Hyperledger Fabric - 从 Docker swarm 迁移到 Kubernetes 可能吗?
Hyperledger Fabric - migration from Docker swarm to Kubernetes possible?
我的生产环境中的 Hyperledger Fabric 网络在 Docker swarm 上运行,但我想将它迁移到 Kubernetes。我曾尝试在线搜索,但没有找到解释此过程的资源。这种迁移可能吗?涉及哪些步骤,这个过程有多简单?
我在三个节点上部署了三个排序器。这是一个示例订购者 yaml 文件(我有三个):
version: '3.4'
volumes:
orderer1.mycompany.com:
networks:
dept:
external:
name: ar2bc
services:
dev_orderer1:
image: hyperledger/fabric-orderer:latest
environment:
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/tls/:/var/hyperledger/orderer/tls
- orderer1.mycompany.com:/var/hyperledger/production/orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
ports:
- published: 7050
target: 7050
mode: host
networks:
dept:
aliases:
- orderer1.mycompany.com
我还在相同的三个节点上部署了三个对等点。这是一个示例 peer yaml 文件(我有三个):
version: '3.4'
volumes:
peer1.dept.mycompany.com:
couchdb1.dept.mycompany.com:
networks:
dept:
external:
name: ar2bc
services:
dev_couchdb1:
image: hyperledger/fabric-couchdb
environment:
- COUCHDB_USER= couchdb
- COUCHDB_PASSWORD=i5pr1nt_c0uchDB
volumes:
- couchdb1.dept.mycompany.com:/opt/couchdb/data
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
ports:
- published: 5984
target: 5984
mode: host
networks:
dept:
aliases:
- couchdb1.dept.mycompany.com
dev_peer1:
image: hyperledger/fabric-peer:latest
environment:
# couchdb params
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1.dept.mycompany.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=couchdb
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=i5pr1nt_c0uchDB
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fabric
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_PEER_ID=peer1.dept.mycompany.com
- CORE_PEER_ADDRESS=peer1.dept.mycompany.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer2.dept.mycompany.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.dept.mycompany.com:7051
- CORE_PEER_LOCALMSPID=deptMSP
- CORE_VM_DOCKER_ATTACHSTDOUT=true
- CORE_CHAINCODE_STARTUPTIMEOUT=1200s
- CORE_CHAINCODE_EXECUTETIMEOUT=800s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls:/etc/hyperledger/fabric/tls
- peer1.dept.mycompany.com:/var/hyperledger/production
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
ports:
- published: 7051
target: 7051
mode: host
- published: 7053
target: 7053
mode: host
depends_on:
- dev_couchdb1
networks:
dept:
aliases:
- peer1.dept.mycompany.com
dev_cli1:
image: hyperledger/fabric-tools:latest
tty: true
stdin_open: true
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
environment:
- SYS_CHANNEL=ar2dev-syschannel
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer1.dept.mycompany.com:7051
- CORE_PEER_LOCALMSPID=deptMSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/users/Admin@dept.mycompany.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- dev_peer1
networks:
- dept
这个过程可能非常简单,但无法避免 kubernetes(与 swarm 相比)固有的更大复杂性,这反过来会导致更复杂的配置。
我的建议是开始使用 kompose tool,它既会为您提供与原始 docker-compose.yml 相对应的 yaml 文件,也会警告您可能出现的问题。
完成 kompose 安装步骤后,将第一个文件命名为 orderer.yaml 并将第二个文件命名为 peer.yaml 只需执行
$ kompose convert -f pathToFile/orderer.yaml --volumes
hostPath
INFO Service name in docker-compose has been changed from "dev_orderer1" to "dev-orderer1"
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Kubernetes file "dev-orderer1-service.yaml" created
INFO Kubernetes file "dev-orderer1-pod.yaml" created
INFO Kubernetes file "ar2bc-networkpolicy.yaml" created
和
$ kompose convert -f pathToFile/peer.yaml --volumes hostPath
INFO Service name in docker-compose has been changed from "dev_couchdb1" to "dev-couchdb1"
INFO Service name in docker-compose has been changed from "dev_peer1" to "dev-peer1"
INFO Service name in docker-compose has been changed from "dev_cli1" to "dev-cli1"
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Kubernetes file "dev-couchdb1-service.yaml" created
INFO Kubernetes file "dev-peer1-service.yaml" created
INFO Kubernetes file "dev-cli1-pod.yaml" created
INFO Kubernetes file "ar2bc-networkpolicy.yaml" created
INFO Kubernetes file "dev-couchdb1-pod.yaml" created
INFO Kubernetes file "dev-peer1-pod.yaml" created
然后您将获得准备部署到 kubernetes 的新 yaml 文件
$ ls
ar2bc-networkpolicy.yaml dev-couchdb1-pod.yaml dev-orderer1-pod.yaml dev-peer1-pod.yaml
dev-cli1-pod.yaml dev-couchdb1-service.yaml dev-orderer1-service.yaml dev-peer1-service.yaml
只是为了显示更多的结果,这是生成的 peer1 pod 的 yaml 文件
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert -f peer.yaml --volumes hostPath
kompose.version: 1.22.0 (955b78124)
creationTimestamp: null
labels:
io.kompose.network/ar2bc: "true"
io.kompose.service: dev-peer1
name: dev-peer1
spec:
containers:
- args:
- peer
- node
- start
env:
- name: CORE_CHAINCODE_EXECUTETIMEOUT
value: 800s
- name: CORE_CHAINCODE_STARTUPTIMEOUT
value: 1200s
- name: CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS
value: couchdb1.dept.mycompany.com:5984
- name: CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
value: i5pr1nt_c0uchDB
- name: CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME
value: couchdb
- name: CORE_LEDGER_STATE_STATEDATABASE
value: CouchDB
- name: CORE_PEER_ADDRESS
value: peer1.dept.mycompany.com:7051
- name: CORE_PEER_CHAINCODELISTENADDRESS
value: 0.0.0.0:7052
- name: CORE_PEER_GOSSIP_BOOTSTRAP
value: peer2.dept.mycompany.com:8051
- name: CORE_PEER_GOSSIP_EXTERNALENDPOINT
value: peer1.dept.mycompany.com:7051
- name: CORE_PEER_GOSSIP_ORGLEADER
value: "false"
- name: CORE_PEER_GOSSIP_USELEADERELECTION
value: "true"
- name: CORE_PEER_ID
value: peer1.dept.mycompany.com
- name: CORE_PEER_LOCALMSPID
value: deptMSP
- name: CORE_PEER_PROFILE_ENABLED
value: "true"
- name: CORE_PEER_TLS_CERT_FILE
value: /etc/hyperledger/fabric/tls/server.crt
- name: CORE_PEER_TLS_ENABLED
value: "true"
- name: CORE_PEER_TLS_KEY_FILE
value: /etc/hyperledger/fabric/tls/server.key
- name: CORE_PEER_TLS_ROOTCERT_FILE
value: /etc/hyperledger/fabric/tls/ca.crt
- name: CORE_VM_DOCKER_ATTACHSTDOUT
value: "true"
- name: CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE
value: fabric
- name: CORE_VM_ENDPOINT
value: unix:///host/var/run/docker.sock
- name: FABRIC_LOGGING_SPEC
value: INFO
image: hyperledger/fabric-peer:latest
name: dev-peer1
ports:
- containerPort: 7051
- containerPort: 7053
resources: {}
volumeMounts:
- mountPath: /host/var/run/
name: dev-peer1-hostpath0
- mountPath: /etc/hyperledger/fabric/msp
name: dev-peer1-hostpath1
- mountPath: /etc/hyperledger/fabric/tls
name: dev-peer1-hostpath2
- mountPath: /var/hyperledger/production
name: peer1.dept.mycompany.com
workingDir: /opt/gopath/src/github.com/hyperledger/fabric/peer
nodeSelector:
kubernetes.io/hostname: node1
restartPolicy: OnFailure
volumes:
- hostPath:
path: /var/run/
name: dev-peer1-hostpath0
- hostPath:
path: /mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/msp
name: dev-peer1-hostpath1
- hostPath:
path: /mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls
name: dev-peer1-hostpath2
- hostPath:
path: /mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose
name: peer1.dept.mycompany.com
status: {}
这是生成的 peer1 服务的 yaml 文件
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert -f peer.yaml --volumes hostPath
kompose.version: 1.22.0 (955b78124)
creationTimestamp: null
labels:
io.kompose.service: dev-peer1
name: dev-peer1
spec:
ports:
- name: "7051"
port: 7051
targetPort: 7051
- name: "7053"
port: 7053
targetPort: 7053
selector:
io.kompose.service: dev-peer1
status:
loadBalancer: {}
要了解 kompose 能够给你什么样的提示,请尝试 运行 不带 --volumes hostPath 选项的转换命令,你会得到适当的警告
$ kompose convert -f pathToFile/orderer.yaml
INFO Service name in docker-compose has been changed from "dev_orderer1" to "dev-orderer1"
WARN Volume mount on the host "/mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/channel-artifacts/genesis.block" isn't supported - ignoring path on the host
WARN Volume mount on the host "/mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/msp" isn't supported - ignoring path on the host
WARN Volume mount on the host "/mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/tls" isn't supported - ignoring path on the host
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Kubernetes file "dev-orderer1-service.yaml" created
INFO Kubernetes file "dev-orderer1-pod.yaml" created
INFO Kubernetes file "dev-orderer1-claim0-persistentvolumeclaim.yaml" created
INFO Kubernetes file "dev-orderer1-claim1-persistentvolumeclaim.yaml" created
INFO Kubernetes file "dev-orderer1-claim2-persistentvolumeclaim.yaml" created
INFO Kubernetes file "orderer1.mycompany.com-persistentvolumeclaim.yaml" created
INFO Kubernetes file "ar2bc-networkpolicy.yaml" created
转换实际文件后,您可以使用
实例化 kubernetes 对象
$ kubectl apply -f *.yaml
或您需要的任何更合适的命令(严格来说这不是您的问题)
我的生产环境中的 Hyperledger Fabric 网络在 Docker swarm 上运行,但我想将它迁移到 Kubernetes。我曾尝试在线搜索,但没有找到解释此过程的资源。这种迁移可能吗?涉及哪些步骤,这个过程有多简单?
我在三个节点上部署了三个排序器。这是一个示例订购者 yaml 文件(我有三个):
version: '3.4'
volumes:
orderer1.mycompany.com:
networks:
dept:
external:
name: ar2bc
services:
dev_orderer1:
image: hyperledger/fabric-orderer:latest
environment:
- ORDERER_GENERAL_LOGLEVEL=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/tls/:/var/hyperledger/orderer/tls
- orderer1.mycompany.com:/var/hyperledger/production/orderer
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
ports:
- published: 7050
target: 7050
mode: host
networks:
dept:
aliases:
- orderer1.mycompany.com
我还在相同的三个节点上部署了三个对等点。这是一个示例 peer yaml 文件(我有三个):
version: '3.4'
volumes:
peer1.dept.mycompany.com:
couchdb1.dept.mycompany.com:
networks:
dept:
external:
name: ar2bc
services:
dev_couchdb1:
image: hyperledger/fabric-couchdb
environment:
- COUCHDB_USER= couchdb
- COUCHDB_PASSWORD=i5pr1nt_c0uchDB
volumes:
- couchdb1.dept.mycompany.com:/opt/couchdb/data
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
ports:
- published: 5984
target: 5984
mode: host
networks:
dept:
aliases:
- couchdb1.dept.mycompany.com
dev_peer1:
image: hyperledger/fabric-peer:latest
environment:
# couchdb params
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1.dept.mycompany.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=couchdb
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=i5pr1nt_c0uchDB
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=fabric
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_PEER_ID=peer1.dept.mycompany.com
- CORE_PEER_ADDRESS=peer1.dept.mycompany.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer2.dept.mycompany.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.dept.mycompany.com:7051
- CORE_PEER_LOCALMSPID=deptMSP
- CORE_VM_DOCKER_ATTACHSTDOUT=true
- CORE_CHAINCODE_STARTUPTIMEOUT=1200s
- CORE_CHAINCODE_EXECUTETIMEOUT=800s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls:/etc/hyperledger/fabric/tls
- peer1.dept.mycompany.com:/var/hyperledger/production
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
ports:
- published: 7051
target: 7051
mode: host
- published: 7053
target: 7053
mode: host
depends_on:
- dev_couchdb1
networks:
dept:
aliases:
- peer1.dept.mycompany.com
dev_cli1:
image: hyperledger/fabric-tools:latest
tty: true
stdin_open: true
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.hostname == node1
environment:
- SYS_CHANNEL=ar2dev-syschannel
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer1.dept.mycompany.com:7051
- CORE_PEER_LOCALMSPID=deptMSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/dept.mycompany.com/users/Admin@dept.mycompany.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- dev_peer1
networks:
- dept
这个过程可能非常简单,但无法避免 kubernetes(与 swarm 相比)固有的更大复杂性,这反过来会导致更复杂的配置。
我的建议是开始使用 kompose tool,它既会为您提供与原始 docker-compose.yml 相对应的 yaml 文件,也会警告您可能出现的问题。
完成 kompose 安装步骤后,将第一个文件命名为 orderer.yaml 并将第二个文件命名为 peer.yaml 只需执行
$ kompose convert -f pathToFile/orderer.yaml --volumes
hostPath
INFO Service name in docker-compose has been changed from "dev_orderer1" to "dev-orderer1"
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Kubernetes file "dev-orderer1-service.yaml" created
INFO Kubernetes file "dev-orderer1-pod.yaml" created
INFO Kubernetes file "ar2bc-networkpolicy.yaml" created
和
$ kompose convert -f pathToFile/peer.yaml --volumes hostPath
INFO Service name in docker-compose has been changed from "dev_couchdb1" to "dev-couchdb1"
INFO Service name in docker-compose has been changed from "dev_peer1" to "dev-peer1"
INFO Service name in docker-compose has been changed from "dev_cli1" to "dev-cli1"
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Kubernetes file "dev-couchdb1-service.yaml" created
INFO Kubernetes file "dev-peer1-service.yaml" created
INFO Kubernetes file "dev-cli1-pod.yaml" created
INFO Kubernetes file "ar2bc-networkpolicy.yaml" created
INFO Kubernetes file "dev-couchdb1-pod.yaml" created
INFO Kubernetes file "dev-peer1-pod.yaml" created
然后您将获得准备部署到 kubernetes 的新 yaml 文件
$ ls
ar2bc-networkpolicy.yaml dev-couchdb1-pod.yaml dev-orderer1-pod.yaml dev-peer1-pod.yaml
dev-cli1-pod.yaml dev-couchdb1-service.yaml dev-orderer1-service.yaml dev-peer1-service.yaml
只是为了显示更多的结果,这是生成的 peer1 pod 的 yaml 文件
apiVersion: v1
kind: Pod
metadata:
annotations:
kompose.cmd: kompose convert -f peer.yaml --volumes hostPath
kompose.version: 1.22.0 (955b78124)
creationTimestamp: null
labels:
io.kompose.network/ar2bc: "true"
io.kompose.service: dev-peer1
name: dev-peer1
spec:
containers:
- args:
- peer
- node
- start
env:
- name: CORE_CHAINCODE_EXECUTETIMEOUT
value: 800s
- name: CORE_CHAINCODE_STARTUPTIMEOUT
value: 1200s
- name: CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS
value: couchdb1.dept.mycompany.com:5984
- name: CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
value: i5pr1nt_c0uchDB
- name: CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME
value: couchdb
- name: CORE_LEDGER_STATE_STATEDATABASE
value: CouchDB
- name: CORE_PEER_ADDRESS
value: peer1.dept.mycompany.com:7051
- name: CORE_PEER_CHAINCODELISTENADDRESS
value: 0.0.0.0:7052
- name: CORE_PEER_GOSSIP_BOOTSTRAP
value: peer2.dept.mycompany.com:8051
- name: CORE_PEER_GOSSIP_EXTERNALENDPOINT
value: peer1.dept.mycompany.com:7051
- name: CORE_PEER_GOSSIP_ORGLEADER
value: "false"
- name: CORE_PEER_GOSSIP_USELEADERELECTION
value: "true"
- name: CORE_PEER_ID
value: peer1.dept.mycompany.com
- name: CORE_PEER_LOCALMSPID
value: deptMSP
- name: CORE_PEER_PROFILE_ENABLED
value: "true"
- name: CORE_PEER_TLS_CERT_FILE
value: /etc/hyperledger/fabric/tls/server.crt
- name: CORE_PEER_TLS_ENABLED
value: "true"
- name: CORE_PEER_TLS_KEY_FILE
value: /etc/hyperledger/fabric/tls/server.key
- name: CORE_PEER_TLS_ROOTCERT_FILE
value: /etc/hyperledger/fabric/tls/ca.crt
- name: CORE_VM_DOCKER_ATTACHSTDOUT
value: "true"
- name: CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE
value: fabric
- name: CORE_VM_ENDPOINT
value: unix:///host/var/run/docker.sock
- name: FABRIC_LOGGING_SPEC
value: INFO
image: hyperledger/fabric-peer:latest
name: dev-peer1
ports:
- containerPort: 7051
- containerPort: 7053
resources: {}
volumeMounts:
- mountPath: /host/var/run/
name: dev-peer1-hostpath0
- mountPath: /etc/hyperledger/fabric/msp
name: dev-peer1-hostpath1
- mountPath: /etc/hyperledger/fabric/tls
name: dev-peer1-hostpath2
- mountPath: /var/hyperledger/production
name: peer1.dept.mycompany.com
workingDir: /opt/gopath/src/github.com/hyperledger/fabric/peer
nodeSelector:
kubernetes.io/hostname: node1
restartPolicy: OnFailure
volumes:
- hostPath:
path: /var/run/
name: dev-peer1-hostpath0
- hostPath:
path: /mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/msp
name: dev-peer1-hostpath1
- hostPath:
path: /mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/peerOrganizations/dept.mycompany.com/peers/peer1.dept.mycompany.com/tls
name: dev-peer1-hostpath2
- hostPath:
path: /mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose
name: peer1.dept.mycompany.com
status: {}
这是生成的 peer1 服务的 yaml 文件
apiVersion: v1
kind: Service
metadata:
annotations:
kompose.cmd: kompose convert -f peer.yaml --volumes hostPath
kompose.version: 1.22.0 (955b78124)
creationTimestamp: null
labels:
io.kompose.service: dev-peer1
name: dev-peer1
spec:
ports:
- name: "7051"
port: 7051
targetPort: 7051
- name: "7053"
port: 7053
targetPort: 7053
selector:
io.kompose.service: dev-peer1
status:
loadBalancer: {}
要了解 kompose 能够给你什么样的提示,请尝试 运行 不带 --volumes hostPath 选项的转换命令,你会得到适当的警告
$ kompose convert -f pathToFile/orderer.yaml
INFO Service name in docker-compose has been changed from "dev_orderer1" to "dev-orderer1"
WARN Volume mount on the host "/mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/channel-artifacts/genesis.block" isn't supported - ignoring path on the host
WARN Volume mount on the host "/mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/msp" isn't supported - ignoring path on the host
WARN Volume mount on the host "/mnt/c/devenv/src/Whosebug/66982235-hyperledger-kompose/crypto-config/ordererOrganizations/mycompany.com/orderers/orderer1.mycompany.com/tls" isn't supported - ignoring path on the host
INFO Network ar2bc is detected at Source, shall be converted to equivalent NetworkPolicy at Destination
INFO Kubernetes file "dev-orderer1-service.yaml" created
INFO Kubernetes file "dev-orderer1-pod.yaml" created
INFO Kubernetes file "dev-orderer1-claim0-persistentvolumeclaim.yaml" created
INFO Kubernetes file "dev-orderer1-claim1-persistentvolumeclaim.yaml" created
INFO Kubernetes file "dev-orderer1-claim2-persistentvolumeclaim.yaml" created
INFO Kubernetes file "orderer1.mycompany.com-persistentvolumeclaim.yaml" created
INFO Kubernetes file "ar2bc-networkpolicy.yaml" created
转换实际文件后,您可以使用
实例化 kubernetes 对象$ kubectl apply -f *.yaml
或您需要的任何更合适的命令(严格来说这不是您的问题)