From 12f58ee0f65e7446cf88609ef37e152795b1c84a Mon Sep 17 00:00:00 2001 From: Nikolay Vlasov Date: Fri, 28 Aug 2020 17:05:28 +0800 Subject: [PATCH 1/4] Add anchor peer configuration script --- add-anchor-peer/README.md | 20 +++++ add-anchor-peer/configureAnchorPeer.sh | 112 +++++++++++++++++++++++++ 2 files changed, 132 insertions(+) create mode 100644 add-anchor-peer/README.md create mode 100644 add-anchor-peer/configureAnchorPeer.sh diff --git a/add-anchor-peer/README.md b/add-anchor-peer/README.md new file mode 100644 index 00000000..31fadee4 --- /dev/null +++ b/add-anchor-peer/README.md @@ -0,0 +1,20 @@ +# Script to add Anchor Peer to a channel in Amazon Managed Blockchian for Hyperledger Fabric + +This script helps to add an [Anchor Peer](https://hyperledger-fabric.readthedocs.io/en/release-1.4/glossary.html#anchor-peer) +to a channel in Amazon Managed Blockchain for Hyperledger Fabric network. To set up an EC2 instance with Hyperledger Fabric client and +create a new channel, please follow the steps in [Getting Started Tutorial](https://docs.aws.amazon.com/managed-blockchain/latest/managementguide/managed-blockchain-get-started-tutorial.html). + +## Pre-requisites + - [An EC2 instance with Hyperledger Fabric client CLI docker container.](https://docs.aws.amazon.com/managed-blockchain/latest/managementguide/get-started-create-client.html) + - `jq` tool, installed on an EC2 instance with Hyperledger Fabric client CLI. + To install `jq` tool, run the following command on your EC2 instance: `sudo yum install jq` + +## Usage + ./configureAnchorPeer.sh \ + --channelName "" \ + --memberId "" \ + --peerAddress "" \ + --ordererAddress "" + +### Usage example: + ./configureAnchorPeer.sh --channelName "mychannel" --memberId "m-JNF6WTCRZJEPTBF6FXLD44KVEM" --peerAddress "nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003" --ordererAddress "orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001" \ No newline at end of file diff --git a/add-anchor-peer/configureAnchorPeer.sh b/add-anchor-peer/configureAnchorPeer.sh new file mode 100644 index 00000000..15efda4a --- /dev/null +++ b/add-anchor-peer/configureAnchorPeer.sh @@ -0,0 +1,112 @@ +#!/bin/bash + +print_usage() { + echo "Usage example:" + echo " ./configureAnchorPeer.sh --channelName \"mychannel\" --memberId \"m-JNF6WTCRZJEPTBF6FXLD44KVEM\" --peerAddress \"nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003\" --ordererAddress \"orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001\"" +} + + +while test $# -gt 0; do + case "$1" in + --channelName) + shift + export CHANNEL_NAME=$1 + shift + ;; + --memberId) + shift + export AMB_MEMBER_ID=$1 + shift + ;; + --peerAddress) + shift + export PEER_ADDRESS=$1 + shift + ;; + --ordererAddress) + shift + export ORDERER=$1 + shift + ;; + *) + break + ;; + esac +done + +if [ -z "$CHANNEL_NAME" ] +then + echo "CHANNEL_NAME is not set. Please set it as environment variable CHANNEL_NAME or use \"channelName=\" flag." + print_usage + exit 1 +fi + +if [ -z "$AMB_MEMBER_ID" ] +then + echo "AMB_MEMBER_ID is not set. Please set it as environment variable AMB_MEMBER_ID or use \"memberId=\" flag." + print_usage + exit 1 +fi + +if [ -z "$PEER_ADDRESS" ] +then + echo "PEER_ADDRESS is not set. Please set it as environment variable PEER_ADDRESS or use \"peerAddress=\" flag." + print_usage + exit 1 +fi + +if [ -z "$ORDERER" ] +then + echo "ORDERER is not set. Please set it as environment variable ORDERER or use \"ordererAddress=\" flag." + print_usage + exit 1 +fi + +IFS=: read -r PEER_DNS_NAME PEER_PORT_NUMBER <<< "$PEER_ADDRESS" + +echo " " +echo "Initialized with the following config:" +echo "CHANNEL_NAME : $CHANNEL_NAME"; +echo "AMB_MEMBER_ID : $AMB_MEMBER_ID"; +echo "PEER_ADDRESS : $PEER_ADDRESS"; +echo "PEER_DNS_NAME : $PEER_DNS_NAME"; +echo "PEER_PORT_NUMBER : $PEER_PORT_NUMBER"; +echo "ORDERER : $ORDERER"; + +cd /home/ec2-user + +rm-rf ./channel-artifacts && mkdir ./channel-artifacts + +docker exec cli peer channel fetch config /opt/home/channel-artifacts/$CHANNEL_NAME.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls + +docker exec cli configtxlator proto_decode --input /opt/home/channel-artifacts/$CHANNEL_NAME.pb --type common.Block --output /opt/home/channel-artifacts/config_block.json + +cd channel-artifacts + +sudo jq .data.data[0].payload.data.config config_block.json > config.json + +cp config.json config_copy.json + +jq '.channel_group.groups.Application.groups["'$AMB_MEMBER_ID'"].values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "'$PEER_DNS_NAME'","port": '$PEER_PORT_NUMBER'}]},"version": "0"}}' config_copy.json > modified_config.json + +docker exec cli configtxlator proto_encode --input /opt/home/channel-artifacts/config.json --type common.Config --output /opt/home/channel-artifacts/config.pb + +docker exec cli configtxlator proto_encode --input /opt/home/channel-artifacts/modified_config.json --type common.Config --output /opt/home/channel-artifacts/modified_config.pb + +docker exec cli configtxlator compute_update --channel_id $CHANNEL_NAME --original /opt/home/channel-artifacts/config.pb --updated /opt/home/channel-artifacts/modified_config.pb --output /opt/home/channel-artifacts/config_update.pb + +docker exec cli configtxlator proto_decode --input /opt/home/channel-artifacts/config_update.pb --type common.ConfigUpdate --output /opt/home/channel-artifacts/config_update.json + +sudo chmod 755 config_update.json + +echo '{"payload":{"header":{"channel_header":{"channel_id":"'$CHANNEL_NAME'", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . > config_update_in_envelope.json + +docker exec cli configtxlator proto_encode --input /opt/home/channel-artifacts/config_update_in_envelope.json --type common.Envelope --output /opt/home/channel-artifacts/config_update_in_envelope.pb + +docker exec cli peer channel update -f /opt/home/channel-artifacts/config_update_in_envelope.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls + +echo " " +echo "Done" + +#2020-08-28 08:37:36.806 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized +#2020-08-28 08:37:36.887 UTC [channelCmd] update -> INFO 002 Successfully submitted channel update \ No newline at end of file From 2b11b5cabf7e13b269a369f9f4e7a0afe1333dad Mon Sep 17 00:00:00 2001 From: Nikolay Vlasov Date: Mon, 31 Aug 2020 18:31:02 +0800 Subject: [PATCH 2/4] Refactoring code to include option to run as part of NGO workshop setup --- add-anchor-peer/README.md | 14 ++++++++- add-anchor-peer/configureAnchorPeer.sh | 41 +++++++++++++++++++++----- 2 files changed, 47 insertions(+), 8 deletions(-) diff --git a/add-anchor-peer/README.md b/add-anchor-peer/README.md index 31fadee4..09c69f17 100644 --- a/add-anchor-peer/README.md +++ b/add-anchor-peer/README.md @@ -10,11 +10,23 @@ create a new channel, please follow the steps in [Getting Started Tutorial](http To install `jq` tool, run the following command on your EC2 instance: `sudo yum install jq` ## Usage + +``` ./configureAnchorPeer.sh \ --channelName "" \ --memberId "" \ --peerAddress "" \ --ordererAddress "" +``` + +If you are using ngo workshop setup please set an optional parameter `--mspPath MSP_PATH` ### Usage example: - ./configureAnchorPeer.sh --channelName "mychannel" --memberId "m-JNF6WTCRZJEPTBF6FXLD44KVEM" --peerAddress "nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003" --ordererAddress "orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001" \ No newline at end of file + +- Using EC instance with Hyperledger Fabric client CLI docker container from documentation: + + `./configureAnchorPeer.sh --channelName "mychannel" --memberId "m-JNF6WTCRZJEPTBF6FXLD44KVEM" --peerAddress "nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003" --ordererAddress "orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001"` + +- Using setup form NGO workshop: + + `./configureAnchorPeer.sh --channelName "mychannel" --memberId "m-JNF6WTCRZJEPTBF6FXLD44KVEM" --peerAddress "nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003" --ordererAddress "orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001" --mspPath "/opt/home/admin-msp"` \ No newline at end of file diff --git a/add-anchor-peer/configureAnchorPeer.sh b/add-anchor-peer/configureAnchorPeer.sh index 15efda4a..731537a9 100644 --- a/add-anchor-peer/configureAnchorPeer.sh +++ b/add-anchor-peer/configureAnchorPeer.sh @@ -1,8 +1,15 @@ #!/bin/bash print_usage() { + echo "Usage:" + echo " ./configureAnchorPeer.sh [--channelName CHANNEL_NAME] [--memberId AMB_MEMBER_ID] [--peerAddress PEER_ENDPOINT] [--ordererAddress ORDERER_ENDPOINT]" + echo " " + echo " Optional:" + echo " If you are using ngo workshop setup please set [--mspPath MSP_PATH]" + echo " " echo "Usage example:" - echo " ./configureAnchorPeer.sh --channelName \"mychannel\" --memberId \"m-JNF6WTCRZJEPTBF6FXLD44KVEM\" --peerAddress \"nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003\" --ordererAddress \"orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001\"" + echo " ./configureAnchorPeer.sh --channelName \"mychannel\" --memberId \"m-JNF6WTCRZJEPTBF6FXLD44KVEM\" --peerAddress \"nd-veqmnn7wfffbhazm4mg4i3fbz4.m-jnf6wtcrzjeptbf6fxld44kvem.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30003\" --ordererAddress \"orderer.n-roc33c2uibfnnbmowgpyi74lfe.managedblockchain.us-east-1.amazonaws.com:30001\" --mspPath \"/opt/home/admin-msp\"" + echo " " } @@ -16,6 +23,7 @@ while test $# -gt 0; do --memberId) shift export AMB_MEMBER_ID=$1 + export MSP=$AMB_MEMBER_ID shift ;; --peerAddress) @@ -28,6 +36,11 @@ while test $# -gt 0; do export ORDERER=$1 shift ;; + --mspPath) + shift + export MSP_PATH=$1 + shift + ;; *) break ;; @@ -48,9 +61,9 @@ then exit 1 fi -if [ -z "$PEER_ADDRESS" ] +if [ -z "$PEER" ] then - echo "PEER_ADDRESS is not set. Please set it as environment variable PEER_ADDRESS or use \"peerAddress=\" flag." + echo "PEER is not set. Please set it as environment variable PEER or use \"peerAddress=\" flag." print_usage exit 1 fi @@ -62,13 +75,13 @@ then exit 1 fi -IFS=: read -r PEER_DNS_NAME PEER_PORT_NUMBER <<< "$PEER_ADDRESS" +IFS=: read -r PEER_DNS_NAME PEER_PORT_NUMBER <<< "$PEER" echo " " echo "Initialized with the following config:" echo "CHANNEL_NAME : $CHANNEL_NAME"; echo "AMB_MEMBER_ID : $AMB_MEMBER_ID"; -echo "PEER_ADDRESS : $PEER_ADDRESS"; +echo "PEER : $PEER"; echo "PEER_DNS_NAME : $PEER_DNS_NAME"; echo "PEER_PORT_NUMBER : $PEER_PORT_NUMBER"; echo "ORDERER : $ORDERER"; @@ -77,7 +90,14 @@ cd /home/ec2-user rm-rf ./channel-artifacts && mkdir ./channel-artifacts -docker exec cli peer channel fetch config /opt/home/channel-artifacts/$CHANNEL_NAME.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls +if [ -z "$MSP_PATH" ] + then + docker exec cli peer channel fetch config /opt/home/channel-artifacts/$CHANNEL_NAME.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls + else + docker exec -e "CORE_PEER_TLS_ENABLED=true" -e "CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ + -e "CORE_PEER_ADDRESS=$PEER" -e "CORE_PEER_LOCALMSPID=$MSP" -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ + cli peer channel fetch config /opt/home/channel-artifacts/$CHANNEL_NAME.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls +fi docker exec cli configtxlator proto_decode --input /opt/home/channel-artifacts/$CHANNEL_NAME.pb --type common.Block --output /opt/home/channel-artifacts/config_block.json @@ -103,7 +123,14 @@ echo '{"payload":{"header":{"channel_header":{"channel_id":"'$CHANNEL_NAME'", "t docker exec cli configtxlator proto_encode --input /opt/home/channel-artifacts/config_update_in_envelope.json --type common.Envelope --output /opt/home/channel-artifacts/config_update_in_envelope.pb -docker exec cli peer channel update -f /opt/home/channel-artifacts/config_update_in_envelope.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls +if [ -z "$MSP_PATH" ] + then + docker exec cli peer channel update -f /opt/home/channel-artifacts/config_update_in_envelope.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls + else + docker exec -e "CORE_PEER_TLS_ENABLED=true" -e "CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem" \ + -e "CORE_PEER_ADDRESS=$PEER" -e "CORE_PEER_LOCALMSPID=$MSP" -e "CORE_PEER_MSPCONFIGPATH=$MSP_PATH" \ + cli peer channel update -f /opt/home/channel-artifacts/config_update_in_envelope.pb -c $CHANNEL_NAME -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls +fi echo " " echo "Done" From 55ba507fe2e683e8536bdfed65393e51379f3659 Mon Sep 17 00:00:00 2001 From: Nikolay Vlasov Date: Tue, 1 Sep 2020 11:28:29 +0800 Subject: [PATCH 3/4] Added space to "rm -rf " command --- add-anchor-peer/configureAnchorPeer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/add-anchor-peer/configureAnchorPeer.sh b/add-anchor-peer/configureAnchorPeer.sh index 731537a9..4a6fd2bd 100644 --- a/add-anchor-peer/configureAnchorPeer.sh +++ b/add-anchor-peer/configureAnchorPeer.sh @@ -88,7 +88,7 @@ echo "ORDERER : $ORDERER"; cd /home/ec2-user -rm-rf ./channel-artifacts && mkdir ./channel-artifacts +rm -rf ./channel-artifacts && mkdir ./channel-artifacts if [ -z "$MSP_PATH" ] then From 15b58a49250e8140cbee944697c7c216133dd913 Mon Sep 17 00:00:00 2001 From: Nikolay Vlasov Date: Tue, 1 Sep 2020 11:52:16 +0800 Subject: [PATCH 4/4] Changed all PEER_ADDRESS vars to just PEER --- add-anchor-peer/configureAnchorPeer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/add-anchor-peer/configureAnchorPeer.sh b/add-anchor-peer/configureAnchorPeer.sh index 4a6fd2bd..4d7d619d 100644 --- a/add-anchor-peer/configureAnchorPeer.sh +++ b/add-anchor-peer/configureAnchorPeer.sh @@ -28,7 +28,7 @@ while test $# -gt 0; do ;; --peerAddress) shift - export PEER_ADDRESS=$1 + export PEER=$1 shift ;; --ordererAddress)