# monitorChains-docker **Repository Path**: Service-Oriented-Blockchain-System/monitorChains-docker ## Basic Information - **Project Name**: monitorChains-docker - **Description**: monitorChains -docker单机版本 - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2022-05-05 - **Last Updated**: 2022-05-06 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README ## MonitorChains-Docker版本 ### 需要的环境以及版本: * [Docker](https://www.docker.com/products/overview) - v1.12 or higher * [Docker Compose](https://docs.docker.com/compose/overview/) - v1.8 or higher * [Git client](https://git-scm.com/downloads) - needed for clone commands * **Node.js** v8.4.0 or higher * [Download Docker images](http://hyperledger-fabric.readthedocs.io/en/latest/samples.html#binaries) 包含以下组件 * 3 Zookeeper * 4 Kafka * 4 orderer * **12 peers (3 peers per Org),前四个为注册链节点,后八个为监控链节点** ## 配置文件 完成后不需要修改的 ### 1.编写config.tx和cryptogen.yaml 此处暂时不需要修改,如果需要增删组织或修改orderer数量再进行修改 ### 2.生成证书和密钥 genArtifacts.sh中逻辑: 根据上述修改的**config.tx和cryptogen.yaml**生成证书以及密钥 ``` cd artifacts ./genArtifacts.sh ``` 生成后位于artifacts/channel,结构如下: ``` lihaoran@192 channel % ls configtx.yaml genesis.block softwarechannel.tx crypto-config monitorchannel.tx cryptogen.yaml registerchannel.tx ``` tx为通道文件,后续创建/加入通道会用到,genesis.block为创世块,crypto-config为密钥、证书文件,docker-compose 文件中会用到 ### 修改docker-compose文件 base.yaml ``` 修改镜像名称,如在内网环境中,修改为内网的镜像名,如10.77.70.184:5000/xxxx;如在外网中,不需要修改 peer-base-gmn: image: registry.cn-beijing.aliyuncs.com/nacos-fabric/peer-gmn:latest peer-base-nacos: image: registry.cn-beijing.aliyuncs.com/nacos-fabric/peer-nacos:latest ``` docker-compose.yaml #### CA: **如修改过config.tx和cryptogen.yaml,重新生成过密钥证书,需要修改以下** **如只重新运行了./genArtifacts.sh,则只需要修改FABRIC_CA_SERVER_CA_KEYFILE**,否则按照顺序修改 1.FABRIC_CA_SERVER_CA_NAME:和上面保持一致即可 2.FABRIC_CA_SERVER_CA_CERTFILE:修改为/etc/hyperledger/fabric-ca-server-config/中相应组织生成的文件 3.**FABRIC_CA_SERVER_CA_KEYFILE**(重新生成后):修改为/etc/hyperledger/fabric-ca-server-config/的keyfile对应名称 4.FABRIC_CA_SERVER_TLS_CERTFILE:修改为/etc/hyperledger/fabric-ca-server-config/对应文件名 5.**FABRIC_CA_SERVER_TLS_KEYFILE**:修改为/etc/hyperledger/fabric-ca-server-config/中keyfile文件名 ```yaml ca.fabric.gfe.com: image: hyperledger/fabric-ca environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-gfe - FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.fabric.gfe.com-cert.pem - FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/37278f63f10a72fd1e55ad2a178fb9b9a3c88aae02b3fa94f340f3f30f877e6a_sk - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.fabric.gfe.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/37278f63f10a72fd1e55ad2a178fb9b9a3c88aae02b3fa94f340f3f30f877e6a_sk ports: - "7054:7054" command: sh -c 'fabric-ca-server start -b admin:adminpw -d' volumes: - ./channel/crypto-config/peerOrganizations/fabric.gfe.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_gfe ``` ### Zookeeper和Kafka 暂时不需要修改 ### orderer节点 注意端口号不要冲突即可 ```yaml dbiir.orderer.com: container_name: dbiir.orderer.com extends: file: base.yaml service: orderer-base ports: - 7050:7050 volumes: - ./channel:/etc/hyperledger/configtx - ./channel/crypto-config/ordererOrganizations/orderer.com/orderers/dbiir.orderer.com/:/etc/hyperledger/crypto/orderer - ./channel/crypto-config/peerOrganizations/fabric.gfe.com/peers/peer0.fabric.gfe.com/:/etc/hyperledger/crypto/gfe - ./channel/crypto-config/peerOrganizations/fabric.deke.com/peers/peer0.fabric.deke.com/:/etc/hyperledger/crypto/deke - ./channel/crypto-config/peerOrganizations/fabric.dbiir.com/peers/peer0.fabric.dbiir.com/:/etc/hyperledger/crypto/dbiir - ./channel/crypto-config/peerOrganizations/fabric.ruc.com/peers/peer0.fabric.ruc.com/:/etc/hyperledger/crypto/ruc depends_on: - kafka0 - kafka1 - kafka2 - kafka3 ``` ### 注册链节点-Peer 修改: **1.CORE_PEER_MSP_KEYSTORE**:如上面运行过./genArtifacts.sh,则此处需要修改 **2.FABRIC_ORDERER_ADDR**(重点):Orderer的地址,此处因为我是Mac电脑,因此**docker.for.mac.host.internal**为容器宿主机的地址,可以替换为服务器内网IP,如10.77.70.173,或本机docker子网网关IP,如172.17.0.1,具体需要查询一下。 3.DB_URL、DB_USER、DB_PASSWORD为Mysql数据库地址以及用户名密码 4. NACOS_ADDRESS=192.168.88.176 NACOS_PORT=8848为本机IP以及端口号,如单机版本可以不设置 ```yaml peer0.fabric.gfe.com: container_name: peer0.fabric.gfe.com extends: file: base.yaml service: peer-base-nacos environment: - CORE_PEER_ID=peer0.fabric.gfe.com - CORE_PEER_LOCALMSPID=GfeMSP - CORE_PEER_ADDRESS=peer0.fabric.gfe.com:7051 - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0:5984 - CORE_PEER_MSP_KEYSTORE=/etc/hyperledger/crypto/admin/msp/keystore/bfcf0c59d4ccec10f52bdaea0eddfc7246a3964c368058453eaea813e27f3f28_sk - CORE_PEER_MSP_ADMINCERTS=/etc/hyperledger/crypto/admin/msp/signcerts/Admin@fabric.gfe.com-cert.pem - FABRIC_ORDERER_NAME=gfe.orderer.com - FABRIC_ORDERER_ADDR=grpcs://docker.for.mac.host.internal:9050 - ORDERER_TLS_PATH=/etc/hyperledger/crypto/orderer/tls/ca.crt - DB_URL=jdbc:mysql://docker.for.mac.host.internal:3306/nacos_config?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true - DB_USER=root - DB_PASSWORD=1234qwer - FABRIC_USERNAME=admin_cc_gfe - NACOS_ADDRESS=192.168.88.176 - NACOS_PORT=8848 ports: - 7051:7051 - 7053:7053 - 8848:8848 volumes: - ./bin/peer-n:/nacos/distribution/target/nacos-server-1.2.0-SNAPSHOT/nacos/bin - ./conf:/nacos/distribution/target/nacos-server-1.2.0-SNAPSHOT/nacos/conf - ./channel/crypto-config/peerOrganizations/fabric.gfe.com/users/Admin@fabric.gfe.com/:/etc/hyperledger/crypto/admin - ./channel/crypto-config/ordererOrganizations/orderer.com/orderers/gfe.orderer.com/:/etc/hyperledger/crypto/orderer - ./channel/crypto-config/peerOrganizations/fabric.gfe.com/peers/peer0.fabric.gfe.com/:/etc/hyperledger/crypto/peer depends_on: #- dbiir.orderer.com #- deke.orderer.com - gfe.orderer.com - couchdb0 ``` ### 注册链节点-Nacos配置 **位于artifacts/conf文件夹中** **application.properties** 文件末尾为nacos与区块链节点连接设置,具体如下,通过上一节中描述的docker环境变量传入,此处不需要修改,了解即可。 ``` db.num=1 db.url.0=${DB_URL} db.user=${DB_USER:root} db.password=${DB_PASSWORD:1234qwer} fabric.username=${FABRIC_USERNAME:admin_cc_gfe} fabric.mspid= ${CORE_PEER_LOCALMSPID} fabric.crtpath= ${CORE_PEER_MSP_ADMINCERTS} fabric.keypath= ${CORE_PEER_MSP_KEYSTORE} fabric.peertlspath= /etc/hyperledger/crypto/peer/tls/ca.crt fabric.peername= ${CORE_PEER_ID} fabric.peerkeypath=/etc/hyperledger/crypto/peer/tls/server.key fabric.peercrtpath=/etc/hyperledger/crypto/peer/tls/server.crt fabric.peeraddr= grpcs://${CORE_PEER_ADDRESS} fabric.orderername= ${FABRIC_ORDERER_NAME} fabric.ordereraddr= ${FABRIC_ORDERER_ADDR} fabric.ordererTlsPath= ${ORDERER_TLS_PATH} ``` **cluster.conf** 需要描述nacos集群中地址,单机则写一个即可 ``` 192.168.88.176:8848 192.168.88.176:8849 192.168.88.176:8850 192.168.88.176:8851 ``` **运行sql文件** conf文件夹中有nacos-mysql文件,需要在docker-compose中规定好的DB_URL下的数据库运行此文件 注意:因为mysql/navicat版本问题,如运行失败,逐行运行即可。 ### 监控链节点-Peer设置(重点) **1.CORE_PEER_MSP_KEYSTORE**:如上面运行过./genArtifacts.sh,则此处需要修改 **2.FABRIC_ORDERER_ADDR**(重点):Orderer的地址,此处因为我是Mac电脑,因此**docker.for.mac.host.internal**为容器宿主机的地址,可以替换为服务器内网IP,如10.77.70.173,或本机docker子网网关IP,如172.17.0.1,具体需要查询一下。 3.**DB_URL、DB_USER、DB_PASSWORD**为Mysql数据库地址以及用户名密码,**此处与注册节点不同** 4. NACOS_ADDRESS=192.168.88.176 NACOS_PORT=8848为本机IP以及端口号,如单机版本可以不设置 5.**NACOS_PEER_MSP_KEYSTORE**为跨链服务查找节点的keystore中的值,此处为peer0.fabric.gfe.com节点的key值。 6.**FABRIC_CONSENSUS_IPLIST**为集群中所有监控节点的IP 7. FABRIC_CONSENSUS_NODE_NUM=0 FABRIC_CONSENSUS_NODE_SUM=8 为当前监控节点在所有监控节点中的序号以及监控节点综述 **8.FABRIC_ORDERER_ADDR、DB_URL、FABRIC_NACOS_ORDERER_ADDR、FABRIC_CONSENSUS_IPLIST修改为相应的IP** ```yaml peer1.fabric.deke.com: container_name: peer1.fabric.deke.com extends: file: base.yaml service: peer-base-gmn environment: - CORE_PEER_ID=peer1.fabric.deke.com - CORE_PEER_LOCALMSPID=DekeMSP - CORE_PEER_ADDRESS=peer1.fabric.deke.com:7051 - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb4:5984 - CORE_PEER_MSP_KEYSTORE=/etc/hyperledger/crypto/admin/msp/keystore/09f5b23dded6e6774bfc0f99ba05ac1e0798edecf5732c2466f3331d81f7a4d1_sk - CORE_PEER_MSP_ADMINCERTS=/etc/hyperledger/crypto/admin/msp/signcerts/Admin@fabric.deke.com-cert.pem - FABRIC_ORDERER_NAME=deke.orderer.com - FABRIC_ORDERER_ADDR=grpcs://docker.for.mac.host.internal:8050 - ORDERER_TLS_PATH=/etc/hyperledger/crypto/orderer/tls/ca.crt - DB_URL=jdbc:mysql://docker.for.mac.host.internal:3306/new_test?useSSL=false&autoReconnect=true&failOverReadOnly=false - DB_USER=root - DB_PASSWORD=1234qwer - FABRIC_USERNAME=admin_cc_deke - NACOS_PEER_LOCALMSPID=GfeMSP - NACOS_PEER_ID=peer0.fabric.gfe.com - NACOS_PEER_ADDRESS=peer0.fabric.gfe.com:7051 - NACOS_PEER_MSP_KEYSTORE=/etc/hyperledger/crypto/user1/msp/keystore/407663b62f20ea0ae09f5e90941ab7ee3d0630f1a3aa5e05a78aedbb16f9736b_sk - NACOS_PEER_MSP_ADMINCERTS=/etc/hyperledger/crypto/user1/msp/signcerts/User1@fabric.gfe.com-cert.pem - FABRIC_NACOS_ORDERER_NAME=gfe.orderer.com - FABRIC_NACOS_ORDERER_ADDR=grpcs://docker.for.mac.host.internal:9050 - NACOS_ORDERER_TLS_PATH=/etc/hyperledger/crypto/register/orderer/tls/ca.crt - FABRIC_CONSENSUS_NODE_NUM=0 - FABRIC_CONSENSUS_NODE_SUM=8 - FABRIC_CONSENSUS_IPLIST=docker.for.mac.host.internal:9001,docker.for.mac.host.internal:9002,docker.for.mac.host.internal:9003,docker.for.mac.host.internal:9004,docker.for.mac.host.internal:9005,docker.for.mac.host.internal:9006,docker.for.mac.host.internal:9007,docker.for.mac.host.internal:9008 ports: - 8056:7051 - 8058:7053 - 9001:8999 volumes: - ./channel/crypto-config/peerOrganizations/fabric.deke.com/users/Admin@fabric.deke.com/:/etc/hyperledger/crypto/admin - ./channel/crypto-config/ordererOrganizations/orderer.com/orderers/deke.orderer.com/:/etc/hyperledger/crypto/orderer - ./channel/crypto-config/peerOrganizations/fabric.deke.com/peers/peer1.fabric.deke.com/:/etc/hyperledger/crypto/peer - ./channel/crypto-config/peerOrganizations/fabric.gfe.com/peers/peer0.fabric.gfe.com/:/etc/hyperledger/crypto/register/peer - ./channel/crypto-config/peerOrganizations/fabric.gfe.com/users/User1@fabric.gfe.com/:/etc/hyperledger/crypto/user1 - ./channel/crypto-config/ordererOrganizations/orderer.com/orderers/gfe.orderer.com/:/etc/hyperledger/crypto/register/orderer depends_on: - peer0.fabric.gfe.com - deke.orderer.com - gfe.orderer.com - couchdb4 ``` **同Nacos,我们设置了mysql的配置,需要在URL的数据库中运行sql文件,文件为conf中的monitor.sql** ### **network-config.yaml** 根据上述进行修改即可 ## 系统运行 运行有两个步骤,分别启动网络并运行链码,启动注册节点(监控节点打包时已自动启动) ### Option 1: ##### Terminal Window 1 * 重启网络,注意会删除所有容器 ``` ./runApp.sh ``` ##### Terminal Window 2 * 启动完成后,创建并加入通道 ```shell cd new_scripts #创建registerchannel ./channel2.sh #创建monitorchannel ./channel3.sh ``` * 安装以及实例化链码 ``` ./install_nacos.sh ./install_monitor.sh ``` ##### Terminal Window 3 * 完成后可以测试127.0.0.1:9001访问,如有结果(应该会报错误)则启动成功 ### Option 2: ##### Terminal Window 1 ```shell #进入注册节点 docker exec -it peer0.fabric.gfe.com cd / #运行启动脚本 ./nacos-start.sh ``` * 成功后访问127.0.0.1:8848/nacos网页 * 并向内注册样例服务,查看nacos可视化界面与couchdb,检查数据是否上链 ![image-20210410222011091]![注册页面](images/注册页面.png) ![image-20210410222232991](images/couchdb页面.png) ##### Terminal Window 2 **测试监控链:** ```shell curl -X POST http://127.0.0.1:9001/grafana/run?loadBalance=disabled -H "Accept: application/json" -H "Content-Type: application/json" -d "{\"s-consumerName\":\"A\",\"headers\":{},\"body\":{},\"s-serviceName\":\"provider-test\",\"s-url\":\"http://www.baidu.com\",\"s-method\":\"GET\"}" ``` 测试是否返回网页内容,并在127.0.0.1:5984/_utils中查看是否有注册节点的数据,以及127.0.0.1:6994/_utils中查看是否有监控节点数据(第一次会慢一些) **测试注册链服务发现** 向注册链注册服务,可通过springboot的@注解,也可以手动注册,网址为注册节点ip和端口,ip为服务ip,weight为权重,serviceName为服务名称。 ```shell curl -X POST 'http://127.0.0.1:8848/nacos/v1/ns/instance?port=8888&healthy=true&ip=10.77.110.222&weight=1.0&serviceName=tripService&encoding=GBK' ``` 注册后在127.0.0.1:8848/nacos中可以看到服务信息,并通过监控链调用 ```shell curl -X POST http://127.0.0.1:9001/grafana/run?loadBalance=enabled -H "Accept: application/json" -H "Content-Type: application/json" -d "{\"s-consumerName\":\"A\",\"headers\":{},\"body\":{},\"s-serviceName\":\"tripService\",\"s-url\":\"http://trip/xxxxx\",\"s-method\":\"GET\"}" ``` mysql数据库中会采集到服务数据,以备系统维护(不对用户开放),以及系统性能指标。