Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. Its modular and versatile design satisfies a broad range of industry use cases. It offers a unique approach to a consensus that enables performance at scale while preserving privacy.
This step-by-step guide goes through what is needed to set up Hyperledger Fabric on UpCloud with systemd. Note that, this setup does not use Docker. This is also a good learner guide on understanding how Hyperledger Fabric works from an administrator’s perspective.
Two hosts, the admin node and at least one peer node, are involved in this setup.
Prepare the environment – Admin node
Begin by deploying the required nodes.
- Choose your configuration, the Simple plan with 1CPU and 1GB of RAM is enough to get started.
- Select the Ubuntu 18.04 OS template
- Name the server and deploy
Once deployed, log in using SSH and the root password you received by the delivery method you chose.
Create a local system user with sudo privileges.
adduser fabric
usermod -aG sudo fabric su - fabric
Ensure the hosts are able to reach each other by name. This can be done by adding the following to the hosts file at /etc/hosts on both admin and peer nodes. Replace the orderer example IP address with your admin and peer0 with the peer node addresses.
sudo nano /etc/hosts
94.237.46.225 peer0.org1.car.com peer0 94.237.46.18 orderer.car.com orderer
Install Go language 1.13 on Ubuntu and verify the version. This is needed to compile the fabric-ca-server which isn’t available to download as binary at the time of writing.
Go language and Git packages.
Start by downloading Go with the next command.
curl -O https://storage.googleapis.com/golang/go1.13.4.linux-amd64.tar.gz
Extract the package to the /urs/local directory.
sudo tar -C /usr/local -xzf go1.13.4.linux-amd64.tar.gz
Next, create a folder for the Go language files, for example, in your home directory with the following command.
mkdir -p ~/go/bin
To use the Go command-line utility, you need to set up a few environmental variables. Add the following to your profile, or adjust the paths depending on where you created the Go directory.
echo 'export GOPATH=$HOME/go' | tee -a ~/.bashrc echo 'export GOBIN=$GOPATH/bin' | tee -a ~/.bashrc echo 'export PATH=$PATH:/usr/local/go/bin:$GOBIN' | tee -a ~/.bashrc
source ~/.bashrc
go version go version go1.13.4 linux/amd64
You will also need a compiler so install gcc with the following command.
sudo apt update && sudo apt install gcc -y
With these done, you can begin configuring Fabric itself.
Admin node (fabric-ca, orderer, misc)
The admin node hosts Fabric Certificate Authority, Fabric Orderer and is used for other miscellaneous tasks e.g. generating certificates, crypto configs, etc.
Next, create a new directory to host the relevant configuration files, e.g. fabric.
mkdir ~/fabric && cd ~/fabric
Then download the binaries of a specific Hyperledger Fabric version ( 1.4.3 LTS) to ~/fabric/bin directory using the bootstrap script at http://bit.ly/2ysbOFE
curl -sSL http://bit.ly/2ysbOFE | bash -s -- 1.4.3 1.4.3 0.4.15
Build the fabric-ca server under ~/fabric/go (latest version). Again, this is due to the fact that fabric-ca server isn’t available to download in binary at the time of writing.
go get -u github.com/hyperledger/fabric-ca/cmd/...
Add it to the /usr/local/bin directory.
sudo cp ~/fabric/fabric-samples/bin/* /usr/local/bin/ sudo cp $GOBIN/fabric-ca-server /usr/local/bin
Make the necessary destination directories for orderer, peerOrg1, users, fabric, and configtx.
sudo mkdir -p /etc/hyperledger/msp/{orderer,peerOrg1,users} sudo mkdir -p /etc/hyperledger/configtx sudo mkdir -p /etc/hyperledger/fabric sudo mkdir -p /etc/hyperledger/config
Download the orderer-config archive and extract it under /etc/hyperledger/fabric/. This contains MSP for orderer to start.
curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/orderer-config.tar.gz sudo tar -zxvf orderer-config.tar.gz -C /etc/hyperledger/fabric/
Generate configs, genesis block etc.
Download the crypto-config and configtx yaml.
curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/crypto-config.yaml curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/configtx.yaml
Make a new config directory
mkdir ~/fabric/config
Generate the crypto material.
cryptogen generate --config=./crypto-config.yaml
Generate genesis block for the orderer.
sudo configtxgen -profile OneOrgOrdererGenesis -outputBlock ./config/genesis.block
Generate channel configuration transaction.
sudo configtxgen -profile OneOrgChannel -outputCreateChannelTx ./config/carsales.tx -channelID carsales
Generate anchor peer transaction.
sudo configtxgen -asOrg Org1MSP -channelID carsales -profile OneOrgChannel -outputAnchorPeersUpdate ./config/Org1MSPanchors.tx
Then copy the generated configuration files to the Hyperledger directory.
sudo cp config/* /etc/hyperledger/configtx/
Lastly, copy the generated crypto-configs to their respective MSP directories.
sudo cp -r crypto-config/ordererOrganizations/car.com/orderers/orderer.car.com/* /etc/hyperledger/msp/orderer/ sudo cp -r crypto-config/peerOrganizations/org1.car.com/peers/peer0.org1.car.com/* /etc/hyperledger/msp/peerOrg1/ sudo cp -r crypto-config/peerOrganizations/org1.car.com/users/* /etc/hyperledger/msp/users
Install Fabric-CA service – Admin node
Next, create a fabric-ca service by making the following service file.
cat > fabric-ca.service << EOF # Service definition for Hyperledger fabric-ca server [Unit] Description=hyperledger fabric-ca server - Certificate Authority for hyperledger fabric Documentation=https://hyperledger-fabric-ca.readthedocs.io/ Wants=network-online.target After=network-online.target [Service] Type=simple Restart=on-failure Environment=FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server Environment=FABRIC_CA_SERVER_HOME=/etc/hyperledger/fabric-ca-server Environment=CA_CFG_PATH=/etc/hyperledger/fabric-ca ExecStart=/usr/local/bin/fabric-ca-server start -b admin:adminpw [Install] WantedBy=multi-user.target EOF
Then move the service file, enable, start and verify the fabric-ca service is running.
sudo mv fabric-ca.service /etc/systemd/system/ sudo systemctl enable fabric-ca.service sudo systemctl start fabric-ca.service systemctl status fabric-ca.service
The output of successfully running fabric services would look something like the example below.
* fabric-ca.service - hyperledger fabric-ca server - Certificate Authority for hyperledger fabric Loaded: loaded (/etc/systemd/system/fabric-ca.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2019-07-03 09:49:06 UTC; 5s ago Docs: https://hyperledger-fabric-ca.readthedocs.io/ Main PID: 22133 (fabric-ca-serve) Tasks: 4 (limit: 1109) CGroup: /system.slice/fabric-ca.service `-22133 /usr/local/bin/fabric-ca-server start -b admin:adminpw
Install Orderer service – Admin node
Repeat the same from the previous step with orderer but using this service file.
cat > fabric-orderer.service << EOF # Service definition for Hyperledger fabric orderer server [Unit] Description=hyperledger fabric-orderer server - Orderer for hyperledger fabric Documentation=https://hyperledger-fabric.readthedocs.io/ Wants=network-online.target After=network-online.target [Service] Type=simple Restart=on-failure Environment=CA_CFG_PATH=/etc/hyperledger/fabric-ca Environment=ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 Environment=ORDERER_GENERAL_GENESISMETHOD=file Environment=ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block Environment=ORDERER_GENERAL_LOCALMSPID=OrdererMSP Environment=ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp Environment=ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 ExecStart=/usr/local/bin/orderer start [Install] WantedBy=multi-user.target EOF
Then again move the service file, enable, start and verify that the service is running.
sudo mv fabric-orderer.service /etc/systemd/system/ sudo systemctl enable fabric-orderer.service sudo systemctl start fabric-orderer.service systemctl status fabric-orderer.service
You are now done with the Admin node, continue below with the preparations for the peer node.
Prepare the environment – Peer node
Firstly, deploy a peer node if you haven’t already.
- Choose your configuration, the Simple plan with 1CPU and 1GB of RAM is enough to get started.
- Select the Ubuntu 18.04 OS template
- Name the server and deploy
Once deployed, log in using SSH and the root password you received by the delivery method you chose.
Begin the configuration by creating a new user for the peer node just like on the admin node.
adduser fabric
usermod -aG sudo fabric su - fabric
Add the peer and orderer host information to the peer node’s hosts file. Replace the example IPs with your admin and peer node addresses.
sudo nano /etc/hosts
94.237.46.225 peer0.org1.car.com peer0 94.237.46.18 orderer.car.com orderer
Create a new directory e.g. fabric.
mkdir fabric && cd fabric
Set admin host IP address for ease of use. This IP is an imaginary example, replace it with yours.
echo 'export ADMIN_HOST=94.237.46.18' | tee -a ~/.bashrc
echo 'export USER=fabric' | tee -a ~/.bashrc
source ~/.bashrc
Make the necessary destination directories on the peer host.
sudo mkdir -p /etc/hyperledger/ sudo chown -R $USER /etc/hyperledger/ sudo mkdir -p /etc/hyperledger/msp/{peerOrg1,users}/ sudo mkdir -p /etc/hyperledger/fabric/ sudo mkdir -p /etc/hyperledger/configtx/
Then copy the config and crypto-config from the admin node to the peer.
sudo rsync -r $USER@$ADMIN_HOST:/home/fabric/fabric/crypto-config/peerOrganizations/org1.car.com/peers/peer0.org1.car.com/* /etc/hyperledger/msp/peerOrg1/ sudo rsync -r $USER@$ADMIN_HOST:/home/fabric/fabric/crypto-config/peerOrganizations/org1.car.com/users/ /etc/hyperledger/msp/users sudo rsync -r $USER@$ADMIN_HOST:/etc/hyperledger/fabric/msp /etc/hyperledger/fabric/msp sudo scp $USER@$ADMIN_HOST:/home/fabric/fabric/fabric-samples/config/* /etc/hyperledger/configtx/ sudo scp $USER@$ADMIN_HOST:/home/fabric/fabric/fabric-samples/bin/peer /usr/local/bin sudo scp $USER@$ADMIN_HOST:/etc/hyperledger/fabric/core.yaml /etc/hyperledger/fabric/ sudo scp $USER@$ADMIN_HOST:/etc/hyperledger/configtx/carsales.tx /etc/hyperledger/configtx/carsales.tx
Download the orderer-config archive and extract it under /etc/hyperledger/fabric/. This contains MSP for orderer to start.
curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/orderer-config.tar.gz sudo tar -zxvf orderer-config.tar.gz -C /etc/hyperledger/fabric/
Install Peer0 service – Peer node
Next, create the following service file on the peer node.
cat > fabric-peer0-org1.service << EOF # Service definition for Hyperledger fabric peer server [Unit] Description=hyperledger fabric-peer0-org1 server - Peer0/Org1 for hyperledger fabric Documentation=https://hyperledger-fabric.readthedocs.io/ Wants=network-online.target After=network-online.target [Service] Type=simple Restart=on-failure Environment=FABRIC_CFG_PATH=/etc/hyperledger/fabric Environment=CORE_PEER_ID=peer0.org1.car.com Environment=CORE_LOGGING_PEER=info Environment=CORE_CHAINCODE_LOGGING_LEVEL=info Environment=CORE_PEER_LOCALMSPID=Org1MSP Environment=CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peerOrg1/msp Environment=CORE_PEER_ADDRESS=peer0.org1.car.com:7051 ExecStart=/usr/local/bin/peer node start [Install] WantedBy=multi-user.target EOF
Then do the following to get the service running.
sudo mv fabric-peer0-org1.service /etc/systemd/system/ sudo systemctl enable fabric-peer0-org1.service sudo systemctl start fabric-peer0-org1.service systemctl status fabric-peer0-org1.service
Create a carssales channel and join peer0 there – Peer node
Finally, create and join the channel for communicating using the peer channel commands.
The following must be done as root, switch to the root user with the following.
sudo su
Export the necessary variables.
echo 'export CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/[email protected]/msp' | tee -a ~/.bashrc echo 'export CORE_PEER_LOCALMSPID=Org1MSP' | tee -a ~/.bashrc source ~/.bashrc
Next, create the channel with a peer channel.
peer channel create -o orderer.car.com:7050 -c carsales -f /etc/hyperledger/configtx/carsales.tx
Then, join the peer0 to that channel with peer channel join command.
peer channel join -b carsales.block
Lastly, verify that the peer joined the channel successfully.
peer channel list
With that, you are all done!
Outcome
Now we have a ready-to-use Hyperledger Fabric network running on systemd without Docker.
References and further reading
- Hyperledger fabric read the docs – https://hyperledger-fabric.readthedocs.io/en/release-1.4/index.html
- Hyperledger fabric certificate authority read the docs – https://hyperledger-fabric-ca.readthedocs.io/en/release-
1.4/index.html - File references: https://github.com/cloudronics/startFiles
- Fabric on single and multinode series: https://medium.com/coinmonks/hyperledger-fabric-cluster-on-multiplehosts-
af093f00436
Talha Wahid
Hi,
Really useful article. Is there a way to setup couchdb in this approach and does it use solo orderer only?
Janne Ruostemaa
Hi there, thanks for the comment. You can find instructions for installing CouchDB at their documentation.
A Bharanidharan
peer channel create -o orderer.car.com:7050 -c carsales -f /etc/hyperledger/configtx/carsales.tx
when the above command is executed i am getting the below error:
2020-10-04 16:01:40.246 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: got unexpected status: FORBIDDEN — config update for existing channel did not pass initial checks: implicit policy evaluation failed – 0 sub-policies were satisfied, but this policy requires 1 of the ‘Writers’ sub-policies to be satisfied: permission denied
Janne Ruostemaa
Hi there, thanks for the comment. It would seem your channel is missing some permissions, I’d recommend going over the steps again to see you didn’t miss anything.