From 6572936aa30e6419fc60530c9b0adada91386320 Mon Sep 17 00:00:00 2001 From: mgCepeda Date: Fri, 26 Jul 2024 12:04:50 +0000 Subject: [PATCH] [fabric] Update ansible playbooks add-organization **Primary Changes** 1 .Updated playbook platforms/hyperledger-fabric/configuration/network-fabric-add-organization.yaml to add organizations that only have peers fixes #2599 Signed-off-by: mgCepeda --- docs/source/guides/fabric/add-new-org.md | 6 +- .../templates/anchorpeer.yaml | 2 +- .../charts/fabric-genesis/templates/job.yaml | 17 ++ .../configuration/add-organization.yaml | 179 ++++++------------ .../tasks/nested_channel_join.yaml | 1 + .../genesis/tasks/get_peer_msp_config.yaml | 14 -- .../roles/create/genesis/tasks/main.yaml | 15 +- .../roles/create/genesis/tasks/valuefile.yaml | 1 + .../fetch/tasks/get_new_org_data.yaml | 18 ++ .../setup/config_block/fetch/tasks/main.yaml | 2 +- .../fetch/tasks/nested_create_cli.yaml | 9 +- .../fetch/tasks/nested_fetch_role.yaml | 16 +- .../tasks/nested_sign_and_update.yaml | 1 + .../tasks/nested_update_channel.yaml | 7 +- .../network-fabric-add-organization.yaml | 64 ++++++- .../templates/fabric_genesis.tpl | 11 ++ .../templates/join_channel_job.tpl | 1 + 17 files changed, 206 insertions(+), 158 deletions(-) create mode 100644 platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/get_new_org_data.yaml diff --git a/docs/source/guides/fabric/add-new-org.md b/docs/source/guides/fabric/add-new-org.md index c5abe3baf51..83c2859b81c 100644 --- a/docs/source/guides/fabric/add-new-org.md +++ b/docs/source/guides/fabric/add-new-org.md @@ -28,16 +28,16 @@ Refer [this guide](../networkyaml-fabric.md) for details on editing the configur While modifying the configuration file(`network.yaml`) for adding new organization, all the existing organizations should have `org_status` tag as `existing` and the new organization should have `org_status` tag as `new` under `network.channels` e.g. ```yaml ---8<-- "platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml:65:139" +--8<-- "platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml:62:151" ``` and under `network.organizations` as ```yaml ---8<-- "platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml:144:155" +--8<-- "platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml:153:168" .. .. ---8<-- "platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml:406:414" +--8<-- "platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml:448:458" .. .. diff --git a/platforms/hyperledger-fabric/charts/fabric-channel-join/templates/anchorpeer.yaml b/platforms/hyperledger-fabric/charts/fabric-channel-join/templates/anchorpeer.yaml index 24e83f439e1..fc00cfb7863 100644 --- a/platforms/hyperledger-fabric/charts/fabric-channel-join/templates/anchorpeer.yaml +++ b/platforms/hyperledger-fabric/charts/fabric-channel-join/templates/anchorpeer.yaml @@ -3,7 +3,7 @@ # # SPDX-License-Identifier: Apache-2.0 ############################################################################################## -{{- if and (eq .Values.peer.type "anchor") (not .Values.peer.addPeerValue) }} +{{- if and (eq .Values.peer.type "anchor") (not .Values.peer.addPeerValue) (not .Values.peer.addnewOrgValue) }} apiVersion: batch/v1 kind: Job metadata: diff --git a/platforms/hyperledger-fabric/charts/fabric-genesis/templates/job.yaml b/platforms/hyperledger-fabric/charts/fabric-genesis/templates/job.yaml index 29e5e4e47aa..5461a73b61a 100644 --- a/platforms/hyperledger-fabric/charts/fabric-genesis/templates/job.yaml +++ b/platforms/hyperledger-fabric/charts/fabric-genesis/templates/job.yaml @@ -233,6 +233,16 @@ spec: fi } {{- end }} + + function writeNewOrg { + key=$1 + file=$2 + + kubectl get configmap --namespace ${COMPONENT_NAME} ${key} + if [ $? -ne 0 ]; then + kubectl create configmap --namespace ${COMPONENT_NAME} ${key} --from-file=${key}=${file} + fi + } OUTPUT_PATH_PEER="/templates/crypto-config/organizations" {{- range $org := $.Values.organizations }} @@ -310,6 +320,13 @@ spec: {{- end }} fi {{- end }} + {{- if .Values.add_new_org }} + {{- range $org := $.Values.newOrgs }} + export FABRIC_CFG_PATH=/templates + configtxgen -printOrg {{ $org.name | lower }}MSP > {{ $org.name | lower }}_new.json + writeNewOrg {{ $org.name | lower }}-new-data {{ $org.name | lower }}_new.json + {{- end }} + {{- end }} volumeMounts: - name: scripts-volume mountPath: /scripts/bevel-vault.sh diff --git a/platforms/hyperledger-fabric/configuration/add-organization.yaml b/platforms/hyperledger-fabric/configuration/add-organization.yaml index 88371ff4bb0..87bea752215 100644 --- a/platforms/hyperledger-fabric/configuration/add-organization.yaml +++ b/platforms/hyperledger-fabric/configuration/add-organization.yaml @@ -26,85 +26,52 @@ path: "./build" state: absent - # Create Namespaces and Vault-rbac kubernetes-value files for new organization - - include_role: - name: "create/namespace" - vars: - component_name: "{{ item.name | lower }}-net" - component_type_name: "{{ item.type | lower }}" - kubernetes: "{{ item.k8s }}" - release_dir: "{{ playbook_dir }}/../../../{{ item.gitops.release_dir }}/{{ item.name | lower }}" - loop: "{{ network['organizations'] }}" - when: item.org_status == 'new' - - # Setup script for Vault and OS Package Manager - - name: "Setup script for Vault and OS Package Manager" + # Create Namespaces and Vault-rbac kubernetes-value files + - name: Create namespace and Vault auth for each organization include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/setup/scripts" + name: "create/namespace" vars: - namespace: "{{ org.name | lower }}-net" + component_name: "{{ org.name | lower }}-net" kubernetes: "{{ org.k8s }}" + release_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}" loop: "{{ network['organizations'] }}" loop_control: loop_var: org - when: org.org_status == 'new' - # Setup Vault-Kubernetes accesses and Regcred for docker registry for new organization - - include_role: - name: "{{ playbook_dir }}/../../shared/configuration/roles/setup/vault_kubernetes" + # Create necessary secrets + - name: "Create k8s secrets" + include_role: + name: create/secrets vars: - name: "{{ org.name | lower }}" - component_name: "{{ org.name | lower }}-vaultk8s-job" - component_type: "{{ org.type | lower }}" component_ns: "{{ org.name | lower }}-net" - component_auth: "{{ network.env.type }}{{ name }}" kubernetes: "{{ org.k8s }}" vault: "{{ org.vault }}" - gitops: "{{ org.gitops }}" - reset_path: "platforms/hyperledger-fabric/configuration" - loop: "{{ network['organizations'] }}" - loop_control: - loop_var: org - when: org.org_status == 'new' - - # Create Storageclass for new organization - - include_role: - name: "{{ playbook_dir }}/../../../platforms/shared/configuration/roles/setup/storageclass" - vars: - org_name: "{{ org.name | lower }}" - sc_name: "{{ org_name }}-bevel-storageclass" - region: "{{ org.k8s.region | default('eu-west-1') }}" loop: "{{ network['organizations'] }}" loop_control: loop_var: org - when: org.org_status == 'new' + when: + - org.org_status is not defined or org.org_status == 'new' - # Create CA Server value files and check-in for new organization - - include_role: + # Create CA Server helm-value files and check-in + - name: Create CA server for each organization + include_role: name: "create/ca_server" vars: - component_name: "{{ item.name | lower}}-net" - component: "{{ item.name | lower}}" - component_type: "{{ item.type | lower}}" - component_services: "{{ item.services }}" - sc_name: "{{ component }}-bevel-storageclass" - kubernetes: "{{ item.k8s }}" - vault: "{{ item.vault }}" - ca: "{{ item.services.ca }}" + component_ns: "{{ org.name | lower}}-net" + component: "{{ org.name | lower}}" + component_services: "{{ org.services }}" + kubernetes: "{{ org.k8s }}" + vault: "{{ org.vault }}" + ca: "{{ org.services.ca }}" docker_url: "{{ network.docker.url }}" - gitops: "{{ item.gitops }}" - values_dir: "{{ playbook_dir }}/../../../{{ item.gitops.release_dir }}/{{ item.name | lower }}" - loop: "{{ network['organizations'] }}" - when: item.services.ca is defined and item.org_status == 'new' - - # Create generate_crypto script for new organization - - include_role: - name: "create/crypto_script" - vars: - component_type: "{{ item.type | lower}}" - orderers: "{{ item.services.orderers }}" + gitops: "{{ org.gitops }}" + values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}" loop: "{{ network['organizations'] }}" - when: item.org_status == 'new' + loop_control: + loop_var: org + when: + - org.services.ca is defined + - org.org_status is not defined or org.org_status == 'new' #Creating a pause so that the client certificates are valid # You can continue if the CA-server pods are running for more than 5 minutes @@ -122,64 +89,41 @@ loop: "{{ network['channels'] }}" loop_control: loop_var: channel - - # Create CA Tools value files and check-in for new organization - - include_role: - name: "create/ca_tools/peer" - vars: - component_name: "{{ item.name | lower}}-net" - component: "{{ item.name | lower}}" - component_type: "{{ item.type | lower}}" - component_services: "{{ item.services }}" - orderer_org: "{{ item.orderer_org | lower }}" - sc_name: "{{ component }}-bevel-storageclass" - kubernetes: "{{ item.k8s }}" - vault: "{{ item.vault }}" - ca: "{{ item.services.ca }}" - docker_url: "{{ network.docker.url }}" - gitops: "{{ item.gitops }}" - values_dir: "{{ playbook_dir }}/../../../{{ item.gitops.release_dir }}/{{ item.name | lower }}" - loop: "{{ network['organizations'] }}" - when: item.type == 'peer' and item.org_status == 'new' - - # Creating channel artifacts and putting them in vault - # This role creates configtx.yaml file as the requirements mentioned in network.yaml - # which is then consumed by configtxgen tool - - include_role: - name: "create/configtx" - vars: - config_file: "./build/configtx.yaml" - - # This role generate genesis block and channeltx - # Generates the config.json from the configtx.yaml for new organization - - include_role: - name: "create/channel_artifacts" - vars: - build_path: "./build" - genesis: "{{ item.genesis }}" - channel_name: "{{ item.channel_name | lower}}" - fetch_certs: "false" - profile_name: "{{ item.channel_name }}" - loop: "{{ network['channels'] }}" # This role creates the value file for peers of organisations and write couch db credentials # to the vault. - - include_role: + - name: Create all peers + include_role: name: "create/peers" vars: build_path: "./build" - namespace: "{{ item.name | lower}}-net" - component_type: "{{ item.type | lower}}" - component_services: "{{ item.services }}" - vault: "{{ item.vault }}" - git_protocol: "{{ item.gitops.git_protocol }}" - git_url: "{{ item.gitops.git_url }}" - git_branch: "{{ item.gitops.branch }}" + namespace: "{{ org.name | lower}}-net" + component_type: "{{ org.type | lower}}" + component_services: "{{ org.services }}" + kubernetes: "{{ org.k8s }}" + vault: "{{ org.vault }}" + git_protocol: "{{ org.gitops.git_protocol }}" + git_url: "{{ org.gitops.git_url }}" + git_branch: "{{ org.gitops.branch }}" docker_url: "{{ network.docker.url }}" - charts_dir: "{{ item.gitops.chart_source }}" - values_dir: "{{ playbook_dir }}/../../../{{ item.gitops.release_dir }}/{{ item.name | lower }}" + charts_dir: "{{ org.gitops.chart_source }}" + values_dir: "{{playbook_dir}}/../../../{{org.gitops.release_dir}}/{{ org.name | lower }}" loop: "{{ network['organizations'] }}" - when: item.type == 'peer' and item.org_status == 'new' + loop_control: + loop_var: org + when: + - org.services.peers is defined and org.services.peers | length > 0 + - org.org_status is not defined or org.org_status == 'new' + + - name: "Create genesis block" + include_role: + name: "create/genesis" + vars: + org: "{{ network['organizations'] | first }}" + docker_url: "{{ network.docker.url }}" + kubernetes: "{{ org.k8s }}" + generateGenisis: false + when: genererate_configtx is defined and genererate_configtx == 'true' # This role is to start the existing peer cli # Fetch the configuration block and modify the block @@ -207,19 +151,7 @@ build_path: "./build" participants: "{{ item.participants }}" docker_url: "{{ network.docker.url }}" - loop: "{{ network['channels'] }}" - - # Create CLI pod for peers with cli option enabled - - name: Create CLI pod for each peer with it enabled - include_role: - name: "create/cli_pod" - vars: - peers: "{{ org.services.peers }}" - docker_url: "{{ network.docker.url }}" - loop: "{{ network.organizations }}" - loop_control: - loop_var: org - when: org.type == 'peer' and org.org_status == 'new' + loop: "{{ network['channels'] }}" vars: # These variables can be overriden from the command line privilege_escalate: false # Default to NOT escalate to root privledges @@ -227,3 +159,4 @@ install_arch: "amd64" # Default to amd64 architecture bin_install_dir: "~/bin" # Default to /bin install directory for binaries add_new_org: "true" # Default to true + genererate_configtx: "true" diff --git a/platforms/hyperledger-fabric/configuration/roles/create/channels_join/tasks/nested_channel_join.yaml b/platforms/hyperledger-fabric/configuration/roles/create/channels_join/tasks/nested_channel_join.yaml index c3cbb66906e..3c73ed1875e 100644 --- a/platforms/hyperledger-fabric/configuration/roles/create/channels_join/tasks/nested_channel_join.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/create/channels_join/tasks/nested_channel_join.yaml @@ -79,6 +79,7 @@ vault: "{{ org.vault }}" k8s: "{{ org.k8s }}" add_peer_value: "{{ add_peer | default('false') }}" + add_new_org_value: "{{ add_new_org | default('false') }}" values_dir: "{{playbook_dir}}/../../../{{org.gitops.component_dir}}/{{ org.name | lower }}" loop: "{{ participant.peers }}" loop_control: diff --git a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/get_peer_msp_config.yaml b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/get_peer_msp_config.yaml index 89d2af742e6..34d26c9f9a6 100644 --- a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/get_peer_msp_config.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/get_peer_msp_config.yaml @@ -13,20 +13,6 @@ path: "{{ playbook_dir }}/../../../{{ charts_dir }}/fabric-genesis/files" state: directory -# Find old .json files -- name: Find .json files - find: - paths: "{{ playbook_dir }}/../../../{{ charts_dir }}/fabric-genesis/files" - patterns: "*.json" - register: json_files - -# Delete old .json files -- name: Delete .json files - file: - path: "{{ item.path }}" - state: absent - loop: "{{ json_files.files }}" - - name: Save config peer msp config locally for genesis copy: content: "{{ config_file_data.resources[0] | to_nice_json }}" diff --git a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml index 12349da003f..633f6f1fcef 100644 --- a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml @@ -6,6 +6,19 @@ ############################################################################################ +# Find old .json files +- name: Find .json files + find: + paths: "{{ playbook_dir }}/../../../{{ org.gitops.chart_source }}/fabric-genesis/files" + patterns: "*.json" + register: json_files + +# Delete old .json files +- name: Delete .json files + file: + path: "{{ item.path }}" + state: absent + loop: "{{ json_files.files }}" # Remove all Helm releases of organization except genesis - name: Delete Helm releases @@ -20,7 +33,7 @@ - name: Fetch peers cetificates include_tasks: get_certificates.yaml vars: - charts_dir: "{{ organization.gitops.chart_source }}" + charts_dir: "{{ org.gitops.chart_source }}" org_name: "{{ organization.name | lower }}" peers: "{{ organization.services.peers }}" loop: "{{ network['organizations'] }}" diff --git a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/valuefile.yaml b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/valuefile.yaml index 479d92336dc..5f73e8e82f7 100644 --- a/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/valuefile.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/valuefile.yaml @@ -13,6 +13,7 @@ charts_dir: "{{ org.gitops.chart_source }}" values_dir: "{{playbook_dir}}/../../../{{org.gitops.component_dir}}/{{ org.name | lower }}" generateGenisisBLock: "{{ generateGenisis }}" + add_org: "{{ add_new_org | default(false) }}" # Git Push: Push the above generated files to git directory - name: Git Push diff --git a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/get_new_org_data.yaml b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/get_new_org_data.yaml new file mode 100644 index 00000000000..d40bbc00f97 --- /dev/null +++ b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/get_new_org_data.yaml @@ -0,0 +1,18 @@ +- name: Get new org data + kubernetes.core.k8s_info: + kubeconfig: "{{ genesis_org_kubeconfig }}" + kind: ConfigMap + name: "{{ org_name }}-new-data" + namespace: "{{ genesis_org_namespace}}" + vars: + genesis_org: "{{ network['organizations'] | first }}" + genesis_org_namespace: "{{ genesis_org.name | lower }}-net" + genesis_org_kubeconfig: "{{ genesis_org.k8s.config_file }}" + genesis_org_context: "{{ genesis_org.k8s.context }}" + register: org_data + +- name: Save new org data file locally + shell: | + echo '{{ org_data.resources[0].data[org_name ~ "-new-data"] }}' > {{ files_loc }} + vars: + files_loc: "{{ build_path }}/channel-artifacts/{{ channel_name | lower }}.json" diff --git a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/main.yaml b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/main.yaml index b4dd5bc4c23..02d6e431dab 100644 --- a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/main.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/main.yaml @@ -16,7 +16,7 @@ channel_name: "{{ item.channel_name | lower }}" org_query: "organizations[?name=='{{participant.name}}']" org: "{{ network | json_query(org_query) | first }}" - peer: "{{ participant.peers | first }}" + peer: "{{ org.services.peers | first | default() }}" loop: "{{ participants }}" loop_control: loop_var: participant diff --git a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_create_cli.yaml b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_create_cli.yaml index f14e0e3a887..6c228c61640 100644 --- a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_create_cli.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_create_cli.yaml @@ -13,14 +13,13 @@ include_role: name: k8_component vars: - component_type_name: "{{ participant.name | lower }}" + component: "{{ participant.name | lower }}" component_type: "existing_peer_cli_job" - component_name: "cli-{{ channel_name }}-{{ participant.name }}-{{ peer.name }}" - peer_name: "{{ peer.name }}" + component_name: "{{ peer.name | lower}}-cli" + orderer: "{{ network.orderers | first }}" component_ns: "{{ participant.name | lower}}-net" git_url: "{{ org.gitops.git_url }}" git_branch: "{{ org.gitops.branch }}" charts_dir: "{{ org.gitops.chart_source }}" vault: "{{ org.vault }}" - storage_class: "{{ participant.name | lower }}-bevel-storageclass" - release_dir: "./build" + release_dir: "./build/{{ participant.name }}" diff --git a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_fetch_role.yaml b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_fetch_role.yaml index ead9b2549de..83ac054c310 100644 --- a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_fetch_role.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/fetch/tasks/nested_fetch_role.yaml @@ -23,14 +23,14 @@ # Creeate the value file for creater org first peer - name: "start cli" shell: | - KUBECONFIG={{ org.k8s.config_file }} helm upgrade --install -f ./build/{{ participantx.name }}/existing_peer_cli_job.yaml {{ peer.name }}-{{ participantx.name }}-cli {{playbook_dir}}/../../../{{org.gitops.chart_source}}/fabric-cli + KUBECONFIG={{ org.k8s.config_file }} helm upgrade --install -f ./build/{{ participantx.name }}/existing_peer_cli_job.yaml {{ peer.name }}-{{ participantx.name }}-cli {{playbook_dir}}/../../../{{org.gitops.chart_source}}/fabric-cli -n {{ org.name | lower }}-net when: existing_cli.resources|length == 0 # Wait for fabric cli - name: "Check if fabric cli is present" k8s_info: kind: Pod - namespace: "{{ org.name }}-net" + namespace: "{{ org.name | lower }}-net" kubeconfig: "{{ org.k8s.config_file }}" context: "{{ org.k8s.context }}" label_selectors: @@ -40,6 +40,16 @@ retries: "{{ network.env.retry_count}}" delay: 40 +# Start the cli, configure and download the configuration block +- name: Call nested_fetch_role for the peer + include_tasks: get_new_org_data.yaml + vars: + org_name: "{{ org.name | lower }}" + loop: "{{ network['organizations'] }}" + loop_control: + loop_var: org + when: org.org_status == 'new' + # Fetch the config block from blockchain by executing the create_block.sh script file # from first peer of creator cli - name: Fetch and copy the configuration block from the blockchain @@ -53,6 +63,6 @@ KUBECONFIG={{ kubernetes.config_file }} kubectl exec -n {{ org.name }}-net ${PEER_CLI} -- sh ./create_block.sh KUBECONFIG={{ kubernetes.config_file }} kubectl cp {{ org.name }}-net/${PEER_CLI}:/opt/gopath/src/github.com/hyperledger/fabric/peer/{{ channel_name | lower }}_update_in_envelope.pb ./build/{{ channel_name | lower}}_config_block.pb environment: - ORDERER_CA: "/opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt" + ORDERER_CA: "/opt/gopath/src/github.com/hyperledger/fabric/orderer/tls/orderer.crt" vars: kubernetes: "{{ org.k8s }}" diff --git a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_sign_and_update.yaml b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_sign_and_update.yaml index 24756057fc5..5612de8e671 100644 --- a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_sign_and_update.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_sign_and_update.yaml @@ -66,6 +66,7 @@ vars: kubernetes: "{{ org.k8s }}" + # Delete the cli - name: "Delete cli {{ peer.name }}-{{ participant.name }}-cli" shell: | diff --git a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_update_channel.yaml b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_update_channel.yaml index 53cadadc910..bb7952ac617 100644 --- a/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_update_channel.yaml +++ b/platforms/hyperledger-fabric/configuration/roles/setup/config_block/sign_and_update/tasks/nested_update_channel.yaml @@ -22,7 +22,7 @@ # Create the value file for creater org first peer - name: "start cli for {{ peer.name }}-{{ org.name }} for updating the channel" shell: | - KUBECONFIG={{ org.k8s.config_file }} helm upgrade --install -f ./build/{{ participant.name }}/existing_peer_cli_job.yaml {{ peer.name }}-{{ participant.name }}-cli {{playbook_dir}}/../../../{{org.gitops.chart_source}}/fabric-cli + KUBECONFIG={{ org.k8s.config_file }} helm upgrade --install -f ./build/{{ participant.name | lower }}/existing_peer_cli_job.yaml {{ peer.name }}-{{ participant.name }} {{playbook_dir}}/../../../{{org.gitops.chart_source}}/fabric-cli -n {{ participant.name | lower }}-net when: existing_cli.resources|length == 0 # Wait for fabric cli @@ -46,10 +46,13 @@ KUBECONFIG={{ kubernetes.config_file }} kubectl cp ./build/{{ channel_name | lower}}_config_block.pb {{ org.name | lower }}-net/${PEER_CLI}:/opt/gopath/src/github.com/hyperledger/fabric/peer/{{ channel_name | lower}}_config_block.pb KUBECONFIG={{ kubernetes.config_file }} kubectl exec -n {{ org.name | lower }}-net ${PEER_CLI} -- peer channel update -f {{ channel_name | lower}}_config_block.pb -c {{ channel_name | lower}} -o {{ participant.ordererAddress }} --tls --cafile ${ORDERER_CA} environment: - ORDERER_CA: "/opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt" + ORDERER_CA: "/opt/gopath/src/github.com/hyperledger/fabric/orderer/tls/orderer.crt" vars: kubernetes: "{{ org.k8s }}" register: update_channel + until: update_channel.rc == 0 + retries: 5 + delay: 10 # Delete the cli - name: "Delete cli {{ peer.name }}-{{ participant.name }}-cli" diff --git a/platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml b/platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml index 49fd66c048d..30af9847135 100644 --- a/platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml +++ b/platforms/hyperledger-fabric/configuration/samples/network-fabric-add-organization.yaml @@ -80,6 +80,22 @@ network: gossipAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External or internal URI of the gossip peer peerAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443 # Must include port, External or internal URI of the orderer + - organization: + name: supplychain + type: joiner + org_status: existing + peers: + - peer: + name: peer0 + type: anchor + gossipAddress: peer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 + peerAddress: peer0.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 + - peer: + name: peer1 + type: nonanchor + gossipAddress: peer0.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 + peerAddress: peer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 + ordererAddress: orderer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 - organization: name: warehouse type: joiner @@ -187,7 +203,7 @@ network: services: ca: name: ca - subject: "/C=GB/ST=London/L=London/O=Orderer/CN=ca.supplychain-net.org1proxy.blockchaincloudpoc.com" + subject: "/C=GB/ST=London/L=London/O=Orderer" type: ca grpc: port: 7054 @@ -221,6 +237,44 @@ network: port: 7050 ordererAddress: orderer3.supplychain-net.org1proxy.blockchaincloudpoc.com:443 + peers: + - peer: + name: peer0 + type: anchor # This can be anchor/nonanchor. Atleast one peer should be anchor peer. + gossippeeraddress: peer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 # Internal Address of the other peer in same Org for gossip, same peer if there is only one peer + peerAddress: peer0.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 # External URI of the peer + cli: enabled # Creates a peer cli pod depending upon the (enabled/disabled) tag. + grpc: + port: 7051 + events: + port: 7053 + couchdb: + port: 5984 + restserver: + targetPort: 20001 + port: 20001 + expressapi: + targetPort: 3000 + port: 3000 + - peer: + name: peer1 + type: nonanchor # This can be anchor/nonanchor. Atleast one peer should be anchor peer. + gossippeeraddress: peer0.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 # External address of the existing anchor peer + peerAddress: peer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 # External URI of the peer + cli: enabled # Creates a peer cli pod depending upon the (enabled/disabled) tag. + grpc: + port: 7051 + events: + port: 7053 + couchdb: + port: 5984 + restserver: + targetPort: 20001 + port: 20001 + expressapi: + targetPort: 3000 + port: 3000 + # Specification for the 2nd organization. Each organization maps to a VPC and a separate k8s cluster - organization: name: manufacturer @@ -270,7 +324,7 @@ network: services: ca: name: ca - subject: "/C=CH/ST=Zurich/L=Zurich/O=Manufacturer/CN=ca.manufacturer-net.org2proxy.blockchaincloudpoc.com" + subject: "/C=CH/ST=Zurich/L=Zurich/O=Manufacturer" type: ca grpc: port: 7054 @@ -354,7 +408,7 @@ network: services: ca: name: ca - subject: "/C=GB/ST=London/L=London/O=Carrier/CN=ca.carrier-net.org3proxy.blockchaincloudpoc.com" + subject: "/C=GB/ST=London/L=London/O=Carrier" type: ca grpc: port: 7054 @@ -443,7 +497,7 @@ network: services: ca: name: ca - subject: "/C=US/ST=New York/L=New York/O=Store/CN=ca.store-net.org4proxy.blockchaincloudpoc.com" + subject: "/C=US/ST=New York/L=New York/O=Store" type: ca grpc: port: 7054 @@ -526,7 +580,7 @@ network: services: ca: name: ca - subject: "/C=US/ST=Massachusetts/L=Boston/O=Warehouse/CN=ca.warehouse-net.org5proxy.blockchaincloudpoc.com" + subject: "/C=US/ST=Massachusetts/L=Boston/O=Warehouse" type: ca grpc: port: 7054 diff --git a/platforms/shared/configuration/roles/create/job_component/templates/fabric_genesis.tpl b/platforms/shared/configuration/roles/create/job_component/templates/fabric_genesis.tpl index 30ab3805790..11bb07f32fd 100755 --- a/platforms/shared/configuration/roles/create/job_component/templates/fabric_genesis.tpl +++ b/platforms/shared/configuration/roles/create/job_component/templates/fabric_genesis.tpl @@ -93,3 +93,14 @@ settings: generateGenesis: {{ generateGenisisBLock }} removeConfigMapOnDelete: false +{% if add_org %} +add_new_org: {{ add_org }} +newOrgs: +{% for organization in network.organizations %} +{% for data, value in organization.items() %} +{% if data == 'name' and organization.org_status == 'new' %} + - name: {{ value }} +{% endif %} +{% endfor %} +{% endfor %} +{% endif %} diff --git a/platforms/shared/configuration/roles/create/job_component/templates/join_channel_job.tpl b/platforms/shared/configuration/roles/create/job_component/templates/join_channel_job.tpl index 767da46f971..a46174e22d0 100644 --- a/platforms/shared/configuration/roles/create/job_component/templates/join_channel_job.tpl +++ b/platforms/shared/configuration/roles/create/job_component/templates/join_channel_job.tpl @@ -40,3 +40,4 @@ peer: channelName: {{ channel_name }} ordererAddress: {{ participant.ordererAddress }} addPeerValue: {{ add_peer_value }} + addnewOrgValue: {{ add_new_org_value }}