there own channel and organisation setup. Now how A and B can bring their business on the existing one. Later stage if c and d wanna join A and B. How flow works because they have all different key-pair, certificates.
#fama
Let me tell you a bit concepts here
In hyperledger fabric consortium is the top level and channels, organisations are comes under consortium
So in your question each organisation has their own CA and some peers, Orderers
So when org A creates channel and org B, C, D joins same channel it will be as your case
At any point of time any organisation can create channel and others can join only if participating orgs should be in the same consortium
Related
Let's say our consortium consists of four Orgs - OrgA, OrgB, OrgC and OrgD. They all have joined a Fabric network.
Now at some point OrgA and OrgB jointly create a channel chAB, where they don't want to disclose
not only contents of their transactions, but also the fact that they have deal with each other.
Can OrgD guess somehow that OrgA and OrgB now have chAB
, from legitimately available information only (by analyzing OrgD's own ledger or by sniffing network traffics that can be seen from OrgD or something),
but not penetrating other parties' nodes nor Orderer?
I have a web app with multiple clients.
I want to record some data of client (employee education record) on blockchain.
Clients do not wish to share this data with any other entity or organisation. No data will be shared between clients themselves. The sole purpose to use blockchain is: to have a immutable copy of records.
I have two options:
Multiple Orgs Single Channel:
1 Org per client and 1 Org for my application.
All Orgs on single channel.
I write my business network in composer in such a way that 1 client cannot READ, WRITE, DELETE the data of other client. (via ACL definition).
So, although the ledger is same for all clients, there are rules defined to prevent invalid access.
Multiple Orgs Multiple Channel:
1 Org per client and 1 Org for my application.
Different channels for each client. (Client + My App Org join the channel).
This way ledger will be different for each client.
Con: I need to instantiate the same composer network(bna) on all channels (management task increases).
Which approach is good for my scenario?
If there is no common data between different clients/orgs, there is no point of having a shared channel between them. Taking care of permissions overs data will complicate your network setup. It would be better to abstract out that detail from network design.
You should have one org corresponding to each client. In each org there will be a single channel which all the peers in that org will use to communicate.
I think you could encrypt every client's data by passing the transient key to chaincode,and just manage the keys, this may be light weight and fesible for your scenery.
I have two organizations which have a peer each, where Org1 takes some data and sends only selected data in it to Org2 for further processing, where they have only 1 channel.
there are no other organizations in the channel and only 1 channel is established between these two Org's.
How can they have their ledger being updated? and,How can i achieve this in Hyperledger Fabric?
basically, the concept of organizations is about to map the real-life (organizations - companies - business corporations) which can have multiple peers/machines which is participating in Blockchain network,
and such thing doesn't mean they didn't share the same ledger....
in matter fact all the organizations with all peers behind this organizations sharing the same ledger and once you submit any transaction from any of this peers and the transaction is committed and done successfully, the rest of organizations with all peers will sync with the new transaction and get copy of whatever happened in the ledger...
but keep in mind this should be happen in the channel scope,
channels is about to separate ledgers, each channel have it's own specific transactions / data separated form other channels
so if you have 2 channels let's say (Ch1 , Ch2) and each channel have 2 organizations (Org1, Org2) and each organization have 1 or more than 1 peer: all peers inside all organizations in channel (Ch1) will have it's own transactions and data and will not sync or share it with channel (Ch2)
summary:
organizations share the same ledger and get copy from any transaction and have it's own copy of data
channels didn't share ledgers and each channel have it's own separate data which is not shared with another channel
hope this point is very clear now for you....
I am doing an electronic health record Hyperledger fabric network. Suppose my network has two hospitals and these hospitals need to share information like patient info etc with each other and register on the ledger. I have created three channel channel1 having peers of hospital1 and channel2 having peers of hospital2 and another channel that having peers of both organization. So that information like employees details etc won't be save on another organisations peers. Is my setup correct or do I need to make changes? and how can I share patient records to hospital2.
Under the technical aspect, you are right. Only the channel 3 will provide a common "data sharing".
Under the architecture aspect, what would be the purpose of the channels 1 and 2? The data will be written and read by only 1 organisation (1 hospital). So a more "classical" database would do the job.
If you want to share patient data between both hospitals, you will need to install a chaincode on all the peers of channel 3, then instantiate it. In this chaincode, you should have an invoke function, which put new patient key/value in the ledger.
From fabric First Network example , why set up organization? what is orga use for?
In Hyperledger Fabric, every participant (client, peer, orderer) belongs to some organization.
Organizations have certificate authorities that provide their members (clients, peers, orderers) enrollment certificates in order to authenticate one another, and other organizations.
It also provides an easy way to aggregate participants together in order to define access control rules that span multiple clients, peers and orderers without having to define for each participant separately