Adding a new Orderer organization in Hyperledger Fabric¶
Prerequisites¶
To add a new Orderer organization, a fully configured Fabric network must be present already setup, i.e. a Fabric network which has Orderers, Peers, Channels (with all Peers already in the channels). The corresponding crypto materials should also be present in their respective Hashicorp Vault.
NOTE: Addition of a new Orderer organization has been tested on an existing network which is created by Bevel. Networks created using other methods may be suitable but this has not been tested by Bevel team. Addition of new Orderer organization only works with Fabric 2.2.2, 2.5.4 and RAFT Service.
Modifying Configuration File¶
Refer this guide for details on editing the configuration file.
While modifying the configuration file(network.yaml) for adding new orderer organization, all the existing organizations should have org_status tag as existing and the new organization should have org_status tag as new under network.channels e.g.
consortium: SupplyChainConsortium
channel_name: AllChannel
channel_status: new
chaincodes:
- "chaincode_name"
orderers:
- supplychain
participants:
- organization:
name: carrier
type: creator # creator organization will create the channel and instantiate chaincode, in addition to joining the channel and install chaincode
org_status: existing # Status of the organization for the existing network, can be new / existing
peers:
- peer:
name: peer0
gossipAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External or internal URI of the gossip peer
peerAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443 # Must include port, External or internal URI of the orderer
- organization:
name: store
type: joiner # joiner organization will only join the channel and install chaincode
org_status: existing # Status of the organization for the existing network, can be new / existing
peers:
- peer:
name: peer0
gossipAddress: peer0.store-net.org4proxy.blockchaincloudpoc.com:443
peerAddress: peer0.store-net.org4proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443
- organization:
name: warehouse
type: joiner
org_status: existing # Status of the organization for the existing network, can be new / existing
peers:
- peer:
name: peer0
gossipAddress: peer0.warehouse-net.org5proxy.blockchaincloudpoc.com:443
peerAddress: peer0.warehouse-net.org5proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443
- organization:
name: manufacturer
type: joiner
org_status: existing # Status of the organization for the existing network, can be new / existing
peers:
- peer:
name: peer0
gossipAddress: peer0.manufacturer-net.org2proxy.blockchaincloudpoc.com:443
peerAddress: peer0.manufacturer-net.org2proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443
endorsers:
# Only one peer per org required for endorsement
- organization:
name: carrier
peers:
- peer:
name: peer0
corepeerAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443
certificate: "/path/carrier/server.crt" # certificate path for peer
- organization:
name: warehouse
peers:
- peer:
name: peer0
corepeerAddress: peer0.warehouse-net.org5proxy.blockchaincloudpoc.com:443
certificate: "/path/warehouse/server.crt" # certificate path for peer
- organization:
name: manufacturer
peers:
- peer:
name: peer0
corepeerAddress: peer0.manufacturer-net.org2proxy.blockchaincloudpoc.com:443
certificate: "/path/manufacturer/server.crt" # certificate path for peer
# Allows specification of one or many organizations that will be connecting to a network.
# If an organization is also hosting the root of the network (e.g. doorman, membership service, etc),
# then these services should be listed in this section as well.
and under network.organizations as
state: London
location: London
subject: "O=Orderer,L=51.50/-0.13/London,C=GB"
external_url_suffix: org1proxy.blockchaincloudpoc.com
org_status: existing # Status of the organization for the existing network, can be new / existing
ca_data:
certificate: file/server.crt # Path where ca public cert will be stored (if new) or read from (if existing ca)
cloud_provider: aws # Options: aws, azure, gcp, digitalocean, minikube
aws:
..
..
location: London
subject: "O=NewOrderer,L=51.50/-0.13/London,C=GB"
external_url_suffix: org6proxy.blockchaincloudpoc.com
org_status: new # Status of the organization for the existing network, can be new / existing
ca_data:
certificate: file/server.crt # Path where ca public cert will be stored (if new) or read from (if existing ca)
cloud_provider: aws # Options: aws, azure, gcp, digitalocean, minikube
aws:
access_key: "aws_access_key" # AWS Access key, only used when cloud_provider=aws
..
..
The network.yaml file should contain the specific network.organization details along with the orderer information.
For reference, see network-fabric-add-ordererorg.yaml file here.
Run playbook¶
The add-orderer-organization.yaml playbook is used to add a new Orderer organization to the existing network. This can be done using the following command
ansible-playbook platforms/hyperledger-fabric/configuration/add-orderer-organization.yaml --extra-vars "@path-to-network.yaml"
NOTE: Make sure that the org_status label was set as new when the network is deployed for the first time. If you have additional applications, please deploy them as well.