Updated on 25.5.2023

How to set up Hyperledger Fabric with Systemd

Hyperledger Fabric

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. Its modular and versatile design satisfies a broad range of industry use cases. It offers a unique approach to a consensus that enables performance at scale while preserving privacy.

This step-by-step guide goes through what is needed to set up Hyperledger Fabric on UpCloud with systemd. Note that, this setup does not use Docker. This is also a good learner guide on understanding how Hyperledger Fabric works from an administrator’s perspective.

Two hosts, the admin node and at least one peer node, are involved in this setup.

Prepare the environment – Admin node

Begin by deploying the required nodes.

  • Choose your configuration, the Simple plan with 1CPU and 1GB of RAM is enough to get started.
  • Select the Ubuntu 18.04 OS template
  • Name the server and deploy

Once deployed, log in using SSH and the root password you received by the delivery method you chose.

Create a local system user with sudo privileges.

adduser fabric
usermod -aG sudo fabric
su - fabric

Ensure the hosts are able to reach each other by name. This can be done by adding the following to the hosts file at /etc/hosts on both admin and peer nodes. Replace the orderer example IP address with your admin and peer0 with the peer node addresses.

sudo nano /etc/hosts
94.237.46.225 peer0.org1.car.com peer0
94.237.46.18 orderer.car.com orderer

Install Go language 1.13 on Ubuntu and verify the version. This is needed to compile the fabric-ca-server which isn’t available to download as binary at the time of writing.

Go language and Git packages.

Start by downloading Go with the next command.

curl -O https://storage.googleapis.com/golang/go1.13.4.linux-amd64.tar.gz

Extract the package to the /urs/local directory.

sudo tar -C /usr/local -xzf go1.13.4.linux-amd64.tar.gz

Next, create a folder for the Go language files, for example, in your home directory with the following command.

mkdir -p ~/go/bin

To use the Go command-line utility, you need to set up a few environmental variables. Add the following to your profile, or adjust the paths depending on where you created the Go directory.

echo 'export GOPATH=$HOME/go' | tee -a ~/.bashrc
echo 'export GOBIN=$GOPATH/bin' | tee -a ~/.bashrc
echo 'export PATH=$PATH:/usr/local/go/bin:$GOBIN' | tee -a ~/.bashrc
source ~/.bashrc
go version
go version go1.13.4 linux/amd64

You will also need a compiler so install gcc with the following command.

sudo apt update && sudo apt install gcc -y

With these done, you can begin configuring Fabric itself.

Admin node (fabric-ca, orderer, misc)

The admin node hosts Fabric Certificate Authority, Fabric Orderer and is used for other miscellaneous tasks e.g. generating certificates, crypto configs, etc.

Next, create a new directory to host the relevant configuration files, e.g. fabric.

mkdir ~/fabric && cd ~/fabric

Then download the binaries of a specific Hyperledger Fabric version ( 1.4.3 LTS) to ~/fabric/bin directory using the bootstrap script at http://bit.ly/2ysbOFE

curl -sSL http://bit.ly/2ysbOFE | bash -s -- 1.4.3 1.4.3 0.4.15

Build the fabric-ca server under ~/fabric/go (latest version). Again, this is due to the fact that fabric-ca server isn’t available to download in binary at the time of writing.

go get -u github.com/hyperledger/fabric-ca/cmd/...

Add it to the /usr/local/bin directory.

sudo cp ~/fabric/fabric-samples/bin/* /usr/local/bin/
sudo cp $GOBIN/fabric-ca-server /usr/local/bin

Make the necessary destination directories for orderer, peerOrg1, users, fabric, and configtx.

sudo mkdir -p /etc/hyperledger/msp/{orderer,peerOrg1,users}
sudo mkdir -p /etc/hyperledger/configtx
sudo mkdir -p /etc/hyperledger/fabric
sudo mkdir -p /etc/hyperledger/config

Download the orderer-config archive and extract it under /etc/hyperledger/fabric/. This contains MSP for orderer to start.

curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/orderer-config.tar.gz
sudo tar -zxvf orderer-config.tar.gz -C /etc/hyperledger/fabric/

Generate configs, genesis block etc.

Download the crypto-config and configtx yaml.

curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/crypto-config.yaml
curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/configtx.yaml

Make a new config directory

mkdir ~/fabric/config

Generate the crypto material.

cryptogen generate --config=./crypto-config.yaml

Generate genesis block for the orderer.

sudo configtxgen -profile OneOrgOrdererGenesis -outputBlock ./config/genesis.block

Generate channel configuration transaction.

sudo configtxgen -profile OneOrgChannel -outputCreateChannelTx ./config/carsales.tx -channelID carsales

Generate anchor peer transaction.

sudo configtxgen -asOrg Org1MSP -channelID carsales -profile OneOrgChannel -outputAnchorPeersUpdate ./config/Org1MSPanchors.tx

Then copy the generated configuration files to the Hyperledger directory.

sudo cp config/* /etc/hyperledger/configtx/

Lastly, copy the generated crypto-configs to their respective MSP directories.

sudo cp -r crypto-config/ordererOrganizations/car.com/orderers/orderer.car.com/* /etc/hyperledger/msp/orderer/
sudo cp -r crypto-config/peerOrganizations/org1.car.com/peers/peer0.org1.car.com/* /etc/hyperledger/msp/peerOrg1/
sudo cp -r crypto-config/peerOrganizations/org1.car.com/users/* /etc/hyperledger/msp/users

Install Fabric-CA service – Admin node

Next, create a fabric-ca service by making the following service file.

cat > fabric-ca.service << EOF
# Service definition for Hyperledger fabric-ca server
[Unit]
Description=hyperledger fabric-ca server - Certificate Authority for hyperledger fabric
Documentation=https://hyperledger-fabric-ca.readthedocs.io/
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
Restart=on-failure
Environment=FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
Environment=FABRIC_CA_SERVER_HOME=/etc/hyperledger/fabric-ca-server
Environment=CA_CFG_PATH=/etc/hyperledger/fabric-ca
ExecStart=/usr/local/bin/fabric-ca-server start -b admin:adminpw
[Install]
WantedBy=multi-user.target
EOF

Then move the service file, enable, start and verify the fabric-ca service is running.

sudo mv fabric-ca.service /etc/systemd/system/
sudo systemctl enable fabric-ca.service
sudo systemctl start fabric-ca.service
systemctl status fabric-ca.service

The output of successfully running fabric services would look something like the example below.

* fabric-ca.service - hyperledger fabric-ca server - Certificate Authority for hyperledger fabric
   Loaded: loaded (/etc/systemd/system/fabric-ca.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2019-07-03 09:49:06 UTC; 5s ago
     Docs: https://hyperledger-fabric-ca.readthedocs.io/
 Main PID: 22133 (fabric-ca-serve)
    Tasks: 4 (limit: 1109)
   CGroup: /system.slice/fabric-ca.service
           `-22133 /usr/local/bin/fabric-ca-server start -b admin:adminpw

Install Orderer service – Admin node

Repeat the same from the previous step with orderer but using this service file.

cat > fabric-orderer.service << EOF
# Service definition for Hyperledger fabric orderer server
[Unit]
Description=hyperledger fabric-orderer server - Orderer for hyperledger fabric
Documentation=https://hyperledger-fabric.readthedocs.io/
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
Restart=on-failure
Environment=CA_CFG_PATH=/etc/hyperledger/fabric-ca
Environment=ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
Environment=ORDERER_GENERAL_GENESISMETHOD=file
Environment=ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
Environment=ORDERER_GENERAL_LOCALMSPID=OrdererMSP
Environment=ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
Environment=ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
ExecStart=/usr/local/bin/orderer start
[Install]
WantedBy=multi-user.target
EOF

Then again move the service file, enable, start and verify that the service is running.

sudo mv fabric-orderer.service /etc/systemd/system/
sudo systemctl enable fabric-orderer.service
sudo systemctl start fabric-orderer.service
systemctl status fabric-orderer.service

You are now done with the Admin node, continue below with the preparations for the peer node.

Prepare the environment – Peer node

Firstly, deploy a peer node if you haven’t already.

  • Choose your configuration, the Simple plan with 1CPU and 1GB of RAM is enough to get started.
  • Select the Ubuntu 18.04 OS template
  • Name the server and deploy

Once deployed, log in using SSH and the root password you received by the delivery method you chose.

Begin the configuration by creating a new user for the peer node just like on the admin node.

adduser fabric
usermod -aG sudo fabric
su - fabric

Add the peer and orderer host information to the peer node’s hosts file. Replace the example IPs with your admin and peer node addresses.

sudo nano /etc/hosts
94.237.46.225 peer0.org1.car.com peer0
94.237.46.18 orderer.car.com orderer

Create a new directory e.g. fabric.

mkdir fabric && cd fabric

Set admin host IP address for ease of use. This IP is an imaginary example, replace it with yours.

echo 'export ADMIN_HOST=94.237.46.18' | tee -a ~/.bashrc
echo 'export USER=fabric' | tee -a ~/.bashrc
source ~/.bashrc

Make the necessary destination directories on the peer host.

sudo mkdir -p /etc/hyperledger/
sudo chown -R $USER /etc/hyperledger/
sudo mkdir -p /etc/hyperledger/msp/{peerOrg1,users}/
sudo mkdir -p /etc/hyperledger/fabric/
sudo mkdir -p /etc/hyperledger/configtx/

Then copy the config and crypto-config from the admin node to the peer.

sudo rsync -r $USER@$ADMIN_HOST:/home/fabric/fabric/crypto-config/peerOrganizations/org1.car.com/peers/peer0.org1.car.com/* /etc/hyperledger/msp/peerOrg1/
sudo rsync -r $USER@$ADMIN_HOST:/home/fabric/fabric/crypto-config/peerOrganizations/org1.car.com/users/ /etc/hyperledger/msp/users
sudo rsync -r $USER@$ADMIN_HOST:/etc/hyperledger/fabric/msp /etc/hyperledger/fabric/msp
sudo scp $USER@$ADMIN_HOST:/home/fabric/fabric/fabric-samples/config/* /etc/hyperledger/configtx/
sudo scp $USER@$ADMIN_HOST:/home/fabric/fabric/fabric-samples/bin/peer /usr/local/bin
sudo scp $USER@$ADMIN_HOST:/etc/hyperledger/fabric/core.yaml /etc/hyperledger/fabric/
sudo scp $USER@$ADMIN_HOST:/etc/hyperledger/configtx/carsales.tx /etc/hyperledger/configtx/carsales.tx

Download the orderer-config archive and extract it under /etc/hyperledger/fabric/. This contains MSP for orderer to start.

curl -sSLO https://raw.githubusercontent.com/cloudronics/startFiles/master/orderer-config.tar.gz
sudo tar -zxvf orderer-config.tar.gz -C /etc/hyperledger/fabric/

Install Peer0 service – Peer node

Next, create the following service file on the peer node.

cat > fabric-peer0-org1.service << EOF
# Service definition for Hyperledger fabric peer server
[Unit]
Description=hyperledger fabric-peer0-org1 server - Peer0/Org1 for hyperledger fabric
Documentation=https://hyperledger-fabric.readthedocs.io/
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
Restart=on-failure
Environment=FABRIC_CFG_PATH=/etc/hyperledger/fabric
Environment=CORE_PEER_ID=peer0.org1.car.com
Environment=CORE_LOGGING_PEER=info
Environment=CORE_CHAINCODE_LOGGING_LEVEL=info
Environment=CORE_PEER_LOCALMSPID=Org1MSP
Environment=CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peerOrg1/msp
Environment=CORE_PEER_ADDRESS=peer0.org1.car.com:7051
ExecStart=/usr/local/bin/peer node start
[Install]
WantedBy=multi-user.target
EOF

Then do the following to get the service running.

sudo mv fabric-peer0-org1.service /etc/systemd/system/
sudo systemctl enable fabric-peer0-org1.service
sudo systemctl start fabric-peer0-org1.service
systemctl status fabric-peer0-org1.service

Create a carssales channel and join peer0 there – Peer node

Finally, create and join the channel for communicating using the peer channel commands.

The following must be done as root, switch to the root user with the following.

sudo su

Export the necessary variables.

echo 'export CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/[email protected]/msp' | tee -a ~/.bashrc
echo 'export CORE_PEER_LOCALMSPID=Org1MSP' | tee -a ~/.bashrc
source ~/.bashrc

Next, create the channel with a peer channel.

peer channel create -o orderer.car.com:7050 -c carsales -f /etc/hyperledger/configtx/carsales.tx

Then, join the peer0 to that channel with peer channel join command.

peer channel join -b carsales.block

Lastly, verify that the peer joined the channel successfully.

peer channel list

With that, you are all done!

Outcome

Now we have a ready-to-use Hyperledger Fabric network running on systemd without Docker.

References and further reading

  • Hyperledger fabric read the docs – https://hyperledger-fabric.readthedocs.io/en/release-1.4/index.html
  • Hyperledger fabric certificate authority read the docs – https://hyperledger-fabric-ca.readthedocs.io/en/release-
    1.4/index.html
  • File references: https://github.com/cloudronics/startFiles
  • Fabric on single and multinode series: https://medium.com/coinmonks/hyperledger-fabric-cluster-on-multiplehosts-
    af093f00436

Anoop Vijayan

  1. Hi,
    Really useful article. Is there a way to setup couchdb in this approach and does it use solo orderer only?

  2. Janne Ruostemaa

    Hi there, thanks for the comment. You can find instructions for installing CouchDB at their documentation.

  3. A Bharanidharan

    peer channel create -o orderer.car.com:7050 -c carsales -f /etc/hyperledger/configtx/carsales.tx

    when the above command is executed i am getting the below error:
    2020-10-04 16:01:40.246 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
    Error: got unexpected status: FORBIDDEN — config update for existing channel did not pass initial checks: implicit policy evaluation failed – 0 sub-policies were satisfied, but this policy requires 1 of the ‘Writers’ sub-policies to be satisfied: permission denied

  4. Janne Ruostemaa

    Hi there, thanks for the comment. It would seem your channel is missing some permissions, I’d recommend going over the steps again to see you didn’t miss anything.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top