Building a Hyperledger Fabric consortium based on Azure Kubernetes Service (AKS) template
In the previous blog we have instantiated a bare Hyperledger Fabric consortium instance based on Azure AKS template.
Step 1. We are going to perform a lot of config activities in the shell, so first we need to launch the Azure Cloud Shell. If you’re launching it for the first time, you’ll be asked to create a new storage account. Alternatively, you can choose an existing storage account in order to save your shell environment settings.
Step 2. Now we need to communicate with the template that we have already instantiated. The MS team have prepared a bunch of scripts for this purpose. Those scripts (AZ HLF Tools) will be helping us communicate with created items and perform typical admin actions on a blockchain network such as chaincode installation and instantiation. You can find the full package of tools including all the scripts that I mentioned here: https://github.com/Azure/Hyperledger-Fabric-on-Azure-Kubernetes-Service
In order to pull and set up a local copy of the tools, we need to run the following terminal command:
curl https://raw.githubusercontent.com/Azure/Hyperledger-Fabric-on-Azure-Kubernetes-Service/master/azhlfToolSetup.sh | bash
As a result, you should see an output similar to the one below and, more importantly, you should see and navigate into the ‘azhlfTool’ catalogue:
Step 3. Let’s now install the azhlfTool by running the commands below:
$ cd azhlfTool $ npm install $ npm run setup
Step 4. We’re ready to setup environment variables. It would be a good idea to save them into your local file. On the screen captures below I create a text file named ‘my_config’ and edit it using built-in text editor directly in the cloud shell.
$ touch my_config $ code my_config $ source my_config
Orderer Environment Variables
ORDERER_ORG_SUBSCRIPTION="Your Subscription" ORDERER_ORG_RESOURCE_GROUP="RG_HL_Blog_O" ORDERER_ORG_NAME="blogOrgO" ORDERER_ADMIN_IDENTITY="admin.$ORDERER_ORG_NAME" CHANNEL_NAME="azbloghlfchannel"
Peer Environment Variables
PEER_ORG_SUBSCRIPTION="Your Subscription" PEER_ORG_RESOURCE_GROUP="RG_HL_Blog_P" PEER_ORG_NAME="blogOrgP" PEER_ADMIN_IDENTITY="admin.$PEER_ORG_NAME"
Storage Environment Variable
STORAGE_SUBSCRIPTION="Your Subscription" STORAGE_RESOURCE_GROUP="RG_HL_Blog_O" STORAGE_ACCOUNT="hlfbloge4264" STORAGE_LOCATION="australiaeast" STORAGE_FILE_SHARE="hlfbloge42649ccc"
Step 5. After setting up storage environment variables, we now need to create a storage account. If you have one already created, then skip the last step below. Otherwise, create a new storage account with the following commands:
az account set --subscription $STORAGE_SUBSCRIPTION az group create -l $STORAGE_LOCATION -n $STORAGE_RESOURCE_GROUP
az storage account create -n $STORAGE_ACCOUNT -g $STORAGE_RESOURCE_GROUP -l $STORAGE_LOCATION --sku Standard_LRS
Step 6. Now we should generate a storage key as per below instructions:
STORAGE_KEY=$(az storage account keys list --resource-group $STORAGE_RESOURCE_GROUP --account-name $STORAGE_ACCOUNT --query ".value" | tr -d '"') az storage share create --account-name $STORAGE_ACCOUNT --account-key $STORAGE_KEY --name $STORAGE_FILE_SHARE
Step 7. Now we need to setup Azure file share connection string:
STORAGE_KEY=$(az storage account keys list --resource-group $STORAGE_RESOURCE_GROUP --account-name $STORAGE_ACCOUNT --query ".value" | tr -d '"') SAS_TOKEN=$(az storage account generate-sas --account-key $STORAGE_KEY --account-name $STORAGE_ACCOUNT --expiry `date -u -d "1 day" '+%Y-%m-%dT%H:%MZ'` --https-only --permissions lruwd --resource-types sco --services f | tr -d '"') AZURE_FILE_CONNECTION_STRING=https://$STORAGE_ACCOUNT.file.core.windows.net/$STORAGE_FILE_SHARE?$SAS_TOKEN
Step 8. Now we execute below commands to fetch organization’s connection profile, admin user identity, and MSP from Azure Kubernetes Cluster and store these identities in client application local store.
For orderer org:
./azhlf adminProfile import fromAzure -o $ORDERER_ORG_NAME -g $ORDERER_ORG_RESOURCE_GROUP -s $ORDERER_ORG_SUBSCRIPTION ./azhlf connectionProfile import fromAzure -g $ORDERER_ORG_RESOURCE_GROUP -s $ORDERER_ORG_SUBSCRIPTION -o $ORDERER_ORG_NAME ./azhlf msp import fromAzure -g $ORDERER_ORG_RESOURCE_GROUP -s $ORDERER_ORG_SUBSCRIPTION -o $ORDERER_ORG_NAME
For peer org:
./azhlf adminProfile import fromAzure -g $PEER_ORG_RESOURCE_GROUP -s $PEER_ORG_SUBSCRIPTION -o $PEER_ORG_NAME ./azhlf connectionProfile import fromAzure -g $PEER_ORG_RESOURCE_GROUP -s $PEER_ORG_SUBSCRIPTION -o $PEER_ORG_NAME ./azhlf msp import fromAzure -g $PEER_ORG_RESOURCE_GROUP -s $PEER_ORG_SUBSCRIPTION -o $PEER_ORG_NAME
Step 9. Now we finally starting to create a channel with the command below, which creates a new channel:
./azhlf channel create -c $CHANNEL_NAME -u $ORDERER_ADMIN_IDENTITY -o $ORDERER_ORG_NAME
Step 10. We need to execute the below commands in the following order to add a peer organization in a channel and consortium.
1. From peer organization client, upload peer organization MSP on Azure Storage:
./azhlf msp export toAzureStorage -f $AZURE_FILE_CONNECTION_STRING -o $PEER_ORG_NAME
2. From orderer organization client, download peer organization MSP from Azure Storage and then issue command to add peer organization in channel/consortium:
./azhlf msp import fromAzureStorage -o $PEER_ORG_NAME -f $AZURE_FILE_CONNECTION_STRING ./azhlf channel join -c $CHANNEL_NAME -o $ORDERER_ORG_NAME -u $ORDERER_ADMIN_IDENTITY -p $PEER_ORG_NAME ./azhlf consortium join -o $ORDERER_ORG_NAME -u $ORDERER_ADMIN_IDENTITY -p $PEER_ORG_NAME
3. From orderer organization client, upload orderer connection profile on Azure Storage so that peer organization can connect to orderer nodes using this connection profile:
./azhlf connectionProfile export toAzureStorage -o $ORDERER_ORG_NAME -f $AZURE_FILE_CONNECTION_STRING
4. From peer organization client, download orderer connection profile from Azure Storage and then issue command to add peer nodes in the channel:
./azhlf connectionProfile import fromAzureStorage -o $ORDERER_ORG_NAME -f $AZURE_FILE_CONNECTION_STRING ./azhlf channel joinPeerNodes -o $PEER_ORG_NAME -u $PEER_ADMIN_IDENTITY -c $CHANNEL_NAME --ordererOrg $ORDERER_ORG_NAME
Step 11. Let’s set anchor peers (that’s a peer node on a channel that all other peers can discover and communicate with):
./azhlf channel setAnchorPeers -c $CHANNEL_NAME -p peer1 -o $PEER_ORG_NAME -u $PEER_ADMIN_IDENTITY --ordererOrg $ORDERER_ORG_NAME
Step 12. We are coming closer to instantiation of the sample chaincode provided in the azhlfTool package. Let’s firstly set the chaincode specific environment variables as per below:
ORGNAME=$PEER_ORG_NAME USER_IDENTITY="admin.$ORGNAME" CC_NAME=demo_cc CC_VERSION=1 CC_LANG=golang CC_PATH= /home/<YOUR_AZURE_USER_NAME>/azhlfTool/samples/chaincode/src/chaincode_example02/go
Step 13. We are ready to install the chaincode:
./azhlf chaincode install -o $ORGNAME -u $USER_IDENTITY -n $CC_NAME -p $CC_PATH -l $CC_LANG -v $CC_VERSION
Step 14. Once the chaincode is installed, it is ready to be instantiated with input parameters. We are passing four parameters according to what the Init method is expecting:
./azhlf chaincode instantiate -o $ORGNAME -u $USER_IDENTITY -n $CC_NAME -v $CC_VERSION -c $CHANNEL_NAME -f init --args "a" "2000" "b" "1000"
Step 15. Now we are ready to call the chaincode and see if it really works!
./azhlf chaincode invoke -o $ORGNAME -u $USER_IDENTITY -n $CC_NAME -c $CHANNEL_NAME -f invoke -a "a" "b" "10" ./azhlf chaincode query -o $ORGNAME -p peer1 -u $USER_IDENTITY -n $CC_NAME -c $CHANNEL_NAME -f query -a "a"
We can see that the deployed sample code is working in the fully configured Azure environment.
In summary, in this blog we’ve configured a Hyperledger Fabric consortium with Azure tools.
Now we are ready to expose it to the outside world through an API server. As you remember, our main goal is to integrate a Hyperledger Fabric template instance deployed on Azure with SAP Business Technology Platform solutions. We will continue reaching this goal and building our project further, so watch out for upcoming blogs. See you soon!