1. Just to add an org to an existing channel
2. Join the peer in the new org to the channel.
3. Chaincode upgrade and endorsement policies
Add an org to an existing channel
Prepare the new org
Start from just configtx.yaml and org3-crypto.yaml, run cryptogen and configtxgen to produce crypto materials and org3.json file:cryptogen generate --config ./org3-crypto.yaml
configtxgen -printOrg Org3MSP > ../channel-artifacts/org3.json
Prepare the existing channel, (notice I am omitting all the conversion steps either from common block to json or json to common block, these steps are absolutely necessary)
Retrieve the channel configuration:peer channel fetch config config_block.pb
Get the channel config element using jq:
jq .data.data[0].payload.data.config allConfig.json > config.json
Add the new org into the channel configuration which is the config.json file
jq -s '.[0] * {"channel_group":{"groups":{"Application":{"groups": {"Org3MSP":.[1]}}}}}' \
config.json org3.json > modified_config.json
Now we have the original configuration and modified configuration json file, we need to calculate the differences, but to be able to do that, we have to encode both into binary format.
configtxlator proto_encode --input config.json --type common.Config --output config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
Then we can calculate the update protobuf binary:
configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb \
--updated modified_config.pb --output org3_update.pb
Again, we need to convert this into json format so that we can create update envolop
configtxlator proto_decode --input org3_update.pb \
--type common.ConfigUpdate | jq . > org3_update.json
Now we need to the update envolop json file:
echo '{"payload":{"header":{"channel_header":{"channel_id":"mychannel", "type":2}},"data":{"config_update":'$(cat org3_update.json)'}}}' | jq . > org3_update_in_envelope.json
Now we need to create the protobuf binary.
configtxlator proto_encode --input org3_update_in_envelope.json \
--type common.Envelope --output org3_update_in_envelope.pb
We finally have the channel update request content (the protobuf binary file),
we need to sign that and eventually submit
peer channel signconfigtx -f org3_update_in_envelope.pb
This basically gathered one signature. We need to collect more and submit. The good news
is that peer channel update actually also attach a signature, if we use another org's peer
credential to submit channel update, then that org's peer signature will be also included.
peer channel update -f org3_update_in_envelope.pb -c $CHANNEL_NAME \
-o orderer.example.com:7050 --tls --cafile $ORDERER_CA
At this point, the channel officially includes the new organization. But peers in that
organization are not part of this channel yet because peers in that organization will
need to utilize peer join command to do that.
Join the peer in the new org to the channel
Use the peer channel fetch command to retrieve the first block:peer channel fetch 0 mychannel.block -o orderer.example.com:7050 \
-c $CHANNEL_NAME --tls --cafile $ORDERER_CA
Now use the peer join command to join the peer, but make sure all the environment varilables
are setup to use new org peer's certs, new org's ca certs etc
peer channel join -b mychannel.block
No comments:
Post a Comment