区块链兄弟社区，区块链技术专业问答先行者，中国区块链技术爱好者聚集地

作者：吴寿鹤

来源：区块链兄弟

原文链接：http://www.blockchainbrother.com/article/18

著权归作者所有。商业转载请联系作者获得授权，非商业转载请注明出处。

编译fabric tools

我们会编译以下几个工具：

• github.com/hyperledger/fabric/common/configtx/tool/configtxgen

• github.com/hyperledger/fabric/common/tools/cryptogen

• github.com/hyperledger/fabric/common/tools/configtxlator

• github.com/hyperledger/fabric/peer

以上每个工具都需要读取一个yaml文件配置，在配置文件中我们指明网络的拓扑结构，证书地址等。

cd $GOPATH/src/github.com/hyperledger/fabric
make releasels -rtl release/linux-amd64/bin-rwxrwxr-x 1 shouhewu shouhewu 15124356 Jul 17 13:58 configtxgen
-rwxrwxr-x 1 shouhewu shouhewu 7315638 Jul 17 13:58 cryptogen
-rwxrwxr-x 1 shouhewu shouhewu 16141847 Jul 17 13:58 configtxlator
-rwxrwxr-x 1 shouhewu shouhewu 22949903 Jul 17 13:58 peer
-rwxrwxr-x 1 shouhewu shouhewu 19942880 Jul 17 13:59 orderer
-rwxrwxr-x 1 shouhewu shouhewu 774 Jul 17 13:59 get-docker-images.sh
-rwxrwxr-x 1 shouhewu shouhewu 458 Jul 17 13:59 get-byfn.sh

Cryptogen Tool（cryptogen)

我们会使用crptogen tool 为网络中的节点，用户生成密码证书(x509 certs)。

怎么运行的？

Cryptogen 读取 crypto-config.yaml 文件，yaml文件中包含网络拓扑结构，这个yaml文件可以帮我们为每个组织和组织中的成员生成证书库。每个组织分配一个根证书（ca-cert)，这个根证书会绑定一些peers和orders到这个组织。fabric中的交易和通信都会被一个参与者的私钥（keystore）签名，并会被公钥（signcerts)验证.yaml配置文件中有一个"count"变量，我们用这个变量表示一个组织中会有多少个节点。在我们的文档的例子中每个组织会有两个节点。

crypto-config.yaml ：

# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
## ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------- Name: Orderer
Domain: example.com # ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description # ---------------------------------------------------------------------------Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------- Name: Org1
Domain: org1.example.com # ---------------------------------------------------------------------------
# "Specs" # ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration.  Most users will want to use Template, below
#
# Specs is an array of Spec entries.  Each Spec entry consists of two fields:#   - Hostname:   (Required) The desired hostname, sans the domain.
#   - CommonName: (Optional) Specifies the template or explicit override for #                 the CN.  By default, this is the template:#
#                              "{{.Hostname}}.{{.Domain}}" #
#                 which obtains its values from the Spec.Hostname and
#                 Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:#   - Hostname: foo # implicitly "foo.org1.example.com" #     CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
#   - Hostname: bar
#   - Hostname: baz
# ---------------------------------------------------------------------------
# "Template" # ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive.  You may define both
# sections and the aggregate nodes will be created for you.  Take care with # name collisions
# ---------------------------------------------------------------------------Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default # ---------------------------------------------------------------------------
# "Users" # ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------Users:
Count: 1
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------- Name: Org2
Domain: org2.example.com Template:
Count: 2
Users:
Count: 1

执行结果

执行完cryptogen命令后，生成的证书会放在 crypto-config 文件夹中 。

ll crypto-config  drwxr-xr-x 4 shouhewu shouhewu 4096 Jul 17 15:15 ./
drwxr-xr-x 9 shouhewu shouhewu 4096 Jul 17 15:18 ../
drwxr-xr-x 3 shouhewu shouhewu 4096 Jul 17 15:15 ordererOrganizations/
drwxr-xr-x 4 shouhewu shouhewu 4096 Jul 17 15:15 peerOrganizations/

Configuration Transaction Generator（configtxgen)

configtxgen tool 用来生成四个artifacts：orderer bootstrap block,fabric channel configuration transaction,two anchor peer transactions（每个组织一个）

orderer block 是ordering service 的创世区块，在channel创建的时候channel transaction 文件会广播给orderer。anchor peer transaction表示每个组织在channel中的anchor 节点。

怎么工作的？

configtxgen会读取 configtx.yaml 配置文件。这个yaml 文件包含网络的定义，网络中有三个成员 一个orderer(OrdererOrg),两个peer(Org1,Org2)，yaml文件中还包含一个由两个组织构成的联盟(SampleConsortium)。 在yaml文件最上方 “Profile”段落中，有两个header，一个是orderer genesis block - TwoOrgsOrdererGenesis ,另一个是channel - TwoOrgsChannel。这两个header十分重要，我们创建artifacts是我们会把他们作为参数传入。yaml文件中还包含另外两个东西：1.每个peer 组中的anchor peer（peer0.org1.example.com & peer0.org2.example.com） 。2. 每个成员的MSP 目录位置，它允许我们把每个组织的根证书会存在orderer genesis block中。

configtx.yaml

---
################################################################################
#
#   Profile
#
#   - Different configuration profiles may be encoded here to be specified
#   as parameters to the configtxgen tool
#
################################################################################
Profiles:TwoOrgsOrdererGenesis:Orderer:<<: *OrdererDefaults
Organizations:- *OrdererOrg
Consortiums:SampleConsortium:Organizations:- *Org1- *Org2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:<<: *ApplicationDefaults
Organizations:- *Org1- *Org2################################################################################
#
#   Section: Organizations
#
#   - This section defines the different organizational identities which will
#   be referenced later in the configuration.
#
################################################################################
Organizations:# SampleOrg defines an MSP using the sampleconfig.  It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg# ID to load the MSP definition as
ID: OrdererMSP# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP# ID to load the MSP definition as
ID: Org1MSPMSPDir: crypto-config/peerOrganizations/org1.example.com/mspAnchorPeers:# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication.  Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com Port: 7051

- &Org2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org2MSP# ID to load the MSP definition as
ID: Org2MSPMSPDir: crypto-config/peerOrganizations/org2.example.com/mspAnchorPeers:# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication.  Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org2.example.com Port: 7051

################################################################################
#
#   SECTION: Orderer
#
#   - This section defines the values to encode into a config transaction or
#   genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka" OrdererType: soloAddresses:- orderer.example.com:7050

# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s# Batch Size: Controls the number of messages batched into a block
BatchSize:# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10

# Absolute Max Bytes: The absolute maximum number of bytes allowed for # the serialized messages in a batch.AbsoluteMaxBytes: 98 MB# Preferred Max Bytes: The preferred maximum number of bytes allowed for # the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.PreferredMaxBytes: 512 KBKafka:# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:- 127.0.0.1:9092

# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:################################################################################
#
#   SECTION: Application
#
#   - This section defines the values to encode into a config transaction or
#   genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:

执行结果

configtxgen 会把每个成员的证书打包，输出一个orderer genesis block 和三个channel transaction artifacts。

ll channel-artifacts/drwxr-xr-x 2 shouhewu shouhewu 4096 Jul 17 15:15 ./
drwxr-xr-x 9 shouhewu shouhewu 4096 Jul 17 15:18 ../
-rw-r--r-- 1 shouhewu shouhewu 369 Jul 17 15:21 channel.tx -rw-r--r-- 1 shouhewu shouhewu 9076 Jul 17 15:21 genesis.block
-rw-rw-r-- 1 shouhewu shouhewu 0 Jul 17 15:14 .gitkeep
-rw-r--r-- 1 shouhewu shouhewu 250 Jul 17 15:21 Org1MSPanchors.tx -rw-r--r-- 1 shouhewu shouhewu 250 Jul 17 15:21 Org2MSPanchors.tx

文章发布只为分享区块链技术内容，版权归原作者所有，观点仅代表作者本人，绝不代表区块链兄弟赞同其观点或证实其描述