diff --git a/REMOTE_ORG.md b/REMOTE_ORG.md deleted file mode 100644 index 3b1f36d..0000000 --- a/REMOTE_ORG.md +++ /dev/null @@ -1,116 +0,0 @@ -## 1. Start network -```bash -mamba start -``` -## 2. Prepare merchant config in '/home/hainq/.akachain/akc-mamba/mamba/config/merchant.env' -- In merchant env, must fill: - - EXTERNAL_ORDERER_ADDRESSES, EXTERNAL_RCA_ADDRESSES - - ENDORSEMENT_ORG_NAME, ENDORSEMENT_ORG_ADDRESS, ENDORSEMENT_ORG_TLSCERT -- In operator env, must fill: - - NEW_ORG_NAME -``` -cp /home/hainq/.akachain/akc-mamba/mamba/config/merchant.env /home/hainq/.akachain/akc-mamba/mamba/config/.env -``` -- Prepare folder of merchant cluster using command: -``` -mamba copyscripts -``` -## 3. Copy signed cert of root ca to merchant cluster -``` -kubectl exec -it test-efs-7759545f7-b5ffw bash -cp /tmp/artifact/akc-network/akc-ca-data/rca-akc-cert.pem /tmp/artifact/merchant-network/akc-ca-data/ -``` - -## 4. Create new org in new cluster -``` -mamba create-org -``` --> Automation generate to merchant.json -## 4. Copy merchant.json to operator cluster -``` -cp /tmp/artifact/merchant-network/akc-ca-data/merchant.json /tmp/artifact/akc-network/akc-ca-data/ -``` -## 5. In operator cluster, add merchant to channel -Must specify env: NEW_ORG_NAME="merchant" in operator.env file -``` -cp /home/hainq/.akachain/akc-mamba/mamba/config/operator.env /home/hainq/.akachain/akc-mamba/mamba/config/.env -mamba channel-config auto-update -``` - -## 6. Install chaincode test -``` -curl -s -X POST http://admin-rca-ica.akc:4001/chaincodes -H "content-type: application/json" -d '{ - "orgname":"akc", - "chaincodeId":"fabcar", - "chaincodePath":"chaincodes/fabcar/", - "chaincodeVersion":"v1.0", - "chaincodeType":"golang" -}' -``` - -## 7. Copy signed cert of orderer and akc org to merchant cluster -``` -cp /tmp/artifact/akc-network/akc-ca-data/ica-orderer-ca-chain.pem /tmp/artifact/merchant-network/akc-ca-data/ -cp /tmp/artifact/akc-network/akc-ca-data/ica-akc-ca-chain.pem /tmp/artifact/merchant-network/akc-ca-data/ -``` - -## 8. Join merchant to channel -``` -curl -s -X POST http://admin-rca-ica.default:4001/registerUser -H "content-type: application/json" -d '{ - "orgname":"merchant" -}' -curl -s -X POST http://admin-rca-ica.default:4001/joinchannel -H "content-type: application/json" -d '{ - "orgname":"merchant", - "channelName":"akcchannel" -}' -curl -s -X POST http://admin-rca-ica.default:4001/chaincodes -H "content-type: application/json" -d '{ - "orgname":"merchant", - "chaincodeId":"fabcar", - "chaincodePath":"chaincodes/fabcar/", - "chaincodeVersion":"v1.0", - "chaincodeType":"golang" -}' -``` - -## 9. Init or upgrade chaincode on operator cluster -- Init -``` -curl -s -X POST http://admin-rca-ica.akc:4001/initchaincodes -H "content-type: application/json" -d '{ - "orgname":"akc", - "channelName":"akcchannel", - "chaincodeId":"fabcar", - "chaincodeVersion":"v1.0", - "chaincodeType":"golang", - "args":[] -}' -``` -- Or upgrade if chaincode exists -``` -curl -s -X POST http://admin-rca-ica.ordererhai:4001/upgradeChainCode -H "content-type: application/json" -d '{ - "orgname":"akc", - "channelName":"akcchannel", - "chaincodeId":"fabcar", - "chaincodeVersion":"v1.0", - "chaincodeType":"golang", - "args":[] -}' -``` - -## 10. Try invoke chaincode on merchant cluster: -``` -curl -s -X POST http://admin-rca-ica.default:4001/invokeChainCode -H "content-type: application/json" -d '{ - "orgname":"merchant", - "channelName":"akcchannel", - "chaincodeId":"fabcar", - "args": ["CAR1", "a", "b", "c", "d"], - "fcn": "createCar" -}' - -curl -s -X POST http://admin-rca-ica.akc:4001/invokeChainCode -H "content-type: application/json" -d '{ - "orgname":"akc", - "channelName":"akcchannel", - "chaincodeId":"fabcar", - "args": ["CAR1", "a", "b", "c", "d"], - "fcn": "createCar" -}' -``` diff --git a/CRYPTO_CONFIG_REQUIRED.md b/docs/CRYPTO_CONFIG_REQUIRED.md similarity index 100% rename from CRYPTO_CONFIG_REQUIRED.md rename to docs/CRYPTO_CONFIG_REQUIRED.md diff --git a/EXTERNAL_CHAINCODE.md b/docs/EXTERNAL_CHAINCODE.md similarity index 97% rename from EXTERNAL_CHAINCODE.md rename to docs/EXTERNAL_CHAINCODE.md index e3acb4e..de0d214 100644 --- a/EXTERNAL_CHAINCODE.md +++ b/docs/EXTERNAL_CHAINCODE.md @@ -8,7 +8,7 @@ curl --location --request POST http://localhost:4001/api/v2/chaincodes/packageExternalCC \ --header 'content-type: application/json' \ --data-raw '{ - "orgname":"akc", + "orgName":"akc", "chaincodeName":"fabcar" }' ``` @@ -46,7 +46,7 @@ curl --location --request POST http://localhost:4001/api/v2/chaincodes/install \ --header 'content-type: application/json' \ --data-raw '{ - "orgname":"akc", + "orgName":"akc", "chaincodeName":"fabcar", "chaincodePath":"fabcar.tgz", "peerIndex": "0" @@ -57,7 +57,7 @@ curl --location --request POST http://localhost:4001/api/v2/chaincodes/queryInstalled \ --header 'content-type: application/json' \ --data-raw '{ - "orgname":"akc", + "orgName":"akc", "peerIndex": "0" }' ``` @@ -70,7 +70,7 @@ curl --location --request POST http://localhost:4001/api/v2/chaincodes/approveForMyOrg \ --header 'content-type: application/json' \ --data-raw '{ - "orgname":"akc", + "orgName":"akc", "peerIndex": "0", "chaincodeName": "fabcar", "chaincodeVersion": 1, diff --git a/docs/GENERATE_APPLICATION_ARTIFACT_V1.md b/docs/GENERATE_APPLICATION_ARTIFACT_V1.md new file mode 100644 index 0000000..159c5dd --- /dev/null +++ b/docs/GENERATE_APPLICATION_ARTIFACT_V1.md @@ -0,0 +1,29 @@ +- Run admin-v1 +Create github secret to pull image: +``` +kubectl create secret docker-registry mamba --docker-server=docker.pkg.github.com --docker-username=your_username --docker-password=your_token --docker-email=your_email -n orderer +``` +Use mamba to setup admin v1 +``` +mamba adminv1 setup +``` + +- Generate artifact +``` +mamba gen-artifact setup +``` + +- Generate folder crypto-config v1 +``` +mamba updatefolder +``` + +- Create User +Exec to efs pod: +```ls +kubectl exec -it test-efs-xxxxxxxxxxx-xxxx bash +curl -s -X POST http://localhost:4001/registerUser -H "content-type: application/json" -d '{ + "orgname":"Org1", + "username":"User1" +}' +``` diff --git a/docs/MINIKUBE.md b/docs/MINIKUBE.md new file mode 100644 index 0000000..0f76cf6 --- /dev/null +++ b/docs/MINIKUBE.md @@ -0,0 +1,41 @@ +1. Install pip3 +sudo apt install python3-pip +2. Install minikube, kubectl command +- Install minikube +``` +curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 +sudo install minikube-linux-amd64 /usr/local/bin/minikube +``` +- Install kubectl +``` +curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add +sudo apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main" +sudo apt-get install kubeadm kubelet kubectl +sudo apt-mark hold kubeadm kubelet kubectl +``` +- Install nfs-commmon +``` +sudo apt-get install nfs-common +``` +2. Install dependency +``` +pip3 install -r requirements.txt +``` +3. Start minikube +``` +sudo minikube start --driver=none +sudo mv /home/hainq6/.kube /home/hainq6/.minikube $HOME +sudo chown -R $USER $HOME/.kube $HOME/.minikube +``` +4. Setup environment +``` +mamba environment +``` +5. Start network +``` +mamba environment +``` +#### Note +``` +k edit cm -n kube-system coredns +``` \ No newline at end of file diff --git a/docs/PACKGING_PROJECT.md b/docs/PACKGING_PROJECT.md new file mode 100644 index 0000000..35012de --- /dev/null +++ b/docs/PACKGING_PROJECT.md @@ -0,0 +1,90 @@ +## A simple project +To create this project locally, create the following file structure: +``` +packaging_tutorial +└── example_pkg + └── __init__.py +``` +```example_pkg/__init__.py``` is required to import the directory as a package, and can simply be an empty file + +## Creating the package files +``` +packaging_tutorial +├── LICENSE +├── README.md +├── example_pkg +│ └── __init__.py +├── setup.py +└── tests +``` + +## Creating a test folder +```tests/``` is a placeholder for unit test files. Leave it empty for now. + +## Creating setup.py +```setup.py``` is the build script for setuptools. It tells ```setuptools``` about your package (such as the name and version) as well as which code files to include. + +Open ```setup.py``` and enter the following content. Update the package name to include your username (for example, ```example-pkg-theacodes```), this ensures that you have a unique package name and that your package doesn’t conflict with packages uploaded by other people following this tutorial. + +- ``name`` is the distribution name of your package. This can be any name as long as only contains letters, numbers, _ , and -. It also must not already be taken on pypi.org. Be sure to update this with your username, as this ensures you won’t try to upload a package with the same name as one which already exists when you upload the package. + +## Install package in develop mode +``` +sudo python3 setup.py develop +``` + +## Generating distribution archives +Make sure you have the latest versions of setuptools and wheel installed: +``` +python3 -m pip install --user --upgrade setuptools wheel +``` +Now run this command from the same directory where setup.py is located: +``` +python3 setup.py sdist bdist_wheel +``` +The tar.gz file is a Source Archive whereas the .whl file is a Built Distribution. + +## Uploading the distribution archives +### 1. Register an account on Test PyPI + +Test PyPI is a separate instance of the package index intended for testing and experimentation + +Go to https://test.pypi.org/account/register/ and complete the steps on that page. + +Now you’ll create a PyPI API token so you will be able to securely upload your project + +Go to https://test.pypi.org/manage/account/#api-tokens and create a new API token; don’t limit its scope to a particular project, since you are creating a new project. + +### 2. Use twine to upload the distribution packages +You’ll need to install Twine: +``` +python3 -m pip install --user --upgrade twine +``` +Once installed, run Twine to upload all of the archives under dist: +``` +python3 -m twine upload --repository testpypi dist/* +``` +You will be prompted for a username and password. For the username, use __token__. For the password, use the token value, including the pypi- prefix. + +After the command completes, you should see output similar to this: +``` +Uploading distributions to https://test.pypi.org/legacy/ +Enter your username: [your username] +Enter your password: +Uploading example_pkg_YOUR_USERNAME_HERE-0.0.1-py3-none-any.whl +100%|█████████████████████| 4.65k/4.65k [00:01<00:00, 2.88kB/s] +Uploading example_pkg_YOUR_USERNAME_HERE-0.0.1.tar.gz +100%|█████████████████████| 4.25k/4.25k [00:01<00:00, 3.05kB/s] +``` + +Once uploaded your package should be viewable on TestPyPI, for example, https://test.pypi.org/project/example-pkg-YOUR-USERNAME-HERE + +## Installing your newly uploaded package +You can use ``pip`` to install your package and verify that it works. Create a new virtualenv (see [Installing Packages](https://packaging.python.org/tutorials/installing-packages/) for detailed instructions) and install your package from TestPyPI: +``` +python3 -m pip install --index-url https://test.pypi.org/simple/ --no-deps example-pkg-YOUR-USERNAME-HERE +``` + +## References +https://packaging.python.org/tutorials/ +https://setuptools.readthedocs.io/en/latest/pkg_resources.html#resourcemanager-api diff --git a/docs/REMOTE_ORG.md b/docs/REMOTE_ORG.md new file mode 100644 index 0000000..6b75e0a --- /dev/null +++ b/docs/REMOTE_ORG.md @@ -0,0 +1,193 @@ +## 1. Start network +```bash +mamba start +``` +## 2. Prepare merchant config in '/home/hainq/.akachain/akc-mamba/mamba/config/merchant.env' +- In merchant env, must fill: + - REMOTE_RCA_NAME, REMOTE_RCA_ADDRESS, REMOTE_ORDERER_HOST, REMOTE_ORDERER_NAME, REMOTE_ORDERER_DOMAIN + - ENDORSEMENT_ORG_NAME, ENDORSEMENT_ORG_ADDRESS, ENDORSEMENT_ORG_TLSCERT +- In operator env, must fill: + - NEW_ORG_NAME +``` +cp /home/hainq/.akachain/akc-mamba/mamba/config/merchant.env /home/hainq/.akachain/akc-mamba/mamba/config/.env +``` +- Prepare folder of merchant cluster using command: +``` +mamba copyscripts +``` +- Setup environment: +``` +mamba environment +``` +## 3. Copy signed cert of root ca to merchant cluster +``` +kubectl exec -it test-efs-7759545f7-b5ffw bash +cp /tmp/artifact/akc-network/akc-ca-data/rca-akc-cert.pem /tmp/artifact/merchant-network/akc-ca-data/ +``` + +## 4. Create new org in new cluster +``` +mamba create-org +``` +-> Automation generate to merchant.json +## 5. Copy merchant.json to operator cluster +``` +cp /tmp/artifact/merchant-network/akc-ca-data/merchant.json /tmp/artifact/akc-network/akc-ca-data/ +``` +## 6. In operator cluster, add merchant to channel +Must specify env: NEW_ORG_NAME="merchant" in operator.env file +``` +cp /home/hainq/.akachain/akc-mamba/mamba/config/operator.env /home/hainq/.akachain/akc-mamba/mamba/config/.env +mamba channel-config auto-update +``` + +## 7. Install chaincode test +``` +curl --location --request POST http://admin-v2-akc.akc:4001/api/v2/chaincodes/packageCC \ +--header 'content-type: application/json' \ +--data-raw '{ + "orgName":"akc", + "chaincodePath":"/chaincodes/fabcar", + "chaincodeName":"fabcar", + "chaincodeVersion":"2", + "chaincodeType":"golang", + "peerIndex": "0" +}' +curl --location --request POST http://admin-v2-akc.akc:4001/api/v2/chaincodes/install \ +--header 'content-type: application/json' \ +--data-raw '{ + "chaincodeName":"fabcar", + "chaincodePath":"fabcar.tar.gz", + "target": "0 akc" +}' + +curl --location --request POST http://admin-v2-akc.akc:4001/api/v2/chaincodes/queryInstalled \ +--header 'content-type: application/json' \ +--data-raw '{ + "orgName":"akc", + "peerIndex": "0", + "chaincodeName": "fabcar", + "chaincodeVersion": "2" +}' +curl --location --request POST http://admin-v2-akc.akc:4001/api/v2/chaincodes/approveForMyOrg \ +--header 'content-type: application/json' \ +--data-raw '{ + "orgName":"akc", + "peerIndex": "0", + "chaincodeName": "fabcar", + "chaincodeVersion": 2, + "channelName": "akcchannel", + "packageId": "fabcar_2:dd2f978e3976a3df9812335447207907051b24e7315841ac922b5fd376e74cb8", + "ordererAddress": "orderer0-orderer.orderer:7050" +}' +``` + +## 8. Copy signed cert of orderer and akc org to merchant cluster +- Orderer TLS cert +``` +mkdir -p /tmp/artifact/c-merchant/akc-ca-data/crypto-config/orderer.orderer/orderers/orderer0-orderer.orderer/msp/tlsintermediatecerts/ +cp /tmp/artifact/cluster-mamba-example/akc-ca-data/crypto-config/orderer.orderer/orderers/orderer0-orderer.orderer/msp/tlsintermediatecerts/ica-orderer-orderer-7054.pem /tmp/artifact/c-merchant/akc-ca-data/crypto-config/orderer.orderer/orderers/orderer0-orderer.orderer/msp/tlsintermediatecerts/ +``` +- Operator peer TLS cert +``` +mkdir -p /tmp/artifact/c-merchant/akc-ca-data/crypto-config/akc.akc/peers/peer0-akc.akc/tls/tlsintermediatecerts/ +cp /tmp/artifact/cluster-mamba-example/akc-ca-data/crypto-config/akc.akc/peers/peer0-akc.akc/tls/tlsintermediatecerts/tls-ica-akc-akc-7054.pem /tmp/artifact/c-merchant/akc-ca-data/crypto-config/akc.akc/peers/peer0-akc.akc/tls/tlsintermediatecerts/ +``` + +## 9. Join merchant to channel +``` +curl -s -X POST http://admin-v2-merchant.merchant:4001/api/v2/cas/enrollAdmin -H "content-type: application/json" -d '{ + "orgName":"merchant", + "adminName": "ica-merchant-admin", + "adminPassword": "ica-merchant-adminpw" +}' +curl -s -X POST http://admin-v2-merchant.merchant:4001/api/v2/cas/registerUser -H "content-type: application/json" -d '{ + "orgName":"merchant", + "userName": "merchant", + "adminName": "ica-merchant-admin" +}' +curl -s -X POST http://admin-v2-merchant.merchant:4001/api/v2/channels/join -H "content-type: application/json" -d '{ + "orgName":"merchant", + "peerIndex": "0", + "channelName":"akcchannel", + "ordererAddress": "orderer0-orderer.orderer:7050" +}' +``` + +## 10. Init or upgrade chaincode on operator cluster +- Install test chaincode on merchant cluster +``` +curl --location --request POST http://admin-v2-merchant.merchant:4001/api/v2/chaincodes/packageCC \ +--header 'content-type: application/json' \ +--data-raw '{ + "orgName":"merchant", + "chaincodePath":"/chaincodes/fabcar", + "chaincodeName":"fabcar", + "chaincodeVersion":"2", + "chaincodeType":"golang", + "peerIndex": "0" +}' +curl --location --request POST http://admin-v2-merchant.merchant:4001/api/v2/chaincodes/install \ +--header 'content-type: application/json' \ +--data-raw '{ + "chaincodeName":"fabcar", + "chaincodePath":"fabcar.tar.gz", + "target": "0 merchant" +}' + +curl --location --request POST http://admin-v2-merchant.merchant:4001/api/v2/chaincodes/queryInstalled \ +--header 'content-type: application/json' \ +--data-raw '{ + "orgName":"merchant", + "peerIndex": "0", + "chaincodeName": "fabcar", + "chaincodeVersion": "2" +}' +curl --location --request POST http://admin-v2-merchant.merchant:4001/api/v2/chaincodes/approveForMyOrg \ +--header 'content-type: application/json' \ +--data-raw '{ + "orgName":"merchant", + "peerIndex": "0", + "chaincodeName": "fabcar", + "chaincodeVersion": 2, + "channelName": "akcchannel", + "packageId": "fabcar_2:dd2f978e3976a3df9812335447207907051b24e7315841ac922b5fd376e74cb8", + "ordererAddress": "orderer0-orderer.orderer:7050" +}' +``` +- Commit +``` +curl --location --request POST http://admin-v2-merchant.merchant:4001/api/v2/chaincodes/commitChaincodeDefinition \ +--header 'content-type: application/json' \ +--data-raw '{ + "chaincodeName": "fabcar", + "chaincodeVersion": 2, + "channelName": "akcchannel", + "target": "0 merchant 0 akc", + "ordererAddress": "orderer0-orderer.orderer:7050" +}' +``` +## 11. Copy tls cert of new org to other org +``` +mkdir -p /tmp/artifact/cluster-mamba-example/akc-ca-data/crypto-config/merchant.merchant/peers/peer0-merchant.merchant/tls/tlsintermediatecerts/ +cp /tmp/artifact/c-merchant/akc-ca-data/crypto-config/merchant.merchant/peers/peer0-merchant.merchant/tls/tlsintermediatecerts/tls-ica-merchant-merchant-7054.pem /tmp/artifact/cluster-mamba-example/akc-ca-data/crypto-config/merchant.merchant/peers/peer0-merchant.merchant/tls/tlsintermediatecerts/ +``` + +## 12. Try invoke chaincode on merchant cluster: +``` +curl -s -X POST http://admin-rca-ica.default:4001/invokeChainCode -H "content-type: application/json" -d '{ + "orgName":"merchant", + "channelName":"akcchannel", + "chaincodeId":"fabcar", + "args": ["CAR1", "a", "b", "c", "d"], + "fcn": "createCar" +}' + +curl -s -X POST http://admin-rca-ica.akc:4001/invokeChainCode -H "content-type: application/json" -d '{ + "orgName":"akc", + "channelName":"akcchannel", + "chaincodeId":"fabcar", + "args": ["CAR1", "a", "b", "c", "d"], + "fcn": "createCar" +}' +``` diff --git a/mamba/.pylintrc b/mamba/.pylintrc new file mode 100644 index 0000000..9ae72e7 --- /dev/null +++ b/mamba/.pylintrc @@ -0,0 +1,433 @@ +[MASTER] + +# A comma-separated list of package or module names from where C extensions may +# be loaded. Extensions are loading into the active Python interpreter and may +# run arbitrary code +extension-pkg-whitelist= + +# Add files or directories to the blacklist. They should be base names, not +# paths. +ignore=CVS + +# Add files or directories matching the regex patterns to the blacklist. The +# regex matches against base names, not paths. +ignore-patterns= + +# Python code to execute, usually for sys.path manipulation such as +# pygtk.require(). +#init-hook= + +# Use multiple processes to speed up Pylint. +# jobs=1 +jobs=2 + +# List of plugins (as comma separated values of python modules names) to load, +# usually to register additional checkers. +load-plugins= + +# Pickle collected data for later comparisons. +persistent=yes + +# Specify a configuration file. +#rcfile= + +# Allow loading of arbitrary C extensions. Extensions are imported into the +# active Python interpreter and may run arbitrary code. +unsafe-load-any-extension=no + + +[MESSAGES CONTROL] + +# Only show warnings with the listed confidence levels. Leave empty to show +# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED +confidence= + +# Disable the message, report, category or checker with the given id(s). You +# can either give multiple identifiers separated by comma (,) or put this +# option multiple times (only on the command line, not in the configuration +# file where it should appear only once).You can also use "--disable=all" to +# disable everything first and then reenable specific checks. For example, if +# you want to run only the similarities checker, you can use "--disable=all +# --enable=similarities". If you want to run only the classes checker, but have +# no Warning level messages displayed, use"--disable=all --enable=classes +# --disable=W" +# disable=import-error,print-statement,parameter-unpacking,unpacking-in-except,old-raise-syntax,backtick,long-suffix,old-ne-operator,old-octal-literal,import-star-module-level,raw-checker-failed,bad-inline-option,locally-disabled,locally-enabled,file-ignored,suppressed-message,useless-suppression,deprecated-pragma,apply-builtin,basestring-builtin,buffer-builtin,cmp-builtin,coerce-builtin,execfile-builtin,file-builtin,long-builtin,raw_input-builtin,reduce-builtin,standarderror-builtin,unicode-builtin,xrange-builtin,coerce-method,delslice-method,getslice-method,setslice-method,no-absolute-import,old-division,dict-iter-method,dict-view-method,next-method-called,metaclass-assignment,indexing-exception,raising-string,reload-builtin,oct-method,hex-method,nonzero-method,cmp-method,input-builtin,round-builtin,intern-builtin,unichr-builtin,map-builtin-not-iterating,zip-builtin-not-iterating,range-builtin-not-iterating,filter-builtin-not-iterating,using-cmp-argument,eq-without-hash,div-method,idiv-method,rdiv-method,exception-message-attribute,invalid-str-codec,sys-max-int,bad-python3-import,deprecated-string-function,deprecated-str-translate-call +# disable=too-many-instance-attributes,len-as-condition,too-few-public-methods,anomalous-backslash-in-string,no-else-return,simplifiable-if-statement,too-many-arguments,duplicate-code,no-name-in-module,no-member,print-statement,parameter-unpacking,unpacking-in-except,old-raise-syntax,backtick,long-suffix,old-ne-operator,old-octal-literal,import-star-module-level,raw-checker-failed,bad-inline-option,locally-disabled,locally-enabled,file-ignored,suppressed-message,useless-suppression,deprecated-pragma,apply-builtin,basestring-builtin,buffer-builtin,cmp-builtin,coerce-builtin,execfile-builtin,file-builtin,long-builtin,raw_input-builtin,reduce-builtin,standarderror-builtin,unicode-builtin,xrange-builtin,coerce-method,delslice-method,getslice-method,setslice-method,no-absolute-import,old-division,dict-iter-method,dict-view-method,next-method-called,metaclass-assignment,indexing-exception,raising-string,reload-builtin,oct-method,hex-method,nonzero-method,cmp-method,input-builtin,round-builtin,intern-builtin,unichr-builtin,map-builtin-not-iterating,zip-builtin-not-iterating,range-builtin-not-iterating,filter-builtin-not-iterating,using-cmp-argument,eq-without-hash,div-method,idiv-method,rdiv-method,exception-message-attribute,invalid-str-codec,sys-max-int,bad-python3-import,deprecated-string-function,deprecated-str-translate-call,import-error,missing-docstring,invalid-name,bad-whitespace,consider-using-enumerate,unexpected-keyword-arg + +# Enable the message, report, category or checker with the given id(s). You can +# either give multiple identifier separated by comma (,) or put this option +# multiple time (only on the command line, not in the configuration file where +# it should appear only once). See also the "--disable" option for examples. +enable= + + +[REPORTS] + +# Python expression which should return a note less than 10 (10 is the highest +# note). You have access to the variables errors warning, statement which +# respectively contain the number of errors / warnings messages and the total +# number of statements analyzed. This is used by the global evaluation report +# (RP0004). +evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10) + +# Template used to display messages. This is a python new-style format string +# used to format the message information. See doc for all details +msg-template='{path} {line}: {msg} ({symbol})' + +# Set the output format. Available formats are text, parseable, colorized, json +# and msvs (visual studio).You can also give a reporter class, eg +# mypackage.mymodule.MyReporterClass. +output-format=text + +# Tells whether to display a full report or only the messages +reports=no + +# Activate the evaluation score. +score=yes + + +[REFACTORING] + +# Maximum number of nested blocks for function / method body +max-nested-blocks=5 + + +[LOGGING] + +# Logging modules to check that the string format arguments are in logging +# function parameter format +logging-modules=logging + + +[SPELLING] + +# Spelling dictionary name. Available dictionaries: none. To make it working +# install python-enchant package. +spelling-dict= + +# List of comma separated words that should not be checked. +spelling-ignore-words= + +# A path to a file that contains private dictionary; one word per line. +spelling-private-dict-file= + +# Tells whether to store unknown words to indicated private dictionary in +# --spelling-private-dict-file option instead of raising a message. +spelling-store-unknown-words=no + + +[MISCELLANEOUS] + +# List of note tags to take in consideration, separated by a comma. +# notes=FIXME,XXX,TODO +notes=FIXME,XXX + + +[TYPECHECK] + +# List of decorators that produce context managers, such as +# contextlib.contextmanager. Add to this list to register other decorators that +# produce valid context managers. +contextmanager-decorators=contextlib.contextmanager + +# List of members which are set dynamically and missed by pylint inference +# system, and so shouldn't trigger E1101 when accessed. Python regular +# expressions are accepted. +generated-members= + +# Tells whether missing members accessed in mixin class should be ignored. A +# mixin class is detected if its name ends with "mixin" (case insensitive). +ignore-mixin-members=yes + +# This flag controls whether pylint should warn about no-member and similar +# checks whenever an opaque object is returned when inferring. The inference +# can return multiple potential results while evaluating a Python object, but +# some branches might not be evaluated, which results in partial inference. In +# that case, it might be useful to still emit no-member and other checks for +# the rest of the inferred objects. +ignore-on-opaque-inference=yes + +# List of class names for which member attributes should not be checked (useful +# for classes with dynamically set attributes). This supports the use of +# qualified names. +ignored-classes=optparse.Values,thread._local,_thread._local + +# List of module names for which member attributes should not be checked +# (useful for modules/projects where namespaces are manipulated during runtime +# and thus existing member attributes cannot be deduced by static analysis. It +# supports qualified module names, as well as Unix pattern matching. +ignored-modules= + +# Show a hint with possible names when a member name was not found. The aspect +# of finding the hint is based on edit distance. +missing-member-hint=yes + +# The minimum edit distance a name should have in order to be considered a +# similar match for a missing member name. +missing-member-hint-distance=1 + +# The total number of similar names that should be taken in consideration when +# showing a hint for a missing member. +missing-member-max-choices=1 + + +[VARIABLES] + +# List of additional names supposed to be defined in builtins. Remember that +# you should avoid to define new builtins when possible. +additional-builtins= + +# Tells whether unused global variables should be treated as a violation. +allow-global-unused-variables=yes + +# List of strings which can identify a callback function by name. A callback +# name must start or end with one of those strings. +callbacks=cb_,_cb + +# A regular expression matching the name of dummy variables (i.e. expectedly +# not used). +dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_ + +# Argument names that match this expression will be ignored. Default to name +# with leading underscore +ignored-argument-names=_.*|^ignored_|^unused_ + +# Tells whether we should check for unused import in __init__ files. +init-import=no + +# List of qualified module names which can have objects that can redefine +# builtins. +redefining-builtins-modules=six.moves,future.builtins + + +[FORMAT] + +# Expected format of line ending, e.g. empty (any line ending), LF or CRLF. +# expected-line-ending-format= +expected-line-ending-format=LF + +# Regexp for a line that is allowed to be longer than the limit. +ignore-long-lines=^\s*(# )??$ + +# Number of spaces of indent required inside a hanging or continued line. +indent-after-paren=4 + +# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1 +# tab). +indent-string=' ' + +# Maximum number of characters on a single line. +max-line-length=100 + +# Maximum number of lines in a module +max-module-lines=1000 + +# List of optional constructs for which whitespace checking is disabled. `dict- +# separator` is used to allow tabulation in dicts, etc.: {1 : 1,\n222: 2}. +# `trailing-comma` allows a space between comma and closing bracket: (a, ). +# `empty-line` allows space-only lines. +no-space-check=trailing-comma,dict-separator + +# Allow the body of a class to be on the same line as the declaration if body +# contains single statement. +single-line-class-stmt=no + +# Allow the body of an if to be on the same line as the test if there is no +# else. +single-line-if-stmt=no + + +[SIMILARITIES] + +# Ignore comments when computing similarities. +ignore-comments=yes + +# Ignore docstrings when computing similarities. +ignore-docstrings=yes + +# Ignore imports when computing similarities. +ignore-imports=no + +# Minimum lines number of a similarity. +min-similarity-lines=4 + + +[BASIC] + +# Naming hint for argument names +argument-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Regular expression matching correct argument names +argument-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Naming hint for attribute names +attr-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Regular expression matching correct attribute names +attr-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Bad variable names which should always be refused, separated by a comma +bad-names=foo,bar,baz,toto,tutu,tata + +# Naming hint for class attribute names +class-attribute-name-hint=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ + +# Regular expression matching correct class attribute names +class-attribute-rgx=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$ + +# Naming hint for class names +# class-name-hint=[A-Z_][a-zA-Z0-9]+$ +class-name-hint=[A-Z_][a-zA-Z0-9_]+$ + +# Regular expression matching correct class names +# class-rgx=[A-Z_][a-zA-Z0-9]+$ +class-rgx=[A-Z_][a-zA-Z0-9_]+$ + +# Naming hint for constant names +const-name-hint=(([A-Z_][A-Z0-9_]*)|(__.*__))$ + +# Regular expression matching correct constant names +const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$ + +# Minimum line length for functions/classes that require docstrings, shorter +# ones are exempt. +docstring-min-length=-1 + +# Naming hint for function names +function-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Regular expression matching correct function names +function-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Good variable names which should always be accepted, separated by a comma +# good-names=i,j,k,ex,Run,_ +good-names=r,g,b,w,i,j,k,n,x,y,z,ex,ok,Run,_ + +# Include a hint for the correct naming format with invalid-name +include-naming-hint=no + +# Naming hint for inline iteration names +inlinevar-name-hint=[A-Za-z_][A-Za-z0-9_]*$ + +# Regular expression matching correct inline iteration names +inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$ + +# Naming hint for method names +method-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Regular expression matching correct method names +method-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Naming hint for module names +module-name-hint=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ + +# Regular expression matching correct module names +module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$ + +# Colon-delimited sets of names that determine each other's naming style when +# the name regexes allow several styles. +name-group= + +# Regular expression which should only match function or class names that do +# not require a docstring. +no-docstring-rgx=^_ + +# List of decorators that produce properties, such as abc.abstractproperty. Add +# to this list to register other decorators that produce valid properties. +property-classes=abc.abstractproperty + +# Naming hint for variable names +variable-name-hint=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + +# Regular expression matching correct variable names +variable-rgx=(([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$ + + +[IMPORTS] + +# Allow wildcard imports from modules that define __all__. +allow-wildcard-with-all=no + +# Analyse import fallback blocks. This can be used to support both Python 2 and +# 3 compatible code, which means that the block might have code that exists +# only in one or another interpreter, leading to false positives when analysed. +analyse-fallback-blocks=no + +# Deprecated modules which should not be used, separated by a comma +deprecated-modules=optparse,tkinter.tix + +# Create a graph of external dependencies in the given file (report RP0402 must +# not be disabled) +ext-import-graph= + +# Create a graph of every (i.e. internal and external) dependencies in the +# given file (report RP0402 must not be disabled) +import-graph= + +# Create a graph of internal dependencies in the given file (report RP0402 must +# not be disabled) +int-import-graph= + +# Force import order to recognize a module as part of the standard +# compatibility libraries. +known-standard-library= + +# Force import order to recognize a module as part of a third party library. +known-third-party=enchant + + +[CLASSES] + +# List of method names used to declare (i.e. assign) instance attributes. +defining-attr-methods=__init__,__new__,setUp + +# List of member names, which should be excluded from the protected access +# warning. +exclude-protected=_asdict,_fields,_replace,_source,_make + +# List of valid names for the first argument in a class method. +valid-classmethod-first-arg=cls + +# List of valid names for the first argument in a metaclass class method. +valid-metaclass-classmethod-first-arg=mcs + + +[DESIGN] + +# Maximum number of arguments for function / method +max-args=5 + +# Maximum number of attributes for a class (see R0902). +# max-attributes=7 +max-attributes=11 + +# Maximum number of boolean expressions in a if statement +max-bool-expr=5 + +# Maximum number of branch for function / method body +max-branches=12 + +# Maximum number of locals for function / method body +max-locals=15 + +# Maximum number of parents for a class (see R0901). +max-parents=7 + +# Maximum number of public methods for a class (see R0904). +max-public-methods=20 + +# Maximum number of return / yield for function / method body +max-returns=6 + +# Maximum number of statements in function / method body +max-statements=50 + +# Minimum number of public methods for a class (see R0903). +min-public-methods=1 + + +[EXCEPTIONS] + +# Exceptions that will emit a warning when being caught. Defaults to +# "Exception" +overgeneral-exceptions=Exception \ No newline at end of file diff --git a/mamba/README.md b/mamba/README.md index f92a68d..3d7aba9 100644 --- a/mamba/README.md +++ b/mamba/README.md @@ -1,46 +1,85 @@ # AKC-MAMBA manuals -## 1. Installation Instructions +## I. Installation Instructions -### a. Install AKC-Mamba -Install AKC-Mamba with +### 1. Prerequisites +Before you begin, you should confirm that you have installed all the prerequisites below on the platform where you will be running AKC-Mamba. +#### a. Install pip3 +If you have not installed `pip3`, use the following command to install: +```bash +curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py" +python3 get-pip.py --user ``` -pip3 install akc-mamba +For checking version : +```bash +pip3 --version ``` -We now can use the Mamba tool to prepare required helm and k8s components +### 2. Install AKC-Mamba +#### a. Install AKC-Mamba from pip package +You can use the following command: +```python +pip3 install akc-mamba ``` -find . -type f -iname "*.sh" -exec chmod +x {} \; -mamba environment +After install successfuly, you can get help by command: + +```bash +mamba --help ``` -Configuration parameters in `~/.akachain/akc-mamba/mamba/config/.env`, the file content is pretty much self-explained. -### b. Deploy and bootstrap network +#### b. Install and run from source code + +Install required Python3 modules with +```bash +pip3 install -r requirements.txt ``` -mamba start + +Use akc-mamba using python3 command: +```bash +python3 mamba.py --help ``` -The `mamba start` command executes a series of sub commands that installs various network components. For more information on each command for individual components, please refer to help section +### 3. Deploy and bootstrap network with CLI +#### a. Prepare environment +We now can use the Mamba tool to prepare required helm and k8s components -``` -mamba --help +```bash +mamba environment ``` -To terminate the network, just run +After running this command, the program will ask you to fill in some of the most necessary information of creating a blockchain network: +- `Cluster name`: The name of the cluster network you created in step [Setup an AWS EKS cluster](../README.md). Default: `cluster-mamba-example` +- `Kubenetes type`: Currently `akc-mamba` is supporting kubenetes of two types: `eks` and `minikube`. The default is `eks` +- `EFS infomation`: After you have entered the `Kubenetes type`,` mamba` will automatically search your k8s network for information about `efs`. If you have `EFS` installed before, the system will automatically update the config file located at `~/.akachain/akc-mamba/mamba/config/.env`. If not, you need to fill in the information `EFS SERVER` based on the installation step [Setup a Network File System](../README.md). If the k8s type is `minikube` then you do not need to enter this information. +- Important Note: You can check and update configuration parameters in `~/.akachain/akc-mamba/mamba/config/.env`, the file content is pretty much self-explained. +#### b. Deploy and bootstrap network -``` -mamba terminate -``` + ```python + mamba start + ``` -## 2. Development Guide + The `mamba start` command executes a series of sub commands that installs various network components. For more information on each command for individual components, please refer to help section + + ```python + mamba --help + ``` + + To terminate the network, just run + + ```python + mamba terminate + ``` + +## II. Development Guide + +### 1. Project structure -### 2.1 Project structure Mamba makes use of [Click_](http://click.palletsprojects.com/en/7.x/), an elegant python package for creating command line interfaces. The project structure is depicted in the tree below. -``` +```bash . ├── command_group_1 │ ├── commands.py @@ -49,39 +88,41 @@ Mamba makes use of [Click_](http://click.palletsprojects.com/en/7.x/), an elegan ├── utils │ ├── __init__.py │ ├── kube.py -│ -├── mamba.py ├── settings -├ ├──settings.py +│ ├── settings.py +├── mamba.py ``` -There are 4 main components: +There are 4 main components: + - mamba.py : The bootstrap instance module of Mamba -- settings/settings.py : Contains global variables that are shared accross all sub modules +- settings : Contains global variables that are shared accross all sub modules - command_group : Each command group is separated into its own directory. - utils : helper functions that must be initialized via settings.py -### 2.2 Coding Convention +### 2. Coding Convention + Please follow [PEP8](https://www.python.org/dev/peps/pep-0008/) - Style guide for Python Code. Another example can be found [here](https://gist.github.com/RichardBronosky/454964087739a449da04) There are several notes that are different with other languages -``` +```text Function names should be lowercase, with words separated by underscores as necessary to improve readability. Camel case is for class name ``` -### 2.3 Logging instruction +### 3. Logging instruction A snake must know how hiss ... or sometimes rattle. Normally we can just use echo to print out message during execution However: -- It is mandatory to `hiss` when there is error + +- It is mandatory to `hiss` when there is error. - also, `rattle` is needed when a snake meet something ... at the beginning or at the end of an execution. For more information about logging, please follow the standard convention in `mamba/utils/hiss.py` \ No newline at end of file diff --git a/mamba/blockchain/admin/commands.py b/mamba/blockchain/admin/commands.py index 6ff9ed5..2f7125c 100644 --- a/mamba/blockchain/admin/commands.py +++ b/mamba/blockchain/admin/commands.py @@ -14,6 +14,14 @@ def setup_admin(org): # Get orderer information orderer_names = settings.ORDERER_ORGS.split(' ') orderer_domains = settings.ORDERER_DOMAINS.split(' ') + if orderer_names == '' and settings.REMOTE_ORDERER_NAME != '': + orderer_names = settings.REMOTE_ORDERER_NAME.split(' ') + orderer_domains = settings.REMOTE_ORDERER_DOMAIN.split(' ') + + # Build endorsement config + peer_orgs = '%s %s' % (settings.PEER_ORGS, settings.ENDORSEMENT_ORG_NAME) + peer_domains = '%s %s' % (settings.PEER_DOMAINS, settings.ENDORSEMENT_ORG_DOMAIN) + print(peer_orgs) # Create application artifact folder hiss.echo('Create wallet folder') @@ -39,6 +47,8 @@ def setup_admin(org): dict_env = { 'ORG_NAME': org, 'ORG_DOMAIN': domain, + 'PEER_NAMES': peer_orgs, + 'PEER_DOMAINS': peer_domains, 'ORDERER_DOMAIN': orderer_domains[0], 'ORGDERER_NAME': orderer_names[0], 'EFS_SERVER': settings.EFS_SERVER, diff --git a/mamba/blockchain/admin_v1/__init__.py b/mamba/blockchain/admin_v1/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/admin_v1/commands.py b/mamba/blockchain/admin_v1/commands.py new file mode 100644 index 0000000..c56cc00 --- /dev/null +++ b/mamba/blockchain/admin_v1/commands.py @@ -0,0 +1,80 @@ +import click +import yaml +import re +from kubernetes import client +from os import path +from utils import hiss, util +from settings import settings + +def setup_admin(): + + domains = settings.ORDERER_DOMAINS.split(' ') + if len(domains) == 0: + domains = settings.PEER_DOMAINS.split(' ') + + # Create application artifact folder + hiss.echo('Create application artifact folder') + ## Find efs pod + pods = settings.k8s.find_pod(namespace="default", keyword="test-efs") + if not pods: + return hiss.hiss('cannot find tiller pod') + + mkdir_cmd = ('mkdir -p '+settings.EFS_ROOT+'/admin/artifacts;' + 'mkdir -p '+settings.EFS_ROOT+'/admin/crypto-path;' + 'mkdir -p '+settings.EFS_ROOT+'/admin/crypto-store;') + + ## Exec command + exec_command = [ + '/bin/bash', + '-c', + '%s' % (mkdir_cmd)] + + result_get_folder = settings.k8s.exec_pod( + podName=pods[0], namespace="default", command=exec_command) + hiss.sub_echo(result_get_folder.data) + + # Create temp folder & namespace + settings.k8s.prereqs(domains[0]) + dict_env = { + 'ORDERER_DOMAIN': domains[0], + 'EFS_SERVER': settings.EFS_SERVER, + 'EFS_PATH': settings.EFS_PATH, + 'EFS_EXTEND': settings.EFS_EXTEND, + 'PVS_PATH': settings.PVS_PATH + } + + # Apply deployment + k8s_template_file = '%s/admin-v1/admin-deployment.yaml' % util.get_k8s_template_path() + settings.k8s.apply_yaml_from_template( + namespace=domains[0], k8s_template_file=k8s_template_file, dict_env=dict_env) + + # Apply service + k8s_template_file = '%s/admin-v1/admin-service.yaml' % util.get_k8s_template_path() + settings.k8s.apply_yaml_from_template( + namespace=domains[0], k8s_template_file=k8s_template_file, dict_env=dict_env) + +def del_admin(): + + domains = settings.ORDERER_DOMAINS.split(' ') + jobname = 'admin-v1' + + # Delete job pod + return settings.k8s.delete_stateful(name=jobname, namespace=domains[0]) + + +@click.group() +def adminv1(): + '''Admin-V1 Service''' + pass + +@adminv1.command('setup', short_help='Create new a new Admin service') +def setup(): + hiss.rattle('Create new a new Admin-V1 service') + + setup_admin() + +@adminv1.command('delete', short_help='Delete the Admin service') +def delete(): + hiss.rattle('Delete the Admin-V1 service') + + del_admin() \ No newline at end of file diff --git a/mamba/blockchain/artifacts/__init__.py b/mamba/blockchain/artifacts/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/artifacts/src/__init__.py b/mamba/blockchain/artifacts/src/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/artifacts/src/chaincodes/__init__.py b/mamba/blockchain/artifacts/src/chaincodes/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/artifacts/src/chaincodes/abstore/__init__.py b/mamba/blockchain/artifacts/src/chaincodes/abstore/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/artifacts/src/chaincodes/abstore/go/__init__.py b/mamba/blockchain/artifacts/src/chaincodes/abstore/go/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/artifacts/src/chaincodes/fabcar/__init__.py b/mamba/blockchain/artifacts/src/chaincodes/fabcar/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/blockchain/bootstrap_network/commands.py b/mamba/blockchain/bootstrap_network/commands.py index 0529b70..e53d52f 100644 --- a/mamba/blockchain/bootstrap_network/commands.py +++ b/mamba/blockchain/bootstrap_network/commands.py @@ -1,8 +1,8 @@ +from os import path import click import yaml import re from kubernetes import client -from os import path from utils import hiss, util from settings import settings diff --git a/mamba/blockchain/copyscripts/commands.py b/mamba/blockchain/copyscripts/commands.py index 922f0a2..3bbe2f1 100644 --- a/mamba/blockchain/copyscripts/commands.py +++ b/mamba/blockchain/copyscripts/commands.py @@ -4,7 +4,7 @@ from os import path from os.path import expanduser from shutil import copyfile -from utils import hiss +from utils import hiss, util def copy_scripts(): @@ -13,17 +13,17 @@ def copy_scripts(): # Find efs pod pods = settings.k8s.find_pod(namespace="default", keyword="test-efs") if not pods: - return hiss.hiss('cannot find tiller pod') + return hiss.hiss('cannot find EFS pod') # Check empty folder exec_command = [ '/bin/bash', '-c', - 'test -d %s && echo "1" || echo "0"' % (settings.EFS_ROOT)] + 'test -d %s/akc-ca-data && echo "1" || echo "0"' % (settings.EFS_ROOT)] result_get_folder = settings.k8s.exec_pod( podName=pods[0], namespace="default", command=exec_command) - if int(result_get_folder.data) < 3: + if int(result_get_folder.data) < 1: hiss.sub_echo('Folder %s not found. Creating...' % settings.EFS_ROOT) exec_command = [ '/bin/bash', @@ -73,8 +73,7 @@ def copy_scripts(): # Copy test chaincode to efs hiss.sub_echo('Copy test chaincode to efs') - artifacts_path = os.path.abspath(os.path.join( - __package__, "../blockchain/artifacts/src/chaincodes")) + artifacts_path = util.get_package_resource('blockchain', 'artifacts/src/chaincodes') if not settings.k8s.cp_to_pod(podName=pods[0], namespace='default', source=artifacts_path, target='%s/admin-v2/chaincodes' % settings.EFS_ROOT): return hiss.hiss('connot copy test chaincode to pod %s' % pods[0]) diff --git a/mamba/blockchain/create_org/commands.py b/mamba/blockchain/create_org/commands.py index a12e918..30f1558 100644 --- a/mamba/blockchain/create_org/commands.py +++ b/mamba/blockchain/create_org/commands.py @@ -23,8 +23,10 @@ from blockchain.peer.commands import setup_all_peer from blockchain.gen_artifact.commands import generate_artifact from k8s.secret.commands import create_docker_secret -from blockchain.admin.commands import setup_admin +from blockchain.admin.commands import setup_all_admin from blockchain.bootstrap_network.commands import bootstrap_network +from blockchain.external_chaincode.commands import config_all_peer +from blockchain.generate_ccp.commands import generate_all_ccp def create_new_org(): @@ -53,27 +55,31 @@ def create_new_org(): # Create crypto-config folder to contains artifacts update_folder() - # Default value of ORDERER_DOMAINS = default, it needed to run processes below - if (settings.ORDERER_DOMAINS == ''): - settings.ORDERER_DOMAINS='default' + # # Default value of ORDERER_DOMAINS = default, it needed to run processes below + # if (settings.ORDERER_DOMAINS == ''): + # settings.ORDERER_DOMAINS='default' + + hiss.rattle('Config map for external chaincode') + config_all_peer() # Create new StatefullSet peers setup_all_peer() # Run jobs to generate application artifacts generate_artifact() + generate_all_ccp() # Create secret if use private docker hub if settings.PRIVATE_DOCKER_IMAGE == 'true': create_docker_secret('default','mamba') + # # # Return value ORDERER_DOMAINS + # if (settings.ORDERER_DOMAINS == 'default'): + # settings.ORDERER_DOMAINS='' + # Create new a new Admin service time.sleep(1) - setup_admin() - - # # Return value ORDERER_DOMAINS - if (settings.ORDERER_DOMAINS == 'default'): - settings.ORDERER_DOMAINS='' + setup_all_admin() dict_env = { 'ORG_NAME': settings.PEER_ORGS, diff --git a/mamba/blockchain/ica/commands.py b/mamba/blockchain/ica/commands.py index f998dea..850d591 100644 --- a/mamba/blockchain/ica/commands.py +++ b/mamba/blockchain/ica/commands.py @@ -41,21 +41,18 @@ def setup_ica(ica_org): ica_name = 'ica-%s' % ica_org - rca_host = settings.EXTERNAL_RCA_ADDRESSES - if not settings.EXTERNAL_RCA_ADDRESSES: - rca_host = '%s.%s' % (settings.RCA_NAME, settings.RCA_DOMAIN) + rca_host = settings.REMOTE_RCA_ADDRESS if settings.RCA_NAME == '' else '%s.%s' % (settings.RCA_NAME, settings.RCA_DOMAIN) - if settings.K8S_TYPE == 'minikube': - storage_class = 'standard' - else: - storage_class = 'gp2' + storage_class = 'standard' if settings.K8S_TYPE == 'minikube' else 'gp2' + + rca_name = settings.RCA_NAME or settings.REMOTE_RCA_NAME k8s_template_file = '%s/ica/fabric-deployment-ica.yaml' % util.get_k8s_template_path() dict_env = { 'ORG': ica_org, 'ICA_NAME': ica_name, 'ICA_DOMAIN': ica_domain, - 'RCA_NAME': settings.RCA_NAME, + 'RCA_NAME': rca_name, 'RCA_HOST': rca_host, 'FABRIC_CA_TAG': settings.FABRIC_CA_TAG, 'EFS_SERVER': settings.EFS_SERVER, diff --git a/mamba/blockchain/start_network/commands.py b/mamba/blockchain/start_network/commands.py index 5927078..261ed73 100644 --- a/mamba/blockchain/start_network/commands.py +++ b/mamba/blockchain/start_network/commands.py @@ -79,7 +79,7 @@ def start_network(): setup_all_peer() # # Run jobs to generate application artifacts - # generate_artifact() + generate_artifact() generate_all_ccp() # Create secret if use private docker hub @@ -94,8 +94,8 @@ def start_network(): # Bootrap network bootstrap_network() - # Setup anchor peer - setup_all() + # # Setup anchor peer + # setup_all() # # cat log # domains = settings.ORDERER_DOMAINS.split(' ') diff --git a/mamba/blockchain/update_folder/commands.py b/mamba/blockchain/update_folder/commands.py index 1cf1dee..a6ece18 100644 --- a/mamba/blockchain/update_folder/commands.py +++ b/mamba/blockchain/update_folder/commands.py @@ -16,7 +16,7 @@ def update_folder(): all_command = '' - prepare_cmd = 'rm -rf %s/akc-ca-data/crypto-config;' % settings.EFS_ROOT + prepare_cmd = 'rm -rf %s/akc-ca-data/crypto-config-v1;' % settings.EFS_ROOT prepare_cmd += 'cd %s/akc-ca-data/;'% settings.EFS_ROOT all_command += prepare_cmd @@ -29,48 +29,48 @@ def update_folder(): # Get domain domain = util.get_domain(orderer) orderer_cmd += ('' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/ca;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/msp/admincerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/msp/cacerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/msp/tlscacerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/tlsca;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/admincerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/cacerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/keystore;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/signcerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/tlscacerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/users/admin/tls;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/ca;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/msp/admincerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/msp/cacerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/msp/tlscacerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/tlsca;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/admincerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/cacerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/keystore;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/signcerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/tlscacerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/tls;' '') for index in range(int(settings.NUM_ORDERERS)): orderer_cmd += ('' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/admincerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/cacerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/keystore;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/signcerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/tlscacerts;' - 'mkdir -p crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/admincerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/cacerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/keystore;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/signcerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/tlscacerts;' + 'mkdir -p crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/tlsca.'+domain+'-cert.pem;' - 'cp orgs/'+orderer+'/admin/msp/admincerts/cert.pem crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/admincerts/cert.pem;' - 'cp orgs/orderer/msp/signcerts/cert.pem crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/signcerts/;' - 'cp orgs/orderer/msp/keystore/key.pem crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/keystore/key.pem;' - 'cp orgs/orderer/tls/server.crt crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/;' - 'cp orgs/orderer/tls/server.key crypto-config/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/tlsca.'+domain+'-cert.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/admincerts/cert.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/signcerts/cert.pem crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/signcerts/;' + 'cp crypto-config/'+orderer+'.'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/keystore/*_sk crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/msp/keystore/key.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/server.crt crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/;' + 'cp crypto-config/'+orderer+'.'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/server.key crypto-config-v1/ordererOrganizations/'+domain+'/orderers/orderer'+str(index)+'-'+orderer+'.'+domain+'/tls/server.key;' '') orderer_cmd += ('' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/ca/ca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/cacerts/ca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/tlsca/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+orderer+'-ca-chain.pem crypto-config/ordererOrganizations/'+domain+'/users/admin/tls/tlsca.'+domain+'-cert.pem;' - 'cp orgs/'+orderer+'/admin/msp/admincerts/cert.pem crypto-config/ordererOrganizations/'+domain+'/msp/admincerts/cert.pem;' - 'cp orgs/'+orderer+'/admin/msp/admincerts/cert.pem crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/admincerts/cert.pem;' - 'cp orgs/'+orderer+'/admin/msp/keystore/* crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/keystore/key.pem;' - 'cp orgs/'+orderer+'/admin/msp/signcerts/cert.pem crypto-config/ordererOrganizations/'+domain+'/users/admin/msp/signcerts/cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/ca/ca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/cacerts/ca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/tlsca/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+orderer+'-ca-chain.pem crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/tls/tlsca.'+domain+'-cert.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/ordererOrganizations/'+domain+'/msp/admincerts/cert.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/admincerts/cert.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/users/admin/msp/keystore/*_sk crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/keystore/key.pem;' + 'cp crypto-config/'+orderer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/ordererOrganizations/'+domain+'/users/admin/msp/signcerts/cert.pem;' 'echo "succeed";' '') all_command += orderer_cmd @@ -82,48 +82,48 @@ def update_folder(): # Get domain domain = util.get_domain(peer) peer_cmd += ('' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/ca;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/msp/admincerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/msp/cacerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/msp/tlscacerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/tlsca;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/users/admin/msp/admincerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/users/admin/msp/cacerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/users/admin/msp/keystore;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/users/admin/msp/signcerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/users/admin/msp/tlscacerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/users/admin/tls;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/ca;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/msp/admincerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/msp/cacerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/msp/tlscacerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/tlsca;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/admincerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/cacerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/keystore;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/signcerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/tlscacerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/users/admin/tls;' '') for index in range(int(settings.NUM_PEERS)): peer_cmd += ('' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/admincerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/cacerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/keystore;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/signcerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/tlscacerts;' - 'mkdir -p crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/admincerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/cacerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/keystore;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/signcerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/tlscacerts;' + 'mkdir -p crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls/tlsca.'+domain+'-cert.pem;' - 'cp orgs/'+peer+'/admin/msp/admincerts/cert.pem crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/admincerts/cert.pem;' - 'cp orgs/peer'+str(index)+'-'+peer+'/msp/keystore/cert.pem crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/signcerts/;' - 'cp orgs/peer'+str(index)+'-'+peer+'/msp/keystore/key.pem crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/keystore/key.pem;' - 'cp orgs/peer'+str(index)+'-'+peer+'/tls/server.crt crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls/;' - 'cp orgs/peer'+str(index)+'-'+peer+'/tls/server.key crypto-config/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls/;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls/tlsca.'+domain+'-cert.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/admincerts/cert.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/peers/peer'+str(index)+'-'+peer+'.'+domain+'/msp/signcerts/cert.pem crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/signcerts/;' + 'cp crypto-config/'+peer+'.'+domain+'/peers/peer'+str(index)+'-'+peer+'.'+domain+'/msp/keystore/*_sk crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/msp/keystore/key.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/peers/peer'+str(index)+'-'+peer+'.'+domain+'/tls/server.crt crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls/;' + 'cp crypto-config/'+peer+'.'+domain+'/peers/peer'+str(index)+'-'+peer+'.'+domain+'/tls/server.key crypto-config-v1/peerOrganizations/'+domain+'/peers/peer'+str(index)+'.'+domain+'/tls/server.key;' '') peer_cmd += ('' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/ca/ca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/users/admin/msp/cacerts/ca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/tlsca/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/users/admin/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' - 'cp ica-'+peer+'-ca-chain.pem crypto-config/peerOrganizations/'+domain+'/users/admin/tls/tlsca.'+domain+'-cert.pem;' - 'cp orgs/'+peer+'/admin/msp/admincerts/cert.pem crypto-config/peerOrganizations/'+domain+'/msp/admincerts/cert.pem;' - 'cp orgs/'+peer+'/admin/msp/admincerts/cert.pem crypto-config/peerOrganizations/'+domain+'/users/admin/msp/admincerts/cert.pem;' - 'cp orgs/'+peer+'/admin/msp/keystore/* crypto-config/peerOrganizations/'+domain+'/users/admin/msp/keystore/key.pem;' - 'cp orgs/'+peer+'/admin/msp/signcerts/cert.pem crypto-config/peerOrganizations/'+domain+'/users/admin/msp/signcerts/cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/ca/ca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/msp/cacerts/ca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/cacerts/ca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/tlsca/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/tlscacerts/tlsca.'+domain+'-cert.pem;' + 'cp ica-'+peer+'-ca-chain.pem crypto-config-v1/peerOrganizations/'+domain+'/users/admin/tls/tlsca.'+domain+'-cert.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/peerOrganizations/'+domain+'/msp/admincerts/cert.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/admincerts/cert.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/users/admin/msp/keystore/* crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/keystore/key.pem;' + 'cp crypto-config/'+peer+'.'+domain+'/users/admin/msp/signcerts/cert.pem crypto-config-v1/peerOrganizations/'+domain+'/users/admin/msp/signcerts/cert.pem;' '') all_command += peer_cmd @@ -139,6 +139,6 @@ def update_folder(): return True -@click.command('updatefolder', short_help="Update folder crypto-config in EFS") +@click.command('updatefolder', short_help="Update folder crypto-config-v1 in EFS") def updatefolder(): update_folder() diff --git a/mamba/cli/__init__.py b/mamba/cli/__init__.py index 6d2f0db..e69de29 100644 --- a/mamba/cli/__init__.py +++ b/mamba/cli/__init__.py @@ -1,38 +0,0 @@ -import click -from settings import settings -from os.path import expanduser - -from utils import hiss - -from k8s.vpn.commands import vpn -from k8s.secret.commands import secret -from k8s.environment.commands import environment - -from blockchain.copyscripts.commands import copyscripts -from blockchain.reg_orgs.commands import reg_orgs -from blockchain.reg_orderers.commands import reg_orderers -from blockchain.reg_peers.commands import reg_peers -from blockchain.enroll_orderers.commands import enroll_orderers -from blockchain.enroll_peers.commands import enroll_peers -from blockchain.rca.commands import rca -from blockchain.ica.commands import ica -from blockchain.zookeeper.commands import zookeeper -from blockchain.kafka.commands import kafka -from blockchain.orderer.commands import orderer -from blockchain.update_folder.commands import updatefolder -from blockchain.channel_artifact.commands import channel_artifact -from blockchain.peer.commands import peer -from blockchain.gen_artifact.commands import gen_artifact -from blockchain.admin.commands import admin -from blockchain.bootstrap_network.commands import bootstrap -from blockchain.start_network.commands import start -from blockchain.delete_network.commands import delete -from blockchain.terminate_network.commands import terminate - -from blockchain.explorer.commands import explorer -from blockchain.prometheus.commands import prometheus -from blockchain.grafana.commands import grafana - -from blockchain.create_org.commands import create_org -from blockchain.update_channel_config.commands import channel_config - diff --git a/mamba/cli/mamba.py b/mamba/cli/mamba.py index 055949e..0157958 100644 --- a/mamba/cli/mamba.py +++ b/mamba/cli/mamba.py @@ -1,14 +1,55 @@ -@click.group(invoke_without_command=True) -@click.option('-config', default=expanduser('~/.akachain/akc-mamba/mamba/config/.env')) -@click.option('--set-default/--no-default', default=False) +import os +from os.path import expanduser +import click +from settings import settings -def mamba(config, set_default): +from utils import hiss + +from k8s.vpn.commands import vpn +from k8s.secret.commands import secret +from k8s.environment.commands import environment +from k8s.config.commands import extract_config + +from blockchain.copyscripts.commands import copyscripts +from blockchain.reg_orgs.commands import reg_orgs +from blockchain.reg_orderers.commands import reg_orderers +from blockchain.reg_peers.commands import reg_peers +from blockchain.enroll_orderers.commands import enroll_orderers +from blockchain.enroll_peers.commands import enroll_peers +from blockchain.rca.commands import rca +from blockchain.ica.commands import ica +from blockchain.zookeeper.commands import zookeeper +from blockchain.kafka.commands import kafka +from blockchain.orderer.commands import orderer +from blockchain.update_folder.commands import updatefolder +from blockchain.channel_artifact.commands import channel_artifact +from blockchain.peer.commands import peer +from blockchain.update_anchor_peer.commands import anchor_peer +from blockchain.gen_artifact.commands import gen_artifact +from blockchain.admin.commands import admin +from blockchain.admin_v1.commands import adminv1 +from blockchain.bootstrap_network.commands import bootstrap +from blockchain.start_network.commands import start +from blockchain.delete_network.commands import delete +from blockchain.terminate_network.commands import terminate + +from blockchain.explorer.commands import explorer +from blockchain.prometheus.commands import prometheus +from blockchain.grafana.commands import grafana + +from blockchain.create_org.commands import create_org +from blockchain.update_channel_config.commands import channel_config + +from blockchain.external_chaincode.commands import externalCC +from blockchain.generate_ccp.commands import ccp + + +@click.group() +def mamba(): # Setup all shared global utilities in settings module - settings.init(config, set_default) - if mamba.invoke_without_command: - hiss.rattle('Initialize mamba') - hiss.echo('Successfully with \'%s\' on the %s!' % (config, settings.EKS_CLUSTER_NAME)) + settings.init() +mamba.add_command(extract_config) mamba.add_command(environment) mamba.add_command(vpn) mamba.add_command(copyscripts) @@ -27,6 +68,7 @@ def mamba(config, set_default): mamba.add_command(gen_artifact) mamba.add_command(channel_artifact) mamba.add_command(admin) +mamba.add_command(adminv1) mamba.add_command(secret) mamba.add_command(bootstrap) mamba.add_command(start) @@ -37,6 +79,9 @@ def mamba(config, set_default): mamba.add_command(grafana) mamba.add_command(create_org) mamba.add_command(channel_config) +mamba.add_command(anchor_peer) +mamba.add_command(externalCC) +mamba.add_command(ccp) if __name__ == '__main__': - mamba() \ No newline at end of file + mamba() diff --git a/mamba/config/__init__.py b/mamba/config/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/config/operator.env-template b/mamba/config/operator.env-template index f7b38af..5895ba1 100644 --- a/mamba/config/operator.env-template +++ b/mamba/config/operator.env-template @@ -1,5 +1,4 @@ ##--START REPLACE CONTENTS--## - # K8s type: minikube or eks K8S_TYPE="eks" @@ -8,12 +7,13 @@ K8S_TYPE="eks" # 1) Cluster name, for alb-ingress # 2) Region for efs # 3) Auto scaling group and size for cluster autoscaler -EKS_CLUSTER_NAME="cluster-example" +EKS_CLUSTER_NAME="cluster-mamba-example" EKS_REGION="ap-southeast-1" EKS_AUTO_SCALING_GROUP="eksctl-example-nodegroup-NodeGroup1-example-NodeGroup-XXXXXXX" EKS_SCALING_SIZE="2:10" -DEPLOYMENT_ENV="develop" +# If deployment env == develop => deploy pod without pvc +DEPLOYMENT_ENV="production" # RootCA configuration RCA_NAME="rca-akc" @@ -23,8 +23,6 @@ RCA_DOMAIN="akachain" # DNS name # if you run in minikube, get server with command: `k get svc -n default | grep nfs-server | awk '{print $3}'`. EFS_SERVER="fs-xxxxxxxx.efs.ap-southeast-1.amazonaws.com" -# File System ID -EFS_SERVER_ID="fs-xxxxxxxx" EFS_ROOT="/tmp/artifact/${EKS_CLUSTER_NAME}" EFS_EXTEND="${EKS_CLUSTER_NAME}" @@ -57,14 +55,18 @@ PEER_DOMAINS="akc" PEER_PREFIX="peer" # Number of peers in each Peer organization -NUM_PEERS=2 +# Recommend use 2 peer +# 1 peer only using on develop env +NUM_PEERS=1 # Channel information CHANNEL_NAME="akcchannel" # Change this if you're using private docker image -PRIVATE_DOCKER_IMAGE=true -PRIVATE_DOCKER_SEVER="docker.pkg.github.com" +PRIVATE_DOCKER_IMAGE="false" +# PRIVATE_DOCKER_SEVER="docker.pkg.github.com" for GitHub registry +# PRIVATE_DOCKER_SEVER="registry.gitlab.com" for GitLab registry +PRIVATE_DOCKER_SEVER="registry.gitlab.com" PRIVATE_DOCKER_USER="mamba" PRIVATE_DOCKER_PASSWORD="xxxxxxxxxxx" PRIVATE_DOCKER_EMAIL="mamba@akchain.io" @@ -83,15 +85,24 @@ EXTERNAL_ORG_PEER0_ADDRESSES="" # ex: peer0-external-org.example.com EXTERNAL_ORG_PEER1_ADDRESSES="" # ex: peer1-external-org.example.com EXTERNAL_RCA_ADDRESSES="" -################# Add org -# Setting this config before running command: "mamba channel-config auto-update" in all cluster except new org's cluster -NEW_ORG_NAME="neworg" +################# Config for Add new remote org +##### Merchant +REMOTE_RCA_NAME="" # ex: rca-akc +REMOTE_RCA_ADDRESS="" # ex: rca-akc.akachain +REMOTE_ORDERER_HOST="" # ex: orderer0-orderer.orderer +REMOTE_ORDERER_NAME="" # ex: orderer +REMOTE_ORDERER_DOMAIN="" # ex: orderer # Specify endorsement org information base on endorsement policy -ENDORSEMENT_ORG_NAME="" # ex: peer0-operator.example peer1-operator.example +ENDORSEMENT_ORG_NAME="" # ex: akc +ENDORSEMENT_ORG_DOMAIN="" # ex: akc ENDORSEMENT_ORG_ADDRESS="" # ex: peer0-operator.example.com peer1-operator.example.com -ENDORSEMENT_ORG_TLSCERT="" # ex: ica-operator-ca-chain.pem ica-operator-ca-chain.pem +ENDORSEMENT_ORG_TLSCERT="" # ex: crypto-config/akc.akc/peers/peer0-akc.akc/tls/tlsintermediatecerts/tls-ica-akc-akc-7054.pem. Caculate from akc-ca-data path in efs pod +##### Operator +# See more documents in docs/REMOTE_ORG.md +# Setting this config before running command: "mamba channel-config auto-update" in all cluster except new org's cluster +NEW_ORG_NAME="" ################## ##--END REPLACE CONTENTS--## diff --git a/mamba/k8s/config/__init__.py b/mamba/k8s/config/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/config/commands.py b/mamba/k8s/config/commands.py new file mode 100644 index 0000000..213ae26 --- /dev/null +++ b/mamba/k8s/config/commands.py @@ -0,0 +1,168 @@ +import subprocess +import re +from os.path import expanduser +import os +import shutil +import click +from dotenv import load_dotenv +from utils import util, hiss +from utils.kube import KubeHelper + +DEFAULT_CONFIG_PATH = expanduser('~/.akachain/akc-mamba/mamba/config/.env') +DEFAULT_SCRIPT_PATH = expanduser('~/.akachain/akc-mamba/mamba/scripts') +DEFAULT_TEMPLATE_PATH = expanduser('~/.akachain/akc-mamba/mamba/template') +DEFAULT_OTHER_PATH = expanduser('~/.akachain/akc-mamba/mamba/k8s/') + + +def get_template_env(): + return util.get_package_resource('config', 'operator.env-template') + +def detect_deployed_efs_server(k8s_type): + hiss.echo('Looking for deployed efs server...') + efs_server = '' + if k8s_type == 'eks': + # Find efs-efs-provisioner pod + pods = KubeHelper().find_pod(namespace="default", keyword="efs-efs-provisioner") + if not pods: + return efs_server + efs_server_cmd = 'kubectl describe deployments -n default efs-efs-provisioner | grep Server' + detected_efs_server = subprocess.check_output( + efs_server_cmd, shell=True) + if detected_efs_server: + efs_server = detected_efs_server.decode().split(':')[1].strip() + elif k8s_type == 'minikube': + efs_server_cmd = 'kubectl get svc -n default | grep nfs-server | awk \'{print $3}\'' + detected_efs_server = subprocess.check_output( + efs_server_cmd, shell=True) + if detected_efs_server: + efs_server = detected_efs_server.decode().strip() + + return efs_server + +def detect_deployed_efs_path(): + hiss.echo('Looking for deployed efs path...') + efs_path = '' + efs_path_cmd = 'kubectl get pvc | grep efs | awk \'{print $3}\'' + detected_efs_path = subprocess.check_output(efs_path_cmd, shell=True) + if detected_efs_path: + efs_path = detected_efs_path.decode().strip() + return efs_path + +def detect_deployed_efs_pod(): + hiss.echo('Looking for deployed efs pod...') + efs_pod = '' + efs_pod_cmd = 'kubectl get pod -n default | grep test-efs | awk \'{print $1}\'' + detected_efs_pod = subprocess.check_output(efs_pod_cmd, shell=True) + if detected_efs_pod: + efs_pod = detected_efs_pod.decode().strip() + return efs_pod + +def extract_cfg(mamba_config, dev_mode): + hiss.echo('Extract config to default config path: %s ' % + DEFAULT_CONFIG_PATH) + dotenv_path = get_template_env() + if not os.path.isdir(mamba_config): + os.makedirs(mamba_config) + shutil.copy(dotenv_path, DEFAULT_CONFIG_PATH) + load_dotenv(DEFAULT_CONFIG_PATH) + + default_cluster_name = os.getenv('EKS_CLUSTER_NAME') + default_k8s_type = os.getenv('K8S_TYPE') + deployment_mode = os.getenv('DEPLOYMENT_ENV') + + # Input + cluster_name = input( + f'Cluster name ({default_cluster_name}): ') or default_cluster_name + k8s_type = input( + f'Kubenetes type - support eks or minikube ({default_k8s_type}): ') or default_k8s_type + if dev_mode: + deployment_mode = 'develop' + + # Detect current environment setting + # EFS_SERVER + efs_server = detect_deployed_efs_server(k8s_type) + # EFS_PATH + efs_path = detect_deployed_efs_path() + # EFS_POD + efs_pod = detect_deployed_efs_pod() + + if not efs_pod and k8s_type == 'eks': + retry = 3 + while retry > 0: + efs_server = input('EFS server (*):') + if efs_server: + break + retry -= 1 + if not efs_server: + hiss.hiss('Must specify EFS_SERVER!') + exit() + + with open(DEFAULT_CONFIG_PATH, "r") as sources: + lines = sources.readlines() + with open(DEFAULT_CONFIG_PATH, "w") as sources: + for line in lines: + newline = re.sub(r'EKS_CLUSTER_NAME=.*', + f'EKS_CLUSTER_NAME=\"{cluster_name}\"', line) + newline = re.sub( + r'K8S_TYPE=.*', f'K8S_TYPE=\"{k8s_type}\"', newline) + + if efs_server: + newline = re.sub(r'EFS_SERVER=.*', + f'EFS_SERVER=\"{efs_server}\"', newline) + if efs_path: + newline = re.sub( + r'EFS_PATH=.*', f'EFS_PATH=\"efs-{efs_path}\"', newline) + if efs_pod: + newline = re.sub( + r'EFS_POD=.*', f'EFS_POD=\"{efs_pod}\"', newline) + newline = re.sub( + r'DEPLOYMENT_ENV=.*', f'DEPLOYMENT_ENV=\"{deployment_mode}\"', newline) + sources.write(newline) + + hiss.rattle("See more config in %s" % DEFAULT_CONFIG_PATH) + + +def extract(force_all, force_config, force_script, force_template, force_other, dev_mode): + # Extract config + mamba_config = os.path.dirname(DEFAULT_CONFIG_PATH) + + if not os.path.isdir(mamba_config) or force_all or force_config: + extract_cfg(mamba_config, dev_mode) + + # Extract scripts + if not os.path.isdir(DEFAULT_SCRIPT_PATH) or force_all or force_script: + hiss.echo('Extract scripts to default scripts path: %s ' % + DEFAULT_SCRIPT_PATH) + script_path = util.get_package_resource('', 'scripts') + if os.path.isdir(DEFAULT_SCRIPT_PATH): + shutil.rmtree(DEFAULT_SCRIPT_PATH) + shutil.copytree(script_path, DEFAULT_SCRIPT_PATH) + + # Extract template + if not os.path.isdir(DEFAULT_TEMPLATE_PATH) or force_all or force_template: + hiss.echo('Extract template to default template path: %s ' % + DEFAULT_TEMPLATE_PATH) + template_path = util.get_package_resource('', 'template') + if os.path.isdir(DEFAULT_TEMPLATE_PATH): + shutil.rmtree(DEFAULT_TEMPLATE_PATH) + shutil.copytree(template_path, DEFAULT_TEMPLATE_PATH) + + # Extract other + if not os.path.isdir(DEFAULT_OTHER_PATH) or force_all or force_other: + hiss.echo('Extract other to default other path: %s ' % + DEFAULT_OTHER_PATH) + other_path = util.get_package_resource('k8s', '') + if os.path.isdir(DEFAULT_OTHER_PATH): + shutil.rmtree(DEFAULT_OTHER_PATH) + shutil.copytree(other_path, DEFAULT_OTHER_PATH) + + +@click.command('init', short_help="Extract binary config") +@click.option('-f', '--force', is_flag=True, help="Force extract all") +@click.option('-c', '--config', is_flag=True, help="Force extract config") +@click.option('-s', '--script', is_flag=True, help="Force extract script") +@click.option('-t', '--template', is_flag=True, help="Force extract template") +@click.option('-o', '--other', is_flag=True, help="Force extract other") +@click.option('--dev', is_flag=True, help="Develop mode") +def extract_config(force, config, script, template, other, dev): + extract(force, config, script, template, other, dev) diff --git a/mamba/k8s/environment/autoscaler/__init__.py b/mamba/k8s/environment/autoscaler/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/environment/ebs-encryption/__init__.py b/mamba/k8s/environment/ebs-encryption/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/environment/efs/__init__.py b/mamba/k8s/environment/efs/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/environment/helm/__init__.py b/mamba/k8s/environment/helm/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/environment/ingress/__init__.py b/mamba/k8s/environment/ingress/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/environment/local-storage/__init__.py b/mamba/k8s/environment/local-storage/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/k8s/environment/metrics/__init__.py b/mamba/k8s/environment/metrics/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/mamba.py b/mamba/mamba.py index 42ca360..0157958 100644 --- a/mamba/mamba.py +++ b/mamba/mamba.py @@ -1,12 +1,14 @@ +import os +from os.path import expanduser import click from settings import settings -from os.path import expanduser from utils import hiss from k8s.vpn.commands import vpn from k8s.secret.commands import secret from k8s.environment.commands import environment +from k8s.config.commands import extract_config from blockchain.copyscripts.commands import copyscripts from blockchain.reg_orgs.commands import reg_orgs @@ -25,6 +27,7 @@ from blockchain.update_anchor_peer.commands import anchor_peer from blockchain.gen_artifact.commands import gen_artifact from blockchain.admin.commands import admin +from blockchain.admin_v1.commands import adminv1 from blockchain.bootstrap_network.commands import bootstrap from blockchain.start_network.commands import start from blockchain.delete_network.commands import delete @@ -41,17 +44,12 @@ from blockchain.generate_ccp.commands import ccp -@click.group(invoke_without_command=True) -@click.option('-config', default=expanduser('~/.akachain/akc-mamba/mamba/config/.env')) -@click.option('--set-default/--no-default', default=False) - -def mamba(config, set_default): +@click.group() +def mamba(): # Setup all shared global utilities in settings module - settings.init(config, set_default) - if mamba.invoke_without_command: - hiss.rattle('Initialize mamba') - hiss.echo('Successfully with \'%s\' on the %s!' % (config, settings.EKS_CLUSTER_NAME)) + settings.init() +mamba.add_command(extract_config) mamba.add_command(environment) mamba.add_command(vpn) mamba.add_command(copyscripts) @@ -70,6 +68,7 @@ def mamba(config, set_default): mamba.add_command(gen_artifact) mamba.add_command(channel_artifact) mamba.add_command(admin) +mamba.add_command(adminv1) mamba.add_command(secret) mamba.add_command(bootstrap) mamba.add_command(start) @@ -85,4 +84,4 @@ def mamba(config, set_default): mamba.add_command(ccp) if __name__ == '__main__': - mamba() \ No newline at end of file + mamba() diff --git a/mamba/requirements.txt b/mamba/requirements.txt index eced0e0..337986a 100644 --- a/mamba/requirements.txt +++ b/mamba/requirements.txt @@ -1,44 +1,6 @@ -astroid==2.3.3 -autopep8==1.4.4 -boto3==1.10.45 -botocore==1.12.133 -cachetools==4.0.0 -certifi==2019.11.28 -chardet==3.0.4 Click==7.0 -colorama==0.4.3 -docutils==0.15.2 -gitdb2==2.0.6 -GitPython==3.0.5 -google-auth==1.10.0 -grpcio==1.26.0 -grpcio-tools==1.26.0 -idna==2.8 -isort==4.3.21 -jmespath==0.9.4 kubernetes==10.0.1 -lazy-object-proxy==1.4.3 -mccabe==0.6.1 -oauthlib==3.1.0 -progressbar==2.5 -protobuf==3.11.2 -pyasn1==0.4.8 -pyasn1-modules==0.2.7 -pycodestyle==2.5.0 -pyhelm==2.14.5 -pylint==2.4.4 -python-dateutil==2.8.0 -python-dotenv==0.10.3 -pyyaml>=4.2b1 -requests==2.22.0 -requests-oauthlib==1.3.0 -rsa==4.0 -s3transfer==0.2.0 six==1.13.0 -smmap2==2.0.5 -supermutes==0.2.5 -typed-ast==1.4.0 -urllib3==1.24.2 -virtualenv==16.7.9 -websocket-client==0.57.0 -wrapt==1.11.2 \ No newline at end of file +python-dotenv==0.15.0 +gitdb2==2.0.6 +GitPython==3.0.5 \ No newline at end of file diff --git a/mamba/scripts/__init__.py b/mamba/scripts/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/scripts/bootstrap-network.sh b/mamba/scripts/bootstrap-network.sh index 28904c1..0a93ce2 100755 --- a/mamba/scripts/bootstrap-network.sh +++ b/mamba/scripts/bootstrap-network.sh @@ -1,7 +1,7 @@ #!/bin/bash source $(dirname "$0")/env.sh -set -e +# set -e function logResult { local RESULT=$1 @@ -15,14 +15,61 @@ function logResult { fi } +function joinChannel { + PEER_NUM=$1 + PEER_ORG=$2 + CHANNEL_NAME=$3 + ORDERER_ADDRESS=$4 + + local MAX_RETRY=3 + local DELAY=3 + + getDomain $PEER_ORG + ADMIN_URL="http://admin-v2-${PEER_ORG}.${DOMAIN}:4001" + log "Org ${PEER_ORG} join the channel ${CHANNEL_NAME}" + for (( h=0; h<=$MAX_RETRY; h++ )) + do + JOINCHANNEL=$(curl -s -X POST ${ADMIN_URL}/api/v2/channels/join -H "content-type: application/json" -d '{ + "orgName":"'"${PEER_ORG}"'", + "peerIndex":"'"${PEER_NUM}"'", + "channelName":"'"${CHANNEL_NAME}"'", + "ordererAddress": "'"${ORDERER_ADDRESS}"'" + }'); + logResult "$JOINCHANNEL" + res=$? + if [ $res -eq 0 ]; then + break + else + echo "Org ${PEER_ORG} failed to join the channel, Retry after $DELAY seconds" + sleep $DELAY + fi + done +} + function main { - local ORG="" + + # Setup default environment + local DEFAULT_ORG_NAME="" + local DEFAULT_ORG_DOMAIN="" + local DEFAULT_ADMIN_URL="" + local DEFAULT_TARGET_PEER="" + for PEER_ORG in $PEER_ORGS + do + DEFAULT_TARGET_PEER="$DEFAULT_TARGET_PEER 0 $PEER_ORG" + if [ "$DEFAULT_ORG_DOMAIN" == "" ]; then + DEFAULT_ORG_NAME=$PEER_ORG + getDomain $DEFAULT_ORG_NAME + DEFAULT_ORG_DOMAIN=$DOMAIN + DEFAULT_ADMIN_URL="http://admin-v2-${DEFAULT_ORG_NAME}.${DEFAULT_ORG_DOMAIN}:4001" + fi + done # Enroll admin for each org for PEER_ORG in $PEER_ORGS do - ORG=$PEER_ORG - initOrgVars $ORG + getDomain $PEER_ORG + ADMIN_URL="http://admin-v2-${PEER_ORG}.${DOMAIN}:4001" + initOrgVars $PEER_ORG log "Enroll Admin: $PEER_ORG" ENROLL_ADMIN=$(curl -s -X POST ${ADMIN_URL}/api/v2/cas/enrollAdmin -H "content-type: application/json" -d '{ "orgName":"'"${PEER_ORG}"'", @@ -34,10 +81,7 @@ function main { log "Register User: $PEER_ORG" REGISTER_USER=$(curl -s -X POST ${ADMIN_URL}/api/v2/cas/registerUser -H "content-type: application/json" -d '{ "orgName":"'"${PEER_ORG}"'", - "affiliation":"'"${PEER_ORG}"'.akc", - "affiliation":"'"${PEER_ORG}"'.akc", "userName": "'"${PEER_ORG}"'", - "role": "client", "adminName": "'"${INT_CA_ADMIN_USER}"'" }'); logResult "$ENROLL_ADMIN" @@ -45,8 +89,8 @@ function main { # Create channel log "CREATE CHANNEL: $CHANNEL_NAME" - CREATE_CHANNEL_CC=$(curl -s -X POST ${ADMIN_URL}/api/v2/channels/create -H "content-type: application/json" -d '{ - "orgName":"'"${ORG}"'", + CREATE_CHANNEL_CC=$(curl -s -X POST ${DEFAULT_ADMIN_URL}/api/v2/channels/create -H "content-type: application/json" -d '{ + "orgName":"'"${DEFAULT_ORG_NAME}"'", "peerIndex":"0", "channelName":"'"${CHANNEL_NAME}"'", "ordererAddress":"'"${ORDERER_ADDRESS}"'", @@ -54,65 +98,55 @@ function main { }'); logResult "$CREATE_CHANNEL_CC" sleep 3s + # Sometimes Join takes time hence RETRY at least 3 times log "JOIN CHANNEL" - local MAX_RETRY=3 - local DELAY=3 for PEER_ORG in $PEER_ORGS do - log "Org ${PEER_ORG} join the channel ${CHANNEL_NAME}" - for (( h=0; h<=$MAX_RETRY; h++ )) + for (( peerNum=0; peerNum<$NUM_PEERS; peerNum++ )) do - JOINCHANNEL=$(curl -s -X POST ${ADMIN_URL}/api/v2/channels/join -H "content-type: application/json" -d '{ - "orgName":"'"${PEER_ORG}"'", - "peerIndex":"0", - "channelName":"'"${CHANNEL_NAME}"'" - }'); - logResult "$JOINCHANNEL" - res=$? - if [ $res -eq 0 ]; then - break - else - echo "Org ${PEER_ORG} failed to join the channel, Retry after $DELAY seconds" - sleep $DELAY - fi + joinChannel $peerNum "$PEER_ORG" "$CHANNEL_NAME" "$ORDERER_ADDRESS" done done - # Package sample chaincode - log "PACKAGE CHAINCODE" - PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ - "orgname":"'"${ORG}"'", - "chaincodePath":"chaincodes/fabcar", - "chaincodeName":"fabcar", - "chaincodeVersion":"1", - "chaincodeType":"golang", - "peerIndex": "0" - }'); - logResult "$PACKAGE_CHAINCODE" - # Install and approve sample chaincode log "INSTALL CHAINCODE" for PEER_ORG in $PEER_ORGS do + getDomain $PEER_ORG + ADMIN_URL="http://admin-v2-${PEER_ORG}.${DOMAIN}:4001" + + # Package sample chaincode + log "PACKAGE CHAINCODE" + PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/packageCC -H "content-type: application/json" -d '{ + "orgName":"'"${PEER_ORG}"'", + "chaincodePath":"/chaincodes/fabcar", + "chaincodeName":"fabcar", + "chaincodeVersion":"1", + "chaincodeType":"golang", + "peerIndex": "0" + }'); + logResult "$PACKAGE_CHAINCODE" + INSTALL_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/install -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", "chaincodeName":"fabcar", "chaincodePath":"fabcar.tar.gz", - "peerIndex":"0" + "target": "0 '"${PEER_ORG}"'" }'); logResult "$INSTALL_CHAINCODE" echo $QUERY_PACKAGE_CHAINCODE log "QUERY PACKAGE CHAINCODE" QUERY_PACKAGE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/queryInstalled -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", - "peerIndex":"0" + "orgName":"'"${PEER_ORG}"'", + "peerIndex":"0", + "chaincodeName": "fabcar", + "chaincodeVersion": "1" }' | jq -r '.data[0].packageId'); echo $QUERY_PACKAGE_CHAINCODE APPROVE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/approveForMyOrg -H "content-type: application/json" -d '{ - "orgname":"'"${PEER_ORG}"'", + "orgName":"'"${PEER_ORG}"'", "peerIndex":"0", "chaincodeName":"fabcar", "chaincodeVersion":1, @@ -121,27 +155,27 @@ function main { "ordererAddress":"'"${ORDERER_ADDRESS}"'" }'); logResult "$APPROVE_CHAINCODE" + done # Commit chaincode - log "COMMIT CHAINCODE" - COMMIT_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/commitChaincodeDefinition -H "content-type: application/json" -d '{ - "chaincodeName":"fabcar", - "chaincodeVersion":1, - "channelName":"'"${CHANNEL_NAME}"'", - "target": "'"0 ${ORG}"'", - "ordererAddress": "'"${ORDERER_ADDRESS}"'" - }'); - logResult "$COMMIT_CHAINCODE" + log "COMMIT CHAINCODE" + COMMIT_CHAINCODE=$(curl -s -X POST ${DEFAULT_ADMIN_URL}/api/v2/chaincodes/commitChaincodeDefinition -H "content-type: application/json" -d '{ + "chaincodeName":"fabcar", + "chaincodeVersion":1, + "channelName":"'"${CHANNEL_NAME}"'", + "target": "'"${DEFAULT_TARGET_PEER}"'", + "ordererAddress": "'"${ORDERER_ADDRESS}"'" + }'); + logResult "$COMMIT_CHAINCODE" # Invoke sample chaincode log "INVOKE CHAINCODE" - INVOKE_CHAINCODE=$(curl -s -X POST ${ADMIN_URL}/api/v2/chaincodes/invokeCLI -H "content-type: application/json" -d '{ + INVOKE_CHAINCODE=$(curl -s -X POST ${DEFAULT_ADMIN_URL}/api/v2/chaincodes/invoke -H "content-type: application/json" -d '{ "chaincodeName": "fabcar", "channelName": "'"${CHANNEL_NAME}"'", - "target": "'"0 ${ORG}"'", - "ordererAddress": "'"${ORDERER_ADDRESS}"'", "args": [], + "userName": "'"${PEER_ORG}"'", "fcn": "initLedger", "isInit": "0" }'); diff --git a/mamba/scripts/buildpack/__init__.py b/mamba/scripts/buildpack/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/scripts/buildpack/bin/__init__.py b/mamba/scripts/buildpack/bin/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/scripts/enroll-orderer.sh b/mamba/scripts/enroll-orderer.sh index 5f8bde8..1e2ce8a 100755 --- a/mamba/scripts/enroll-orderer.sh +++ b/mamba/scripts/enroll-orderer.sh @@ -11,7 +11,7 @@ log "Enrolling orderer $COUNT for $ORDERERORG ..." initOrdererVars $ORDERERORG $COUNT ENROLLMENT_URL="https://$ORDERER_NAME_PASS@$CA_HOST:7054" -export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/orderer.$DOMAIN +export FABRIC_CA_CLIENT_HOME=/$DATA/crypto-config/$ORDERERORG.$DOMAIN mkdir -p $FABRIC_CA_CLIENT_HOME export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE @@ -55,10 +55,10 @@ cp ${TLS_CONFIG_PATH}/signcerts/* ${TLS_CONFIG_PATH}/server.crt cp ${TLS_CONFIG_PATH}/keystore/* ${TLS_CONFIG_PATH}/server.key mkdir -p ${MSPCONFIGPATH}/tlscacerts -cp ${TLS_CONFIG_PATH}/tlscacerts/* ${MSPCONFIGPATH}/tlscacerts/tlsca.orderer.$DOMAIN-cert.pem +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${MSPCONFIGPATH}/tlscacerts/tlsca.$ORDERERORG.$DOMAIN-cert.pem mkdir -p ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts -cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts/tlsca.orderer.$DOMAIN-cert.pem +cp ${TLS_CONFIG_PATH}/tlscacerts/* ${FABRIC_CA_CLIENT_HOME}/msp/tlscacerts/tlsca.$ORDERERORG.$DOMAIN-cert.pem set +x # mkdir -p ${FABRIC_CA_CLIENT_HOME}/ca # cp ${MSPCONFIGPATH}/cacerts/* ${FABRIC_CA_CLIENT_HOME}/ca/ca.$PEERORG.$DOMAIN-cert.pem diff --git a/mamba/scripts/gen-configtx.sh b/mamba/scripts/gen-configtx.sh index 9c07675..f535815 100755 --- a/mamba/scripts/gen-configtx.sh +++ b/mamba/scripts/gen-configtx.sh @@ -31,7 +31,7 @@ Organizations: ID: ${ORG}MSP # MSPDir is the filesystem path which contains the MSP configuration - MSPDir: /data/orgs/${ORG}/msp + MSPDir: /data/crypto-config/${ORG}.${DOMAIN}/msp AdminPrincipal: Role.ADMIN diff --git a/mamba/scripts/gen-network-config.sh b/mamba/scripts/gen-network-config.sh index c8a1df1..a79f66b 100755 --- a/mamba/scripts/gen-network-config.sh +++ b/mamba/scripts/gen-network-config.sh @@ -30,9 +30,9 @@ function printCA { # Fabric-CA supports dynamic user enrollment via REST APIs. A \"root\" user, a.k.a registrar, is # needed to enroll and invoke new users. - registrar: - - enrollId: $INT_CA_ADMIN_USER - enrollSecret: $INT_CA_ADMIN_PASS + # registrar: + # - enrollId: $INT_CA_ADMIN_USER + # enrollSecret: $INT_CA_ADMIN_PASS # [Optional] The optional name of the CA. caName: $INT_CA_NAME " @@ -60,17 +60,18 @@ function printPeer { done done - endorsementOrg=($ENDORSEMENT_ORG_NAME) + endorsementOrgName=($ENDORSEMENT_ORG_NAME) + endorsementOrgDomain=($ENDORSEMENT_ORG_DOMAIN) endorsementAddress=($ENDORSEMENT_ORG_ADDRESS) endorsementTlsCert=($ENDORSEMENT_ORG_TLSCERT) - for (( i=0; i<${#endorsementOrg[@]}; i++ )) + for (( i=0; i<${#endorsementOrgName[@]}; i++ )) do echo " - ${endorsementOrg[i]}: + ${endorsementAddress[i]}: url: grpcs://${endorsementAddress[i]}:7051 grpcOptions: - ssl-target-name-override: ${endorsementOrg[i]} + ssl-target-name-override: ${endorsementOrgName[i]}.${endorsementOrgDomain[i]} tlsCACerts: path: /shared/${endorsementTlsCert[i]}" done @@ -129,10 +130,10 @@ function printOrgs { certificateAuthorities: - $INT_CA_NAME - adminPrivateKey: - path: /shared/crypto-config/peerOrganizations/$DOMAIN/users/admin/msp/keystore/key.pem - signedCert: - path: /shared/crypto-config/peerOrganizations/$DOMAIN/users/admin/msp/signcerts/cert.pem + # adminPrivateKey: + # path: /shared/crypto-config-v1/peerOrganizations/$DOMAIN/users/admin/msp/keystore/key.pem + # signedCert: + # path: /shared/crypto-config-v1/peerOrganizations/$DOMAIN/users/admin/msp/signcerts/cert.pem " } function printNetworkConfig { @@ -192,10 +193,10 @@ channels: done echo " peers:" - for endorsementOrg in $ENDORSEMENT_ORG_NAME + for endorsementOrgAddress in $ENDORSEMENT_ORG_ADDRESS do echo " - $endorsementOrg: + $endorsementOrgAddress: endorsingPeer: true chaincodeQuery: true ledgerQuery: true diff --git a/mamba/scripts/register-org.sh b/mamba/scripts/register-org.sh index 78c1e88..4ebef5a 100755 --- a/mamba/scripts/register-org.sh +++ b/mamba/scripts/register-org.sh @@ -74,7 +74,7 @@ function getCACerts { echo "## Generate the user msp" echo set -x - fabric-ca-client enroll https://${USER_NAME}:$USER_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME}/msp + fabric-ca-client enroll -u https://${USER_NAME}:$USER_PASS@$CA_HOST:7054 -M ${FABRIC_CA_CLIENT_HOME}/users/${USER_NAME}/msp set +x } diff --git a/mamba/settings/settings.py b/mamba/settings/settings.py index 3a6dee1..7e7e99d 100644 --- a/mamba/settings/settings.py +++ b/mamba/settings/settings.py @@ -4,33 +4,21 @@ # https://stackoverflow.com/questions/13034496/using-global-variables-between-files import os from os.path import expanduser -import yaml import shutil from utils.kube import KubeHelper from dotenv import load_dotenv -from utils import util -import git -import subprocess - -def init(dotenv_path, set_default): - default_path = expanduser('~/.akachain/akc-mamba/mamba/config/.env') - if set_default: - shutil.copy(dotenv_path, default_path) - load_dotenv(default_path) - else: - print('Loading config from akachain git repo...') - # clone repo akc-mamba to load config - mamba_path = expanduser('~/.akachain') - if not os.path.isdir(mamba_path): - os.makedirs(mamba_path) - git.Git(mamba_path).clone('https://github.com/Akachain/akc-mamba.git', branch='binary-config-v2') - env_template_path = expanduser('~/.akachain/akc-mamba/mamba/config/operator.env-template') - shutil.copy(env_template_path, default_path) - bashCommand = 'sudo vi ' + default_path - subprocess.call(bashCommand, shell=True) - - print("%s", dotenv_path) - load_dotenv(dotenv_path) +from utils import util, hiss +from k8s.config import commands + + +def init(): + + DEFAULT_CONFIG_PATH = expanduser('~/.akachain/akc-mamba/mamba/config/.env') + commands.extract(force_all=False, force_config=False, + force_script=False, force_template=False, force_other=False, dev_mode=False) + + # Load env + load_dotenv(DEFAULT_CONFIG_PATH) global PVS_PATH global K8S_TYPE @@ -67,7 +55,8 @@ def init(dotenv_path, set_default): EFS_ROOT = os.getenv('EFS_ROOT') EFS_POD = os.getenv('EFS_POD') EFS_EXTEND = os.getenv('EFS_EXTEND') - EFS_SERVER_ID = os.getenv('EFS_SERVER_ID') + if EFS_SERVER: + EFS_SERVER_ID = EFS_SERVER.split('.')[0] global RCA_NAME global RCA_DOMAIN @@ -128,11 +117,25 @@ def init(dotenv_path, set_default): EXTERNAL_ORG_PEER1_ADDRESSES = os.getenv('EXTERNAL_ORG_PEER1_ADDRESSES') EXTERNAL_RCA_ADDRESSES = os.getenv('EXTERNAL_RCA_ADDRESSES') + + global REMOTE_RCA_NAME, REMOTE_RCA_ADDRESS + global REMOTE_ORDERER_NAME, REMOTE_ORDERER_DOMAIN + REMOTE_RCA_NAME = os.getenv('REMOTE_RCA_NAME') + REMOTE_RCA_ADDRESS = os.getenv('REMOTE_RCA_ADDRESS') + REMOTE_ORDERER_NAME = os.getenv('REMOTE_ORDERER_NAME') + REMOTE_ORDERER_DOMAIN = os.getenv('REMOTE_ORDERER_DOMAIN') + + global ENDORSEMENT_ORG_NAME, ENDORSEMENT_ORG_DOMAIN, ENDORSEMENT_ORG_ADDRESS, ENDORSEMENT_ORG_TLSCERT + ENDORSEMENT_ORG_NAME = os.getenv('ENDORSEMENT_ORG_NAME') + ENDORSEMENT_ORG_DOMAIN = os.getenv('ENDORSEMENT_ORG_DOMAIN') + ENDORSEMENT_ORG_ADDRESS = os.getenv('ENDORSEMENT_ORG_ADDRESS') + ENDORSEMENT_ORG_TLSCERT = os.getenv('ENDORSEMENT_ORG_TLSCERT') + global NEW_ORG_NAME NEW_ORG_NAME = os.getenv('NEW_ORG_NAME') global ORGS, DOMAINS - ORGS = (ORDERER_ORGS+' ' +PEER_ORGS).strip() + ORGS = (ORDERER_ORGS+' ' + PEER_ORGS).strip() DOMAINS = (ORDERER_DOMAINS+' '+PEER_DOMAINS).strip() global DEPLOYMENT_ENV diff --git a/mamba/setup.py b/mamba/setup.py index 968e1e5..a2c6d4d 100644 --- a/mamba/setup.py +++ b/mamba/setup.py @@ -1,30 +1,31 @@ import setuptools -import sys with open("README.md", "r") as fh: - long_description = fh.read() + LONG_DESCRIPTION = fh.read() with open('requirements.txt', 'r') as f: - requirements = f.read().splitlines() - print(requirements) + REQUIREMENTS = f.read().splitlines() + print(REQUIREMENTS) setuptools.setup( - name='akc-mamba', - version='1.1.1', - entry_points={'console_scripts': ['mamba = cli.mamba:mamba'] }, - author="akaChain", - author_email="admin@akachain.io", - description="A production ready, complete experience in deploying a Hyperledger Fabric", - long_description=long_description, - long_description_content_type="text/markdown", - url="https://github.com/Akachain/akc-mamba", - include_package_data=True, - install_requires=requirements, - # package_dir={'': 'mamba'}, - packages=setuptools.find_packages(), - classifiers=[ - "Programming Language :: Python :: 3", - "License :: OSI Approved :: MIT License", - "Operating System :: OS Independent", - ], + name='akc-mamba', + version='2.1.0', + entry_points={'console_scripts': ['mamba = cli.mamba:mamba']}, + author="akaChain", + author_email="admin@akachain.io", + description="A production ready, complete experience in deploying a Hyperledger Fabric", + long_description=LONG_DESCRIPTION, + long_description_content_type="text/markdown", + url="https://github.com/Akachain/akc-mamba", + package_data={'': ['*']}, + include_package_data=True, + install_requires=REQUIREMENTS, + # package_dir={'': 'mamba'}, + packages=setuptools.find_packages(), + classifiers=[ + "Programming Language :: Python :: 3", + "License :: OSI Approved :: MIT License", + "Operating System :: OS Independent", + ], + keywords='mamba akc-mamba hyperledger fabric blockchain network', ) diff --git a/mamba/template/__init__.py b/mamba/template/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/add-org/2fetch-channel.yaml b/mamba/template/add-org/2fetch-channel.yaml index a6bf23a..8391ba2 100644 --- a/mamba/template/add-org/2fetch-channel.yaml +++ b/mamba/template/add-org/2fetch-channel.yaml @@ -31,7 +31,7 @@ spec: # - name: ORDERER_ADDRESSES # value: orderer-baokim-test.akachains.io:7050 - name: ORDERER_CA - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/orderers/orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/msp/tlscacerts/tlsca.{{ORDERER_DOMAIN}}-cert.pem + value: /shared/crypto-config/{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/orderers/orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/msp/tlsintermediatecerts/ica-{{ORDERER_NAME}}-{{ORDERER_DOMAIN}}-7054.pem - name: CHANNEL_NAME value: {{CHANNEL_NAME}} - name: OUTPUT @@ -51,7 +51,7 @@ spec: - name: CORE_PEER_NETWORKID value: cli - name: CORE_PEER_MSPCONFIGPATH - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/users/admin/msp/ + value: /shared/crypto-config/{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/users/admin/msp/ # - name: CORE_PEER_TLS_ROOTCERT_FILE # value: crypto-config/ordererOrganizations/orderertest/orderers/orderer1-orderer.orderertest/msp/tlscacerts/tlsca.orderertest-cert.pem volumeMounts: diff --git a/mamba/template/add-org/5signchannelconfig-optional.yaml b/mamba/template/add-org/5signchannelconfig-optional.yaml index 5722590..bac243a 100644 --- a/mamba/template/add-org/5signchannelconfig-optional.yaml +++ b/mamba/template/add-org/5signchannelconfig-optional.yaml @@ -37,9 +37,9 @@ spec: - name: CORE_PEER_LOCALMSPNAME value: {{ORGMSP}} - name: CORE_PEER_TLS_ROOTCERT_FILE - value: /shared/crypto-config/peerOrganizations/{{ORGDOMAIN}}/peers/peer0.{{ORGDOMAIN}}/tls/ca.crt + value: /shared/crypto-config/{{ORGNAME}}.{{ORGDOMAIN}}/peers/peer0-{{ORGNAME}}.{{ORGDOMAIN}}/tls/tlsintermediatecerts/tls-ica-{{ORGNAME}}-{{ORGDOMAIN}}-7054.pem - name: CORE_PEER_MSPCONFIGPATH - value: /shared/crypto-config/peerOrganizations/{{ORGDOMAIN}}/users/admin/msp/ + value: /shared/crypto-config/{{ORGNAME}}.{{ORGDOMAIN}}/users/admin/msp/ - name: CORE_PEER_ADDRESS value: peer0-{{ORGNAME}}.{{ORGDOMAIN}}:7051 - name: CORE_VM_ENDPOINT diff --git a/mamba/template/add-org/6updatechannelconfig.yaml b/mamba/template/add-org/6updatechannelconfig.yaml index 72cddb9..f115f26 100644 --- a/mamba/template/add-org/6updatechannelconfig.yaml +++ b/mamba/template/add-org/6updatechannelconfig.yaml @@ -35,11 +35,11 @@ spec: - name: CORE_PEER_LOCALMSPNAME value: {{ORG_NAME}}MSP - name: CORE_PEER_TLS_ROOTCERT_FILE - value: /shared/crypto-config/peerOrganizations/{{ORG_DOMAIN}}/peers/peer0.{{ORG_DOMAIN}}/tls/ca.crt + value: /shared/crypto-config/{{ORG_NAME}}.{{ORG_DOMAIN}}/peers/peer0-{{ORGNAME}}.{{ORGDOMAIN}}/tls/tlsintermediatecerts/tls-ica-{{ORGNAME}}-{{ORGDOMAIN}}-7054.pem - name: CORE_PEER_MSPCONFIGPATH - value: /shared/crypto-config/peerOrganizations/{{ORG_DOMAIN}}/users/admin/msp/ + value: /shared/crypto-config/{{ORG_NAME}}.{{ORG_DOMAIN}}/users/admin/msp/ - name: ORDERER_CA - value: /shared/crypto-config/ordererOrganizations/{{ORDERER_DOMAIN}}/orderers/orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/msp/tlscacerts/tlsca.{{ORDERER_DOMAIN}}-cert.pem + value: /shared/crypto-config/{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/orderers/orderer0-{{ORDERER_NAME}}.{{ORDERER_DOMAIN}}/msp/tlsintermediatecerts/ica-{{ORDERER_NAME}}-{{ORDERER_DOMAIN}}-7054.pem - name: CORE_PEER_ADDRESS value: peer0-{{ORG_NAME}}.{{ORG_DOMAIN}}:7051 - name: ORDERER_ADDRESSES diff --git a/mamba/template/add-org/__init__.py b/mamba/template/add-org/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/admin-v1/__init__.py b/mamba/template/admin-v1/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/admin-v1/admin-deployment.yaml b/mamba/template/admin-v1/admin-deployment.yaml new file mode 100644 index 0000000..f323ac0 --- /dev/null +++ b/mamba/template/admin-v1/admin-deployment.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + namespace: {{ORDERER_DOMAIN}} + name: admin-v1 +spec: + serviceName: admin-v1 + replicas: 1 + selector: + matchLabels: + app: admin-v1 + tier: {{ORDERER_DOMAIN}} + template: + metadata: + labels: + app: admin-v1 + tier: {{ORDERER_DOMAIN}} + spec: + containers: + - name: admin-v1 + image: docker.pkg.github.com/akachain/akc-admin/master:v1.5.2 + ports: + - containerPort: 4001 + imagePullPolicy: Always + env: + - name: NODE_ENV + value: development + volumeMounts: + - name: akc-ca-data + mountPath: /shared/ + - name: crypto-store-efs + mountPath: /tmp/crypto-store/ + - name: crypto-path-efs + mountPath: /data/app/crypto-path/ + - name: artifacts-efs + mountPath: /data/app/artifacts/ + volumes: + - name: akc-ca-data + nfs: + server: {{EFS_SERVER}} + path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/akc-ca-data/ + - name: crypto-store-efs + nfs: + server: {{EFS_SERVER}} + path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/crypto-store/ + - name: crypto-path-efs + nfs: + server: {{EFS_SERVER}} + path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/crypto-path/ + - name: artifacts-efs + nfs: + server: {{EFS_SERVER}} + path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ + imagePullSecrets: + - name: mamba \ No newline at end of file diff --git a/mamba/template/admin-v1/admin-service.yaml b/mamba/template/admin-v1/admin-service.yaml new file mode 100644 index 0000000..ad39a67 --- /dev/null +++ b/mamba/template/admin-v1/admin-service.yaml @@ -0,0 +1,18 @@ + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: {{ORDERER_DOMAIN}} + name: admin-v1 +spec: + selector: + app: admin-v1 + tier: {{ORDERER_DOMAIN}} + type: NodePort + ports: + - name: admin-port + protocol: TCP + port: 4001 + targetPort: 4001 + # nodePort: 32330 \ No newline at end of file diff --git a/mamba/template/admin/__init__.py b/mamba/template/admin/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/admin/admin-deployment.yaml b/mamba/template/admin/admin-deployment.yaml index e09becb..fd28423 100644 --- a/mamba/template/admin/admin-deployment.yaml +++ b/mamba/template/admin/admin-deployment.yaml @@ -19,7 +19,7 @@ spec: spec: containers: - name: admin-v2-{{ORG_NAME}} - image: docker.pkg.github.com/akachain/akc-admin/master:2.0 + image: akachain/akc-admin:2.2.1 ports: - containerPort: 4001 imagePullPolicy: Always @@ -27,9 +27,9 @@ spec: - name: CRYPTO_TYPE value: mamba - name: ORGS - value: "{{ORGDERER_NAME}} {{ORG_NAME}}" + value: "{{ORGDERER_NAME}} {{PEER_NAMES}}" - name: DOMAINS - value: "{{ORDERER_DOMAIN}} {{ORG_DOMAIN}}" + value: "{{ORDERER_DOMAIN}} {{PEER_DOMAINS}}" - name: NODE_ENV value: development - name: GOPATH @@ -60,9 +60,11 @@ spec: - name: akc-ca-data mountPath: /shared/ - name: chaincodes - mountPath: /go/src/chaincodes + mountPath: /chaincodes - name: artifacts-efs mountPath: /data/app/artifacts/ + - name: wallet + mountPath: /data/app/wallet/ volumes: - name: akc-ca-data nfs: @@ -76,6 +78,10 @@ spec: nfs: server: {{EFS_SERVER}} path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ + - name: wallet + nfs: + server: {{EFS_SERVER}} + path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/wallet/ imagePullSecrets: - name: mamba diff --git a/mamba/template/autoscaler/__init__.py b/mamba/template/autoscaler/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/bootstrap-network/__init__.py b/mamba/template/bootstrap-network/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/channel-artifacts/__init__.py b/mamba/template/channel-artifacts/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/connection-profile/__init__.py b/mamba/template/connection-profile/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/ebs-encryption/__init__.py b/mamba/template/ebs-encryption/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/efs/__init__.py b/mamba/template/efs/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/enroll-orderer/__init__.py b/mamba/template/enroll-orderer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/enroll-peer/__init__.py b/mamba/template/enroll-peer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/explorer/__init__.py b/mamba/template/explorer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/external-chaincode/__init__.py b/mamba/template/external-chaincode/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/gen-artifacts/__init__.py b/mamba/template/gen-artifacts/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml b/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml index 595dc9c..6c607fa 100644 --- a/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml +++ b/mamba/template/gen-artifacts/fabric-deployment-gen-artifacts.yaml @@ -31,5 +31,5 @@ spec: - name: artifacts-efs nfs: server: {{EFS_SERVER}} - path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin/artifacts/ + path: {{PVS_PATH}}/{{EFS_PATH}}/{{EFS_EXTEND}}/admin-v2/artifacts/ diff --git a/mamba/template/grafana/__init__.py b/mamba/template/grafana/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/helm/__init__.py b/mamba/template/helm/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/ica/__init__.py b/mamba/template/ica/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/ingress/__init__.py b/mamba/template/ingress/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/kafka/__init__.py b/mamba/template/kafka/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/local-storage/__init__.py b/mamba/template/local-storage/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/metrics/__init__.py b/mamba/template/metrics/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/namespace/__init__.py b/mamba/template/namespace/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/orderer-sts/__init__.py b/mamba/template/orderer-sts/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/orderer-sts/orderer-stateful.yaml b/mamba/template/orderer-sts/orderer-stateful.yaml index 5d4c945..a201cfb 100644 --- a/mamba/template/orderer-sts/orderer-stateful.yaml +++ b/mamba/template/orderer-sts/orderer-stateful.yaml @@ -40,14 +40,32 @@ spec: value: /shared/ - name: ORDERER_GENERAL_LEDGERTYPE value: file + # Location: The directory to store the blocks in. - name: ORDERER_FILELEDGER_LOCATION - value: /var/ledger/orderer{{ORDERER_INDEX}} + value: /var/ledger/orderer{{ORDERER_INDEX}}/orderer + # WALDir specifies the location at which Write Ahead Logs for etcd/raft are + # stored. Each channel will have its own subdir named after channel ID. + - name: ORDERER_CONSENSUS_WALDIR + value: /var/ledger/orderer{{ORDERER_INDEX}}/etcdraft/wal + # SnapDir specifies the location at which snapshots for etcd/raft are + # stored. Each channel will have its own subdir named after channel ID. + - name: ORDERER_CONSENSUS_SNAPDIR + value: /var/ledger/orderer{{ORDERER_INDEX}}/etcdraft/snapshot + # Listen address: The IP on which to bind to listen. - name: ORDERER_GENERAL_LISTENADDRESS value: 0.0.0.0 + # LocalMSPDir is where to find the private crypto material needed by the + # orderer. It is set relative here as a default for dev environments but + # should be changed to the real location in production. - name: ORDERER_GENERAL_LOCALMSPDIR value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/msp + # LocalMSPID is the identity to register the local MSP material with the MSP + # manager. IMPORTANT: The local MSP ID of an orderer needs to match the MSP + # ID of one of the organizations defined in the orderer system channel's + # /Channel/Orderer configuration. The sample organization defined in the + # sample configuration provided has an MSP ID of "SampleOrg". - name: ORDERER_GENERAL_LOCALMSPID - value: ordererMSP + value: {{ORDERER}}MSP - name: ORDERER_GENERAL_GENESISMETHOD value: file - name: ORDERER_GENERAL_GENESISFILE @@ -58,9 +76,17 @@ spec: value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.key - name: ORDERER_GENERAL_TLS_CERTIFICATE value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.crt + - name: ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.key + - name: ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/server.crt # THIS IS BROKEN: * 'General.TLS.RootCAs': source data must be an array or slice, got string - name: ORDERER_GENERAL_TLS_ROOTCAS value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/tlscacerts/tls-ica-{{ORDERER}}-{{ORDERER_DOMAIN}}-7054.pem + - name: ORDERER_GENERAL_CLUSTER_ROOTCAS + value: /shared/crypto-config/{{ORDERER}}.{{ORDERER_DOMAIN}}/orderers/orderer{{ORDERER_INDEX}}-{{ORDERER}}.{{ORDERER_DOMAIN}}/tls/tlscacerts/tls-ica-{{ORDERER}}-{{ORDERER_DOMAIN}}-7054.pem + # - name: ORDERER_GENERAL_LISTENPORT + # value: "7050" - name: GODEBUG value: netdns=go - name: ORDERER_OPERATIONS_LISTENADDRESS @@ -75,7 +101,6 @@ spec: - name: crypto-config mountPath: /shared - name: orderer{{ORDERER_INDEX}}-{{ORDERER_DOMAIN}}-pvc-akc - mountPath: /var/ledger mountPath: /var/ledger/orderer{{ORDERER_INDEX}} volumes: - name: crypto-config diff --git a/mamba/template/peer-sts/__init__.py b/mamba/template/peer-sts/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/peer-sts/peer-stateful.yaml b/mamba/template/peer-sts/peer-stateful.yaml index 5d43641..3fecb6f 100644 --- a/mamba/template/peer-sts/peer-stateful.yaml +++ b/mamba/template/peer-sts/peer-stateful.yaml @@ -99,9 +99,9 @@ spec: - name: CORE_PEER_GOSSIP_EXTERNALENDPOINT value: peer{{PEER_INDEX}}-{{PEER_ORG}}.{{PEER_DOMAIN}}:7051 - name: CORE_PEER_GOSSIP_USELEADERELECTION - value: "true" - - name: CORE_PEER_GOSSIP_ORGLEADER value: "false" + - name: CORE_PEER_GOSSIP_ORGLEADER + value: "true" - name: CORE_PEER_COMMITTER_ENABLED value: "true" - name: CORE_PEER_PROFILE_ENABLED diff --git a/mamba/template/prometheus/__init__.py b/mamba/template/prometheus/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/rca/__init__.py b/mamba/template/rca/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/register-orderer/__init__.py b/mamba/template/register-orderer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/register-org/__init__.py b/mamba/template/register-org/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/register-peer/__init__.py b/mamba/template/register-peer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/update-anchor-peer/__init__.py b/mamba/template/update-anchor-peer/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/template/zookeeper/__init__.py b/mamba/template/zookeeper/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/mamba/utils/kube.py b/mamba/utils/kube.py index 2373390..ed75a1c 100644 --- a/mamba/utils/kube.py +++ b/mamba/utils/kube.py @@ -1,11 +1,9 @@ import os import yaml -import re import time from kubernetes import client, config from kubernetes.client.rest import ApiException from kubernetes.stream import stream -from pprint import pprint from utils import hiss, util from k8s.namespace import Namespace from settings import settings @@ -23,18 +21,20 @@ def read_pod_log(self, name, namespace): if not pods: msg = 'Pod %s not found!' % name return util.Result(success=False, msg=msg) - + for pod in pods: try: - api_response = self.coreApi.read_namespaced_pod_log(pod, namespace) + api_response = self.coreApi.read_namespaced_pod_log( + pod, namespace) print(api_response) except ApiException as e: - print("Exception when calling CoreV1Api->read_namespaced_pod_log: %s\n" % e) - + print( + "Exception when calling CoreV1Api->read_namespaced_pod_log: %s\n" % e) def read_stateful_set(self, name, namespace): try: - api_response = self.appsApi.read_namespaced_stateful_set(name, namespace) + api_response = self.appsApi.read_namespaced_stateful_set( + name, namespace) return util.Result(success=True, data=api_response) except ApiException as e: msg = "Exception when calling AppsV1Api->read_namespaced_stateful_set: %s\n" % e @@ -43,8 +43,10 @@ def read_stateful_set(self, name, namespace): def delete_job(self, name, namespace): try: body = client.V1DeleteOptions(propagation_policy='Background') - api_response = self.batchApi.delete_namespaced_job(name, namespace, body=body) - hiss.echo('Delete job %s on namespace %s success' % (name, namespace)) + api_response = self.batchApi.delete_namespaced_job( + name, namespace, body=body) + hiss.echo('Delete job %s on namespace %s success' % + (name, namespace)) return util.Result(success=True, data=api_response) except ApiException as e: err_msg = "Exception when calling BatchV1Api->delete_namespaced_job: %s\n" % e @@ -52,7 +54,8 @@ def delete_job(self, name, namespace): def delete_persistent_volume_claim(self, name, namespace): try: - api_response = self.coreApi.delete_namespaced_persistent_volume_claim(name=name, namespace=namespace) + api_response = self.coreApi.delete_namespaced_persistent_volume_claim( + name=name, namespace=namespace) return util.Result(success=True, data=api_response) except ApiException as e: err_msg = "Exception when calling CoreV1Api->delete_namespaced_persistent_volume_claim: %s\n" % e @@ -72,26 +75,30 @@ def delete_stateful(self, name, namespace, delete_pvc=False): list_pvc = self.find_pvc(namespace, keyword=pvt_name) for pvc in list_pvc: hiss.echo('Delete pvc %s ' % pvc) - self.delete_persistent_volume_claim(name=pvc, namespace=namespace) + self.delete_persistent_volume_claim( + name=pvc, namespace=namespace) try: body = client.V1DeleteOptions(propagation_policy='Background') - api_response = self.appsApi.delete_namespaced_stateful_set(name, namespace, body=body) - self.check_pod_status_by_keyword(keyword=name, namespace=namespace, is_delete=True) - hiss.echo('%s stateful set %s on namespace %s success' % (action, name, namespace)) + api_response = self.appsApi.delete_namespaced_stateful_set( + name, namespace, body=body) + self.check_pod_status_by_keyword( + keyword=name, namespace=namespace, is_delete=True) + hiss.echo('%s stateful set %s on namespace %s success' % + (action, name, namespace)) return util.Result(success=True, data=api_response) except ApiException as e: err_msg = "Exception when calling AppsV1Api->delete_namespaced_stateful_set: %s\n" % e return util.Result(success=hiss.hiss(err_msg), msg=err_msg) def check_pod_status_by_keyword(self, keyword, namespace, is_delete=False, check_job_success=False): - + condition_status = 'Running' if is_delete else 'Pending' condition_status = 'Succeeded' if check_job_success else condition_status # Check status - count = 0 # Use count variable to detect replica - msg = '' # Message show the status of the pod + count = 0 # Use count variable to detect replica + msg = '' # Message show the status of the pod while True: time.sleep(1) # Find efs pod @@ -101,11 +108,12 @@ def check_pod_status_by_keyword(self, keyword, namespace, is_delete=False, check if is_delete: hiss.sub_echo('Done') break - hiss.sub_echo('cannot find tiller pod when check status.. retry') + hiss.sub_echo( + 'cannot find tiller pod when check status.. retry') continue if is_delete: - newMsg = '%s terminating' % keyword + newMsg = '%s terminating' % keyword if msg != newMsg: msg = newMsg hiss.sub_echo(msg) @@ -118,8 +126,8 @@ def check_pod_status_by_keyword(self, keyword, namespace, is_delete=False, check # Check status while True: resp = self.coreApi.read_namespaced_pod_status(name=pods[count], - namespace=namespace) - + namespace=namespace) + # Manage notify display newMsg = '%s %s' % (pods[count], resp.status.phase) if msg != newMsg: @@ -150,26 +158,28 @@ def remove_pvc(self, doc): volume_claim_templates = doc['spec']['volumeClaimTemplates'] for vct in volume_claim_templates: vct_name = vct['metadata']['name'] - + # Get containers in doc containers = doc['spec']['template']['spec']['containers'] for container in containers: volume_mounts = container['volumeMounts'] # Find and remove volume mount - volume = next((volume for volume in volume_mounts if volume['name'] == vct_name), None) + volume = next( + (volume for volume in volume_mounts if volume['name'] == vct_name), None) volume_mounts.remove(volume) # Remove volume claim template volume_claim_templates.remove(vct) def apply_yaml_from_template(self, namespace, k8s_template_file, dict_env): - yaml_path, _ = util.load_yaml_config_template(k8s_template_file, dict_env) + yaml_path, _ = util.load_yaml_config_template( + k8s_template_file, dict_env) hiss.sub_echo('Create %s successfully' % yaml_path) # Execute yaml # hiss.echo('Apply yaml file') - stream = open(yaml_path, 'r') - docs = yaml.safe_load_all(stream) + stream_file = open(yaml_path, 'r') + docs = yaml.safe_load_all(stream_file) success = True for doc in docs: @@ -187,16 +197,20 @@ def apply_yaml_from_template(self, namespace, k8s_template_file, dict_env): self.remove_pvc(doc) self.appsApi.create_namespaced_stateful_set( namespace, body=doc) - self.check_pod_status_by_keyword(keyword=doc['metadata']['name'], namespace=namespace) + self.check_pod_status_by_keyword( + keyword=doc['metadata']['name'], namespace=namespace) if doc['kind'] == 'Deployment': self.appsApi.create_namespaced_deployment( namespace, body=doc) - self.check_pod_status_by_keyword(keyword=doc['metadata']['name'], namespace=namespace) + self.check_pod_status_by_keyword( + keyword=doc['metadata']['name'], namespace=namespace) if doc['kind'] == 'Job': self.batchApi.create_namespaced_job(namespace, body=doc) - self.check_pod_status_by_keyword(keyword=doc['metadata']['name'], namespace=namespace, check_job_success=True) + self.check_pod_status_by_keyword( + keyword=doc['metadata']['name'], namespace=namespace, check_job_success=True) if doc['kind'] == 'ConfigMap': - self.coreApi.create_namespaced_config_map(namespace, body=doc) + self.coreApi.create_namespaced_config_map( + namespace, body=doc) except ApiException as e: print("Exception when apply yaml: %s\n" % e) success = False @@ -209,9 +223,6 @@ def create_namespace(self, name): if not ns.get(): hiss.sub_echo('Namespace %s does not exist. Creating...' % name) ns.create() - # else: - # hiss.sub_echo('Namespace %s already exists' % name) - def show_all_pods(self): ret = self.coreApi.list_pod_for_all_namespaces(watch=False) @@ -256,7 +267,8 @@ def find_stateful_set(self, namespace, keyword): def find_pvc(self, namespace, keyword): list_pvc = [] try: - ret = self.coreApi.list_namespaced_persistent_volume_claim(namespace) + ret = self.coreApi.list_namespaced_persistent_volume_claim( + namespace) for item in ret.items: if keyword in item.metadata.name: list_pvc.append(item.metadata.name) @@ -280,7 +292,8 @@ def cp_to_pod(self, podName, namespace, source, target): sourcePath = source if os.path.isdir(sourcePath): sourcePath = '%s/.' % source - cmd = 'kubectl cp %s -n %s %s:%s' % (sourcePath, namespace, podName, target) + cmd = 'kubectl cp %s -n %s %s:%s' % ( + sourcePath, namespace, podName, target) copyResult = os.system(cmd) if copyResult != 0: return hiss.hiss('cannot copy to pod') diff --git a/mamba/utils/util.py b/mamba/utils/util.py index 750a7b2..4c95fd4 100644 --- a/mamba/utils/util.py +++ b/mamba/utils/util.py @@ -4,6 +4,7 @@ import json import re import yaml +from pkg_resources import resource_filename, Requirement from utils import hiss from settings import settings @@ -51,24 +52,25 @@ def smart_append(list_item, items): list_item.append(items) return list_item +def get_package_resource(package_or_requirement: str, resource_name: str): + if package_or_requirement == '': + return resource_filename(Requirement.parse('akc-mamba'), resource_name) + return resource_filename(package_or_requirement, resource_name) def get_temp_path(): return expanduser('~/.akachain/akc-mamba/mamba/_temp') - def get_k8s_template_path(): return expanduser('~/.akachain/akc-mamba/mamba/template') - def split_timenow_utc(): # Get current datetime (UTC) current_time = datetime.datetime.utcnow().replace( microsecond=0).isoformat().split('T') - current_time[1] = current_time[1].replace(':','') + current_time[1] = current_time[1].replace(':', '') return current_time - def make_folder(path_folder): if not os.path.exists(path_folder): hiss.sub_echo('Folder %s does not exists. \n\tCreating...' % @@ -77,7 +79,6 @@ def make_folder(path_folder): # else: # hiss.sub_echo('Folder temp %s exists.' % path_folder) - def make_temp_folder(): # hiss.echo('Create Folder temp') temp_path = get_temp_path() @@ -90,7 +91,6 @@ def make_temp_folder(): yaml_path = '%s/%s' % (temp_path, current_time[0]) make_folder(yaml_path) - def get_domain(org_name): orgs = settings.ORGS.split(' ') domains = settings.DOMAINS.split(' ')