Kapil Sachdeva

Bootstrapping the Hyperledger Fabric Network (Part 1)


Let’s start building an example network that consists of three organizations (Org1, Org2 & Org3). Each of these organizations contribute two peers. The ordering service part of a network should consists of few Orderer nodes but to keep this example simple we will use only one (solo) node as shown in the diagram below. However at this point of time there is no trust relationship between the organizations and the network entities that they are providing.

graph TD subgraph Organizations Org1 Org2 Org3 end subgraph Fabric Network subgraph Peers P0.Org1 P1.Org1 P0.Org2 P1.Org2 P0.Org3 P1.Org3 end subgraph Orderers O1 end end Org1-->P0.Org1 Org1-->P1.Org1 Org2-->P0.Org2 Org2-->P1.Org2 Org3-->P0.Org3 Org3-->P1.Org3

In Fabric network the authenticity, confidentiality and privacy of the transactions amongst the participants is ensured by using asymmetric cryptography and chain of trust. In simple words, we need a certificate authority that issues identities to the participants so that they can trust each other.

Fabric provides a tool called cryptogen (Crypto Generator) that is able to generate the certificates for the participating organizations and the entities contributed by them.

Before we look at how to use cryptogen we need to download it. The script provided by Hyperledger Fabric project at present downloads many other tools as well as required docker images so it may take few minutes depending on your network connection.

curl -sSL https://goo.gl/iX9dek | bash

Above command will figure out the operating system and the architecture of your machine & will download appropriate binaries and docker images. After the successful execution of above script you should have a folder named bin in the directory in which you executed the script. The bin folder will contain the cryptogen tool.

Crypto Generator (cryptogen)

The cryptogen tool accepts a yaml file as an input where the participants and the entities offered by them are specified.

In this yaml file we have specified an orderer (since we are using solo ordering service) and peers for Org1, Org2 and Org3. The PeerOrgs/Template/Count field in the file indicates the number of peers for an organization. In this example we have used the value 2 so we would have following peers:

  • peer0.org1.ksachdeva-exp.com
  • peer1.org1.ksachdeva-exp.com
  • peer0.org2.ksachdeva-exp.com
  • peer1.org2.ksachdeva-exp.com
  • peer0.org3.ksachdeva-exp.com
  • peer1.org3.ksachdeva-exp.com

Time to generate the certificates.

cryptogen generate --config=./crypto-config.yaml

The successful generation should result in a folder called crypto-config with a structure as shown below:

Crypto Generator Result

We now have necessary certificates and crypto materials for the various entities of our network however we have not yet configured or specified them to use.


Similar Posts

Comments