-
Notifications
You must be signed in to change notification settings - Fork 715
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ci-skip] Add operator support (#2313)
* [ci-skip] Add operator support for Fabric * Add documentation for operator * Add new fabric version to network schema --------- Signed-off-by: Roy,Sownak <[email protected]>
- Loading branch information
Showing
36 changed files
with
1,600 additions
and
53 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
[//]: # (##############################################################################################) | ||
[//]: # (Copyright Accenture. All Rights Reserved.) | ||
[//]: # (SPDX-License-Identifier: Apache-2.0) | ||
[//]: # (##############################################################################################) | ||
|
||
<a name = "deploy-fabric-network-using-operator"></a> | ||
# Deploy Fabric Network using Operator | ||
|
||
- [Introduction](#introduction) | ||
- [Modifying Configuration File](#modifying-configuration-file) | ||
- [Run playbook](#run-playbook) | ||
|
||
## Introduction | ||
The [bevel-operator-fabric](https://github.com/hyperledger/bevel-operator-fabric) provides a different approach to deploying the Fabric Network. It uses | ||
the kubernetes operator to deploy CAs, Orderers and Peers. | ||
This release supports bevel-operator-fabric version 1.9.0 and all the Fabric platforms supported by it. Also, chaincode and user/certificate management is not yet supported, there will be separate issues to handle this. Current implementation supports till Channel creation and joining. | ||
|
||
Due to open issues with bevel-operator-fabric, it is not recommended for Production workloads yet. | ||
|
||
--- | ||
**NOTE**: The bevel-operator-fabric deployment has been tested only for Fabric 2.5.3 | ||
|
||
--- | ||
|
||
## Modifying Configuration File | ||
|
||
A Sample configuration file for deploying using bevel-operator-fabric is available [here](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-operator-fabric.yaml). Following are the main changes in this file from previous versions: | ||
|
||
1. `network.env.type` must be `operator`. This is how Ansible will understand that bevel-operator-fabric will be used. | ||
1. `network.env.proxy` must be `istio` as no other proxy is supported by bevel-operator-fabric. | ||
1. Only `443` is supported as external port because that is what bevel-operator-fabric supports. | ||
1. `vault` and `gitops` sections are removed as they are not applicable. | ||
|
||
For generic instructions on the Fabric configuration file, refer [this guide](./fabric_networkyaml.md). | ||
|
||
<a name = "run-playbook"></a> | ||
## Run playbook | ||
|
||
After all the configurations are updated in the `network.yaml`, execute the following to create the DLT network | ||
``` | ||
# Run the provisioning scripts | ||
ansible-playbook platforms/shared/configuration/site.yaml -e "@./build/network.yaml" | ||
``` | ||
The `site.yaml` playbook, in turn calls various playbooks depending on the configuration file and sets up your DLT/Blockchain network. | ||
|
||
The [deploy-fabric-console.yaml](https://github.com/hyperledger/bevel/tree/main/platforms/hyperledger-fabric/configuration/deploy-operator-network.yaml) playbook can be used as well if the pre-requisites like Istio and krew is already installed. This can be done using the following command | ||
|
||
``` | ||
ansible-playbook platforms/hyperledger-fabric/configuration/deploy-operator-network.yaml -e "@/path/to/network.yaml" | ||
``` | ||
|
||
Refer to [bevel-operator-fabric docs](https://hyperledger.github.io/bevel-operator-fabric/) for details the operator and latest releases. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
119 changes: 119 additions & 0 deletions
119
platforms/hyperledger-fabric/configuration/deploy-operator-network.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
############################################################################################## | ||
# Copyright Accenture. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
############################################################################################## | ||
|
||
# This playbook deploys a DLT network on existing Kubernetes clusters | ||
# The Kubernetes clusters should already be created and the infomation to connect to the | ||
# clusters be updated in the network.yaml file that is used as an input to this playbook | ||
########################################################################################### | ||
# To Run this playbook from this directory, use the following command (network.yaml also in this directory) | ||
# ansible-playbook deploy-network.yaml -e "@./network.yaml" | ||
############################################################################################ | ||
# Please ensure that the ../../shared/configuration playbooks have been run using the same network.yaml | ||
--- | ||
# This will apply to ansible_provisioners. /etc/ansible/hosts should be configured with this group | ||
- hosts: ansible_provisioners | ||
gather_facts: no | ||
no_log: "{{ no_ansible_log | default(false) }}" | ||
tasks: | ||
# delete build directory | ||
- name: Remove build directory | ||
file: | ||
path: "./build" | ||
state: absent | ||
|
||
- name: Create namespace for each organization | ||
include_role: | ||
name: k8_component | ||
vars: | ||
component_type: "namespace" | ||
component_name: "{{ item.name | lower }}-net" | ||
component_type_name: "{{ item.type | lower }}" | ||
kubernetes: "{{ item.k8s }}" | ||
release_dir: "./build" | ||
loop: "{{ network['organizations'] }}" | ||
|
||
- name: Create storageclass for each organization | ||
include_role: | ||
name: "create/storageclass" | ||
vars: | ||
sc_name: "{{ item.name | lower}}sc" | ||
component_type: "{{ item.type | lower}}" | ||
kubernetes: "{{ item.k8s }}" | ||
release_dir: "./build" | ||
loop: "{{ network['organizations'] }}" | ||
|
||
- name: Create CA server for each organization | ||
include_role: | ||
name: "operator/create/ca/server" | ||
vars: | ||
ca: "{{ item.services.ca }}" | ||
namespace: "{{ item.name | lower }}-net" | ||
component_name: "{{ item.name | lower }}" | ||
loop: "{{ network['organizations'] }}" | ||
when: item.services.ca is defined | ||
|
||
- name: Register default users for each organization | ||
include_role: | ||
name: "operator/create/ca/user" | ||
vars: | ||
user_type: "default" | ||
namespace: "{{ item.name | lower }}-net" | ||
component_name: "{{ item.name | lower }}" | ||
component_type: "{{ item.type | lower }}" | ||
loop: "{{ network['organizations'] }}" | ||
|
||
- name: Create orderer nodes | ||
include_role: | ||
name: "operator/create/orderer" | ||
vars: | ||
namespace: "{{ item.name | lower }}-net" | ||
component_name: "{{ item.name | lower }}" | ||
component_type: "{{ item.type | lower }}" | ||
kubeconfig_path: "{{ item.k8s.config_file }}" | ||
loop: "{{ network['organizations'] }}" | ||
when: item.type == 'orderer' | ||
|
||
- name: Create all peers | ||
include_role: | ||
name: "operator/create/peer" | ||
vars: | ||
namespace: "{{ item.name | lower }}-net" | ||
component_name: "{{ item.name | lower }}" | ||
component_type: "{{ item.type | lower }}" | ||
loop: "{{ network['organizations'] }}" | ||
when: item.type == 'peer' | ||
|
||
- name: Register admin users for each organization | ||
include_role: | ||
name: "operator/create/ca/user" | ||
vars: | ||
user_type: "admin" | ||
namespace: "{{ item.name | lower }}-net" | ||
component_name: "{{ item.name | lower }}" | ||
component_type: "{{ item.type | lower }}" | ||
loop: "{{ network['organizations'] }}" | ||
|
||
- name: Create the main channels | ||
include_role: | ||
name: "operator/create/mainchannel" | ||
vars: | ||
participants: "{{ item.participants }}" | ||
loop: "{{ network['channels'] }}" | ||
|
||
- name: Join the main channels | ||
include_role: | ||
name: "operator/create/followerchannel" | ||
vars: | ||
build_path: "./build" | ||
participants: "{{ item.participants }}" | ||
loop: "{{ network['channels'] }}" | ||
|
||
vars: #These variables can be overriden from the command line | ||
privilege_escalate: false #Default to NOT escalate to root privledges | ||
install_os: "linux" #Default to linux OS | ||
install_arch: "amd64" #Default to amd64 architecture | ||
bin_install_dir: "~/bin" #Default to /bin install directory for binaries | ||
add_new_org: 'false' # Default to false as this is for main network creation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 change: 0 additions & 1 deletion
1
...yperledger-fabric/configuration/roles/create/chaincode/install_ext/tasks/nested_main.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 25 additions & 0 deletions
25
platforms/hyperledger-fabric/configuration/roles/delete/operator/tasks/delete_channel.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
############################################################################################## | ||
# Copyright Accenture. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
############################################################################################## | ||
|
||
- name: Delete follower channel | ||
k8s: | ||
kind: "FabricFollowerChannel" | ||
api_version: "hlf.kungfusoftware.es/v1alpha1" | ||
name: "{{ channel_name }}-{{ org_name }}" | ||
state: absent | ||
kubeconfig: "{{ kubernetes.config_file }}" | ||
context: "{{ kubernetes.context }}" | ||
ignore_errors: yes | ||
|
||
- name: Delete main channel | ||
k8s: | ||
kind: "FabricMainChannel" | ||
api_version: "hlf.kungfusoftware.es/v1alpha1" | ||
name: "{{ channel_name }}" | ||
state: absent | ||
kubeconfig: "{{ kubernetes.config_file }}" | ||
context: "{{ kubernetes.context }}" | ||
ignore_errors: yes |
Oops, something went wrong.