第一步-单链调用:单机部署陆羽协议调用本机fabric
实现的架构图如下:
环境准备:
0,两台centos虚拟机,ip分别为192.168.68.101、192.168.68.102
1,提前用byfn脚本启动好fabric网络(1.4.4版本)
2,java8以上
3,gradle6.3
4,git
5,防火墙打开相应的端口
以下所有操作都是在101服务器上
下载router源码
cd /root/java/
git clone https://gitee.com/luyu-community/router.git
编译
cd router
gradle assemble
提示BUILD SUCCESSFUL in 1m 52s
若成功,生成dist目录:
apps build_router.sh conf create_cert.sh lib start_all.sh start.sh stop_all.sh stop.sh
编写ipfile,内容为1个路由的ip:rpc_port:p2p_port,按行区分,rpc_port是至与router通信的端口,p2p_port是router之间相互通信的接口,可以随意指定,这里按照官方的默认配置
cd dist
vi ipfile
127.0.0.1:8250:25500
执行命令生成网络
bash build_router.sh -n payment1 -f ipfile
如果报错cp: cannot stat ‘/root/java/router/dist//plugin’: No such file or directory
则在当前目录下新建一个plugin目录
打印:
[INFO] Create /root/java/router/dist/routers/127.0.0.1-8250-25500 successfully
[INFO] All completed. Routers are generated in: /root/java/router/dist/routers/
表示成功
生成的router目录默认位于routers目录下
tree -L 1 routers/
routers/
├── 127.0.0.1-8250-25500 # 路由8250
├── cert # 证书目录
├── start_all.sh
└── stop_all.sh
其中,account-manager和sdk所需的证书位于cert目录下(后面会用到)
tree -L 1 routers/cert/
routers/cert/
├── account-manager # account-manager 所需证书
├── ca.crt # 根证书
├── ca.key # 根证书私钥
├── ca.srl
├── cert.cnf
├── create_cert.sh # 生成证书的脚本,可用此脚本基于本目录的ca继续生成更多的证书
├── node0 # 路由8250 证书(已自动配置)
└── sdk # sdk 所需证书,按需拷贝
安装fabric插件
cd /root/java/
git clone https://gitee.com/luyu-community/fabric-plugin.git
cd fabric-plugin
gradle assemble
在/root/java/fabric-plugin/dist/apps目录下生成fabric1-stub-2.0.0-rc1.jar
回到router项目,把编译生成的插件放置于router的plugins目录下
cp /root/java/fabric-plugin/dist/apps/fabric1-stub-2.0.0-rc1.jar /root/java/router/dist/routers/127.0.0.1-8250-25500/plugin/
新建目录并进入(fabric101代表我虚拟机的ip尾数):
mkdir -p /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101
cd /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101
执行:
vi plugin.toml
[common]
name = 'fabric101'
type = 'Fabric1.4'
touch driver.toml #空文件
vi connection.toml
[fabricServices]
channelName = 'mychannel'
orgUserName = 'fabric_admin'
ordererTlsCaFile = 'orderer-tlsca.crt'
ordererAddress = 'grpcs://localhost:7050'
[orgs]
[orgs.Org1]
tlsCaFile = 'org1-tlsca.crt'
adminName = 'fabric_admin_org1' # 配置方式与fabric_admin相同
endorsers = ['grpcs://localhost:7051']
[orgs.Org2]
tlsCaFile = 'org2-tlsca.crt'
adminName = 'fabric_admin_org2' # 配置方式与fabric_admin相同,但account.toml 中的mspid为Org2MSP
endorsers = ['grpcs://localhost:9051']
cd /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/
目录下执行
mkdir fabric_admin fabric_admin_org1 fabric_admin_org2
vi fabric_admin/account.toml
[account]
type = 'Fabric1.4'
mspid = 'Org1MSP'
keystore = 'account.key'
signcert = 'account.crt'
vi fabric_admin_org1/account.toml
[account]
type = 'Fabric1.4'
mspid = 'Org1MSP'
keystore = 'account.key'
signcert = 'account.crt'
vi fabric_admin_org2/account.toml
[account]
type = 'Fabric1.4'
mspid = 'Org2MSP' # 此处不同
keystore = 'account.key'
signcert = 'account.crt'
拷贝证书:
连接排序节点的根证书
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101/orderer-tlsca.crt
连接org1的背书节点的根证书
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101/org1-tlsca.crt
连接org2的背书节点的根证书
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101/org2-tlsca.crt
账户证书
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/Admin@org1.example.com-cert.pem /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/fabric_admin/account.crt
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/signcerts/Admin@org1.example.com-cert.pem /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/fabric_admin_org1/account.crt
账户私钥
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore/sk /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/fabric_admin/account.key
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/keystore/sk /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/fabric_admin_org1/account.key
账户证书
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/signcerts/Admin@org2.example.com-cert.pem /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/fabric_admin_org2/account.crt
账户私钥
cp $GOPATH/src/github.com/hyperledger/fabric-samples/first-network/crypto-config/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp/keystore/*_sk /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/fabric_admin_org2/account.key
完成后的目录结构:
tree -L 2 /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/accounts/
/root/java/router/dist/routers/127.0.0.1-8251-25501/conf/accounts/
├── fabric_admin
│ ├── account.crt
│ ├── account.key
│ └── account.toml
├── fabric_admin_org1
│ ├── account.crt
│ ├── account.key
│ └── account.toml
└── fabric_admin_org2
├── account.crt
├── account.key
└── account.toml
tree /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101 -L 2
/root/java/router/dist/routers/127.0.0.1-8250-25500/conf/chains/fabric101
├── connection.toml
├── driver.toml
├── orderer-tlsca.crt
├── org1-tlsca.crt
├── org2-tlsca.crt
└── plugin.toml
router项目默认启动8250端口是只监听本机的,如果想从其他服务器访问本机的8250端口,需要修改配置文件
vi /root/java/router/dist/routers/127.0.0.1-8250-25500/conf/application.toml
[rpc] # rpc ip & port
address = '0.0.0.0'
port = 8250
enableSignVerify = false #改成false,后面调用的时候就可以不用签名,测试环境方便一些
cd /root/java/router/dist/routers
启动router
cd /root/java/router/dist/routers
sh start_all.sh
在/root/java/router/dist/routers/127.0.0.1-8250-25500/logs/info.log中可以看日志,可以看到
2021-12-02 18:27:00.299 [mainLoop] INFO RouterHost() - Current active chains: [chain=payment1.fabric1,blockNumber=4]
2021-12-02 18:27:00.299 [mainLoop] INFO RouterHost() - Current active resources: payment1.fabric1.mycc
就代表着fabric网络已经纳入router管理
发送:
curl -H "Content-Type: application/json" -X POST -d '{"version": "1", "data":{"ignoreRemote": false}}' "http://localhost:8250/sys/listResources"
返回链上信息
{"version":"1.0.0","errorCode":0,"message":"Success","data":{"total":1,"resources":[{"path":"payment1.fabric1.mycc","type":"Fabric1.4","methods":null,"properties":{"ORG_NAMES":["Org1","Org2"],"PROPOSAL_WAIT_TIME":"300000","CHAINCODE_VERSION":"1.0","CHANNEL_NAME":"mychannel","CHAINCODE_NAME":"mycc"}}]}}
此时还不能发送交易,因为没有配置二级账户
接下来配置二级账户
去到account-manager项目
cd /root/java/
git clone https://gitee.com/luyu-community/account-manager.git
编译,生成dist文件夹
cd account-manager
gradle assemble
把router生成的证书拷贝到dist/conf目录下
cd dist
cp /root/java/router/dist/routers/cert/account-manager/* conf/
配置文件
cp conf/application-sample.toml conf/application.toml
vim conf/application.toml # 一般情况下无需编辑,采用默认配置即可
启动服务
bash start.sh
下载java-sdk
cd /root/java/
git clone https://gitee.com/luyu-community/luyu-java-sdk.git
编译
cd luyu-java-sdk/
gradle assemble
cd dist
生成一个一级账户地址
sh gen_account.sh
[SUCCESS] Account secret key generated: 0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b.key
查看私钥
more /root/java/luyu-java-sdk/dist/0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b.key
-----BEGIN PRIVATE KEY-----
MIGNAgEAMBAGByqGSM49AgEGBSuBBAAKBHYwdAIBAQQg2U0K7aA7aHCwIkcTVD6A
SeuUQupCHcPH+jYr/rDxELagBwYFK4EEAAqhRANCAASzrstenUvna13ONLI2iH4z
flEu7l8DYixVyIYS57ebMKPxU0frcxvNnxDfcIRHbzl5oS296P3lyU71aM1m9T9/
-----END PRIVATE KEY-----
添加二级账户
由于Fabric的二级账户无法自动生成,需手动将其配置到相关一级账户下
在配置了本插件的路由下执行命令
cd /root/java/router/dist/routers/127.0.0.1-8250-25500
java -cp conf/:lib/*:plugin/* link.luyu.protocol.link.fabric1.tools.AddAlgAccountRequestPacketBuilder
会看到help输出,参数含义如下
参数1:sender,指定一级账户地址,即:用sdk的gen_account.sh生成的账户地址(0x开头的一串16进制字符串)
参数2:chain path,指定fabric链的链path,如:payment1.fabric101
参数3:account name,指定conf/account下的二级账户所在目录名,如:fabric_admin
如:
参数1:0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b
参数2:payment1.fabric101
参数3:fabric_admin
java -cp conf/:lib/*:plugin/* link.luyu.protocol.link.fabric1.tools.AddAlgAccountRequestPacketBuilder 0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b payment1.fabric101 fabric_admin
得到json:
{
"data" : {
"luyuSign" : "",
"type" : "ECDSA_SECP256R1_WITH_SHA256",
"nonce" : 1639122812972,
"identity" : "0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b",
"pubKey" : "BBzoEgIvT0aChexixrHrWRFC38mY/X/Rc8RQr0RIi9MH7F5uOagTdjSRgu7BBp8UN1vUIBjZxWIqK5gbWR0rQPI=",
"secKey" : "ZsfaGPJyOrjW3g5ymoGHGldZbNbOTJVp3jamAc2Z2zs=",
"properties" : {
"Fabric1.4:payment1.fabric101:cert" : "-----BEGIN CERTIFICATE-----\nMIICKTCCAdCgAwIBAgIRAIYI5mQWM5XGrVo9UrykoLYwCgYIKoZIzj0EAwIwczEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh\nLm9yZzEuZXhhbXBsZS5jb20wHhcNMjExMjEwMDczNjAwWhcNMzExMjA4MDczNjAw\nWjBrMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN\nU2FuIEZyYW5jaXNjbzEOMAwGA1UECxMFYWRtaW4xHzAdBgNVBAMMFkFkbWluQG9y\nZzEuZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQc6BICL09G\ngoXsYsax61kRQt/JmP1/0XPEUK9ESIvTB+xebjmoE3Y0kYLuwQafFDdb1CAY2cVi\nKiuYG1kdK0Dyo00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADArBgNV\nHSMEJDAigCDFGXEd4czKARLr7jOCwRnw8A+p5Do9CJudFGgHPQ6S1zAKBggqhkjO\nPQQDAgNHADBEAiBlabjSFOZDCcBxuqdmrR4noPBOaTskt64T/QOxqX8RJQIgNsHi\nx4x8pLUjAf7hOu0WQEel06/QKegmC+kjpM6av8I=\n-----END CERTIFICATE-----\n",
"Fabric1.4:payment1.fabric101:name" : "fabric_admin",
"Fabric1.4:payment1.fabric101:mspid" : "Org1MSP"
},
"isDefault" : true
}
}
将账户服务的RPC接口采用非SSL的模式,并重启账户服务
vim /root/java/account-manager/dist/conf/application.toml # sslOn 设置为 false
cd /root/java/account-manager/dist/
sh stop.sh
sh start.sh
调用账户服务的RPC接口,发送json(使用postman)
Method:POST
URL:http://192.168.92.101:8340/auth/addAlgAccount
Body:上述生成的json字段
成功后data.errorCode中返回0
{
"version": "1.0",
"errorCode": 0,
"message": "success",
"data": {
"errorCode": 0,
"message": "success"
}
}
调用RPC接口查询是否添加成功
Method:POST
URL:http://192.168.92.101:8340/auth/listAccount
Body:如下,指定一级账户地址(sender):0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b
{
"data":{
"luyuSign": [],
"signData":{
"sender": "0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b"
}
}
}
可查询到已添加的二级账户
{
"version": "1.0",
"errorCode": 0,
"message": "success",
"data": {
"identity": "0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b",
"algAccounts": [
{
"keyID": 0,
"type": "ECDSA_SECP256R1_WITH_SHA256",
"pubKey": "BBzoEgIvT0aChexixrHrWRFC38mY/X/Rc8RQr0RIi9MH7F5uOagTdjSRgu7BBp8UN1vUIBjZxWIqK5gbWR0rQPI=",
"properties": {
"Fabric1.4:payment1.fabric101:cert": "-----BEGIN CERTIFICATE-----\nMIICKTCCAdCgAwIBAgIRAIYI5mQWM5XGrVo9UrykoLYwCgYIKoZIzj0EAwIwczEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh\nLm9yZzEuZXhhbXBsZS5jb20wHhcNMjExMjEwMDczNjAwWhcNMzExMjA4MDczNjAw\nWjBrMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN\nU2FuIEZyYW5jaXNjbzEOMAwGA1UECxMFYWRtaW4xHzAdBgNVBAMMFkFkbWluQG9y\nZzEuZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQc6BICL09G\ngoXsYsax61kRQt/JmP1/0XPEUK9ESIvTB+xebjmoE3Y0kYLuwQafFDdb1CAY2cVi\nKiuYG1kdK0Dyo00wSzAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADArBgNV\nHSMEJDAigCDFGXEd4czKARLr7jOCwRnw8A+p5Do9CJudFGgHPQ6S1zAKBggqhkjO\nPQQDAgNHADBEAiBlabjSFOZDCcBxuqdmrR4noPBOaTskt64T/QOxqX8RJQIgNsHi\nx4x8pLUjAf7hOu0WQEel06/QKegmC+kjpM6av8I=\n-----END CERTIFICATE-----\n",
"Fabric1.4:payment1.fabric101:name": "fabric_admin",
"Fabric1.4:payment1.fabric101:mspid": "Org1MSP"
},
"isDefault": true
},
{
"keyID": 0,
"type": "SM2_WITH_SM3",
"pubKey": "jvNuHR286w4PFQz61Sd8FH11iPv2ueLdhDKRw5g/HM7T08b0l7BdRj5zq384nkHHXKRaP1xHDRuUMTQ2TdMpig==",
"properties": {},
"isDefault": true
},
{
"keyID": 0,
"type": "ECDSA_SECP256K1_WITH_SHA256",
"pubKey": "JgyutstZsHsaC3lBJ3s2p20fI/1cxKUiKAjV43V8wDC8G5hu7lYRavQruZ1oFHgmxuQyYTo7acVn2DjaHiUxGw==",
"properties": {},
"isDefault": true
}
]
}
}
将账户服务的RPC接口改回SSL模式,以便能和路由交互。此处sslOn设置成ture之后,listAccount接口就不能用了,因为开启了ssl认证
vim /root/java/account-manager/dist/conf/application.toml # sslOn 设置为 true
调用call接口查询mycc中a的值(postman)
http://192.168.92.101:8250/resource/payment1/fabric101/mycc/call
{
"version":"1",
"data":{
"path": "payment1.fabric101.mycc",
"method": "query",
"args": ["a"],
"nonce":123456,
"luyuSign":"",
"sender": "0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b"
}
}
返回
{
"version": "1.0.0",
"errorCode": 0,
"message": "Success",
"data": {
"result": [
"90"
],
"code": 0,
"message": "",
"path": "payment1.fabric101.mycc",
"method": "query",
"args": [
"a"
],
"version": "1.0.0"
}
}
调用sendTransaction发送交易
http://192.168.92.101:8250/resource/payment1/fabric101/mycc/sendTransaction
{
"version":"1",
"data":{
"path": "payment1.fabric101.mycc",
"method": "invoke",
"args": ["a","b","1"],
"nonce":1,
"luyuSign":"",
"sender": "0xaf4b6e9916e259f8173d5c2c24c2e2a40c12c38b"
}
}
返回
{
"version": "1.0.0",
"errorCode": 0,
"message": "Success",
"data": {
"result": [
""
],
"code": 0,
"message": "Success",
"path": "payment1.fabric101.mycc",
"method": "invoke",
"args": [
"a",
"b",
"1"
],
"transactionHash": "525141014d01f74d31248e184de89ddedc2b9ecc7c7be0aeb4990d9fbb1b6692-7",
"transactionBytes": "",
"blockNumber": 7,
"version": "1.0.0"
}
}
再次调用call方法查看交易是否成功
转载请注明来源
