Merge pull request #38 from npci/release/v1.2.0_beta

README.md

@@ -13,8 +13,8 @@ Whether you're a blockchain enthusiast, developer, or enterprise seeking to harn
 
 ### Features
 - [x] CA Management (Root CA, TLS CA & Intermediate CAs)
-- [x] Peer Creation
-- [x] Orderer Creation
+- [x] Peer Creation, Cert renewal
+- [x] Orderer Creation, Addition, Cert renewal
 - [x] Channel Management
 - [x] Chaincode Lifecycle Management (Install, Approve, Commit and CC Upgrades)
 - [x] Cryptographic operations support and certification management
@@ -23,9 +23,10 @@ Whether you're a blockchain enthusiast, developer, or enterprise seeking to harn
 - [x] File Registry support for centralised config files
 - [x] Support for Hyperledger Fabric 2.3+
 - [x] Multi-zone, Multi-DC, Private Network (On-prem DCs) deployment support
+- [x] Multi-channel support
 
 ### Roadmap
-- [ ] Multi-channel support
+
 - [ ] Automatic certificate renewal
 - [ ] GUI based deployment support
 - [ ] Optional Fabric Explorer
@@ -34,7 +35,8 @@ Whether you're a blockchain enthusiast, developer, or enterprise seeking to harn
 - [ ] Key Management using HSM / Vault
 
 ### Releases
-- [v1.1.0](https://github.com/npci/falcon/releases/latest)
+- [v1.2.0](https://github.com/npci/falcon/releases/latest)
+- [v1.1.0](https://github.com/npci/falcon/releases/tag/v1.1.0)
 - [v1.0.2](https://github.com/npci/falcon/releases/tag/v1.0.2)
 - [v1.0.1](https://github.com/npci/falcon/releases/tag/v1.0.1)
 - [v1.0.0](https://github.com/npci/falcon/releases/tag/v1.0.0)

examples/README.md

@@ -165,7 +165,7 @@ helm install org1-ca-ops -n org1 helm-charts/fabric-ops/ -f examples/fabric-ops/
 ```
 3. **Add Org1 to the network**
 
-Once the `Org1` ICA started successfully, you would need to add this `Org1` to the network. For that, you need to run the following Job in `initialpeerorg`. Comment out the `org2` section from the `Values.organizatons` array in the values file [examples/fabric-ops/initialpeerorg/configure-org-channel.yaml](./fabric-ops/initialpeerorg/configure-org-channel.yaml) for now since we have not deployed the `Org2` yet.
+Once the `Org1` ICA started successfully, you would need to add this `Org1` to the network. For that, you need to run the following Job in `initialpeerorg`. Comment out the `org2` section from the `Values.organizations` array in the values file [examples/fabric-ops/initialpeerorg/configure-org-channel.yaml](./fabric-ops/initialpeerorg/configure-org-channel.yaml) for now since we have not deployed the `Org2` yet.
 ```
 helm install configorgchannel -n initialpeerorg helm-charts/fabric-ops/ -f examples/fabric-ops/initialpeerorg/configure-org-channel.yaml
 ```
@@ -196,7 +196,7 @@ helm install org2-ca-ops -n org2 helm-charts/fabric-ops/ -f examples/fabric-ops/
 ```
 3. **Add Org2 to network**
 
-Once the `Org2` ICA started successfully, you would need to add this `Org2` to the network. For that, you need to upgrade the following `configorgchannel` Job in `initialpeerorg`. This time, uncomment the `org2` section in the `Values.organizatons` array in the values file [examples/fabric-ops/initialpeerorg/configure-org-channel.yaml](./fabric-ops/initialpeerorg/configure-org-channel.yaml).
+Once the `Org2` ICA started successfully, you would need to add this `Org2` to the network. For that, you need to upgrade the following `configorgchannel` Job in `initialpeerorg`. This time, uncomment the `org2` section in the `Values.organizations` array in the values file [examples/fabric-ops/initialpeerorg/configure-org-channel.yaml](./fabric-ops/initialpeerorg/configure-org-channel.yaml).
 ```
 helm upgrade configorgchannel -n initialpeerorg helm-charts/fabric-ops/ -f examples/fabric-ops/initialpeerorg/configure-org-channel.yaml
 ```

examples/fabric-ops/initialpeerorg/approve-chaincode.yaml

@@ -32,7 +32,7 @@ filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.
 require_collection_config: "true"
 collection_config_file: "collection-config.json"
 collection_config_file_hash: "627dd1b8d679dc52475c148e502c576b109796df8495282ba602cc51ec173286"
-core_peer_address: peer0-initialpeerorg:30002
+core_peer_address: peer0-initialpeerorg:7051
 
 cc_name: basic-chaincode
 cc_version: "1.0"

examples/fabric-ops/initialpeerorg/channel-create.yaml

@@ -19,25 +19,35 @@ tlsca_endpoint: tls-ca.my-hlf-domain.com:30000
 orderer_endpoint: orderer0-orderer.my-hlf-domain.com:30000
 filestore_endpoint: http://filestore.my-hlf-domain.com:30001
 filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.
-config_transaction_filename: channel.tx
-channel_block_filename: mychannel.block
-
 
 hlf_domain: my-hlf-domain.com
-hlf_channel: mychannel
 fabric_actions: 
  create_channel: true
-
+
+app_channels:
+  - mychannel
+
+admin_organizations:
+  - org_type: consortium
+    org_name: initialpeerorg
+    ica_endpoint: ica-initialpeerorg.my-hlf-domain.com:30000
+    cert_path: /root/initialpeerorg.pem
+    admin_identity: admin
+    admin_secret: initialpeerorgAdminSamplePassword
+    require_msp_enrollment: true
+    require_tls_enrollment: false
+    anchor_peers:
+    - host: peer0-initialpeerorg.my-hlf-domain.com
+      port: "30000"
+
 csr_names_cn: IN
 csr_names_st: Maharashtra
 csr_names_l: Mumbai
 csr_names_o: Your Company Name
 
-admin_identity:
-  - identity_name: admin
-    identity_secret: initialpeerorgAdminSamplePassword
-    require_msp_enrollment: true
-    require_tls_enrollment: false
+configTxProfileType: ConsortiumProfile
+consortiumName: InitialConsortium
+core_peer_mspconfigpath_override: "" # Required only if admin_identity name is not "admin". You will have to add the complete path to the msp directory in this case.
 
 serviceAccount:
   # Specifies whether a service account should be created

examples/fabric-ops/initialpeerorg/commit-chaincode.yaml

@@ -32,7 +32,7 @@ filestore_endpoint: http://filestore.my-hlf-domain.com:30001
 filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.
 collection_config_file: collection-config.json
 collection_config_file_hash: "627dd1b8d679dc52475c148e502c576b109796df8495282ba602cc51ec173286"
-core_peer_address: peer0-initialpeerorg:30002
+core_peer_address: peer0-initialpeerorg:7051
 
 cc_name: basic-chaincode
 cc_version: "1.0"

examples/fabric-ops/initialpeerorg/configure-org-channel.yaml

@@ -36,19 +36,17 @@ admin_identity:
 # core_peer_mspconfigpath_override: /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/users/admin-initialpeerorg/msp
 
 # Organizations to be added
-organizatons:
+organizations:
  - name: org1
    ica_endpoint: ica-org1.my-hlf-domain.com:30000
-   identity_name: admin
-   identity_secret: org1AdminSamplePassword
    anchor_peer: peer0-org1.my-hlf-domain.com
    anchor_peer_port: 30000
+   status: active # Set to `disabled` to remove an org from the network.
  - name: org2
    ica_endpoint: ica-org2.my-hlf-domain.com:30000
-   identity_name: admin
-   identity_secret: org2AdminSamplePassword
    anchor_peer: peer0-org2.my-hlf-domain.com
    anchor_peer_port: 30000
+   status: active
 
 csr_names_cn: IN
 csr_names_st: Maharashtra

examples/fabric-ops/orderer/orderer-addition.yaml

@@ -21,7 +21,7 @@ csr_names_st: Maharashtra
 csr_names_l: Mumbai
 csr_names_o: Your Company Name
 
-#MspIdOverride: ordererorg
+#MspIdOverride: MyOrdererOrg, by default it is `orderer`
 orderer_endpoint: orderer0-orderer.my-hlf-domain.com:30000
 filestore_endpoint: http://filestore.my-hlf-domain.com:30001
 filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.

examples/fabric-ops/orderer/orderer-cryptogen.yaml

@@ -18,7 +18,7 @@ imagePullSecrets: []
 
 ## These organizations are the list of initial organizations required to generate the genesis.block file. 
 
-organizations:
+admin_organizations:
   - org_type: orderer
     org_name: orderer
     ica_endpoint: ica-orderer.my-hlf-domain.com:30000
@@ -35,7 +35,7 @@ organizations:
     - identity_name: orderer2-orderer
       identity_secret: orderer2ordererSamplePassword
       port: "30000"
-  - org_type: peerorg
+  - org_type: consortium
     org_name: initialpeerorg
     ica_endpoint: ica-initialpeerorg.my-hlf-domain.com:30000
     cert_path: /root/peerorg.pem
@@ -45,16 +45,13 @@ organizations:
     - host: peer0-initialpeerorg.my-hlf-domain.com
       port: "30000"
 
-channel_artifact_dir: /scripts/channel-artifacts
-base_dir: /scripts/crypto-config
 hlf_domain: my-hlf-domain.com
 orderer_system_channel: "orderer-sys-channel"
-hlf_channel: "mychannel"
 block_file: genesis.block
-config_transaction_filename: channel.tx
+configTxProfileType: OrdererEtcdRaftProfile
+consortiumName: InitialConsortium
 
 tlsca_endpoint: tls-ca.my-hlf-domain.com:30000
-
 filestore_endpoint: http://filestore.my-hlf-domain.com:30001
 filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.
 

examples/fabric-ops/org1/approve-chaincode.yaml

@@ -32,7 +32,7 @@ filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.
 require_collection_config: "true"
 collection_config_file: "collection-config.json"
 collection_config_file_hash: "627dd1b8d679dc52475c148e502c576b109796df8495282ba602cc51ec173286"
-core_peer_address: peer0-org1:30002
+core_peer_address: peer0-org1:7051
 
 cc_name: basic-chaincode
 cc_version: "1.0"

examples/fabric-ops/org2/approve-chaincode.yaml

@@ -32,7 +32,7 @@ filestore_ssl: false # Make it `true` if `filestore_endpoint` is over https.
 require_collection_config: "true"
 collection_config_file: "collection-config.json"
 collection_config_file_hash: "627dd1b8d679dc52475c148e502c576b109796df8495282ba602cc51ec173286"
-core_peer_address: peer0-org2:30002
+core_peer_address: peer0-org2:7051
 
 cc_name: basic-chaincode
 cc_version: "1.0"

examples/fabric-orderer/orderer.yaml

@@ -101,6 +101,8 @@ global:
       value: file
     - name: ORDERER_GENERAL_LISTENADDRESS
       value: 0.0.0.0
+    # - name: ORDERER_ADMIN_LISTENADDRESS
+    #   value: "0.0.0.0:9443"
     - name: ORDERER_GENERAL_TLS_ENABLED
       value: "true"
     - name: ORDERER_GENERAL_LOCALMSPDIR

examples/fabric-peer/initialpeerorg/values.yaml

@@ -111,7 +111,7 @@ global:
   peerContainerPort: "7051"
   peerDataDir: /var/hyperledger/production
   peerServiceType: ClusterIP
-  peerServicePort: "30002"
+  peerServicePort: "7051"
   peerDiskSize: 1G
   peerCertDiskSize: 50M
   peerPvcAccessMode: ReadWriteOnce

examples/fabric-peer/org1/values.yaml

@@ -110,7 +110,7 @@ global:
   peerContainerPort: "7051"
   peerDataDir: /var/hyperledger/production
   peerServiceType: ClusterIP
-  peerServicePort: "30002"
+  peerServicePort: "7051"
   peerDiskSize: 1G
   peerCertDiskSize: 50M
   peerPvcAccessMode: ReadWriteOnce

examples/fabric-peer/org2/values.yaml

@@ -107,7 +107,7 @@ global:
   peerContainerPort: "7051"
   peerDataDir: /var/hyperledger/production
   peerServiceType: ClusterIP
-  peerServicePort: "30002"
+  peerServicePort: "7051"
   peerDiskSize: 1G
   peerCertDiskSize: 50M
   peerPvcAccessMode: ReadWriteOnce

helm-charts/fabric-ca/Chart.yaml

@@ -4,5 +4,5 @@ apiVersion: v2
 name: fabric-ca
 description: A Helm chart for deploying Fabric CA Server in Kubernetes.
 type: application
-version: 1.1.0
+version: 1.2.0
 appVersion: "1.5.0"

helm-charts/fabric-ca/templates/service.yaml

@@ -12,9 +12,12 @@ metadata:
 spec:
   type: {{ .Values.service.type }}
   ports:
-    - port: {{ .Values.service.port }}
+    - name: {{ include "fabric-ca.fullname" . }}
+      port: {{ .Values.service.port }}
       targetPort: http
       protocol: TCP
-      name: {{ include "fabric-ca.fullname" . }}
+      {{- if and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort)) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
   selector:
-    {{- include "fabric-ca.selectorLabels" . | nindent 4 }}
+    {{- include "fabric-ca.selectorLabels" . | nindent 4 }}

helm-charts/fabric-ca/values.yaml

@@ -55,8 +55,7 @@ service:
 ingress:
   enabled: true
   className: "nginx"
-  annotations:
-    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+  annotations: {}
   path: /
   pathType: Prefix
 

helm-charts/fabric-ops/Chart.yaml

@@ -4,5 +4,5 @@ apiVersion: v2
 name: fabric-ops
 description: A Helm chart for performing various operations in Hyperledger fabric network.
 type: application
-version: 1.1.0
+version: 1.2.0
 appVersion: "1.5.0"