第三部分：基础命令

1. 生成MSP证书

cryptogen generate --config=./crypto-config.yaml

1. 生成排序服务创世区块

configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block

1. 生成通道配置创世区块

configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID ${CHANNEL_NAME}

1. 定义组织锚节点

// 组织Org1的锚节点configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org1MSP// 组织Org2的锚节点configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID ${CHANNEL_NAME} -asOrg Org2MSP

1. 创建并加入通道

• 创建通道

peer channel create -o orderer.example.com:7050 -c ${CHANNEL_NAME} -f ./channel-artifacts/channel.tx --tls ${CORE_PEER_TLS_ENABLED} --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem

• 可能会遇到的错误（以及解决方案）
  错误提示如下：

cli错误提示：Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied容器内部提示：UTC [cauthdsl] deduplicate -> ERRO 014 Principal deserialization failure (the supplied identity is not valid: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "ca.org1.example.com")) for identity

错误原因：由于启动过网络并且更新了证书，在没有删除干净的环境中启动复用的之前的volume，所以导致证书认证失败。

解决方案：

$ docker-compose -f docker-compose-cli.yaml -f docker-compose-couch.yaml down --volumesStopping cli                    ... doneStopping peer1.org2.example.com ... doneStopping peer0.org2.example.com ... doneStopping orderer.example.com    ... doneStopping peer0.org1.example.com ... doneStopping peer1.org1.example.com ... doneRemoving cli                    ... doneRemoving peer1.org2.example.com ... doneRemoving peer0.org2.example.com ... doneRemoving orderer.example.com    ... doneRemoving peer0.org1.example.com ... doneRemoving peer1.org1.example.com ... doneRemoving network net_byfnRemoving volume net_peer0.org2.example.comRemoving volume net_peer1.org2.example.comRemoving volume net_peer1.org1.example.comRemoving volume net_peer0.org1.example.comRemoving volume net_orderer.example.com

• 加入通道

peer channel join -b mychannel.block

• 查询当前peer加入的通道列表

peer channel list

1. 安装和实例化链码

• 安装链码

peer chaincode install -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02

• 查看安装的链码列表

docker exec peer0.org1.example.com ls /var/hyperledger/production/chaincodes

• 链码实例化

peer chaincode instantiate -o orderer.example.com:7050 --tls ${CORE_PEER_TLS_ENABLED} --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a","100","b","200"]}' -P "OR('Org1MSP.member','Org2MSP.member')"

1. 链码查询

peer chaincode query -C $CHANNEL_NAME -nmycc -c '{"Args":["query","a"]}'peer chaincode query -C $CHANNEL_NAME -nmycc -c '{"Args":["query","b"]}'

1. 链码调用

peer chaincode invoke -oorderer.example.com:7050  --tls ${CORE_PEER_TLS_ENABLED}--cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem  -C ${CHANNEL_NAME} -n mycc -c'{"Args":["invoke","a","b","10"]}'