Fabric二进制建链（客户端与节点主机分离）

一、客户端准备
- 1.1、准备链目录和配置文件
- 1.2、设置环境变量
- 1.3、初始化和启动fabric-ca-server
- 1.4、登记ca的admin用户
二、准备组织org1
- 2.1、准备组织目录
- 2.2、生成组织org1的msp配置
三、准备peer0节点
- 3.1、注册peer0
- 3.2、注册peer组织org1的user
- 3.3、注册peer组织org1的admin
- 3.4、登记peer0
- 3.5、登记peer0的tls
- 3.6、登记peer组织org1的user
- 3.7、登记peer组织org1的admin
四、准备orderer0节点
- 4.1、注册orderer0
- 4.2、注册orderer组织org1的admin
- 4.3、登记orderer0
- 4.4、登记orderer0的tls
- 4.5、登记orderer组织org1的admin
五、准备创世区块
六、服务端准备
- 6.1、启动peer0
- 6.2、启动orderer0
七、创建应用通道channel1
- 7.1、创建应用通道tx交易文件
- 7.2、创建应用通道区块
- 7.3、peer0加入应用通道
- 7.4、获取应用通道最近的配置块
- 7.5、生成锚节点更新配置文件
- 7.6、提交更新通道配置交易
八、部署链码发送交易
- 8.1、编译打包链码
- 8.2、部署链码
- 8.3、发送交易

前文的二进制建链、添加对等节点或排序节点，都是客户端和节点服务端在一台机器。这里将尝试将客户端和节点主机分为各自的主机，假设客户端主机在192.168.2.195，在对等和排序节点主机192.168.3.128部署1个orderer节点和1个peer节点。

一、客户端准备

1.1、准备链目录和配置文件

mkdir -p ~/fabric/organizations/ordererOrganizations
mkdir -p ~/fabric/organizations/peerOrganizationsmkdir -p ~/fabric/bin
# fabric-ca-server
# fabric-ca-client
# peer
# configtxgen
# configtxlatormkdir -p ~/fabric/config
# configtx.yamlmkdir -p ~/fabric/log

configtx.yaml模板：

Organizations:- &OrdererOrg1Name: OrdererOrg1SkipAsForeign: falseID: OrdererOrg1MSPMSPDir: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/mspPolicies:Readers:Type: SignatureRule: "OR('OrdererOrg1MSP.member')"Writers:Type: SignatureRule: "OR('OrdererOrg1MSP.member')"Admins:Type: SignatureRule: "OR('OrdererOrg1MSP.admin')"OrdererEndpoints:- "192.168.3.128:7050"- &Org1Name: Org1MSPSkipAsForeign: falseID: Org1MSPMSPDir: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/mspPolicies:Readers:Type: SignatureRule: "OR('Org1MSP.member')"Writers:Type: SignatureRule: "OR('Org1MSP.member')"Admins:Type: SignatureRule: "OR('Org1MSP.admin')"Endorsement:Type: SignatureRule: "OR('Org1MSP.member')"AnchorPeers:- Host: 192.168.3.128Port: 7051Capabilities:Channel: &ChannelCapabilitiesV2_0: trueOrderer: &OrdererCapabilitiesV2_0: trueApplication: &ApplicationCapabilitiesV2_0: trueApplication: &ApplicationDefaultsOrganizations:Policies:LifecycleEndorsement:Type: ImplicitMetaRule: "MAJORITY Endorsement"Endorsement:Type: ImplicitMetaRule: "MAJORITY Endorsement"Readers:Type: ImplicitMetaRule: "ANY Readers"Writers:Type: ImplicitMetaRule: "ANY Writers"Admins:Type: ImplicitMetaRule: "MAJORITY Admins"Capabilities:<<: *ApplicationCapabilitiesOrderer: &OrdererDefaultsOrdererType: etcdraftAddresses:- 192.168.3.128:7050EtcdRaft:Consenters:- Host: 192.168.3.128Port: 7050ClientTLSCert: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crtServerTLSCert: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crtBatchTimeout: 2sBatchSize:MaxMessageCount: 10AbsoluteMaxBytes: 99 MBPreferredMaxBytes: 521 KBMaxChannels: 0Organizations:Policies:Readers:Type: ImplicitMetaRule: "ANY Readers"Writers:Type: ImplicitMetaRule: "ANY Writers"Admins:Type: ImplicitMetaRule: "MAJORITY Admins"BlockValidation:Type: ImplicitMetaRule: "ANY Writers"Channel: &ChannelDefaultsPolicies:Readers:Type: ImplicitMetaRule: "ANY Readers"Writers:Type: ImplicitMetaRule: "ANY Writers"Admins:Type: ImplicitMetaRule: "MAJORITY Admins"Capabilities:<<: *ChannelCapabilitiesProfiles:OneOrgOrdererGenesis:<<: *ChannelDefaultsOrderer:<<: *OrdererDefaultsOrganizations:- *OrdererOrg1Capabilities:<<: *OrdererCapabilitiesConsortiums:SampleConsortium:Organizations:- *Org1Channel1:Consortium: SampleConsortium<<: *ChannelDefaultsApplication:<<: *ApplicationDefaultsOrganizations:- *Org1Capabilities:<<: *ApplicationCapabilities

还需要ca-server的配置文件fabric-ca-server-config.yaml：

version: 1.2.0port: 7054debug: falsecrlsizelimit: 512000tls:# Enable TLS (default: false)enabled: true# TLS for the server's listening portcertfile:keyfile:clientauth:type: noclientcertcertfiles:ca:name: ca-org1keyfile:certfile:chainfile:crl:expiry: 24hregistry:maxenrollments: -1identities:- name: adminpass: adminpwtype: clientaffiliation: ""attrs:hf.Registrar.Roles: "*"hf.Registrar.DelegateRoles: "*"hf.Revoker: truehf.IntermediateCA: truehf.GenCRL: truehf.Registrar.Attributes: "*"hf.AffiliationMgr: truedb:type: sqlite3datasource: fabric-ca-server.dbtls:enabled: falsecertfiles:client:certfile:keyfile:ldap:enabled: falseurl: ldap://<adminDN>:<adminPassword>@<host>:<port>/<base>tls:certfiles:client:certfile:keyfile:attribute:names: ['uid','member']converters:- name:value:maps:groups:- name:value:affiliations:org1:- department1- department2org2:- department1signing:default:usage:- digital signatureexpiry: 8760hprofiles:ca:usage:- cert sign- crl signexpiry: 43800hcaconstraint:isca: truemaxpathlen: 0tls:usage:- signing- key encipherment- server auth- client auth- key agreementexpiry: 8760hcsr:cn: ca.org1.example.comnames:- C: USST: "North Carolina"L: "Durham"O: org1.example.comOU:hosts:- 192.168.2.195ca:expiry: 131400hpathlength: 1bccsp:default: SWsw:hash: SHA2security: 256filekeystore:# The directory used for the software file-based keystorekeystore: msp/keystorecacount:cafiles:intermediate:parentserver:url:caname:enrollment:hosts:profile:label:tls:certfiles:client:certfile:keyfile:

目录如下：

/home/songzehao/fabric
├── bin
│   ├── configtxgen
│   ├── configtxlator
│   ├── fabric-ca-client
│   ├── fabric-ca-server
│   └── peer
├── config
│   └── configtx.yaml
├── fabric-ca-server-config.yaml
├── log
└── organizations├── ordererOrganizations└── peerOrganizations6 directories, 6 files

1.2、设置环境变量

export PATH=/home/songzehao/fabric/bin:$PATH
export FABRIC_CA_CLIENT_HOME=/home/songzehao/fabric/fabric-ca-client
export FABRIC_CFG_PATH=/home/songzehao/fabric/config

1.3、初始化和启动fabric-ca-server

初始化：

fabric-ca-server init -b admin:adminpw

启动：

nohup fabric-ca-server start -b admin:adminpw >> ~/fabric/log/fabric-ca-server.log 2>&1 &

1.4、登记ca的admin用户

fabric-ca-client enroll -u https://admin:adminpw@192.168.2.195:7054 --caname ca-org1 --tls.certfiles ~/fabric/ca-cert.pem

到这一步的目录如下：

/home/songzehao/fabric
├── bin
│   ├── configtxgen
│   ├── fabric-ca-client
│   ├── fabric-ca-server
│   └── peer
├── ca-cert.pem
├── config
│   └── configtx.yaml
├── fabric-ca-client
│   ├── fabric-ca-client-config.yaml
│   └── msp
│       ├── cacerts
│       │   └── 192-168-2-195-7054-ca-org1.pem
│       ├── IssuerPublicKey
│       ├── IssuerRevocationPublicKey
│       ├── keystore
│       │   └── c7292654834ac0d85b2af25206296449117b39a0f124b6faa4247ea3752863bd_sk
│       ├── signcerts
│       │   └── cert.pem
│       └── user
├── fabric-ca-server-config.yaml
├── fabric-ca-server.db
├── IssuerPublicKey
├── IssuerRevocationPublicKey
├── log
│   └── fabric-ca-server.log
├── msp
│   ├── cacerts
│   ├── keystore
│   │   ├── e0f304d534998a7756e8be945abd630a235dbd3125c768a7d2be54e708f739da_sk
│   │   ├── f9300aaa0a24d69fdc62cfb30384870f9b8184fca4b14416e075d38ed0e1bdd2_sk
│   │   ├── IssuerRevocationPrivateKey
│   │   └── IssuerSecretKey
│   ├── signcerts
│   └── user
├── organizations
│   ├── ordererOrganizations
│   └── peerOrganizations
└── tls-cert.pem17 directories, 22 files

二、准备组织org1

2.1、准备组织目录

mkdir -p ~/fabric/organizations/peerOrganizations/org1.example.com/msp
mkdir -p ~/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com
mkdir -p ~/fabric/organizations/ordererOrganizations/org1.example.com/msp
mkdir -p ~/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com

2.2、生成组织org1的msp配置

echo 'NodeOUs:Enable: trueClientOUIdentifier:Certificate: cacerts/192-168-2-195-7054-ca-org1.pemOrganizationalUnitIdentifier: clientPeerOUIdentifier:Certificate: cacerts/192-168-2-195-7054-ca-org1.pemOrganizationalUnitIdentifier: peerAdminOUIdentifier:Certificate: cacerts/192-168-2-195-7054-ca-org1.pemOrganizationalUnitIdentifier: adminOrdererOUIdentifier:Certificate: cacerts/192-168-2-195-7054-ca-org1.pemOrganizationalUnitIdentifier: orderer' > /home/songzehao/fabric/config.yaml

并拷贝org1的ca证书到org1的/msp/tlscacerts、/tlsca和/ca目录：

mkdir -p /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp/tlscacerts
cp /home/songzehao/fabric/ca-cert.pem /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp/tlscacerts/ca.crtmkdir -p /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/tlsca
cp /home/songzehao/fabric/ca-cert.pem /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pemmkdir -p /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/ca
cp /home/songzehao/fabric/ca-cert.pem /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem

三、准备peer0节点

3.1、注册peer0

fabric-ca-client register --caname ca-org1 --id.name peer0 --id.secret peer0pw --id.type peer --tls.certfiles /home/songzehao/fabric/ca-cert.pem

3.2、注册peer组织org1的user

fabric-ca-client register --caname ca-org1 --id.name user1 --id.secret user1pw --id.type client --tls.certfiles /home/songzehao/fabric/ca-cert.pem

3.3、注册peer组织org1的admin

fabric-ca-client register --caname ca-org1 --id.name org1admin --id.secret org1adminpw --id.type admin --tls.certfiles /home/songzehao/fabric/ca-cert.pem

3.4、登记peer0

fabric-ca-client enroll -u https://peer0:peer0pw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp --tls.certfiles /home/songzehao/fabric/ca-cert.pem

并拷贝该组织的msp配置文件到peer0节点目录下：

cp /home/songzehao/fabric/config.yaml /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp/config.yamlcp /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp/config.yaml /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/config.yaml

3.5、登记peer0的tls

fabric-ca-client enroll -u https://peer0:peer0pw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls --enrollment.profile tls --csr.hosts 192.168.3.128 --tls.certfiles /home/songzehao/fabric/ca-cert.pem

3.6、登记peer组织org1的user

cp /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/tlscacerts/* /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
cp /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/signcerts/* /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
cp /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/keystore/* /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.keyfabric-ca-client enroll -u https://user1:user1pw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp --tls.certfiles /home/songzehao/fabric/ca-cert.pemcp /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp/config.yaml /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/users/User1@org1.example.com/msp/config.yaml

3.7、登记peer组织org1的admin

fabric-ca-client enroll -u https://org1admin:org1adminpw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp --tls.certfiles /home/songzehao/fabric/ca-cert.pemcp /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp/config.yaml /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp/config.yaml

四、准备orderer0节点

在ordererOrganizations/org1.example.com/msp目录下，创建tlscacerts子目录：

mkdir -p /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp/tlscacerts

拷贝组织的ca证书到tlscacerts子目录：

cp /home/songzehao/fabric/ca-cert.pem /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

创建~/fabric/organizations/ordererOrganizations/org1.example.com/tlsca目录：

mkdir ~/fabric/organizations/ordererOrganizations/org1.example.com/tlsca

拷贝组织的ca证书到tlsca子目录：

cp /home/songzehao/fabric/ca-cert.pem ~/fabric/organizations/ordererOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem

4.1、注册orderer0

fabric-ca-client register --caname ca-org1 --id.name orderer0 --id.secret orderer0pw --id.type orderer --tls.certfiles /home/songzehao/fabric/ca-cert.pem

4.2、注册orderer组织org1的admin

fabric-ca-client register --caname ca-org1 --id.name ordererOrg1Admin --id.secret ordererOrg1Adminpw --id.type admin --tls.certfiles /home/songzehao/fabric/ca-cert.pem

4.3、登记orderer0

fabric-ca-client enroll -u https://orderer0:orderer0pw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp --tls.certfiles /home/songzehao/fabric/ca-cert.pem

并拷贝msp配置文件到orderer0节点目录下：

cp /home/songzehao/fabric/config.yaml /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp/config.yamlcp /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp/config.yaml /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/config.yaml

4.4、登记orderer0的tls

fabric-ca-client enroll -u https://orderer0:orderer0pw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls --enrollment.profile tls --csr.hosts 192.168.3.128 --tls.certfiles /home/songzehao/fabric/ca-cert.pem

拷贝到tls目录下，并重命名为更好看的文件名：

cp /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/tlscacerts/* /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/ca.crt
cp /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/signcerts/* /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crt
cp /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/keystore/* /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.key

拷贝该tlsca证书到orderer0节点目录下msp/tlscacerts目录：

mkdir -p /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts
cp /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/tlscacerts/* /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

4.5、登记orderer组织org1的admin

fabric-ca-client enroll -u https://ordererOrg1Admin:ordererOrg1Adminpw@192.168.2.195:7054 --caname ca-org1 -M /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/users/Admin@org1.example.com/msp --tls.certfiles /home/songzehao/fabric/ca-cert.pem

拷贝msp配置文件到管理员的msp目录下：

cp /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp/config.yaml /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/users/Admin@org1.example.com/msp/config.yaml

五、准备创世区块

走到这一步，组织目录下msp/只有tlscacerts目录，缺少cacert：

/home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp/
├── config.yaml
└── tlscacerts└── tlsca.org1.example.com-cert.pem1 directory, 2 files

所以先将orderer0的msp目录下的cacert，即~/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/cacerts/放到~/fabric/organizations/ordererOrganizations/org1.example.com/msp/cacerts/，顺带给peer0也一起处理：

cp -r /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/cacerts /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/msp
cp -r /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp/cacerts /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/msp

更改configtx.yaml：

Organizations:- &OrdererOrg1Name: OrdererOrg1SkipAsForeign: falseID: OrdererOrg1MSPMSPDir: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/mspPolicies:Readers:Type: SignatureRule: "OR('OrdererOrg1MSP.member')"Writers:Type: SignatureRule: "OR('OrdererOrg1MSP.member')"Admins:Type: SignatureRule: "OR('OrdererOrg1MSP.admin')"OrdererEndpoints:- "192.168.3.128:7050"- &Org1Name: Org1MSPSkipAsForeign: falseID: Org1MSPMSPDir: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/mspPolicies:Readers:Type: SignatureRule: "OR('Org1MSP.member')"Writers:Type: SignatureRule: "OR('Org1MSP.member')"Admins:Type: SignatureRule: "OR('Org1MSP.admin')"Endorsement:Type: SignatureRule: "OR('Org1MSP.member')"AnchorPeers:- Host: 192.168.3.128Port: 7051Capabilities:Channel: &ChannelCapabilitiesV2_0: trueOrderer: &OrdererCapabilitiesV2_0: trueApplication: &ApplicationCapabilitiesV2_0: trueApplication: &ApplicationDefaultsOrganizations:Policies:LifecycleEndorsement:Type: ImplicitMetaRule: "MAJORITY Endorsement"Endorsement:Type: ImplicitMetaRule: "MAJORITY Endorsement"Readers:Type: ImplicitMetaRule: "ANY Readers"Writers:Type: ImplicitMetaRule: "ANY Writers"Admins:Type: ImplicitMetaRule: "MAJORITY Admins"Capabilities:<<: *ApplicationCapabilitiesOrderer: &OrdererDefaultsOrdererType: etcdraftAddresses:- 192.168.3.128:7050EtcdRaft:Consenters:- Host: 192.168.3.128Port: 7050ClientTLSCert: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crtServerTLSCert: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crtBatchTimeout: 2sBatchSize:MaxMessageCount: 10AbsoluteMaxBytes: 99 MBPreferredMaxBytes: 521 KBMaxChannels: 0Organizations:Policies:Readers:Type: ImplicitMetaRule: "ANY Readers"Writers:Type: ImplicitMetaRule: "ANY Writers"Admins:Type: ImplicitMetaRule: "MAJORITY Admins"BlockValidation:Type: ImplicitMetaRule: "ANY Writers"Channel: &ChannelDefaultsPolicies:Readers:Type: ImplicitMetaRule: "ANY Readers"Writers:Type: ImplicitMetaRule: "ANY Writers"Admins:Type: ImplicitMetaRule: "MAJORITY Admins"Capabilities:<<: *ChannelCapabilitiesProfiles:OneOrgOrdererGenesis:<<: *ChannelDefaultsOrderer:<<: *OrdererDefaultsOrganizations:- *OrdererOrg1Capabilities:<<: *OrdererCapabilitiesConsortiums:SampleConsortium:Organizations:- *Org1Channel1:Consortium: SampleConsortium<<: *ChannelDefaultsApplication:<<: *ApplicationDefaultsOrganizations:- *Org1Capabilities:<<: *ApplicationCapabilities

创建创世块：

configtxgen -profile OneOrgOrdererGenesis -channelID system-channel -outputBlock /home/songzehao/fabric/config/system-genesis-block/genesis.block

六、服务端准备

6.1、启动peer0

在节点主机创建同样的链组织节点目录，并准备好bin/peer和config/core.yaml等。

mkdir -p ~/fabric/organizations/peerOrganizations/
# 放peer
mkdir -p ~/fabric/bin
# 放core.yaml
mkdir -p ~/fabric/config
mkdir -p ~/fabric/log

从客户端主机传送peer组织目录到peer0节点主机：

scp -r /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/ songzehao@192.168.3.128:/home/songzehao/fabric/organizations/peerOrganizations

节点主机上peer0的core.yaml：

peer:id: peer0.org1.example.comnetworkId: devlistenAddress: 0.0.0.0:7051# chaincodeListenAddress: 0.0.0.0:7052# chaincodeAddress: 0.0.0.0:7052address: 0.0.0.0:7051addressAutoDetect: falsekeepalive:interval: 7200stimeout: 20sminInterval: 60sclient:interval: 60stimeout: 20sdeliveryClient:interval: 60stimeout: 20sgossip:bootstrap: 192.168.3.128:7051useLeaderElection: falseorgLeader: truemembershipTrackerInterval: 5sendpoint:maxBlockCountToStore: 10maxPropagationBurstLatency: 10msmaxPropagationBurstSize: 10propagateIterations: 1propagatePeerNum: 3pullInterval: 4spullPeerNum: 3requestStateInfoInterval: 4spublishStateInfoInterval: 4sstateInfoRetentionInterval:publishCertPeriod: 10sskipBlockVerification: falsedialTimeout: 3sconnTimeout: 2srecvBuffSize: 20sendBuffSize: 200digestWaitTime: 1srequestWaitTime: 1500msresponseWaitTime: 2saliveTimeInterval: 5saliveExpirationTimeout: 25sreconnectInterval: 25smaxConnectionAttempts: 120msgExpirationFactor: 20externalEndpoint:election:startupGracePeriod: 15smembershipSampleInterval: 1sleaderAliveThreshold: 10sleaderElectionDuration: 5spvtData:pullRetryThreshold: 60stransientstoreMaxBlockRetention: 1000pushAckTimeout: 3sbtlPullMargin: 10reconcileBatchSize: 10reconcileSleepInterval: 1mreconciliationEnabled: trueskipPullingInvalidTransactionsDuringCommit: falseimplicitCollectionDisseminationPolicy:requiredPeerCount: 0maxPeerCount: 1state:enabled: falsecheckInterval: 10sresponseTimeout: 3sbatchSize: 10blockBufferSize: 20maxRetries: 3tls:enabled:  trueclientAuthRequired: falsecert:file: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crtkey:file: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.keyrootcert:file: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crtclientRootCAs:files:- /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crtclientKey:file:clientCert:file:authentication:# the acceptable difference between the current server time and the# client's time as specified in a client request messagetimewindow: 15mfileSystemPath: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/hyperledger/productionBCCSP:Default: SW# Settings for the SW crypto provider (i.e. when DEFAULT: SW)SW:Hash: SHA2Security: 256FileKeyStore:KeyStore:PKCS11:# Location of the PKCS11 module libraryLibrary:# Token LabelLabel:# User PINPin:Hash:Security:mspConfigPath: /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msplocalMspId: Org1MSP# CLI common client config optionsclient:# connection timeoutconnTimeout: 3s# Delivery service related configdeliveryclient:# It sets the total time the delivery service may spend in reconnection# attempts until its retry logic gives up and returns an errorreconnectTotalTimeThreshold: 3600s# It sets the delivery service <-> ordering service node connection timeoutconnTimeout: 3s# It sets the delivery service maximal delay between consecutive retriesreConnectBackoffThreshold: 3600s# A list of orderer endpoint addresses which should be overridden# when found in channel configurations.addressOverrides:#  - from:#    to:#    caCertsFile:#  - from:#    to:#    caCertsFile:localMspType: bccspprofile:enabled:     falselistenAddress: 0.0.0.0:6060handlers:authFilters:-name: DefaultAuth-name: ExpirationCheck    # This filter checks identity x509 certificate expirationdecorators:-name: DefaultDecoratorendorsers:escc:name: DefaultEndorsementlibrary:validators:vscc:name: DefaultValidationlibrary:validatorPoolSize:discovery:enabled: trueauthCacheEnabled: trueauthCacheMaxSize: 1000authCachePurgeRetentionRatio: 0.75orgMembersAllowedAccess: falselimits:concurrency:endorserService: 2500deliverService: 2500vm:endpoint: unix:///var/run/docker.sockdocker:tls:enabled: falseca:file: docker/ca.crtcert:file: docker/tls.crtkey:file: docker/tls.keyattachStdout: falsehostConfig:NetworkMode: hostDns:# - 192.168.0.1LogConfig:Type: json-fileConfig:max-size: "50m"max-file: "5"Memory: 2147483648chaincode:id:path:name:builder: $(DOCKER_NS)/fabric-ccenv:$(TWO_DIGIT_VERSION)pull: falsegolang:runtime: $(DOCKER_NS)/fabric-baseos:$(TWO_DIGIT_VERSION)dynamicLink: falsejava:runtime: $(DOCKER_NS)/fabric-javaenv:$(TWO_DIGIT_VERSION)node:runtime: $(DOCKER_NS)/fabric-nodeenv:$(TWO_DIGIT_VERSION)externalBuilders: []# - path: /path/to/directory#   name: descriptive-builder-name#   propagateEnvironment:#      - ENVVAR_NAME_TO_PROPAGATE_FROM_PEER#      - GOPROXYinstallTimeout: 300sstartuptimeout: 300sexecutetimeout: 30smode: netkeepalive: 0system:_lifecycle: enablecscc: enablelscc: enableescc: enablevscc: enableqscc: enablelogging:level:  infoshim:   warningformat: '%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}'ledger:blockchain:state:stateDatabase: goleveldbtotalQueryLimit: 100000couchDBConfig:couchDBAddress: 192.168.3.128:5984username:password:maxRetries: 3maxRetriesOnStartup: 10requestTimeout: 35sinternalQueryLimit: 1000maxBatchUpdateSize: 1000warmIndexesAfterNBlocks: 1createGlobalChangesDB: falsecacheSize: 64history:enableHistoryDatabase: truepvtdataStore:collElgProcMaxDbBatchSize: 5000collElgProcDbBatchesInterval: 1000operations:listenAddress: 192.168.3.128:9443tls:enabled: falsecert:file:key:file:clientAuthRequired: falseclientRootCAs:files: []metrics:provider: disabledstatsd:network: udpaddress: 192.168.3.128:8125writeInterval: 10sprefix:

配置peer0主机需要的环境变量：

export PATH=/home/songzehao/fabric/bin:$PATH
export FABRIC_CFG_PATH=/home/songzehao/fabric/configexport FABRIC_LOGGING_SPEC=DEBUG
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=/home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
export CORE_PEER_ADDRESS=192.168.3.128:7051
export CORE_PEER_GOSSIP_EXTERNALENDPOINT=192.168.3.128:7051

启动peer0：

nohup peer node start >> ~/fabric/log/peer0.log 2>&1 &

6.2、启动orderer0

在节点主机创建同样的链组织节点目录，并准备好bin/orderer和config/orderer.yaml等。

mkdir -p ~/fabric/organizations/ordererOrganizations/
# 放orderer
mkdir -p ~/fabric/bin
mkdir -p ~/fabric/log
# 放orderer.yaml
mkdir -p ~/fabric/config
mkdir -p ~/fabric/config/system-genesis-block/

从客户端主机传送orderer组织目录和创世区块文件，到orderer0节点主机：

scp -r /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/ songzehao@192.168.3.128:/home/songzehao/fabric/organizations/ordererOrganizations
scp -r /home/songzehao/fabric/config/system-genesis-block/genesis.block songzehao@192.168.3.128:/home/songzehao/fabric/config/system-genesis-block

节点主机上orderer0的orderer.yaml：

General:# Listen address: The IP on which to bind to listen.ListenAddress: 192.168.3.128# Listen port: The port on which to bind to listen.ListenPort: 7050# TLS: TLS settings for the GRPC server.TLS:Enabled: true# PrivateKey governs the file location of the private key of the TLS certificate.PrivateKey: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.key# Certificate governs the file location of the server TLS certificate.Certificate: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crtRootCAs:- /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/ca.crtClientAuthRequired: falseClientRootCAs:# Keepalive settings for the GRPC server.Keepalive:ServerMinInterval: 60sServerInterval: 7200sServerTimeout: 20sCluster:SendBufferSize: 10ClientCertificate: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.crt# ClientPrivateKey governs the file location of the private key of the client TLS certificate.ClientPrivateKey: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/tls/server.keyListenPort:# ListenAddress defines the IP on which to listen to intra-cluster communication.ListenAddress:ServerCertificate:# ServerPrivateKey defines the file location of the private key of the TLS certificate.ServerPrivateKey:BootstrapMethod: fileBootstrapFile: /home/songzehao/fabric/config/system-genesis-block/genesis.blockLocalMSPDir: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/mspLocalMSPID: OrdererOrg1MSPProfile:Enabled: falseAddress: 0.0.0.0:6060# BCCSP configures the blockchain crypto service providers.BCCSP:Default: SWSW:Hash: SHA2Security: 256FileKeyStore:KeyStore:# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)PKCS11:# Location of the PKCS11 module libraryLibrary:# Token LabelLabel:# User PINPin:Hash:Security:FileKeyStore:KeyStore:Authentication:TimeWindow: 15mFileLedger:# Location: The directory to store the blocks in.# NOTE: If this is unset, a new temporary location will be chosen every time# the orderer is restarted, using the prefix specified by Prefix.Location: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/hyperledger/production/orderer# The prefix to use when generating a ledger directory in temporary space.# Otherwise, this value is ignored.Prefix: hyperledger-fabric-ordererledgerKafka:Retry:ShortInterval: 5sShortTotal: 10mLongInterval: 5mLongTotal: 12hNetworkTimeouts:DialTimeout: 10sReadTimeout: 10sWriteTimeout: 10sMetadata:RetryBackoff: 250msRetryMax: 3Producer:RetryBackoff: 100msRetryMax: 3Consumer:RetryBackoff: 2sTopic:# The number of Kafka brokers across which to replicate the topicReplicationFactor: 3# Verbose: Enable logging for interactions with the Kafka cluster.Verbose: false# TLS: TLS settings for the orderer's connection to the Kafka cluster.TLS:# Enabled: Use TLS when connecting to the Kafka cluster.Enabled: falsePrivateKey:#File: path/to/PrivateKey# Certificate: PEM-encoded signed public key certificate the orderer will# use for authentication.Certificate:# As an alternative to specifying the Certificate here, uncomment the# following "File" key and specify the file name from which to load the# value of Certificate.#File: path/to/CertificateRootCAs:#File: path/to/RootCAs# SASLPlain: Settings for using SASL/PLAIN authentication with Kafka brokersSASLPlain:# Enabled: Use SASL/PLAIN to authenticate with Kafka brokersEnabled: false# User: Required when Enabled is set to trueUser:# Password: Required when Enabled is set to truePassword:Version:Debug:# BroadcastTraceDir when set will cause each request to the Broadcast service# for this orderer to be written to a file in this directoryBroadcastTraceDir:# DeliverTraceDir when set will cause each request to the Deliver service# for this orderer to be written to a file in this directoryDeliverTraceDir:Operations:# host and port for the operations serverListenAddress: 192.168.3.128:8443# TLS configuration for the operations endpointTLS:# TLS enabledEnabled: false# Certificate is the location of the PEM encoded TLS certificateCertificate:# PrivateKey points to the location of the PEM-encoded keyPrivateKey:# Most operations service endpoints require client authentication when TLS# is enabled. ClientAuthRequired requires client certificate authentication# at the TLS layer to access all resources.ClientAuthRequired: false# Paths to PEM encoded ca certificates to trust for client authenticationClientRootCAs: []Metrics:# The metrics provider is one of statsd, prometheus, or disabledProvider: disabled# The statsd configurationStatsd:# network type: tcp or udpNetwork: udp# the statsd server addressAddress: 192.168.3.128:8125WriteInterval: 30s# The prefix is prepended to all emitted statsd metricsPrefix:Consensus:WALDir: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/hyperledger/production/orderer/etcdraft/walSnapDir: /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/hyperledger/production/orderer/etcdraft/snapshot

启动orderer：

nohup orderer start >> ~/fabric/log/orderer0.log 2>&1 &

七、创建应用通道channel1

7.1、创建应用通道tx交易文件

configtxgen -profile Channel1 -outputCreateChannelTx /home/songzehao/fabric/config/channel-artifacts/channel1.tx -channelID channel1

7.2、创建应用通道区块

首先需要在客户端主机配置peer0相关环境变量：

export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=/home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
export CORE_PEER_MSPCONFIGPATH=/home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
export CORE_PEER_ADDRESS=192.168.3.128:7051
export CORE_PEER_GOSSIP_EXTERNALENDPOINT=192.168.3.128:7051

【注意】：客户端也需要一份core.yaml才能成功执行peer客户端命令。

再创建channel1区块：

peer channel create -o 192.168.3.128:7050 -c channel1 -f /home/songzehao/fabric/config/channel-artifacts/channel1.tx --outputBlock /home/songzehao/fabric/config/channel-artifacts/channel1.block --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

7.3、peer0加入应用通道

peer channel join -b /home/songzehao/fabric/config/channel-artifacts/channel1.block

7.4、获取应用通道最近的配置块

peer channel fetch config /home/songzehao/fabric/config/channel-artifacts/config_block.pb -o 192.168.3.128:7050 -c channel1 --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

7.5、生成锚节点更新配置文件

protobuf序列化（编码）后的.pb配置文件，转化为.json格式：

configtxlator proto_decode --input /home/songzehao/fabric/config/channel-artifacts/config_block.pb --type common.Block --output /home/songzehao/fabric/config/channel-artifacts/config_block.json

抽取配置部分的json，得到原始配置：

jq .data.data[0].payload.data.config /home/songzehao/fabric/config/channel-artifacts/config_block.json > /home/songzehao/fabric/config/channel-artifacts/Org1MSPconfig.json

进一步追加锚节点peer0信息到Org1MSP的values部分，得到更改后配置：

jq '.channel_group.groups.Application.groups.Org1MSP.values += {"AnchorPeers":{"mod_policy": "Admins","value":{"anchor_peers": [{"host": "192.168.3.128","port": 7051}]},"version": "0"}}' /home/songzehao/fabric/config/channel-artifacts/Org1MSPconfig.json > /home/songzehao/fabric/config/channel-artifacts/Org1MSPmodified_config.json

protobuf编码原始配置：

configtxlator proto_encode --input /home/songzehao/fabric/config/channel-artifacts/Org1MSPconfig.json --type common.Config --output /home/songzehao/fabric/config/channel-artifacts/original_config.pb

protobuf编码更改后配置：

configtxlator proto_encode --input /home/songzehao/fabric/config/channel-artifacts/Org1MSPmodified_config.json --type common.Config --output /home/songzehao/fabric/config/channel-artifacts/modified_config.pb

计算更改前后的配置差异，得到.pb的差异配置：

configtxlator compute_update --channel_id channel1 --original /home/songzehao/fabric/config/channel-artifacts/original_config.pb --updated /home/songzehao/fabric/config/channel-artifacts/modified_config.pb --output /home/songzehao/fabric/config/channel-artifacts/config_update.pb

protobuf解码为.json格式：

configtxlator proto_decode --input /home/songzehao/fabric/config/channel-artifacts/config_update.pb --type common.ConfigUpdate --output /home/songzehao/fabric/config/channel-artifacts/config_update.json

追加.json格式的差异文件内容到新包装后的.json文件：

echo '{"payload":{"header":{"channel_header":{"channel_id":"channel1", "type":2}},"data":{"config_update":'$(cat /home/songzehao/fabric/config/channel-artifacts/config_update.json)'}}}' | jq . > /home/songzehao/fabric/config/channel-artifacts/config_update_in_envelope.json

编码为Envelope类型的新的交易文件：

configtxlator proto_encode --input /home/songzehao/fabric/config/channel-artifacts/config_update_in_envelope.json --type common.Envelope --output /home/songzehao/fabric/config/channel-artifacts/Org1MSPanchors.tx

7.6、提交更新通道配置交易

peer channel update -o 192.168.3.128:7050 -c channel1 -f /home/songzehao/fabric/config/channel-artifacts/Org1MSPanchors.tx --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

八、部署链码发送交易

8.1、编译打包链码

将fabric-samples示例工程https://github.com/hyperledger/fabric-samples/tree/v2.2.0/拉下来：

git clone -b v2.2.0 https://gitee.com/hyperledger/fabric-samples.git

以其中一个asset-transfer-basic链码举例，编译该java链码，并打包为basic.tar.gz：

rm -rf ~/fabric/fabric-samples/asset-transfer-basic/chaincode-java/build/install/./gradlew installDistpeer lifecycle chaincode package ~/fabric/config/basic.tar.gz --path ~/fabric/fabric-samples/asset-transfer-basic/chaincode-java/build/install/basic --lang java --label basic_1.0

8.2、部署链码

进行链码安装：

peer lifecycle chaincode install /home/songzehao/fabric/config/basic.tar.gz

查看已安装的链码：

peer lifecycle chaincode queryinstalled

批准链码定义：

peer lifecycle chaincode approveformyorg -o 192.168.3.128:7050 --channelID channel1 --name basic --version 1.0 --package-id basic_1.0:67b9d7ef205254d9b8ff59e5904d1d18a27f74d7d1679abe0e7ccde064826773 --sequence 1 --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

检查批准状态：

peer lifecycle chaincode queryapproved -C channel1 -n basic

检查提交就绪状态：

peer lifecycle chaincode checkcommitreadiness --channelID channel1 --name basic --version 1.0 --sequence 1 --output json

提交到peer0：

peer lifecycle chaincode commit -o 192.168.3.128:7050 --channelID channel1 --name basic --peerAddresses 192.168.3.128:7051 --tlsRootCertFiles /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --version 1.0 --sequence 1 --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

检查提交状态：

peer lifecycle chaincode querycommitted --channelID channel1 --name basic --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem

docker验证新的链代码是否已在您的对等点192.168.3.128上提交启动：

docker ps --no-trunc
CONTAINER ID                                                       IMAGE                                                                                                                                                                    COMMAND                                                     CREATED              STATUS              PORTS     NAMES
660ab24842f1c96dc644f931b6540befca1cfb953399d880d9fe6e02560e4dc0   dev-peer0.org1.example.com-basic_1.0-67b9d7ef205254d9b8ff59e5904d1d18a27f74d7d1679abe0e7ccde064826773-4ae135e5fa18d99cbd8dc7e8907079b31a3f779d0137e69204d3307d30236441   "/root/chaincode-java/start --peerAddress localhost:7052"   About a minute ago   Up About a minute             dev-peer0.org1.example.com-basic_1.0-67b9d7ef205254d9b8ff59e5904d1d18a27f74d7d1679abe0e7ccde064826773

8.3、发送交易

发交易，初始化资产（调用链码的初始化方法InitLedger）：

peer chaincode invoke -o 192.168.3.128:7050 -C channel1 -n basic --peerAddresses 192.168.3.128:7051 --tlsRootCertFiles /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem -c '{"function":"InitLedger","Args":[]}'

查询初始化后的资产（调用链码的GetAllAssets方法）：

peer chaincode invoke -o 192.168.3.128:7050 -C channel1 -n basic --peerAddresses 192.168.3.128:7051 --tlsRootCertFiles /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem -c '{"function":"GetAllAssets","Args":[]}'

发交易，新增资产（调用链码的初始化方法CreateAsset）：

peer chaincode invoke -o 192.168.3.128:7050 -C channel1 -n basic --peerAddresses 192.168.3.128:7051 --tlsRootCertFiles /home/songzehao/fabric/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --tls --cafile /home/songzehao/fabric/organizations/ordererOrganizations/org1.example.com/orderers/orderer0.org1.example.com/msp/tlscacerts/tlsca.org1.example.com-cert.pem -c '{"function":"CreateAsset","Args":["asset7", "pink", "18", "Jay", "800"]}'