├── .gitignore ├── LICENSE ├── README.md ├── build_chain.sh ├── docker ├── application.yml ├── build │ ├── Dockerfile │ ├── docker-build.sh │ ├── front-build.md │ └── start.sh └── front-install.md ├── k8s ├── bcos_kubernetes │ ├── peer0.org1.yaml │ ├── peer0.org2.yaml │ ├── peer0.org3.yaml │ └── peer0.org4.yaml └── front-k8s-install.md ├── nodes-config ├── Dockerfile ├── build_chain.sh ├── gen_node_cert.sh └── nodes │ ├── 172.17.0.1 │ ├── .transTest.sh │ ├── node0 │ │ ├── conf │ │ │ ├── ca.crt │ │ │ ├── group.1.genesis │ │ │ ├── group.1.ini │ │ │ ├── node.crt │ │ │ ├── node.key │ │ │ └── node.nodeid │ │ ├── config.ini │ │ ├── start.sh │ │ └── stop.sh │ ├── sdk │ │ ├── ca.crt │ │ ├── node.crt │ │ └── node.key │ ├── start_all.sh │ └── stop_all.sh │ ├── 172.17.0.2 │ ├── .transTest.sh │ ├── node0 │ │ ├── conf │ │ │ ├── ca.crt │ │ │ ├── group.1.genesis │ │ │ ├── group.1.ini │ │ │ ├── node.crt │ │ │ ├── node.key │ │ │ └── node.nodeid │ │ ├── config.ini │ │ ├── start.sh │ │ └── stop.sh │ ├── sdk │ │ ├── ca.crt │ │ ├── node.crt │ │ └── node.key │ ├── start_all.sh │ └── stop_all.sh │ ├── 172.17.0.3 │ ├── .transTest.sh │ ├── node0 │ │ ├── conf │ │ │ ├── ca.crt │ │ │ ├── group.1.genesis │ │ │ ├── group.1.ini │ │ │ ├── node.crt │ │ │ ├── node.key │ │ │ └── node.nodeid │ │ ├── config.ini │ │ ├── start.sh │ │ └── stop.sh │ ├── sdk │ │ ├── ca.crt │ │ ├── node.crt │ │ └── node.key │ ├── start_all.sh │ └── stop_all.sh │ ├── 172.17.0.4 │ ├── .transTest.sh │ ├── node0 │ │ ├── conf │ │ │ ├── ca.crt │ │ │ ├── group.1.genesis │ │ │ ├── group.1.ini │ │ │ ├── node.crt │ │ │ ├── node.key │ │ │ └── node.nodeid │ │ ├── config.ini │ │ ├── start.sh │ │ └── stop.sh │ ├── sdk │ │ ├── ca.crt │ │ ├── node.crt │ │ └── node.key │ ├── start_all.sh │ └── stop_all.sh │ └── cert │ ├── ca.crt │ ├── ca.key │ ├── ca.srl │ ├── cert.cnf │ └── test │ ├── agency.crt │ ├── agency.key │ ├── agency.srl │ ├── ca.crt │ └── cert.cnf └── release_note.txt /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | .idea 3 | *.iml 4 | dist 5 | .DS_Store 6 | jdk-8u211-linux-x64.tar.gz 7 | 8 | 9 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | # WeBASE-Docker 3 | [FISCO BCOS](https://github.com/FISCO-BCOS/FISCO-BCOS) + [WeBASE-Front](https://github.com/WeBankBlockchain/WeBASE-Front) 镜像和K8s部署。 4 | 5 | 项目主要有三个部分: 6 | 1. docker目录存放front镜像使用和打包相关文件。 7 | - [front镜像使用文档](docker/front-install.md) 8 | - [front镜像打包文档](docker/build/front-build.md) 9 | 10 | 2. k8s目录主要存放front镜像k8s部署相关yaml文件。 11 | - [front镜像K8S部署参考文档](k8s/front-k8s-install.md) 12 | 3. nodes-config主要存放相关buildchain和节点相关配置文件。 13 | 14 | ### 1. 镜像简要说明 15 | front镜像包含了底层镜像和WeBASE-Front的代码,将节点和节点前置放在一起。通过镜像搭建区块链网络需要通过[build_chain.sh](https://fisco-bcos-documentation.readthedocs.io/zh_CN/latest/docs/manual/build_chain.html) 生成各节点的配置信息。 16 | 搭建区块链网络前建议阅读以下两部分内容并熟悉buildchain的使用。 17 | 18 | #### 1.1节点网络说明 19 | 20 | - 每个节点需要3个端口,详细请参考[FISCO BCOS网络端口讲解](https://mp.weixin.qq.com/s/IiHsPlxmvEEBTC84n27I9A)。 21 | - 节点之间需要保证P2P网络可达 22 | - 节点的channel端口供SDK访问,但默认监听127.0.0.1 23 | - 节点的RPC端口提供HTTP的JSON-RPC协议,但默认监听127.0.0.1 24 | 25 | ### 1.2 节点依赖说明 26 | 27 | **buildchain脚本会自动生成各节点相关配置文件,放置在节点目录下,启动容器时需挂载节点的配置文件**。 28 | 29 | - 每个节点启动依赖一些配置文件,详细请参考[FISCO BCOS配置说明](https://mp.weixin.qq.com/s/3RGTRvheSr5P1nXbmAjl2g)。 30 | - 主配置文件config.ini,其中会配置本节点监听的IP和端口。需要根据云环境定制。 31 | - 主配置文件config.ini,其中会配置需要链接的其他节点IP和端口,需要根据云环境定制。 32 | - ca.crt/node.crt/node.key是节点建立SSL链接是使用的证书相关文件。 33 | - 节点conf/目录下会有群组配置相关文件,节点启动时依赖。需要注意conf/group.1.genesis文件中会存放节点的nodeid,是节点node.key对应的公钥。 34 | 35 | 36 | ### 2 附录 37 | #### 2.1 安装 38 | 39 | | 操作系统 | 版本最低要求 | 安装方式 | 40 | | ------------- |:-------|:-----| 41 | | CentOS(RHEL)| CentOS 7.3(kernel >= 3.10.0-514) |curl -fsSL https://get.docker.com -o get-docker.sh && bash get-docker.sh| 42 | |Debian|Stretch 9 |curl -fsSL https://get.docker.com -o get-docker.sh && bash get-docker.sh| 43 | |Ubuntu|Xenial 16.04 (LTS)|curl -fsSL https://get.docker.com -o get-docker.sh && bash get-docker.sh| 44 | |MacOS| 10.13 |参考: [https://docs.docker.com/docker-for-mac/install/](https://docs.docker.com/docker-for-mac/install/)| 45 | 46 | 关于其他系统的安装方法,请参考: https://docs.docker.com/install/linux/docker-ce/binaries/ 47 | 48 | 因为 Docker 的存储驱动,建议使用 overlay2,所以需要 Linux kernel 4.0 以上的版本。如果是 RHEL 或者 CentOS 的话,需要 Linux kernel 3.10.0-51 以上。关于 overlay2 请参考: [https://docs.docker.com/storage/storagedriver/overlayfs-driver/](https://docs.docker.com/storage/storagedriver/overlayfs-driver/) 49 | 50 | CentOS 版本对应的 kernel 版本请参考: [https://en.wikipedia.org/wiki/CentOS#CentOS_version_7](https://en.wikipedia.org/wiki/CentOS#CentOS_version_7) 51 | 52 | 53 | 54 | -------------------------------------------------------------------------------- /build_chain.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | # default value 6 | ca_file= #CA key 7 | node_num=1 8 | ip_file= 9 | ip_param= 10 | use_ip_param= 11 | agency_array= 12 | group_array= 13 | ip_array= 14 | output_dir=nodes 15 | port_start=(30300 20200 8545) 16 | state_type=storage 17 | storage_type=rocksdb 18 | conf_path="conf" 19 | bin_path= 20 | make_tar= 21 | debug_log="false" 22 | log_level="info" 23 | logfile=${PWD}/build.log 24 | listen_ip="127.0.0.1" 25 | bcos_bin_name=fisco-bcos 26 | guomi_mode= 27 | docker_mode= 28 | gm_conf_path="gmconf/" 29 | current_dir=$(pwd) 30 | consensus_type="pbft" 31 | TASSL_CMD="${HOME}"/.tassl 32 | enable_parallel=true 33 | auto_flush="true" 34 | # trans timestamp from seconds to milliseconds 35 | timestamp=$(($(date '+%s')*1000)) 36 | chain_id=1 37 | compatibility_version="" 38 | default_version="2.0.0" 39 | macOS="" 40 | download_timeout=360 41 | 42 | help() { 43 | echo $1 44 | cat << EOF 45 | Usage: 46 | -l [Required] "ip1:nodeNum1,ip2:nodeNum2" e.g:"192.168.0.1:2,192.168.0.2:3" 47 | -f [Optional] split by line, every line should be "ip:nodeNum agencyName groupList". eg "127.0.0.1:4 agency1 1,2" 48 | -e Default download fisco-bcos from GitHub. If set -e, use the binary at the specified location 49 | -o Default ./nodes/ 50 | -p Default 30300,20200,8545 means p2p_port start from 30300, channel_port from 20200, jsonrpc_port from 8545 51 | -i Default 127.0.0.1. If set -i, listen 0.0.0.0 52 | -v Default get version from https://github.com/FISCO-BCOS/FISCO-BCOS/releases. If set use specificd version binary 53 | -s Default rocksdb. Options can be rocksdb / mysql / external, rocksdb is recommended 54 | -d Default off. If set -d, build with docker 55 | -c Default PBFT. If set -c, use Raft 56 | -m Default storageState. if set -m, use mpt state 57 | -C Default 1. Can set uint. 58 | -g Default no 59 | -z Default no 60 | -t Default auto generate 61 | -T Default off. If set -T, enable debug log 62 | -F Default on. If set -F, disable log auto flush 63 | -h Help 64 | e.g 65 | $0 -l "127.0.0.1:4" 66 | EOF 67 | 68 | exit 0 69 | } 70 | 71 | LOG_WARN() 72 | { 73 | local content=${1} 74 | echo -e "\033[31m[WARN] ${content}\033[0m" 75 | } 76 | 77 | LOG_INFO() 78 | { 79 | local content=${1} 80 | echo -e "\033[32m[INFO] ${content}\033[0m" 81 | } 82 | 83 | exit_with_clean() 84 | { 85 | local content=${1} 86 | echo -e "\033[31m[ERROR] ${content}\033[0m" 87 | if [ -d "${output_dir}" ];then 88 | rm -rf ${output_dir} 89 | fi 90 | exit 1 91 | } 92 | 93 | parse_params() 94 | { 95 | while getopts "f:l:o:p:e:t:v:s:C:iczhgmTFd" option;do 96 | case $option in 97 | f) ip_file=$OPTARG 98 | use_ip_param="false" 99 | ;; 100 | l) ip_param=$OPTARG 101 | use_ip_param="true" 102 | ;; 103 | o) output_dir=$OPTARG;; 104 | i) listen_ip="0.0.0.0";; 105 | v) compatibility_version="$OPTARG";; 106 | p) port_start=(${OPTARG//,/ }) 107 | if [ ${#port_start[@]} -ne 3 ];then LOG_WARN "start port error. e.g: 30300,20200,8545" && exit 1;fi 108 | ;; 109 | e) bin_path=$OPTARG;; 110 | m) state_type=mpt;; 111 | s) storage_type=$OPTARG 112 | if [ -z "${storage_type}" ];then 113 | LOG_WARN "${storage_type} is not supported storage." 114 | exit 1; 115 | fi 116 | ;; 117 | t) CertConfig=$OPTARG;; 118 | c) consensus_type="raft";; 119 | C) chain_id=$OPTARG 120 | if [ -z $(grep '^[[:digit:]]*$' <<< "${chain_id}") ];then 121 | LOG_WARN "${chain_id} is not a positive integer." 122 | exit 1; 123 | fi 124 | ;; 125 | T) debug_log="true" 126 | log_level="debug" 127 | ;; 128 | F) auto_flush="false";; 129 | z) make_tar="yes";; 130 | g) guomi_mode="yes";; 131 | d) docker_mode="yes" 132 | [ ! -z "${macOS}" ] && LOG_WARN "Docker desktop of macOS can't support docker mode of FISCO BCOS!" && exit 1;; 133 | h) help;; 134 | esac 135 | done 136 | } 137 | 138 | print_result() 139 | { 140 | echo "================================================================" 141 | LOG_INFO "Execute the following command to get FISCO-BCOS console" 142 | echo " bash <(curl -s https://raw.githubusercontent.com/FISCO-BCOS/console/master/tools/download_console.sh)" 143 | echo "================================================================" 144 | [ -z ${docker_mode} ] && LOG_INFO "FISCO-BCOS Path : $bin_path" 145 | [ ! -z ${docker_mode} ] && LOG_INFO "Docker tag : latest" 146 | [ ! -z $ip_file ] && LOG_INFO "IP List File : $ip_file" 147 | # [ ! -z $ip_file ] && LOG_INFO -e "Agencies/groups : ${#agency_array[@]}/${#groups[@]}" 148 | LOG_INFO "Start Port : ${port_start[*]}" 149 | LOG_INFO "Server IP : ${ip_array[*]}" 150 | LOG_INFO "State Type : ${state_type}" 151 | LOG_INFO "RPC listen IP : ${listen_ip}" 152 | LOG_INFO "Output Dir : ${output_dir}" 153 | LOG_INFO "CA Key Path : $ca_file" 154 | [ ! -z $guomi_mode ] && LOG_INFO "Guomi mode : $guomi_mode" 155 | echo "================================================================" 156 | LOG_INFO "All completed. Files in ${output_dir}" 157 | } 158 | 159 | check_env() { 160 | [ ! -z "$(openssl version | grep 1.0.2)" ] || [ ! -z "$(openssl version | grep 1.1)" ] || [ ! -z "$(openssl version | grep reSSL)" ] || { 161 | echo "please install openssl!" 162 | #echo "download openssl from https://www.openssl.org." 163 | echo "use \"openssl version\" command to check." 164 | exit 1 165 | } 166 | if [ ! -z "$(openssl version | grep reSSL)" ];then 167 | export PATH="/usr/local/opt/openssl/bin:$PATH" 168 | fi 169 | if [ "$(uname)" == "Darwin" ];then 170 | macOS="macOS" 171 | fi 172 | 173 | } 174 | 175 | # TASSL env 176 | check_and_install_tassl() 177 | { 178 | if [ ! -f "${HOME}/.tassl" ];then 179 | curl -LO https://github.com/FISCO-BCOS/LargeFiles/raw/master/tools/tassl.tar.gz 180 | LOG_INFO "Downloading tassl binary ..." 181 | tar zxvf tassl.tar.gz 182 | chmod u+x tassl 183 | mv tassl ${HOME}/.tassl 184 | fi 185 | } 186 | 187 | getname() { 188 | local name="$1" 189 | if [ -z "$name" ]; then 190 | return 0 191 | fi 192 | [[ "$name" =~ ^.*/$ ]] && { 193 | name="${name%/*}" 194 | } 195 | name="${name##*/}" 196 | echo "$name" 197 | } 198 | 199 | check_name() { 200 | local name="$1" 201 | local value="$2" 202 | [[ "$value" =~ ^[a-zA-Z0-9._-]+$ ]] || { 203 | exit_with_clean "$name name [$value] invalid, it should match regex: ^[a-zA-Z0-9._-]+\$" 204 | } 205 | } 206 | 207 | file_must_exists() { 208 | if [ ! -f "$1" ]; then 209 | exit_with_clean "$1 file does not exist, please check!" 210 | fi 211 | } 212 | 213 | dir_must_exists() { 214 | if [ ! -d "$1" ]; then 215 | exit_with_clean "$1 DIR does not exist, please check!" 216 | fi 217 | } 218 | 219 | dir_must_not_exists() { 220 | if [ -e "$1" ]; then 221 | LOG_WARN "$1 DIR exists, please clean old DIR!" 222 | exit 1 223 | fi 224 | } 225 | 226 | gen_chain_cert() { 227 | local path="${1}" 228 | name=$(getname "$path") 229 | echo "$path --- $name" 230 | dir_must_not_exists "$path" 231 | check_name chain "$name" 232 | 233 | chaindir=$path 234 | mkdir -p $chaindir 235 | openssl genrsa -out $chaindir/ca.key 2048 236 | openssl req -new -x509 -days 3650 -subj "/CN=$name/O=fisco-bcos/OU=chain" -key $chaindir/ca.key -out $chaindir/ca.crt 237 | mv cert.cnf $chaindir 238 | } 239 | 240 | gen_agency_cert() { 241 | local chain="${1}" 242 | local agencypath="${2}" 243 | name=$(getname "$agencypath") 244 | 245 | dir_must_exists "$chain" 246 | file_must_exists "$chain/ca.key" 247 | check_name agency "$name" 248 | agencydir=$agencypath 249 | dir_must_not_exists "$agencydir" 250 | mkdir -p $agencydir 251 | 252 | openssl genrsa -out $agencydir/agency.key 2048 253 | openssl req -new -sha256 -subj "/CN=$name/O=fisco-bcos/OU=agency" -key $agencydir/agency.key -config $chain/cert.cnf -out $agencydir/agency.csr 254 | openssl x509 -req -days 3650 -sha256 -CA $chain/ca.crt -CAkey $chain/ca.key -CAcreateserial\ 255 | -in $agencydir/agency.csr -out $agencydir/agency.crt -extensions v4_req -extfile $chain/cert.cnf 256 | 257 | cp $chain/ca.crt $chain/cert.cnf $agencydir/ 258 | rm -f $agencydir/agency.csr 259 | 260 | echo "build $name agency cert successful!" 261 | } 262 | 263 | gen_cert_secp256k1() { 264 | capath="$1" 265 | certpath="$2" 266 | name="$3" 267 | type="$4" 268 | openssl ecparam -out $certpath/${type}.param -name secp256k1 269 | openssl genpkey -paramfile $certpath/${type}.param -out $certpath/${type}.key 270 | openssl pkey -in $certpath/${type}.key -pubout -out $certpath/${type}.pubkey 271 | openssl req -new -sha256 -subj "/CN=${name}/O=fisco-bcos/OU=${type}" -key $certpath/${type}.key -config $capath/cert.cnf -out $certpath/${type}.csr 272 | openssl x509 -req -days 3650 -sha256 -in $certpath/${type}.csr -CAkey $capath/agency.key -CA $capath/agency.crt\ 273 | -force_pubkey $certpath/${type}.pubkey -out $certpath/${type}.crt -CAcreateserial -extensions v3_req -extfile $capath/cert.cnf 274 | openssl ec -in $certpath/${type}.key -outform DER | tail -c +8 | head -c 32 | xxd -p -c 32 | cat >$certpath/${type}.private 275 | rm -f $certpath/${type}.csr 276 | } 277 | 278 | gen_node_cert() { 279 | if [ "" == "$(openssl ecparam -list_curves 2>&1 | grep secp256k1)" ]; then 280 | exit_with_clean "openssl don't support secp256k1, please upgrade openssl!" 281 | fi 282 | 283 | agpath="${1}" 284 | agency=$(getname "$agpath") 285 | ndpath="${2}" 286 | node=$(getname "$ndpath") 287 | dir_must_exists "$agpath" 288 | file_must_exists "$agpath/agency.key" 289 | check_name agency "$agency" 290 | dir_must_not_exists "$ndpath" 291 | check_name node "$node" 292 | 293 | mkdir -p $ndpath 294 | 295 | gen_cert_secp256k1 "$agpath" "$ndpath" "$node" node 296 | #nodeid is pubkey 297 | openssl ec -in $ndpath/node.key -text -noout | sed -n '7,11p' | tr -d ": \n" | awk '{print substr($0,3);}' | cat >$ndpath/node.nodeid 298 | # openssl x509 -serial -noout -in $ndpath/node.crt | awk -F= '{print $2}' | cat >$ndpath/node.serial 299 | cp $agpath/ca.crt $agpath/agency.crt $ndpath 300 | 301 | cd $ndpath 302 | 303 | echo "build $node node cert successful!" 304 | } 305 | 306 | generate_gmsm2_param() 307 | { 308 | local output=$1 309 | cat << EOF > ${output} 310 | -----BEGIN EC PARAMETERS----- 311 | BggqgRzPVQGCLQ== 312 | -----END EC PARAMETERS----- 313 | 314 | EOF 315 | } 316 | 317 | gen_chain_cert_gm() { 318 | local path="${1}" 319 | name=$(getname "$path") 320 | echo "$path --- $name" 321 | dir_must_not_exists "$path" 322 | check_name chain "$name" 323 | 324 | chaindir=$path 325 | mkdir -p $chaindir 326 | 327 | generate_gmsm2_param "gmsm2.param" 328 | $TASSL_CMD genpkey -paramfile gmsm2.param -out $chaindir/gmca.key 329 | $TASSL_CMD req -config gmcert.cnf -x509 -days 3650 -subj "/CN=$name/O=fiscobcos/OU=chain" -key $chaindir/gmca.key -extensions v3_ca -out $chaindir/gmca.crt 330 | 331 | cp gmcert.cnf gmsm2.param $chaindir 332 | 333 | if $(cp gmcert.cnf gmsm2.param $chaindir) 334 | then 335 | echo "build chain ca succussful!" 336 | else 337 | echo "please input at least Common Name!" 338 | fi 339 | } 340 | 341 | gen_agency_cert_gm() { 342 | local chain="${1}" 343 | local agencypath="${2}" 344 | name=$(getname "$agencypath") 345 | 346 | dir_must_exists "$chain" 347 | file_must_exists "$chain/gmca.key" 348 | check_name agency "$name" 349 | agencydir=$agencypath 350 | dir_must_not_exists "$agencydir" 351 | mkdir -p $agencydir 352 | 353 | $TASSL_CMD genpkey -paramfile $chain/gmsm2.param -out $agencydir/gmagency.key 354 | $TASSL_CMD req -new -subj "/CN=$name/O=fiscobcos/OU=agency" -key $agencydir/gmagency.key -config $chain/gmcert.cnf -out $agencydir/gmagency.csr 355 | $TASSL_CMD x509 -req -CA $chain/gmca.crt -CAkey $chain/gmca.key -days 3650 -CAcreateserial -in $agencydir/gmagency.csr -out $agencydir/gmagency.crt -extfile $chain/gmcert.cnf -extensions v3_agency_root 356 | 357 | cp $chain/gmca.crt $chain/gmcert.cnf $chain/gmsm2.param $agencydir/ 358 | rm -f $agencydir/gmagency.csr 359 | 360 | echo "build $name agency cert successful!" 361 | } 362 | 363 | gen_node_cert_with_extensions_gm() { 364 | capath="$1" 365 | certpath="$2" 366 | name="$3" 367 | type="$4" 368 | extensions="$5" 369 | 370 | $TASSL_CMD genpkey -paramfile $capath/gmsm2.param -out $certpath/gm${type}.key 371 | $TASSL_CMD req -new -subj "/CN=$name/O=fiscobcos/OU=agency" -key $certpath/gm${type}.key -config $capath/gmcert.cnf -out $certpath/gm${type}.csr 372 | $TASSL_CMD x509 -req -CA $capath/gmagency.crt -CAkey $capath/gmagency.key -days 3650 -CAcreateserial -in $certpath/gm${type}.csr -out $certpath/gm${type}.crt -extfile $capath/gmcert.cnf -extensions $extensions 373 | 374 | rm -f $certpath/gm${type}.csr 375 | } 376 | 377 | gen_node_cert_gm() { 378 | if [ "" = "$(openssl ecparam -list_curves 2>&1 | grep secp256k1)" ]; then 379 | exit_with_clean "openssl don't support secp256k1, please upgrade openssl!" 380 | fi 381 | 382 | agpath="${1}" 383 | agency=$(getname "$agpath") 384 | ndpath="${2}" 385 | node=$(getname "$ndpath") 386 | dir_must_exists "$agpath" 387 | file_must_exists "$agpath/gmagency.key" 388 | check_name agency "$agency" 389 | 390 | mkdir -p $ndpath 391 | dir_must_exists "$ndpath" 392 | check_name node "$node" 393 | 394 | mkdir -p $ndpath 395 | gen_node_cert_with_extensions_gm "$agpath" "$ndpath" "$node" node v3_req 396 | gen_node_cert_with_extensions_gm "$agpath" "$ndpath" "$node" ennode v3enc_req 397 | #nodeid is pubkey 398 | $TASSL_CMD ec -in $ndpath/gmnode.key -text -noout | sed -n '7,11p' | sed 's/://g' | tr "\n" " " | sed 's/ //g' | awk '{print substr($0,3);}' | cat > $ndpath/gmnode.nodeid 399 | 400 | #serial 401 | if [ "" != "$($TASSL_CMD version | grep 1.0.2)" ]; 402 | then 403 | $TASSL_CMD x509 -text -in $ndpath/gmnode.crt | sed -n '5p' | sed 's/://g' | tr "\n" " " | sed 's/ //g' | sed 's/[a-z]/\u&/g' | cat > $ndpath/gmnode.serial 404 | else 405 | $TASSL_CMD x509 -text -in $ndpath/gmnode.crt | sed -n '4p' | sed 's/ //g' | sed 's/.*(0x//g' | sed 's/)//g' |sed 's/[a-z]/\u&/g' | cat > $ndpath/gmnode.serial 406 | fi 407 | 408 | 409 | cp $agpath/gmca.crt $agpath/gmagency.crt $ndpath 410 | 411 | cd $ndpath 412 | 413 | echo "build $node node cert successful!" 414 | } 415 | 416 | generate_config_ini() 417 | { 418 | local output=${1} 419 | local ip=${2} 420 | local offset=${ip_node_counts[${ip//./}]} 421 | local node_groups=(${3//,/ }) 422 | local prefix="" 423 | if [ -n "$guomi_mode" ]; then 424 | prefix="gm" 425 | fi 426 | cat << EOF > ${output} 427 | [rpc] 428 | listen_ip=${listen_ip} 429 | channel_listen_port=$(( offset + port_start[1] )) 430 | jsonrpc_listen_port=$(( offset + port_start[2] )) 431 | [p2p] 432 | listen_ip=0.0.0.0 433 | listen_port=$(( offset + port_start[0] )) 434 | ;enable_compress=true 435 | ; nodes to connect 436 | $ip_list 437 | 438 | [certificate_blacklist] 439 | ; crl.0 should be nodeid, nodeid's length is 128 440 | ;crl.0= 441 | 442 | [group] 443 | group_data_path=data/ 444 | group_config_path=${conf_path}/ 445 | 446 | [network_security] 447 | ; directory the certificates located in 448 | data_path=${conf_path}/ 449 | ; the node private key file 450 | key=${prefix}node.key 451 | ; the node certificate file 452 | cert=${prefix}node.crt 453 | ; the ca certificate file 454 | ca_cert=${prefix}ca.crt 455 | 456 | [storage_security] 457 | enable=false 458 | ; the IP of key mananger 459 | key_manager_ip= 460 | ; the Port of key manager 461 | key_manager_port= 462 | cipher_data_key= 463 | 464 | [chain] 465 | id=${chain_id} 466 | [compatibility] 467 | ; supported_version should nerver be changed 468 | supported_version=${compatibility_version} 469 | [log] 470 | enable=true 471 | log_path=./log 472 | ; info debug trace 473 | level=${log_level} 474 | ; MB 475 | max_log_file_size=200 476 | flush=${auto_flush} 477 | log_flush_threshold=100 478 | EOF 479 | } 480 | 481 | generate_group_genesis() 482 | { 483 | local output=$1 484 | local index=$2 485 | local node_list=$3 486 | cat << EOF > ${output} 487 | [consensus] 488 | ; consensus algorithm type, now support PBFT(consensus_type=pbft) and Raft(consensus_type=raft) 489 | consensus_type=${consensus_type} 490 | ; the max number of transactions of a block 491 | max_trans_num=1000 492 | ; the node id of consensusers 493 | ${node_list} 494 | [state] 495 | ; support mpt/storage 496 | type=${state_type} 497 | [tx] 498 | ; transaction gas limit 499 | gas_limit=300000000 500 | [group] 501 | id=${index} 502 | timestamp=${timestamp} 503 | EOF 504 | } 505 | 506 | function generate_group_ini() 507 | { 508 | local output="${1}" 509 | cat << EOF > ${output} 510 | [consensus] 511 | ; the ttl for broadcasting pbft message 512 | ;ttl=2 513 | ; min block generation time(ms), the max block generation time is 1000 ms 514 | ;min_block_generation_time=500 515 | ;enable_dynamic_block_size=true 516 | [storage] 517 | ; storage db type, rocksdb / mysql / external, rocksdb is recommended 518 | type=${storage_type} 519 | ; max cache memeory, MB 520 | max_capacity=256 521 | max_forward_block=10 522 | ; only for external 523 | max_retry=100 524 | topic=DB 525 | ; only for mysql 526 | db_ip=127.0.0.1 527 | db_port=3306 528 | db_username= 529 | db_passwd= 530 | db_name= 531 | [tx_pool] 532 | limit=150000 533 | [tx_execute] 534 | enable_parallel=${enable_parallel} 535 | EOF 536 | } 537 | 538 | generate_cert_conf() 539 | { 540 | local output=$1 541 | cat << EOF > ${output} 542 | [ca] 543 | default_ca=default_ca 544 | [default_ca] 545 | default_days = 365 546 | default_md = sha256 547 | 548 | [req] 549 | distinguished_name = req_distinguished_name 550 | req_extensions = v3_req 551 | [req_distinguished_name] 552 | countryName = CN 553 | countryName_default = CN 554 | stateOrProvinceName = State or Province Name (full name) 555 | stateOrProvinceName_default =GuangDong 556 | localityName = Locality Name (eg, city) 557 | localityName_default = ShenZhen 558 | organizationalUnitName = Organizational Unit Name (eg, section) 559 | organizationalUnitName_default = fisco-bcos 560 | commonName = Organizational commonName (eg, fisco-bcos) 561 | commonName_default = fisco-bcos 562 | commonName_max = 64 563 | 564 | [ v3_req ] 565 | basicConstraints = CA:FALSE 566 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 567 | 568 | [ v4_req ] 569 | basicConstraints = CA:TRUE 570 | 571 | EOF 572 | } 573 | 574 | generate_script_template() 575 | { 576 | local filepath=$1 577 | cat << EOF > "${filepath}" 578 | #!/bin/bash 579 | SHELL_FOLDER=\$(cd \$(dirname \$0);pwd) 580 | 581 | EOF 582 | chmod +x ${filepath} 583 | } 584 | 585 | generate_cert_conf_gm() 586 | { 587 | local output=$1 588 | cat << EOF > ${output} 589 | HOME = . 590 | RANDFILE = $ENV::HOME/.rnd 591 | oid_section = new_oids 592 | 593 | [ new_oids ] 594 | tsa_policy1 = 1.2.3.4.1 595 | tsa_policy2 = 1.2.3.4.5.6 596 | tsa_policy3 = 1.2.3.4.5.7 597 | 598 | #################################################################### 599 | [ ca ] 600 | default_ca = CA_default # The default ca section 601 | 602 | #################################################################### 603 | [ CA_default ] 604 | 605 | dir = ./demoCA # Where everything is kept 606 | certs = $dir/certs # Where the issued certs are kept 607 | crl_dir = $dir/crl # Where the issued crl are kept 608 | database = $dir/index.txt # database index file. 609 | #unique_subject = no # Set to 'no' to allow creation of 610 | # several ctificates with same subject. 611 | new_certs_dir = $dir/newcerts # default place for new certs. 612 | 613 | certificate = $dir/cacert.pem # The CA certificate 614 | serial = $dir/serial # The current serial number 615 | crlnumber = $dir/crlnumber # the current crl number 616 | # must be commented out to leave a V1 CRL 617 | crl = $dir/crl.pem # The current CRL 618 | private_key = $dir/private/cakey.pem # The private key 619 | RANDFILE = $dir/private/.rand # private random number file 620 | 621 | x509_extensions = usr_cert # The extentions to add to the cert 622 | 623 | name_opt = ca_default # Subject Name options 624 | cert_opt = ca_default # Certificate field options 625 | 626 | default_days = 365 # how long to certify for 627 | default_crl_days= 30 # how long before next CRL 628 | default_md = default # use public key default MD 629 | preserve = no # keep passed DN ordering 630 | 631 | policy = policy_match 632 | 633 | [ policy_match ] 634 | countryName = match 635 | stateOrProvinceName = match 636 | organizationName = match 637 | organizationalUnitName = optional 638 | commonName = supplied 639 | emailAddress = optional 640 | 641 | [ policy_anything ] 642 | countryName = optional 643 | stateOrProvinceName = optional 644 | localityName = optional 645 | organizationName = optional 646 | organizationalUnitName = optional 647 | commonName = supplied 648 | emailAddress = optional 649 | 650 | #################################################################### 651 | [ req ] 652 | default_bits = 2048 653 | default_md = sm3 654 | default_keyfile = privkey.pem 655 | distinguished_name = req_distinguished_name 656 | x509_extensions = v3_ca # The extentions to add to the self signed cert 657 | 658 | string_mask = utf8only 659 | 660 | # req_extensions = v3_req # The extensions to add to a certificate request 661 | 662 | [ req_distinguished_name ] 663 | countryName = CN 664 | countryName_default = CN 665 | stateOrProvinceName = State or Province Name (full name) 666 | stateOrProvinceName_default =GuangDong 667 | localityName = Locality Name (eg, city) 668 | localityName_default = ShenZhen 669 | organizationalUnitName = Organizational Unit Name (eg, section) 670 | organizationalUnitName_default = fisco 671 | commonName = Organizational commonName (eg, fisco) 672 | commonName_default = fisco 673 | commonName_max = 64 674 | 675 | [ usr_cert ] 676 | basicConstraints=CA:FALSE 677 | nsComment = "OpenSSL Generated Certificate" 678 | 679 | subjectKeyIdentifier=hash 680 | authorityKeyIdentifier=keyid,issuer 681 | 682 | [ v3_req ] 683 | 684 | # Extensions to add to a certificate request 685 | 686 | basicConstraints = CA:FALSE 687 | keyUsage = nonRepudiation, digitalSignature 688 | 689 | [ v3enc_req ] 690 | 691 | # Extensions to add to a certificate request 692 | basicConstraints = CA:FALSE 693 | keyUsage = keyAgreement, keyEncipherment, dataEncipherment 694 | 695 | [ v3_agency_root ] 696 | subjectKeyIdentifier=hash 697 | authorityKeyIdentifier=keyid:always,issuer 698 | basicConstraints = CA:true 699 | keyUsage = cRLSign, keyCertSign 700 | 701 | [ v3_ca ] 702 | subjectKeyIdentifier=hash 703 | authorityKeyIdentifier=keyid:always,issuer 704 | basicConstraints = CA:true 705 | keyUsage = cRLSign, keyCertSign 706 | 707 | EOF 708 | } 709 | 710 | generate_node_scripts() 711 | { 712 | local output=$1 713 | local docker_tag="v${compatibility_version}" 714 | generate_script_template "$output/start.sh" 715 | local ps_cmd="\$(ps aux|grep \${fisco_bcos}|grep -v grep|awk '{print \$2}')" 716 | local start_cmd="nohup \${fisco_bcos} -c config.ini >>nohup.out 2>&1" 717 | local stop_cmd="kill \${node_pid}" 718 | local pid="pid" 719 | local log_cmd="tail -n20 nohup.out" 720 | local check_success="\$(${log_cmd} | grep running)" 721 | if [ ! -z ${docker_mode} ];then 722 | ps_cmd="\$(docker ps |grep \${SHELL_FOLDER//\//} | grep -v grep|awk '{print \$1}')" 723 | start_cmd="docker run -d --rm --name \${SHELL_FOLDER//\//} -v \${SHELL_FOLDER}:/data --network=host -w=/data fiscoorg/fiscobcos:${docker_tag} -c config.ini" 724 | stop_cmd="docker kill \${node_pid} 2>/dev/null" 725 | pid="container id" 726 | log_cmd="tail -n20 \$(docker inspect --format='{{.LogPath}}' \${SHELL_FOLDER//\//})" 727 | check_success="success" 728 | fi 729 | cat << EOF >> "$output/start.sh" 730 | fisco_bcos=\${SHELL_FOLDER}/../${bcos_bin_name} 731 | cd \${SHELL_FOLDER} 732 | node=\$(basename \${SHELL_FOLDER}) 733 | node_pid=${ps_cmd} 734 | if [ ! -z \${node_pid} ];then 735 | echo " \${node} is running, ${pid} is \$node_pid." 736 | exit 0 737 | else 738 | ${start_cmd} & 739 | sleep 1.5 740 | fi 741 | try_times=4 742 | i=0 743 | while [ \$i -lt \${try_times} ] 744 | do 745 | node_pid=${ps_cmd} 746 | success_flag=${check_success} 747 | if [[ ! -z \${node_pid} && ! -z "\${success_flag}" ]];then 748 | echo -e "\033[32m \${node} start successfully\033[0m" 749 | exit 0 750 | fi 751 | sleep 0.5 752 | ((i=i+1)) 753 | done 754 | echo -e "\033[31m Exceed waiting time. Please try again to start \${node} \033[0m" 755 | ${log_cmd} 756 | exit 1 757 | EOF 758 | generate_script_template "$output/stop.sh" 759 | cat << EOF >> "$output/stop.sh" 760 | fisco_bcos=\${SHELL_FOLDER}/../${bcos_bin_name} 761 | node=\$(basename \${SHELL_FOLDER}) 762 | node_pid=${ps_cmd} 763 | try_times=10 764 | i=0 765 | if [ -z \${node_pid} ];then 766 | echo " \${node} isn't running." 767 | exit 0 768 | fi 769 | [ ! -z \${node_pid} ] && ${stop_cmd} > /dev/null 770 | while [ \$i -lt \${try_times} ] 771 | do 772 | sleep 0.6 773 | node_pid=${ps_cmd} 774 | if [ -z \${node_pid} ];then 775 | echo -e "\033[32m stop \${node} success.\033[0m" 776 | exit 0 777 | fi 778 | ((i=i+1)) 779 | done 780 | echo " Exceed maximum number of retries. Please try again to stop \${node}" 781 | exit 1 782 | EOF 783 | } 784 | 785 | 786 | genTransTest() 787 | { 788 | local output=$1 789 | local file="${output}/.transTest.sh" 790 | generate_script_template "${file}" 791 | cat << EOF > "${file}" 792 | # This script only support for block number smaller than 65535 - 256 793 | 794 | ip_port=http://127.0.0.1:$(( port_start[2] )) 795 | trans_num=1 796 | target_group=1 797 | version= 798 | if [ \$# -ge 1 ];then 799 | trans_num=\$1 800 | fi 801 | if [ \$# -ge 2 ];then 802 | target_group=\$2 803 | fi 804 | 805 | getNodeVersion() 806 | { 807 | result="\$(curl -X POST --data '{"jsonrpc":"2.0","method":"getClientVersion","params":[],"id":1}' \${ip_port})" 808 | version="\$(echo \${result} | cut -c250- | cut -d \" -f3)" 809 | } 810 | 811 | block_limit() 812 | { 813 | result=\$(curl -s -X POST --data '{"jsonrpc":"2.0","method":"getBlockNumber","params":['\${target_group}'],"id":83}' \${ip_port}) 814 | if [ \$(echo \${result} | grep -i failed | wc -l) -gt 0 ] || [ -z \${result} ];then 815 | echo "getBlockNumber error!" 816 | exit 1 817 | fi 818 | blockNumber=\$(echo \${result}| cut -d \" -f 10) 819 | printf "%04x" \$((\$blockNumber+0x100)) 820 | } 821 | 822 | send_a_tx() 823 | { 824 | limit=\$(block_limit) 825 | random_id="\$(date +%s)\$(printf "%09d" \${RANDOM})" 826 | if [ \${#limit} -gt 4 ];then echo "blockLimit exceed 0xffff, this scripts is unavailable!"; exit 0;fi 827 | if [ "\${version}" == "2.0.0-rc1" ];then 828 | txBytes="f8f0a02ade583745343a8f9a70b40db996fbe69c63531832858\${random_id}85174876e7ff8609184e729fff82\${limit}94d6f1a71052366dbae2f7ab2d5d5845e77965cf0d80b86448f85bce000000000000000000000000000000000000000000000000000000000000001bf5bd8a9e7ba8b936ea704292ff4aaa5797bf671fdc8526dcd159f23c1f5a05f44e9fa862834dc7cb4541558f2b4961dc39eaaf0af7f7395028658d0e01b86a371ca0e33891be86f781ebacdafd543b9f4f98243f7b52d52bac9efa24b89e257a354da07ff477eb0ba5c519293112f1704de86bd2938369fbf0db2dff3b4d9723b9a87d" 829 | else 830 | txBytes="f8eca003eb675ec791c2d19858c91d0046821c27d815e2e9c15\${random_id}0a8402faf08082\${limit}948c17cf316c1063ab6c89df875e96c9f0f5b2f74480b8644ed3885e0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a464953434f2042434f53000000000000000000000000000000000000000000000101801ba09edf7c0cb63645442aff11323916d51ec5440de979950747c0189f338afdcefda02f3473184513c6a3516e066ea98b7cfb55a79481c9db98e658dd016c37f03dcf" 831 | fi 832 | #echo \$txBytes 833 | curl -s -X POST --data '{"jsonrpc":"2.0","method":"sendRawTransaction","params":['\${target_group}', "'\$txBytes'"],"id":83}' \${ip_port} 834 | } 835 | 836 | send_many_tx() 837 | { 838 | for j in \$(seq 1 \$1) 839 | do 840 | echo 'Send transaction: ' \$j 841 | send_a_tx \${ip_port} 842 | done 843 | } 844 | getNodeVersion 845 | echo "Use version:\${version}" 846 | send_many_tx \${trans_num} 847 | 848 | EOF 849 | } 850 | 851 | generate_server_scripts() 852 | { 853 | local output=$1 854 | genTransTest "${output}" 855 | generate_script_template "$output/start_all.sh" 856 | # echo "ip_array=(\$(ifconfig | grep inet | grep -v inet6 | awk '{print \$2}'))" >> "$output/start_all.sh" 857 | # echo "if echo \${ip_array[@]} | grep -w \"${ip}\" &>/dev/null; then echo \"start node_${ip}_${i}\" && bash \${SHELL_FOLDER}/node_${ip}_${i}/start.sh; fi" >> "${output_dir}/start_all.sh" 858 | cat << EOF >> "$output/start_all.sh" 859 | dirs=(\$(ls -l \${SHELL_FOLDER} | awk '/^d/ {print \$NF}')) 860 | for directory in \${dirs[*]} 861 | do 862 | if [[ -f "\${SHELL_FOLDER}/\${directory}/config.ini" && -f "\${SHELL_FOLDER}/\${directory}/start.sh" ]];then 863 | echo "try to start \${directory}" 864 | bash \${SHELL_FOLDER}/\${directory}/start.sh & 865 | fi 866 | done 867 | wait 868 | EOF 869 | generate_script_template "$output/stop_all.sh" 870 | cat << EOF >> "$output/stop_all.sh" 871 | dirs=(\$(ls -l \${SHELL_FOLDER} | awk '/^d/ {print \$NF}')) 872 | for directory in \${dirs[*]} 873 | do 874 | if [[ -d "\${SHELL_FOLDER}/\${directory}" && -f "\${SHELL_FOLDER}/\${directory}/stop.sh" ]];then 875 | echo "try to stop \${directory}" 876 | bash \${SHELL_FOLDER}/\${directory}/stop.sh & 877 | fi 878 | done 879 | wait 880 | EOF 881 | } 882 | 883 | parse_ip_config() 884 | { 885 | local config=$1 886 | n=0 887 | while read line;do 888 | ip_array[n]=$(echo ${line} | awk '{print $1}') 889 | agency_array[n]=$(echo ${line} | awk '{print $2}') 890 | group_array[n]=$(echo ${line} | awk '{print $3}') 891 | if [ -z "${ip_array[$n]}" -o -z "${agency_array[$n]}" -o -z "${group_array[$n]}" ];then 892 | exit_with_clean "Please check ${config}, make sure there is no empty line!" 893 | fi 894 | ((++n)) 895 | done < ${config} 896 | } 897 | 898 | download_bin() 899 | { 900 | bin_path=${output_dir}/${bcos_bin_name} 901 | package_name="fisco-bcos.tar.gz" 902 | [ ! -z "${macOS}" ] && package_name="fisco-bcos-macOS.tar.gz" 903 | [ ! -z "$guomi_mode" ] && package_name="fisco-bcos-gm.tar.gz" 904 | if [[ ! -z "$guomi_mode" && ! -z ${macOS} ]];then 905 | exit_with_clean "We don't provide binary of GuoMi on macOS. Please compile source code and use -e option to specific fisco-bcos binary path" 906 | fi 907 | Download_Link="https://github.com/FISCO-BCOS/FISCO-BCOS/releases/download/v${compatibility_version}/${package_name}" 908 | LOG_INFO "Downloading fisco-bcos binary from ${Download_Link} ..." 909 | if [ $(curl -IL -o /dev/null -s -w %{http_code} https://www.fisco.com.cn/cdn/fisco-bcos/releases/download/v${compatibility_version}/${package_name}) == 200 ];then 910 | curl -LO ${Download_Link} --speed-time 30 --speed-limit 1024 -m ${download_timeout} || { 911 | LOG_INFO "Download speed is too low, try https://www.fisco.com.cn/cdn/fisco-bcos/releases/download/v${compatibility_version}/${package_name}" 912 | curl -LO https://www.fisco.com.cn/cdn/fisco-bcos/releases/download/v${compatibility_version}/${package_name} 913 | } 914 | else 915 | curl -LO ${Download_Link} 916 | fi 917 | tar -zxf ${package_name} && mv fisco-bcos ${bin_path} && rm ${package_name} 918 | chmod a+x ${bin_path} 919 | } 920 | 921 | check_bin() 922 | { 923 | echo "Checking fisco-bcos binary..." 924 | bin_version=$(${bin_path} -v) 925 | if [ -z "$(echo ${bin_version} | grep 'FISCO-BCOS')" ];then 926 | exit_with_clean "${bin_path} is wrong. Please correct it and try again." 927 | fi 928 | if [[ ! -z ${guomi_mode} && -z $(echo ${bin_version} | grep 'gm') ]];then 929 | exit_with_clean "${bin_path} isn't gm version. Please correct it and try again." 930 | fi 931 | if [[ -z ${guomi_mode} && ! -z $(echo ${bin_version} | grep 'gm') ]];then 932 | exit_with_clean "${bin_path} isn't standard version. Please correct it and try again." 933 | fi 934 | echo "Binary check passed." 935 | } 936 | 937 | main() 938 | { 939 | output_dir="$(pwd)/${output_dir}" 940 | [ -z $use_ip_param ] && help 'ERROR: Please set -l or -f option.' 941 | if [ "${use_ip_param}" == "true" ];then 942 | ip_array=(${ip_param//,/ }) 943 | elif [ "${use_ip_param}" == "false" ];then 944 | if ! parse_ip_config $ip_file ;then 945 | exit_with_clean "Parse $ip_file error!" 946 | fi 947 | else 948 | help 949 | fi 950 | 951 | 952 | dir_must_not_exists ${output_dir} 953 | mkdir -p "${output_dir}" 954 | 955 | if [ -z "${compatibility_version}" ];then 956 | compatibility_version=$(curl -s https://api.github.com/repos/FISCO-BCOS/FISCO-BCOS/releases | grep "tag_name" | grep "v2" | sort -u | tail -n 1 | cut -d \" -f 4 | sed "s/^[vV]//") 957 | fi 958 | # in case network is broken 959 | if [ -z "${compatibility_version}" ];then 960 | compatibility_version="${default_version}" 961 | fi 962 | 963 | # download fisco-bcos and check it 964 | if [ -z ${docker_mode} ];then 965 | if [[ -z ${bin_path} ]];then 966 | download_bin 967 | else 968 | check_bin 969 | fi 970 | fi 971 | if [ -z ${CertConfig} ] || [ ! -e ${CertConfig} ];then 972 | # CertConfig="${output_dir}/cert.cnf" 973 | generate_cert_conf "cert.cnf" 974 | else 975 | cp ${CertConfig} . 976 | fi 977 | 978 | if [ "${use_ip_param}" == "true" ];then 979 | for i in $(seq 0 ${#ip_array[*]});do 980 | agency_array[i]="agency" 981 | group_array[i]=1 982 | done 983 | fi 984 | 985 | # prepare CA 986 | echo "==============================================================" 987 | if [ ! -e "$ca_file" ]; then 988 | echo "Generating CA key..." 989 | dir_must_not_exists ${output_dir}/chain 990 | gen_chain_cert ${output_dir}/chain >${logfile} 2>&1 || exit_with_clean "openssl error!" 991 | mv ${output_dir}/chain ${output_dir}/cert 992 | if [ "${use_ip_param}" == "false" ];then 993 | for agency_name in ${agency_array[*]};do 994 | if [ ! -d ${output_dir}/cert/${agency_name} ];then 995 | gen_agency_cert ${output_dir}/cert ${output_dir}/cert/${agency_name} >${logfile} 2>&1 996 | fi 997 | done 998 | else 999 | gen_agency_cert ${output_dir}/cert ${output_dir}/cert/agency >${logfile} 2>&1 1000 | fi 1001 | ca_file="${output_dir}/cert/ca.key" 1002 | fi 1003 | 1004 | if [ -n "$guomi_mode" ]; then 1005 | check_and_install_tassl 1006 | 1007 | generate_cert_conf_gm "gmcert.cnf" 1008 | 1009 | echo "Generating Guomi CA key..." 1010 | dir_must_not_exists ${output_dir}/gmchain 1011 | gen_chain_cert_gm ${output_dir}/gmchain >${output_dir}/build.log 2>&1 || exit_with_clean "openssl error!" #生成secp256k1算法的CA密钥 1012 | mv ${output_dir}/gmchain ${output_dir}/gmcert 1013 | gen_agency_cert_gm ${output_dir}/gmcert ${output_dir}/gmcert/agency >${output_dir}/build.log 2>&1 1014 | ca_file="${output_dir}/gmcert/ca.key" 1015 | fi 1016 | 1017 | 1018 | echo "==============================================================" 1019 | echo "Generating keys ..." 1020 | nodeid_list="" 1021 | ip_list="" 1022 | count=0 1023 | server_count=0 1024 | groups= 1025 | ip_node_counts= 1026 | groups_count= 1027 | for line in ${ip_array[*]};do 1028 | ip=${line%:*} 1029 | num=${line#*:} 1030 | if [ -z $(echo $ip | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$") ];then 1031 | exit_with_clean "Please check IP address: ${ip}" 1032 | fi 1033 | [ "$num" == "$ip" ] || [ -z "${num}" ] && num=${node_num} 1034 | echo "Processing IP:${ip} Total:${num} Agency:${agency_array[${server_count}]} Groups:${group_array[server_count]}" 1035 | [ -z "${ip_node_counts[${ip//./}]}" ] && ip_node_counts[${ip//./}]=0 1036 | for ((i=0;i> ${logfile} 1038 | node_dir="${output_dir}/${ip}/node${ip_node_counts[${ip//./}]}" 1039 | [ -d "${node_dir}" ] && exit_with_clean "${node_dir} exist! Please delete!" 1040 | 1041 | while : 1042 | do 1043 | gen_node_cert ${output_dir}/cert/${agency_array[${server_count}]} ${node_dir} >${logfile} 2>&1 1044 | mkdir -p ${conf_path}/ 1045 | rm node.param node.private node.pubkey agency.crt 1046 | mv *.* ${conf_path}/ 1047 | 1048 | #private key should not start with 00 1049 | cd ${output_dir} 1050 | privateKey=$(openssl ec -in "${node_dir}/${conf_path}/node.key" -text 2> /dev/null| sed -n '3,5p' | sed 's/://g'| tr "\n" " "|sed 's/ //g') 1051 | len=${#privateKey} 1052 | head2=${privateKey:0:2} 1053 | if [ "64" != "${len}" ] || [ "00" == "$head2" ];then 1054 | rm -rf ${node_dir} 1055 | continue; 1056 | fi 1057 | 1058 | if [ -n "$guomi_mode" ]; then 1059 | gen_node_cert_gm ${output_dir}/gmcert/agency ${node_dir} >${output_dir}/build.log 2>&1 1060 | mkdir -p ${gm_conf_path}/ 1061 | mv ./*.* ${gm_conf_path}/ 1062 | 1063 | #private key should not start with 00 1064 | cd ${output_dir} 1065 | privateKey=$($TASSL_CMD ec -in "${node_dir}/${gm_conf_path}/gmnode.key" -text 2> /dev/null| sed -n '3,5p' | sed 's/://g'| tr "\n" " "|sed 's/ //g') 1066 | len=${#privateKey} 1067 | head2=${privateKey:0:2} 1068 | if [ "64" != "${len}" ] || [ "00" == "$head2" ];then 1069 | rm -rf ${node_dir} 1070 | continue; 1071 | fi 1072 | fi 1073 | break; 1074 | done 1075 | cat ${output_dir}/cert/${agency_array[${server_count}]}/agency.crt >> ${node_dir}/${conf_path}/node.crt 1076 | 1077 | if [ -n "$guomi_mode" ]; then 1078 | cat ${output_dir}/gmcert/agency/gmagency.crt >> ${node_dir}/${gm_conf_path}/gmnode.crt 1079 | cat ${output_dir}/gmcert/gmca.crt >> ${node_dir}/${gm_conf_path}/gmnode.crt 1080 | 1081 | #move origin conf to gm conf 1082 | rm ${node_dir}/${conf_path}/node.nodeid 1083 | cp ${node_dir}/${conf_path} ${node_dir}/${gm_conf_path}/origin_cert -r 1084 | fi 1085 | 1086 | if [ -n "$guomi_mode" ]; then 1087 | nodeid=$($TASSL_CMD ec -in "${node_dir}/${gm_conf_path}/gmnode.key" -text 2> /dev/null | perl -ne '$. > 6 and $. < 12 and ~s/[\n:\s]//g and print' | perl -ne 'print substr($_, 2)."\n"') 1088 | else 1089 | nodeid=$(openssl ec -in "${node_dir}/${conf_path}/node.key" -text 2> /dev/null | perl -ne '$. > 6 and $. < 12 and ~s/[\n:\s]//g and print' | perl -ne 'print substr($_, 2)."\n"') 1090 | fi 1091 | 1092 | if [ -n "$guomi_mode" ]; then 1093 | #remove original cert files 1094 | rm ${node_dir:?}/${conf_path} -rf 1095 | mv ${node_dir}/${gm_conf_path} ${node_dir}/${conf_path} 1096 | fi 1097 | 1098 | 1099 | if [ "${use_ip_param}" == "false" ];then 1100 | node_groups=(${group_array[server_count]//,/ }) 1101 | for j in ${node_groups[@]};do 1102 | if [ -z "${groups_count[${j}]}" ];then groups_count[${j}]=0;fi 1103 | echo "groups_count[${j}]=${groups_count[${j}]}" >> ${logfile} 1104 | groups[${j}]=$"${groups[${j}]}node.${groups_count[${j}]}=${nodeid} 1105 | " 1106 | ((++groups_count[j])) 1107 | done 1108 | else 1109 | nodeid_list=$"${nodeid_list}node.${count}=${nodeid} 1110 | " 1111 | fi 1112 | 1113 | ip_list=$"${ip_list}node.${count}="${ip}:$(( ${ip_node_counts[${ip//./}]} + port_start[0] ))" 1114 | " 1115 | ip_node_counts[${ip//./}]=$(( ${ip_node_counts[${ip//./}]} + 1 )) 1116 | ((++count)) 1117 | done 1118 | sdk_path="${output_dir}/${ip}/sdk" 1119 | if [ ! -d ${sdk_path} ];then 1120 | gen_node_cert ${output_dir}/cert/${agency_array[${server_count}]} "${sdk_path}">${logfile} 2>&1 1121 | cat ${output_dir}/cert/${agency_array[${server_count}]}/agency.crt >> node.crt 1122 | rm node.param node.private node.pubkey node.nodeid agency.crt 1123 | cp ${output_dir}/cert/ca.crt ${sdk_path}/ 1124 | cd ${output_dir} 1125 | fi 1126 | ((++server_count)) 1127 | done 1128 | 1129 | ip_node_counts=() 1130 | echo "==============================================================" 1131 | echo "Generating configurations..." 1132 | cd ${current_dir} 1133 | server_count=0 1134 | for line in ${ip_array[*]};do 1135 | ip=${line%:*} 1136 | num=${line#*:} 1137 | [ "$num" == "$ip" ] || [ -z "${num}" ] && num=${node_num} 1138 | [ -z "${ip_node_counts[${ip//./}]}" ] && ip_node_counts[${ip//./}]=0 1139 | echo "Processing IP:${ip} Total:${num} Agency:${agency_array[${server_count}]} Groups:${group_array[server_count]}" 1140 | for ((i=0;i> ${logfile} 1142 | node_dir="${output_dir}/${ip}/node${ip_node_counts[${ip//./}]}" 1143 | generate_config_ini "${node_dir}/config.ini" ${ip} "${group_array[server_count]}" 1144 | if [ "${use_ip_param}" == "false" ];then 1145 | node_groups=(${group_array[${server_count}]//,/ }) 1146 | for j in ${node_groups[@]};do 1147 | generate_group_genesis "$node_dir/${conf_path}/group.${j}.genesis" "${j}" "${groups[${j}]}" 1148 | generate_group_ini "$node_dir/${conf_path}/group.${j}.ini" 1149 | done 1150 | else 1151 | generate_group_genesis "$node_dir/${conf_path}/group.1.genesis" "1" "${nodeid_list}" 1152 | generate_group_ini "$node_dir/${conf_path}/group.1.ini" 1153 | fi 1154 | generate_node_scripts "${node_dir}" 1155 | ip_node_counts[${ip//./}]=$(( ${ip_node_counts[${ip//./}]} + 1 )) 1156 | done 1157 | generate_server_scripts "${output_dir}/${ip}" 1158 | if [ -z ${docker_mode} ];then cp "$bin_path" "${output_dir}/${ip}/fisco-bcos"; fi 1159 | if [ -n "$make_tar" ];then cd ${output_dir} && tar zcf "${ip}.tar.gz" "${ip}" && cd ${current_dir};fi 1160 | ((++server_count)) 1161 | done 1162 | rm ${logfile} 1163 | if [ "${use_ip_param}" == "false" ];then 1164 | echo "==============================================================" 1165 | for l in $(seq 0 ${#groups_count[@]});do 1166 | if [ ! -z "${groups_count[${l}]}" ];then echo "Group:${l} has ${groups_count[${l}]} nodes";fi 1167 | done 1168 | fi 1169 | 1170 | } 1171 | 1172 | check_env 1173 | parse_params $@ 1174 | main 1175 | print_result 1176 | -------------------------------------------------------------------------------- /docker/application.yml: -------------------------------------------------------------------------------- 1 | spring: 2 | datasource: 3 | url: jdbc:h2:file:./conf/h2/webasefront;DB_CLOSE_ON_EXIT=FALSE 4 | databaseName: db 5 | driverClassName: org.h2.Driver 6 | serverName: 7 | username: 8 | password: 9 | jpa: 10 | database-platform: org.hibernate.dialect.H2Dialect 11 | database: H2 12 | openInView: false 13 | show_sql: false 14 | generate-ddl: true 15 | hibernate: 16 | ddl-auto: update 17 | naming-strategy: org.hibernate.cfg.EJB3NamingStrategy 18 | session: 19 | events: 20 | log: false 21 | properties: 22 | hibernate.cache.use_query_cache: false 23 | hibernate.generate_statistics: false 24 | h2: 25 | console: 26 | enabled: true 27 | path: /console 28 | settings: 29 | web-allow-others: false 30 | trace: true 31 | rabbitmq: 32 | host: 127.0.0.1 33 | port: 5672 34 | username: 35 | password: 36 | virtual-host: 37 | publisher-confirm: true 38 | ssl: 39 | enabled: false 40 | 41 | 42 | server: 43 | port: 5002 44 | context-path: /WeBASE-Front 45 | connection-timeout: 30000 46 | tomcat: 47 | max-threads: 200 48 | max-connections: 10000 49 | 50 | sdk: 51 | orgName: orgTest 52 | corePoolSize: 50 53 | maxPoolSize: 100 54 | queueCapacity: 100 55 | timeout: 10000 56 | keepAlive: 60 57 | ip: 127.0.0.1 58 | channelPort: 20200 59 | encryptType: 0 # 0:standard, 1:guomi 60 | 61 | logging: 62 | config: classpath:log4j2.xml 63 | 64 | constant: 65 | keyServer: 127.0.0.1:5004 # webase-sign的IP端口,英文逗号相隔(不带空格) 66 | transMaxWait: 30 67 | monitorDisk: / 68 | monitorEnabled: true 69 | aesKey: EfdsW23D23d3df43 70 | nodePath: /data 71 | http_read_timeOut: 100000 72 | http_connect_timeOut: 100000 73 | # event sync map task (unit: ms) 74 | eventRegisterTaskFixedDelay: 5000 75 | syncEventMapTaskFixedDelay: 60000 76 | # sync stat log data task (unit: ms) 77 | syncStatLogTime: 5000 78 | syncStatLogCountLimit: 10000 79 | statLogEnabled: true 80 | -------------------------------------------------------------------------------- /docker/build/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM fiscoorg/fiscobcos:v2.3.0 2 | 3 | LABEL maintainer service@fisco.com.cn 4 | 5 | WORKDIR /data 6 | 7 | ADD jdk-8u211-linux-x64.tar.gz /usr/local/ 8 | 9 | ENV JAVA_HOME /usr/local/jdk1.8.0_211 10 | ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar 11 | ENV PATH $PATH:$JAVA_HOME/bin 12 | 13 | ADD dist /dist 14 | 15 | ENTRYPOINT ["sh","/dist/start.sh"] 16 | 17 | 18 | EXPOSE 30300 20200 8545 5002 19 | -------------------------------------------------------------------------------- /docker/build/docker-build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # wget https://www.fisco.com.cn/cdn/webase/releases/download/v1.2.3/webase-front.zip 4 | 5 | git clone -b $1 https://github.com/WeBankFinTech/WeBASE-Front.git --depth=1 && cd WeBASE-Front 6 | sh gradlew build -x test 7 | cp -r dist ../ 8 | cd .. && rm -rf WeBASE-Front 9 | # 可以自动拷贝dist,注释上面部分代码即可。 10 | #--------------------------------------------------------- 11 | cp ./start.sh ./dist/ 12 | cp -r ./dist/conf_template ./dist/conf 13 | 14 | 15 | echo "底层镜像: " 16 | sed -n '1p' Dockerfile | awk '{print $2}' 17 | 18 | echo "此次front镜像tag: $2" 19 | docker build -t front:$2 . 20 | docker tag front:$2 fiscoorg/front:$2 21 | rm -rf dist 22 | # docker push fiscoorg/front:$1 -------------------------------------------------------------------------------- /docker/build/front-build.md: -------------------------------------------------------------------------------- 1 | 2 | ## 脚本使用说明: 3 | 4 | 1 检查Dockerfile第一行,看是否需要修改底层镜像。 5 | 2 打国密镜像时务必保证applicaiton.yml的encryptType为1。 6 | 3 拷贝jdk-8u211-linux-x64.tar.gz到docker目录下。 7 | 4 sh docker-build.sh bsn v1.0 (bsn 是分支, v1.0 是tag)。 8 | 5 如果拉代码过慢,自行注释掉docker-build.sh中虚线之前的代码。 9 | 10 | 11 | 12 | ----------------------------------------------------- 13 | ## 镜像制作流程注意事项: 14 | 1 jdk版本为1.8.0.211 使用jdk-8u211-linux-x64.tar.gz 15 | 16 | 17 | 2 拷贝dist下的conf_template 目录到conf目录 18 | 19 | 3 替换dist/start脚本(拷贝证书, 并且java启动时候去掉&) 20 | 21 | cp -r /data/sdk/* /dist/conf/ 22 | CLASSPATH='conf/:apps/*:lib/*' 23 | cd /dist 24 | 25 | 4 docker build -t front:v0.9 . 26 | docker tag front:v0.9 fiscoorg/front:v0.9 27 | docker save -o front.tar fiscoorg/front:v0.9 28 | 29 | 5 验证,buildchain脚本 在节点目录下执行 mac 不支持host模式 30 | docker run -d -P -v $PWD:/data -w=/data fiscoorg/front:v0.9 检查docker ps -l是否正常 31 | 32 | 6 国密需要修改build.gradle 引入国密包, 增加lib下的solcJ-all-0.4.25-gm.jar, 并修改applicaiton.yml的encryptType 33 | 34 | 7 curl ip:5002/WeBASE-Front/1/web3/blockNumber 检查是否能获取块高 35 | -------------------------------------------------------------------------------- /docker/build/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | #cd /fisco/`hostname -s`/node0 4 | #fisco-bcos -c config.ini 5 | 6 | 7 | /usr/local/bin/fisco-bcos -c /data/config.ini >>nohup.out& 8 | 9 | cp -r /data/sdk/* /dist/conf/ 10 | 11 | cd /dist 12 | 13 | APP_MAIN=com.webank.webase.front.Application 14 | CLASSPATH='conf/:apps/*:lib/*' 15 | CURRENT_DIR=`pwd` 16 | LOG_DIR=${CURRENT_DIR}/log 17 | CONF_DIR=${CURRENT_DIR}/conf 18 | 19 | SERVER_PORT=$(cat $CONF_DIR/application.yml| grep "port" | awk '{print $2}'| sed 's/\r//') 20 | if [ ${SERVER_PORT}"" = "" ];then 21 | echo "$CONF_DIR/application.yml server port has not been configured" 22 | exit -1 23 | fi 24 | 25 | if [ ${JAVA_HOME}"" = "" ];then 26 | echo "JAVA_HOME has not been configured" 27 | exit -1 28 | fi 29 | 30 | mkdir -p log 31 | 32 | startWaitTime=30 33 | processPid=0 34 | processStatus=0 35 | checkProcess(){ 36 | server_pid=`ps aux | grep java | grep $CURRENT_DIR | grep $APP_MAIN | awk '{print $2}'` 37 | if [ -n "$server_pid" ]; then 38 | processPid=$server_pid 39 | processStatus=1 40 | else 41 | processPid=0 42 | processStatus=0 43 | fi 44 | } 45 | 46 | JAVA_OPTS=" -Dfile.encoding=UTF-8" 47 | JAVA_OPTS+=" -Xmx256m -Xms256m -Xmn128m -Xss512k -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=256m" 48 | JAVA_OPTS+=" -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=${LOG_DIR}/heap_error.log" 49 | 50 | start(){ 51 | checkProcess 52 | echo "===============================================================================================" 53 | if [ $processStatus == 1 ]; then 54 | echo "Server $APP_MAIN Port $SERVER_PORT is running PID($processPid)" 55 | echo "===============================================================================================" 56 | else 57 | echo -n "Server $APP_MAIN Port $SERVER_PORT ..." 58 | nohup $JAVA_HOME/bin/java -Djdk.tls.namedGroups="secp256k1" $JAVA_OPTS -Djava.library.path=$CONF_DIR -cp $CLASSPATH $APP_MAIN >> $LOG_DIR/front.out 2>&1 59 | 60 | count=1 61 | result=0 62 | while [ $count -lt $startWaitTime ] ; do 63 | checkProcess 64 | if [ $processPid -ne 0 ]; then 65 | result=1 66 | break 67 | fi 68 | let count++ 69 | echo -n "." 70 | sleep 1 71 | done 72 | 73 | if [ $result -ne 0 ]; then 74 | echo "PID($processPid) [Starting]. Please check message through the log file (default path:./log/)." 75 | echo "===============================================================================================" 76 | else 77 | echo "[Failed]. Please check message through the log file (default path:./log/)." 78 | echo "===============================================================================================" 79 | fi 80 | fi 81 | } 82 | 83 | start 84 | -------------------------------------------------------------------------------- /docker/front-install.md: -------------------------------------------------------------------------------- 1 | ## front镜像模式使用说明 2 | 3 | ## 前提条件 4 | 5 | | 环境 | 版本 | 6 | | :------: | :----------------------: | 7 | | Docker | 建议17.03之后版本 | 8 | 9 | 10 | ### 1. 镜像使用步骤 11 | 12 | 举例,如果要生成一个机构名为test,4个节点分别位于`172.17.0.1-172.17.0.4`这四台机器上,单群组模式的区块链网络,则操作如下。 13 | 14 | 1 下载build_chain脚本 15 | 16 | ```bash 17 | curl -LO https://github.com/FISCO-BCOS/FISCO-BCOS/releases/download/v2.3.0/build_chain.sh && chmod u+x build_chain.sh 18 | ``` 19 | 20 | 2 准备配置文件 21 | 22 | ```bash 23 | # 172.17.0.1:1 表示172.17.0.1机器上1个节点 24 | # test 机构名 25 | # 1 群组id 26 | cat > nodeconf << EOF 27 | 172.17.0.1:1 test 1 28 | 172.17.0.2:1 test 1 29 | 172.17.0.3:1 test 1 30 | 172.17.0.4:1 test 1 31 | EOF 32 | ``` 33 | 34 | 3 生成节点配置文件 35 | 36 | ```bash 37 | # -p 指定节点所使用端口的起始值,同一机器上多节点端口递增。 38 | # -d 使用docker模式 39 | # -g 国密 40 | # -S 资源统计 41 | bash build_chain.sh -f nodeconf -p 30300,20200,8545 -o nodes -d 42 | ``` 43 | 执行后会生成nodes目录,nodes目录包含各节点配置。 44 | 45 | 46 | 4 因为front需要sdk证书才能启动, 拷贝sdk目录内容到各个节点目录。 如下: 47 | ```bash 48 | cp -r nodes/{ip}/sdk/ nodes/{ip}/node0/ 49 | ``` 50 | 51 | 5 启动 52 | 至此区块链网络各节点的配置已生成,将nodes下各节点目录即nodes/{ip}拷贝到对应ip机器上。 53 | 54 | 然后在各自机器上启动容器,指令如下: 55 | 56 | ```bash 57 | # 其中网络模式,脚本使用了host模式,用户可自行选择网络模式, 58 | # 自行替换需要的镜像名。 59 | 60 | cd {ip}/node0/ 61 | docker run -d -v ${PWD}:/data --network=host -w=/data fiscoorg/front:latest 62 | ``` 63 | 至此镜像启动成功。 64 | 65 | 6 检查 66 | 67 | - docker ps 查看进程 68 | - docker exec -it {containerId} /bin/bash 进入容器 69 | - 容器里执行/usr/local/bin/fisco-bcos -v 检查节点版本是否正确。 70 | - 容器里/data目录存放的是节点相关信息,/dist目录主要存放的是前置的相关信息 71 | - 前置日志在/dist/log下, 72 | 执行 tail -f /dist/log/WeBASE-Front.log 可检查日志看是否启动报错。 73 | 74 | 7 修改application.yml (可跳过) 75 | 76 | 如果需要修改front应用的applicaiton.yml配置, 77 | 需要将本项目docker/application.yml拷贝到每个节点的目录下, 78 | 参考命令如下: 79 | ```bash 80 | cp -r ./docker/application.yml nodes/{ip}/node0/ 81 | ``` 82 | 然后在本地修改application.yml。 83 | front的数据存在h2数据库中,如果需要挂载出来,可以在application.yml中修改h2路径,如修改成"jdbc:h2:file:/data/h2/webasefront"。 84 | 85 | 启动镜像命令需要加上 **-v $PWD/application.yml:/dist/conf/application.yml**, 命令如下: 86 | ```bash 87 | docker run -d -v $PWD:/data -v $PWD/application.yml:/dist/conf/application.yml --network=host -w=/data fiscoorg/front:latest 88 | ``` 89 | 90 | 91 | 92 | ### 2. 使用镜像进行扩容 93 | 94 | #### 2.1 签发合法证书给SDK使用 95 | **build_chain建链时使用自签ca,所有ca.key以及机构私钥位于nodes/cert目录**,请妥善保管**nodes/cert目录**中的文件。 96 | 97 | 下面介绍签发证书所使用的脚本`gen_node_cert.sh`。 98 | 以使用test机构签发新的证书为例。该证书既可以用于SDK与节点建立链接,又可以作为扩容时新节点的证书。 99 | 100 | 1 下载gen_node_cert.sh 101 | 102 | ``` 103 | curl -LO https://raw.githubusercontent.com/FISCO-BCOS/FISCO-BCOS/master/tools/gen_node_cert.sh && chmod u+x gen_node_cert.sh 104 | ``` 105 | 106 | 2 签发证书 107 | 108 | ```bash 109 | # -c指定机构证书及私钥所在路径 110 | # -o输出到指定文件夹,其中newNode/conf中会存在机构test新签发的证书和私钥 111 | # -g 国密 112 | 113 | 非国密 114 | bash gen_node_cert.sh -c nodes/cert/test -o newNode 115 | 116 | 国密 117 | bash gen_node_cert.sh -c nodes/cert/test -o newNodeGm -g nodes/gmcert/test/ 118 | ``` 119 | 120 | #### 2.2 为群组1扩容节点 121 | 122 | 1 根据步骤为新节点生成证书,拷贝下述文件到新节点文件夹。 123 | 124 | ```bash 125 | 非国密 126 | nodes/172.17.0.1/node0/config.ini >> newNode/config.ini 127 | nodes/172.17.0.1/node0/conf/group.1.genesis >> newNode/conf/group.1.genesis 128 | nodes/172.17.0.1/node0/conf/group.1.ini >> newNode/conf/group.1.ini 129 | 130 | 国密 131 | nodes/172.17.0.1/node0/config.ini >> newNodeGm/config.ini 132 | nodes/172.17.0.1/node0/conf/group.1.genesis >> newNodeGm/conf/group.1.genesis 133 | nodes/172.17.0.1/node0/conf/group.1.ini >> newNodeGm/conf/group.1.ini 134 | 135 | ``` 136 | 137 | 2 跟上述步骤3类似,拷贝sdk证书到新的节点目录, 138 | ```bash 139 | cp -r nodes/172.17.0.1/node0/sdk/ newNodeGm/ 140 | ``` 141 | 3 修改新节点config.ini监听的IP和端口为正确的IP和端口。 142 | ``` 143 | $ vim newNodeGm/config.ini 144 | [rpc] 145 | ;rpc listen ip 146 | listen_ip=127.0.0.1 147 | ;channelserver listen port 148 | channel_listen_port=20302 149 | ;jsonrpc listen port 150 | jsonrpc_listen_port=8647 151 | [p2p] 152 | ;p2p listen ip 153 | listen_ip=0.0.0.0 154 | ;p2p listen port 155 | listen_port=30402 156 | ;nodes to connect 157 | node.0=127.0.0.1:30400 158 | node.1=127.0.0.1:30401 159 | node.2=127.0.0.1:30402 160 | ``` 161 | 162 | 4 使用docker启动新节点 163 | ```bash 164 | docker run -d -v ${PWD}:/data --network=host -w=/data fiscoorg/front:latest 165 | ``` 166 | 5 通过调用WeBASE-Front的addSealer接口将新节点加入区块链网络。 167 | http://172.17.0.1:5002/WeBASE-Front/1/web3/addSealer -------------------------------------------------------------------------------- /k8s/bcos_kubernetes/peer0.org1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | io.kompose.service: peer0.org1 7 | name: peer0.org1 8 | spec: 9 | replicas: 1 10 | strategy: 11 | type: Recreate 12 | template: 13 | metadata: 14 | creationTimestamp: null 15 | labels: 16 | io.kompose.service: peer0.org1 17 | spec: 18 | containers: 19 | - name: peer0-org1 20 | image: fiscoorg/front:latest 21 | ports: 22 | - containerPort: 8545 23 | - containerPort: 20200 24 | - containerPort: 30300 25 | - containerPort: 5002 26 | resources: {} 27 | volumeMounts: 28 | - mountPath: /data 29 | name: peer0-org1-conf 30 | - mountPath: /dist/log 31 | name: peer0-org1-frontlog 32 | - mountPath: /dist/conf/application.yml 33 | name: peer0-org1-appconf 34 | workingDir: /data 35 | restartPolicy: Always 36 | volumes: 37 | - name: peer0-org1-conf 38 | hostPath: 39 | path: /root/nodes/172.18.255.20/node0 40 | - name: peer0-org1-frontlog 41 | hostPath: 42 | path: /root/nodes/172.18.255.20/frontlog 43 | - name: peer0-org1-appconf 44 | hostPath: 45 | path: /root/nodes/application.yml 46 | status: {} 47 | 48 | --- 49 | apiVersion: v1 50 | kind: Service 51 | metadata: 52 | creationTimestamp: null 53 | labels: 54 | io.kompose.service: peer0.org1 55 | name: peer0-org1 56 | spec: 57 | clusterIP: 172.18.255.20 58 | ports: 59 | - name: rpc 60 | port: 8545 61 | targetPort: 8545 62 | - name: channel 63 | port: 20200 64 | targetPort: 20200 65 | - name: p2p 66 | port: 30300 67 | targetPort: 30300 68 | - name: front 69 | port: 5002 70 | targetPort: 5002 71 | selector: 72 | io.kompose.service: peer0.org1 -------------------------------------------------------------------------------- /k8s/bcos_kubernetes/peer0.org2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | io.kompose.service: peer0.org2 7 | name: peer0.org2 8 | namespace: 9 | spec: 10 | replicas: 1 11 | strategy: 12 | type: Recreate 13 | template: 14 | metadata: 15 | creationTimestamp: null 16 | labels: 17 | io.kompose.service: peer0.org2 18 | spec: 19 | containers: 20 | - name: peer0-org2 21 | image: fiscoorg/front:latest 22 | ports: 23 | - containerPort: 8545 24 | - containerPort: 20200 25 | - containerPort: 30300 26 | - containerPort: 5002 27 | resources: {} 28 | volumeMounts: 29 | - mountPath: /data 30 | name: peer0-org2-conf 31 | - mountPath: /dist/log 32 | name: peer0-org2-frontlog 33 | - mountPath: /dist/conf/application.yml 34 | name: peer0-org2-appconf 35 | workingDir: /data 36 | restartPolicy: Always 37 | volumes: 38 | - name: peer0-org2-conf 39 | hostPath: 40 | path: /root/nodes/172.18.255.21/node0 41 | - name: peer0-org2-frontlog 42 | hostPath: 43 | path: /root/nodes/172.18.255.21/frontlog 44 | - name: peer0-org2-appconf 45 | hostPath: 46 | path: /root/nodes/application.yml 47 | status: {} 48 | 49 | --- 50 | apiVersion: v1 51 | kind: Service 52 | metadata: 53 | creationTimestamp: null 54 | labels: 55 | io.kompose.service: peer0.org2 56 | name: peer0-org2 57 | spec: 58 | clusterIP: 172.18.255.21 59 | ports: 60 | - name: rpc 61 | port: 8545 62 | targetPort: 8545 63 | - name: channel 64 | port: 20200 65 | targetPort: 20200 66 | - name: p2p 67 | port: 30300 68 | targetPort: 30300 69 | - name: front 70 | port: 5002 71 | targetPort: 5002 72 | selector: 73 | io.kompose.service: peer0.org2 -------------------------------------------------------------------------------- /k8s/bcos_kubernetes/peer0.org3.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | io.kompose.service: peer0.org3 7 | name: peer0.org3 8 | spec: 9 | replicas: 1 10 | strategy: 11 | type: Recreate 12 | template: 13 | metadata: 14 | creationTimestamp: null 15 | labels: 16 | io.kompose.service: peer0.org3 17 | spec: 18 | containers: 19 | - name: peer0-org3 20 | image: fiscoorg/front:latest 21 | ports: 22 | - containerPort: 8545 23 | - containerPort: 20200 24 | - containerPort: 30300 25 | - containerPort: 5002 26 | resources: {} 27 | volumeMounts: 28 | - mountPath: /data 29 | name: peer0-org3-conf 30 | - mountPath: /dist/log 31 | name: peer0-org3-frontlog 32 | - mountPath: /dist/conf/application.yml 33 | name: peer0-org3-appconf 34 | workingDir: /data 35 | restartPolicy: Always 36 | volumes: 37 | - name: peer0-org3-conf 38 | hostPath: 39 | path: /root/nodes/172.18.255.22/node0 40 | - name: peer0-org3-frontlog 41 | hostPath: 42 | path: /root/nodes/172.18.255.22/frontlog 43 | - name: peer0-org3-appconf 44 | hostPath: 45 | path: /root/nodes/application.yml 46 | status: {} 47 | --- 48 | apiVersion: v1 49 | kind: Service 50 | metadata: 51 | creationTimestamp: null 52 | labels: 53 | io.kompose.service: peer0.org3 54 | name: peer0-org3 55 | spec: 56 | clusterIP: 172.18.255.22 57 | ports: 58 | - name: rpc 59 | port: 8545 60 | targetPort: 8545 61 | - name: channel 62 | port: 20200 63 | targetPort: 20200 64 | - name: p2p 65 | port: 30300 66 | targetPort: 30300 67 | - name: front 68 | port: 5002 69 | targetPort: 5002 70 | selector: 71 | io.kompose.service: peer0.org3 -------------------------------------------------------------------------------- /k8s/bcos_kubernetes/peer0.org4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | io.kompose.service: peer0.org4 7 | name: peer0.org4 8 | spec: 9 | replicas: 1 10 | strategy: 11 | type: Recreate 12 | template: 13 | metadata: 14 | creationTimestamp: null 15 | labels: 16 | io.kompose.service: peer0.org4 17 | spec: 18 | containers: 19 | - name: peer0-org4 20 | image: fiscoorg/front:latest 21 | ports: 22 | - containerPort: 8545 23 | - containerPort: 20200 24 | - containerPort: 30300 25 | - containerPort: 5002 26 | resources: {} 27 | volumeMounts: 28 | - mountPath: /data 29 | name: peer0-org4-conf 30 | - mountPath: /dist/log 31 | name: peer0-org4-frontlog 32 | - mountPath: /dist/conf/application.yml 33 | name: peer0-org4-appconf 34 | workingDir: /data 35 | restartPolicy: Always 36 | volumes: 37 | - name: peer0-org4-conf 38 | hostPath: 39 | path: /root/nodes/172.18.255.23/node0 40 | - name: peer0-org4-frontlog 41 | hostPath: 42 | path: /root/nodes/172.18.255.23/frontlog 43 | - name: peer0-org4-appconf 44 | hostPath: 45 | path: /root/nodes/application.yml 46 | status: {} 47 | --- 48 | apiVersion: v1 49 | kind: Service 50 | metadata: 51 | creationTimestamp: null 52 | labels: 53 | io.kompose.service: peer0.org4 54 | name: peer0-org4 55 | spec: 56 | clusterIP: 172.18.255.23 57 | ports: 58 | - name: rpc 59 | port: 8545 60 | targetPort: 8545 61 | - name: channel 62 | port: 20200 63 | targetPort: 20200 64 | - name: p2p 65 | port: 30300 66 | targetPort: 30300 67 | - name: front 68 | port: 5002 69 | targetPort: 5002 70 | selector: 71 | io.kompose.service: peer0.org4 -------------------------------------------------------------------------------- /k8s/front-k8s-install.md: -------------------------------------------------------------------------------- 1 | ## front镜像K8S部署说明 2 | 3 | ## 前提条件 4 | 5 | | 环境 | 版本 | 6 | | :------: | :----------------------: | 7 | | Docker | 建议17.06之后版本 | 8 | | Kubernetes | 建议1.12之后版本 | 9 | 10 | 11 | ### 1. 镜像部署使用步骤 12 | 13 | 举例,如果要生成有四个机构,机构名分别为org1~org4,并且每个机构一个节点,单群组模式的区块链网络,则操作如下。 14 | 15 | 1 下载build_chain脚本 16 | 17 | ```bash 18 | curl -LO https://github.com/FISCO-BCOS/FISCO-BCOS/releases/download/v2.3.0/build_chain.sh && chmod u+x build_chain.sh 19 | ``` 20 | 21 | 2 准备配置文件 22 | k8s部署各Service暴露IP方式建议采用ClusterIP,并且service的clusterIP用指定值。 23 | 如下,clusterIP我们采用**172.18.255.20~172.18.255.23** 24 | 25 | ```bash 26 | # 此IP根据service的IP范围确定 27 | # test 机构名 28 | # 1 群组id 29 | cat > nodeconf << EOF 30 | 172.18.255.20:1 org1 1 31 | 172.18.255.21:1 org2 1 32 | 172.18.255.22:1 org3 1 33 | 172.18.255.23:1 org4 1 34 | EOF 35 | ``` 36 | 37 | 3 生成节点配置文件 38 | 39 | ```bash 40 | # -p 指定节点所使用端口的起始值,同一机器上多节点端口递增。 41 | # -d 使用docker模式 42 | # -g 国密 43 | # -S 资源统计 44 | bash build_chain.sh -f nodeconf -p 30300,20200,8545 -o nodes -d -g 45 | ``` 46 | 执行后会生成nodes目录,nodes目录包含各节点配置。 47 | 请将生成的区块链配置nodes目录拷贝到k8s集群的各个主机上。方便节点启动读取配置。 48 | ```bash 49 | cp -r nodes/ /root 50 | ``` 51 | 52 | 4 k8s部署的yaml文件在bcos_kubernetes目录下,有相应的deployment.yaml和service.yaml,这里合并在一个文件里。 53 | 在k8s 主机上根据yaml启动镜像,参考命令如下: 54 | 55 | ```bash 56 | kubectl apply -f peer0.org1.yaml 57 | ``` 58 | 59 | 60 | ### 2.k8s部署yaml解析 61 | 62 | ####2.1 delpoyment解析: 63 | 64 | 1 如下 需要将pod内 /data ,/dist/log以及/dist/conf/application.yml挂载出来。挂载主机目录在hostPath属性下,可自行修改。 65 | 2 需要将pod的 8545(rpc),20200(channel),30300(p2p),5002(front端口)暴露出来。 66 | ``` 67 | spec: 68 | containers: 69 | - name: peer0-org1 70 | image: fiscoorg/front:latest 71 | ports: 72 | - containerPort: 8545 73 | - containerPort: 20200 74 | - containerPort: 30300 75 | - containerPort: 5002 76 | resources: {} 77 | volumeMounts: 78 | - mountPath: /data 79 | name: peer0-org1-conf 80 | - mountPath: /dist/log 81 | name: peer0-org1-frontlog 82 | - mountPath: /dist/conf/application.yml 83 | name: peer0-org1-appconf 84 | workingDir: /data 85 | restartPolicy: Always 86 | volumes: 87 | - name: peer0-org1-conf 88 | hostPath: 89 | path: /root/nodes/172.18.255.20/node0 90 | - name: peer0-org1-frontlog 91 | hostPath: 92 | path: /root/nodes/172.18.255.20/frontlog 93 | - name: peer0-org1-appconf 94 | hostPath: 95 | path: /root/nodes/application.yml 96 | ``` 97 | ####2.2 service解析 98 | 1 service在集群中采用ClusterIP方式暴露服务,并指定clusterIP值。 99 | 2 外网访问服务用户可以自行选择方案。 100 | 101 | ``` 102 | spec: 103 | clusterIP: 172.18.255.20 104 | ports: 105 | - name: rpc 106 | port: 8545 107 | targetPort: 8545 108 | - name: channel 109 | port: 20200 110 | targetPort: 20200 111 | - name: p2p 112 | port: 30300 113 | targetPort: 30300 114 | - name: front 115 | port: 5002 116 | targetPort: 5002 117 | ``` -------------------------------------------------------------------------------- /nodes-config/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | 3 | LABEL maintainer service@fisco.com.cn 4 | 5 | WORKDIR / 6 | 7 | RUN apt-get -q update && apt-get install -qy --no-install-recommends \ 8 | git clang make build-essential cmake libssl-dev \ 9 | ca-certificates tzdata \ 10 | && ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ 11 | && dpkg-reconfigure -f noninteractive tzdata \ 12 | && git clone https://github.com/FISCO-BCOS/FISCO-BCOS.git \ 13 | && cd FISCO-BCOS && git checkout master \ 14 | && mkdir build && cd build \ 15 | && cmake .. \ 16 | && make \ 17 | && make install \ 18 | && cd / && rm -rf FISCO-BCOS \ 19 | && apt-get purge git cmake build-essential -y \ 20 | && apt-get autoremove -y \ 21 | && apt-get clean \ 22 | && rm -rf /tmp/* \ 23 | && rm -rf /var/lib/apt/lists/* 24 | 25 | EXPOSE 30300 20200 8545 26 | 27 | ENTRYPOINT ["/usr/local/bin/fisco-bcos"] 28 | CMD ["--version"] 29 | -------------------------------------------------------------------------------- /nodes-config/build_chain.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | # default value 6 | ca_file= #CA key 7 | node_num=1 8 | ip_file= 9 | ip_param= 10 | use_ip_param= 11 | agency_array= 12 | group_array= 13 | ip_array= 14 | output_dir=nodes 15 | port_start=(30300 20200 8545) 16 | state_type=storage 17 | storage_type=rocksdb 18 | conf_path="conf" 19 | bin_path= 20 | make_tar= 21 | debug_log="false" 22 | log_level="info" 23 | logfile=${PWD}/build.log 24 | listen_ip="127.0.0.1" 25 | bcos_bin_name=fisco-bcos 26 | guomi_mode= 27 | docker_mode= 28 | gm_conf_path="gmconf/" 29 | current_dir=$(pwd) 30 | consensus_type="pbft" 31 | TASSL_CMD="${HOME}"/.tassl 32 | enable_parallel=true 33 | auto_flush="true" 34 | # trans timestamp from seconds to milliseconds 35 | timestamp=$(($(date '+%s')*1000)) 36 | chain_id=1 37 | compatibility_version="" 38 | default_version="2.0.0" 39 | macOS="" 40 | download_timeout=360 41 | 42 | help() { 43 | echo $1 44 | cat << EOF 45 | Usage: 46 | -l [Required] "ip1:nodeNum1,ip2:nodeNum2" e.g:"192.168.0.1:2,192.168.0.2:3" 47 | -f [Optional] split by line, every line should be "ip:nodeNum agencyName groupList". eg "127.0.0.1:4 agency1 1,2" 48 | -e Default download fisco-bcos from GitHub. If set -e, use the binary at the specified location 49 | -o Default ./nodes/ 50 | -p Default 30300,20200,8545 means p2p_port start from 30300, channel_port from 20200, jsonrpc_port from 8545 51 | -i Default 127.0.0.1. If set -i, listen 0.0.0.0 52 | -v Default get version from https://github.com/FISCO-BCOS/FISCO-BCOS/releases. If set use specificd version binary 53 | -s Default rocksdb. Options can be rocksdb / mysql / external, rocksdb is recommended 54 | -d Default off. If set -d, build with docker 55 | -c Default PBFT. If set -c, use Raft 56 | -m Default storageState. if set -m, use mpt state 57 | -C Default 1. Can set uint. 58 | -g Default no 59 | -z Default no 60 | -t Default auto generate 61 | -T Default off. If set -T, enable debug log 62 | -F Default on. If set -F, disable log auto flush 63 | -h Help 64 | e.g 65 | $0 -l "127.0.0.1:4" 66 | EOF 67 | 68 | exit 0 69 | } 70 | 71 | LOG_WARN() 72 | { 73 | local content=${1} 74 | echo -e "\033[31m[WARN] ${content}\033[0m" 75 | } 76 | 77 | LOG_INFO() 78 | { 79 | local content=${1} 80 | echo -e "\033[32m[INFO] ${content}\033[0m" 81 | } 82 | 83 | exit_with_clean() 84 | { 85 | local content=${1} 86 | echo -e "\033[31m[ERROR] ${content}\033[0m" 87 | if [ -d "${output_dir}" ];then 88 | rm -rf ${output_dir} 89 | fi 90 | exit 1 91 | } 92 | 93 | parse_params() 94 | { 95 | while getopts "f:l:o:p:e:t:v:s:C:iczhgmTFd" option;do 96 | case $option in 97 | f) ip_file=$OPTARG 98 | use_ip_param="false" 99 | ;; 100 | l) ip_param=$OPTARG 101 | use_ip_param="true" 102 | ;; 103 | o) output_dir=$OPTARG;; 104 | i) listen_ip="0.0.0.0";; 105 | v) compatibility_version="$OPTARG";; 106 | p) port_start=(${OPTARG//,/ }) 107 | if [ ${#port_start[@]} -ne 3 ];then LOG_WARN "start port error. e.g: 30300,20200,8545" && exit 1;fi 108 | ;; 109 | e) bin_path=$OPTARG;; 110 | m) state_type=mpt;; 111 | s) storage_type=$OPTARG 112 | if [ -z "${storage_type}" ];then 113 | LOG_WARN "${storage_type} is not supported storage." 114 | exit 1; 115 | fi 116 | ;; 117 | t) CertConfig=$OPTARG;; 118 | c) consensus_type="raft";; 119 | C) chain_id=$OPTARG 120 | if [ -z $(grep '^[[:digit:]]*$' <<< "${chain_id}") ];then 121 | LOG_WARN "${chain_id} is not a positive integer." 122 | exit 1; 123 | fi 124 | ;; 125 | T) debug_log="true" 126 | log_level="debug" 127 | ;; 128 | F) auto_flush="false";; 129 | z) make_tar="yes";; 130 | g) guomi_mode="yes";; 131 | d) docker_mode="yes" 132 | [ ! -z "${macOS}" ] && LOG_WARN "Docker desktop of macOS can't support docker mode of FISCO BCOS!" && exit 1;; 133 | h) help;; 134 | esac 135 | done 136 | } 137 | 138 | print_result() 139 | { 140 | echo "================================================================" 141 | LOG_INFO "Execute the following command to get FISCO-BCOS console" 142 | echo " bash <(curl -s https://raw.githubusercontent.com/FISCO-BCOS/console/master/tools/download_console.sh)" 143 | echo "================================================================" 144 | [ -z ${docker_mode} ] && LOG_INFO "FISCO-BCOS Path : $bin_path" 145 | [ ! -z ${docker_mode} ] && LOG_INFO "Docker tag : latest" 146 | [ ! -z $ip_file ] && LOG_INFO "IP List File : $ip_file" 147 | # [ ! -z $ip_file ] && LOG_INFO -e "Agencies/groups : ${#agency_array[@]}/${#groups[@]}" 148 | LOG_INFO "Start Port : ${port_start[*]}" 149 | LOG_INFO "Server IP : ${ip_array[*]}" 150 | LOG_INFO "State Type : ${state_type}" 151 | LOG_INFO "RPC listen IP : ${listen_ip}" 152 | LOG_INFO "Output Dir : ${output_dir}" 153 | LOG_INFO "CA Key Path : $ca_file" 154 | [ ! -z $guomi_mode ] && LOG_INFO "Guomi mode : $guomi_mode" 155 | echo "================================================================" 156 | LOG_INFO "All completed. Files in ${output_dir}" 157 | } 158 | 159 | check_env() { 160 | [ ! -z "$(openssl version | grep 1.0.2)" ] || [ ! -z "$(openssl version | grep 1.1)" ] || [ ! -z "$(openssl version | grep reSSL)" ] || { 161 | echo "please install openssl!" 162 | #echo "download openssl from https://www.openssl.org." 163 | echo "use \"openssl version\" command to check." 164 | exit 1 165 | } 166 | if [ ! -z "$(openssl version | grep reSSL)" ];then 167 | export PATH="/usr/local/opt/openssl/bin:$PATH" 168 | fi 169 | if [ "$(uname)" == "Darwin" ];then 170 | macOS="macOS" 171 | fi 172 | 173 | } 174 | 175 | # TASSL env 176 | check_and_install_tassl() 177 | { 178 | if [ ! -f "${HOME}/.tassl" ];then 179 | curl -LO https://github.com/FISCO-BCOS/LargeFiles/raw/master/tools/tassl.tar.gz 180 | LOG_INFO "Downloading tassl binary ..." 181 | tar zxvf tassl.tar.gz 182 | chmod u+x tassl 183 | mv tassl ${HOME}/.tassl 184 | fi 185 | } 186 | 187 | getname() { 188 | local name="$1" 189 | if [ -z "$name" ]; then 190 | return 0 191 | fi 192 | [[ "$name" =~ ^.*/$ ]] && { 193 | name="${name%/*}" 194 | } 195 | name="${name##*/}" 196 | echo "$name" 197 | } 198 | 199 | check_name() { 200 | local name="$1" 201 | local value="$2" 202 | [[ "$value" =~ ^[a-zA-Z0-9._-]+$ ]] || { 203 | exit_with_clean "$name name [$value] invalid, it should match regex: ^[a-zA-Z0-9._-]+\$" 204 | } 205 | } 206 | 207 | file_must_exists() { 208 | if [ ! -f "$1" ]; then 209 | exit_with_clean "$1 file does not exist, please check!" 210 | fi 211 | } 212 | 213 | dir_must_exists() { 214 | if [ ! -d "$1" ]; then 215 | exit_with_clean "$1 DIR does not exist, please check!" 216 | fi 217 | } 218 | 219 | dir_must_not_exists() { 220 | if [ -e "$1" ]; then 221 | LOG_WARN "$1 DIR exists, please clean old DIR!" 222 | exit 1 223 | fi 224 | } 225 | 226 | gen_chain_cert() { 227 | local path="${1}" 228 | name=$(getname "$path") 229 | echo "$path --- $name" 230 | dir_must_not_exists "$path" 231 | check_name chain "$name" 232 | 233 | chaindir=$path 234 | mkdir -p $chaindir 235 | openssl genrsa -out $chaindir/ca.key 2048 236 | openssl req -new -x509 -days 3650 -subj "/CN=$name/O=fisco-bcos/OU=chain" -key $chaindir/ca.key -out $chaindir/ca.crt 237 | mv cert.cnf $chaindir 238 | } 239 | 240 | gen_agency_cert() { 241 | local chain="${1}" 242 | local agencypath="${2}" 243 | name=$(getname "$agencypath") 244 | 245 | dir_must_exists "$chain" 246 | file_must_exists "$chain/ca.key" 247 | check_name agency "$name" 248 | agencydir=$agencypath 249 | dir_must_not_exists "$agencydir" 250 | mkdir -p $agencydir 251 | 252 | openssl genrsa -out $agencydir/agency.key 2048 253 | openssl req -new -sha256 -subj "/CN=$name/O=fisco-bcos/OU=agency" -key $agencydir/agency.key -config $chain/cert.cnf -out $agencydir/agency.csr 254 | openssl x509 -req -days 3650 -sha256 -CA $chain/ca.crt -CAkey $chain/ca.key -CAcreateserial\ 255 | -in $agencydir/agency.csr -out $agencydir/agency.crt -extensions v4_req -extfile $chain/cert.cnf 256 | 257 | cp $chain/ca.crt $chain/cert.cnf $agencydir/ 258 | rm -f $agencydir/agency.csr 259 | 260 | echo "build $name agency cert successful!" 261 | } 262 | 263 | gen_cert_secp256k1() { 264 | capath="$1" 265 | certpath="$2" 266 | name="$3" 267 | type="$4" 268 | openssl ecparam -out $certpath/${type}.param -name secp256k1 269 | openssl genpkey -paramfile $certpath/${type}.param -out $certpath/${type}.key 270 | openssl pkey -in $certpath/${type}.key -pubout -out $certpath/${type}.pubkey 271 | openssl req -new -sha256 -subj "/CN=${name}/O=fisco-bcos/OU=${type}" -key $certpath/${type}.key -config $capath/cert.cnf -out $certpath/${type}.csr 272 | openssl x509 -req -days 3650 -sha256 -in $certpath/${type}.csr -CAkey $capath/agency.key -CA $capath/agency.crt\ 273 | -force_pubkey $certpath/${type}.pubkey -out $certpath/${type}.crt -CAcreateserial -extensions v3_req -extfile $capath/cert.cnf 274 | openssl ec -in $certpath/${type}.key -outform DER | tail -c +8 | head -c 32 | xxd -p -c 32 | cat >$certpath/${type}.private 275 | rm -f $certpath/${type}.csr 276 | } 277 | 278 | gen_node_cert() { 279 | if [ "" == "$(openssl ecparam -list_curves 2>&1 | grep secp256k1)" ]; then 280 | exit_with_clean "openssl don't support secp256k1, please upgrade openssl!" 281 | fi 282 | 283 | agpath="${1}" 284 | agency=$(getname "$agpath") 285 | ndpath="${2}" 286 | node=$(getname "$ndpath") 287 | dir_must_exists "$agpath" 288 | file_must_exists "$agpath/agency.key" 289 | check_name agency "$agency" 290 | dir_must_not_exists "$ndpath" 291 | check_name node "$node" 292 | 293 | mkdir -p $ndpath 294 | 295 | gen_cert_secp256k1 "$agpath" "$ndpath" "$node" node 296 | #nodeid is pubkey 297 | openssl ec -in $ndpath/node.key -text -noout | sed -n '7,11p' | tr -d ": \n" | awk '{print substr($0,3);}' | cat >$ndpath/node.nodeid 298 | # openssl x509 -serial -noout -in $ndpath/node.crt | awk -F= '{print $2}' | cat >$ndpath/node.serial 299 | cp $agpath/ca.crt $agpath/agency.crt $ndpath 300 | 301 | cd $ndpath 302 | 303 | echo "build $node node cert successful!" 304 | } 305 | 306 | generate_gmsm2_param() 307 | { 308 | local output=$1 309 | cat << EOF > ${output} 310 | -----BEGIN EC PARAMETERS----- 311 | BggqgRzPVQGCLQ== 312 | -----END EC PARAMETERS----- 313 | 314 | EOF 315 | } 316 | 317 | gen_chain_cert_gm() { 318 | local path="${1}" 319 | name=$(getname "$path") 320 | echo "$path --- $name" 321 | dir_must_not_exists "$path" 322 | check_name chain "$name" 323 | 324 | chaindir=$path 325 | mkdir -p $chaindir 326 | 327 | generate_gmsm2_param "gmsm2.param" 328 | $TASSL_CMD genpkey -paramfile gmsm2.param -out $chaindir/gmca.key 329 | $TASSL_CMD req -config gmcert.cnf -x509 -days 3650 -subj "/CN=$name/O=fiscobcos/OU=chain" -key $chaindir/gmca.key -extensions v3_ca -out $chaindir/gmca.crt 330 | 331 | cp gmcert.cnf gmsm2.param $chaindir 332 | 333 | if $(cp gmcert.cnf gmsm2.param $chaindir) 334 | then 335 | echo "build chain ca succussful!" 336 | else 337 | echo "please input at least Common Name!" 338 | fi 339 | } 340 | 341 | gen_agency_cert_gm() { 342 | local chain="${1}" 343 | local agencypath="${2}" 344 | name=$(getname "$agencypath") 345 | 346 | dir_must_exists "$chain" 347 | file_must_exists "$chain/gmca.key" 348 | check_name agency "$name" 349 | agencydir=$agencypath 350 | dir_must_not_exists "$agencydir" 351 | mkdir -p $agencydir 352 | 353 | $TASSL_CMD genpkey -paramfile $chain/gmsm2.param -out $agencydir/gmagency.key 354 | $TASSL_CMD req -new -subj "/CN=$name/O=fiscobcos/OU=agency" -key $agencydir/gmagency.key -config $chain/gmcert.cnf -out $agencydir/gmagency.csr 355 | $TASSL_CMD x509 -req -CA $chain/gmca.crt -CAkey $chain/gmca.key -days 3650 -CAcreateserial -in $agencydir/gmagency.csr -out $agencydir/gmagency.crt -extfile $chain/gmcert.cnf -extensions v3_agency_root 356 | 357 | cp $chain/gmca.crt $chain/gmcert.cnf $chain/gmsm2.param $agencydir/ 358 | rm -f $agencydir/gmagency.csr 359 | 360 | echo "build $name agency cert successful!" 361 | } 362 | 363 | gen_node_cert_with_extensions_gm() { 364 | capath="$1" 365 | certpath="$2" 366 | name="$3" 367 | type="$4" 368 | extensions="$5" 369 | 370 | $TASSL_CMD genpkey -paramfile $capath/gmsm2.param -out $certpath/gm${type}.key 371 | $TASSL_CMD req -new -subj "/CN=$name/O=fiscobcos/OU=agency" -key $certpath/gm${type}.key -config $capath/gmcert.cnf -out $certpath/gm${type}.csr 372 | $TASSL_CMD x509 -req -CA $capath/gmagency.crt -CAkey $capath/gmagency.key -days 3650 -CAcreateserial -in $certpath/gm${type}.csr -out $certpath/gm${type}.crt -extfile $capath/gmcert.cnf -extensions $extensions 373 | 374 | rm -f $certpath/gm${type}.csr 375 | } 376 | 377 | gen_node_cert_gm() { 378 | if [ "" = "$(openssl ecparam -list_curves 2>&1 | grep secp256k1)" ]; then 379 | exit_with_clean "openssl don't support secp256k1, please upgrade openssl!" 380 | fi 381 | 382 | agpath="${1}" 383 | agency=$(getname "$agpath") 384 | ndpath="${2}" 385 | node=$(getname "$ndpath") 386 | dir_must_exists "$agpath" 387 | file_must_exists "$agpath/gmagency.key" 388 | check_name agency "$agency" 389 | 390 | mkdir -p $ndpath 391 | dir_must_exists "$ndpath" 392 | check_name node "$node" 393 | 394 | mkdir -p $ndpath 395 | gen_node_cert_with_extensions_gm "$agpath" "$ndpath" "$node" node v3_req 396 | gen_node_cert_with_extensions_gm "$agpath" "$ndpath" "$node" ennode v3enc_req 397 | #nodeid is pubkey 398 | $TASSL_CMD ec -in $ndpath/gmnode.key -text -noout | sed -n '7,11p' | sed 's/://g' | tr "\n" " " | sed 's/ //g' | awk '{print substr($0,3);}' | cat > $ndpath/gmnode.nodeid 399 | 400 | #serial 401 | if [ "" != "$($TASSL_CMD version | grep 1.0.2)" ]; 402 | then 403 | $TASSL_CMD x509 -text -in $ndpath/gmnode.crt | sed -n '5p' | sed 's/://g' | tr "\n" " " | sed 's/ //g' | sed 's/[a-z]/\u&/g' | cat > $ndpath/gmnode.serial 404 | else 405 | $TASSL_CMD x509 -text -in $ndpath/gmnode.crt | sed -n '4p' | sed 's/ //g' | sed 's/.*(0x//g' | sed 's/)//g' |sed 's/[a-z]/\u&/g' | cat > $ndpath/gmnode.serial 406 | fi 407 | 408 | 409 | cp $agpath/gmca.crt $agpath/gmagency.crt $ndpath 410 | 411 | cd $ndpath 412 | 413 | echo "build $node node cert successful!" 414 | } 415 | 416 | generate_config_ini() 417 | { 418 | local output=${1} 419 | local ip=${2} 420 | local offset=${ip_node_counts[${ip//./}]} 421 | local node_groups=(${3//,/ }) 422 | local prefix="" 423 | if [ -n "$guomi_mode" ]; then 424 | prefix="gm" 425 | fi 426 | cat << EOF > ${output} 427 | [rpc] 428 | listen_ip=${listen_ip} 429 | channel_listen_port=$(( offset + port_start[1] )) 430 | jsonrpc_listen_port=$(( offset + port_start[2] )) 431 | [p2p] 432 | listen_ip=0.0.0.0 433 | listen_port=$(( offset + port_start[0] )) 434 | ;enable_compress=true 435 | ; nodes to connect 436 | $ip_list 437 | 438 | [certificate_blacklist] 439 | ; crl.0 should be nodeid, nodeid's length is 128 440 | ;crl.0= 441 | 442 | [group] 443 | group_data_path=data/ 444 | group_config_path=${conf_path}/ 445 | 446 | [network_security] 447 | ; directory the certificates located in 448 | data_path=${conf_path}/ 449 | ; the node private key file 450 | key=${prefix}node.key 451 | ; the node certificate file 452 | cert=${prefix}node.crt 453 | ; the ca certificate file 454 | ca_cert=${prefix}ca.crt 455 | 456 | [storage_security] 457 | enable=false 458 | ; the IP of key mananger 459 | key_manager_ip= 460 | ; the Port of key manager 461 | key_manager_port= 462 | cipher_data_key= 463 | 464 | [chain] 465 | id=${chain_id} 466 | [compatibility] 467 | ; supported_version should nerver be changed 468 | supported_version=${compatibility_version} 469 | [log] 470 | enable=true 471 | log_path=./log 472 | ; info debug trace 473 | level=${log_level} 474 | ; MB 475 | max_log_file_size=200 476 | flush=${auto_flush} 477 | log_flush_threshold=100 478 | EOF 479 | } 480 | 481 | generate_group_genesis() 482 | { 483 | local output=$1 484 | local index=$2 485 | local node_list=$3 486 | cat << EOF > ${output} 487 | [consensus] 488 | ; consensus algorithm type, now support PBFT(consensus_type=pbft) and Raft(consensus_type=raft) 489 | consensus_type=${consensus_type} 490 | ; the max number of transactions of a block 491 | max_trans_num=1000 492 | ; the node id of consensusers 493 | ${node_list} 494 | [state] 495 | ; support mpt/storage 496 | type=${state_type} 497 | [tx] 498 | ; transaction gas limit 499 | gas_limit=300000000 500 | [group] 501 | id=${index} 502 | timestamp=${timestamp} 503 | EOF 504 | } 505 | 506 | function generate_group_ini() 507 | { 508 | local output="${1}" 509 | cat << EOF > ${output} 510 | [consensus] 511 | ; the ttl for broadcasting pbft message 512 | ;ttl=2 513 | ; min block generation time(ms), the max block generation time is 1000 ms 514 | ;min_block_generation_time=500 515 | ;enable_dynamic_block_size=true 516 | [storage] 517 | ; storage db type, rocksdb / mysql / external, rocksdb is recommended 518 | type=${storage_type} 519 | ; max cache memeory, MB 520 | max_capacity=256 521 | max_forward_block=10 522 | ; only for external 523 | max_retry=100 524 | topic=DB 525 | ; only for mysql 526 | db_ip=127.0.0.1 527 | db_port=3306 528 | db_username= 529 | db_passwd= 530 | db_name= 531 | [tx_pool] 532 | limit=150000 533 | [tx_execute] 534 | enable_parallel=${enable_parallel} 535 | EOF 536 | } 537 | 538 | generate_cert_conf() 539 | { 540 | local output=$1 541 | cat << EOF > ${output} 542 | [ca] 543 | default_ca=default_ca 544 | [default_ca] 545 | default_days = 365 546 | default_md = sha256 547 | 548 | [req] 549 | distinguished_name = req_distinguished_name 550 | req_extensions = v3_req 551 | [req_distinguished_name] 552 | countryName = CN 553 | countryName_default = CN 554 | stateOrProvinceName = State or Province Name (full name) 555 | stateOrProvinceName_default =GuangDong 556 | localityName = Locality Name (eg, city) 557 | localityName_default = ShenZhen 558 | organizationalUnitName = Organizational Unit Name (eg, section) 559 | organizationalUnitName_default = fisco-bcos 560 | commonName = Organizational commonName (eg, fisco-bcos) 561 | commonName_default = fisco-bcos 562 | commonName_max = 64 563 | 564 | [ v3_req ] 565 | basicConstraints = CA:FALSE 566 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 567 | 568 | [ v4_req ] 569 | basicConstraints = CA:TRUE 570 | 571 | EOF 572 | } 573 | 574 | generate_script_template() 575 | { 576 | local filepath=$1 577 | cat << EOF > "${filepath}" 578 | #!/bin/bash 579 | SHELL_FOLDER=\$(cd \$(dirname \$0);pwd) 580 | 581 | EOF 582 | chmod +x ${filepath} 583 | } 584 | 585 | generate_cert_conf_gm() 586 | { 587 | local output=$1 588 | cat << EOF > ${output} 589 | HOME = . 590 | RANDFILE = $ENV::HOME/.rnd 591 | oid_section = new_oids 592 | 593 | [ new_oids ] 594 | tsa_policy1 = 1.2.3.4.1 595 | tsa_policy2 = 1.2.3.4.5.6 596 | tsa_policy3 = 1.2.3.4.5.7 597 | 598 | #################################################################### 599 | [ ca ] 600 | default_ca = CA_default # The default ca section 601 | 602 | #################################################################### 603 | [ CA_default ] 604 | 605 | dir = ./demoCA # Where everything is kept 606 | certs = $dir/certs # Where the issued certs are kept 607 | crl_dir = $dir/crl # Where the issued crl are kept 608 | database = $dir/index.txt # database index file. 609 | #unique_subject = no # Set to 'no' to allow creation of 610 | # several ctificates with same subject. 611 | new_certs_dir = $dir/newcerts # default place for new certs. 612 | 613 | certificate = $dir/cacert.pem # The CA certificate 614 | serial = $dir/serial # The current serial number 615 | crlnumber = $dir/crlnumber # the current crl number 616 | # must be commented out to leave a V1 CRL 617 | crl = $dir/crl.pem # The current CRL 618 | private_key = $dir/private/cakey.pem # The private key 619 | RANDFILE = $dir/private/.rand # private random number file 620 | 621 | x509_extensions = usr_cert # The extentions to add to the cert 622 | 623 | name_opt = ca_default # Subject Name options 624 | cert_opt = ca_default # Certificate field options 625 | 626 | default_days = 365 # how long to certify for 627 | default_crl_days= 30 # how long before next CRL 628 | default_md = default # use public key default MD 629 | preserve = no # keep passed DN ordering 630 | 631 | policy = policy_match 632 | 633 | [ policy_match ] 634 | countryName = match 635 | stateOrProvinceName = match 636 | organizationName = match 637 | organizationalUnitName = optional 638 | commonName = supplied 639 | emailAddress = optional 640 | 641 | [ policy_anything ] 642 | countryName = optional 643 | stateOrProvinceName = optional 644 | localityName = optional 645 | organizationName = optional 646 | organizationalUnitName = optional 647 | commonName = supplied 648 | emailAddress = optional 649 | 650 | #################################################################### 651 | [ req ] 652 | default_bits = 2048 653 | default_md = sm3 654 | default_keyfile = privkey.pem 655 | distinguished_name = req_distinguished_name 656 | x509_extensions = v3_ca # The extentions to add to the self signed cert 657 | 658 | string_mask = utf8only 659 | 660 | # req_extensions = v3_req # The extensions to add to a certificate request 661 | 662 | [ req_distinguished_name ] 663 | countryName = CN 664 | countryName_default = CN 665 | stateOrProvinceName = State or Province Name (full name) 666 | stateOrProvinceName_default =GuangDong 667 | localityName = Locality Name (eg, city) 668 | localityName_default = ShenZhen 669 | organizationalUnitName = Organizational Unit Name (eg, section) 670 | organizationalUnitName_default = fisco 671 | commonName = Organizational commonName (eg, fisco) 672 | commonName_default = fisco 673 | commonName_max = 64 674 | 675 | [ usr_cert ] 676 | basicConstraints=CA:FALSE 677 | nsComment = "OpenSSL Generated Certificate" 678 | 679 | subjectKeyIdentifier=hash 680 | authorityKeyIdentifier=keyid,issuer 681 | 682 | [ v3_req ] 683 | 684 | # Extensions to add to a certificate request 685 | 686 | basicConstraints = CA:FALSE 687 | keyUsage = nonRepudiation, digitalSignature 688 | 689 | [ v3enc_req ] 690 | 691 | # Extensions to add to a certificate request 692 | basicConstraints = CA:FALSE 693 | keyUsage = keyAgreement, keyEncipherment, dataEncipherment 694 | 695 | [ v3_agency_root ] 696 | subjectKeyIdentifier=hash 697 | authorityKeyIdentifier=keyid:always,issuer 698 | basicConstraints = CA:true 699 | keyUsage = cRLSign, keyCertSign 700 | 701 | [ v3_ca ] 702 | subjectKeyIdentifier=hash 703 | authorityKeyIdentifier=keyid:always,issuer 704 | basicConstraints = CA:true 705 | keyUsage = cRLSign, keyCertSign 706 | 707 | EOF 708 | } 709 | 710 | generate_node_scripts() 711 | { 712 | local output=$1 713 | local docker_tag="v${compatibility_version}" 714 | generate_script_template "$output/start.sh" 715 | local ps_cmd="\$(ps aux|grep \${fisco_bcos}|grep -v grep|awk '{print \$2}')" 716 | local start_cmd="nohup \${fisco_bcos} -c config.ini >>nohup.out 2>&1" 717 | local stop_cmd="kill \${node_pid}" 718 | local pid="pid" 719 | local log_cmd="tail -n20 nohup.out" 720 | local check_success="\$(${log_cmd} | grep running)" 721 | if [ ! -z ${docker_mode} ];then 722 | ps_cmd="\$(docker ps |grep \${SHELL_FOLDER//\//} | grep -v grep|awk '{print \$1}')" 723 | start_cmd="docker run -d --rm --name \${SHELL_FOLDER//\//} -v \${SHELL_FOLDER}:/data --network=host -w=/data fiscoorg/fiscobcos:${docker_tag} -c config.ini" 724 | stop_cmd="docker kill \${node_pid} 2>/dev/null" 725 | pid="container id" 726 | log_cmd="tail -n20 \$(docker inspect --format='{{.LogPath}}' \${SHELL_FOLDER//\//})" 727 | check_success="success" 728 | fi 729 | cat << EOF >> "$output/start.sh" 730 | fisco_bcos=\${SHELL_FOLDER}/../${bcos_bin_name} 731 | cd \${SHELL_FOLDER} 732 | node=\$(basename \${SHELL_FOLDER}) 733 | node_pid=${ps_cmd} 734 | if [ ! -z \${node_pid} ];then 735 | echo " \${node} is running, ${pid} is \$node_pid." 736 | exit 0 737 | else 738 | ${start_cmd} & 739 | sleep 1.5 740 | fi 741 | try_times=4 742 | i=0 743 | while [ \$i -lt \${try_times} ] 744 | do 745 | node_pid=${ps_cmd} 746 | success_flag=${check_success} 747 | if [[ ! -z \${node_pid} && ! -z "\${success_flag}" ]];then 748 | echo -e "\033[32m \${node} start successfully\033[0m" 749 | exit 0 750 | fi 751 | sleep 0.5 752 | ((i=i+1)) 753 | done 754 | echo -e "\033[31m Exceed waiting time. Please try again to start \${node} \033[0m" 755 | ${log_cmd} 756 | exit 1 757 | EOF 758 | generate_script_template "$output/stop.sh" 759 | cat << EOF >> "$output/stop.sh" 760 | fisco_bcos=\${SHELL_FOLDER}/../${bcos_bin_name} 761 | node=\$(basename \${SHELL_FOLDER}) 762 | node_pid=${ps_cmd} 763 | try_times=10 764 | i=0 765 | if [ -z \${node_pid} ];then 766 | echo " \${node} isn't running." 767 | exit 0 768 | fi 769 | [ ! -z \${node_pid} ] && ${stop_cmd} > /dev/null 770 | while [ \$i -lt \${try_times} ] 771 | do 772 | sleep 0.6 773 | node_pid=${ps_cmd} 774 | if [ -z \${node_pid} ];then 775 | echo -e "\033[32m stop \${node} success.\033[0m" 776 | exit 0 777 | fi 778 | ((i=i+1)) 779 | done 780 | echo " Exceed maximum number of retries. Please try again to stop \${node}" 781 | exit 1 782 | EOF 783 | } 784 | 785 | 786 | genTransTest() 787 | { 788 | local output=$1 789 | local file="${output}/.transTest.sh" 790 | generate_script_template "${file}" 791 | cat << EOF > "${file}" 792 | # This script only support for block number smaller than 65535 - 256 793 | 794 | ip_port=http://127.0.0.1:$(( port_start[2] )) 795 | trans_num=1 796 | target_group=1 797 | version= 798 | if [ \$# -ge 1 ];then 799 | trans_num=\$1 800 | fi 801 | if [ \$# -ge 2 ];then 802 | target_group=\$2 803 | fi 804 | 805 | getNodeVersion() 806 | { 807 | result="\$(curl -X POST --data '{"jsonrpc":"2.0","method":"getClientVersion","params":[],"id":1}' \${ip_port})" 808 | version="\$(echo \${result} | cut -c250- | cut -d \" -f3)" 809 | } 810 | 811 | block_limit() 812 | { 813 | result=\$(curl -s -X POST --data '{"jsonrpc":"2.0","method":"getBlockNumber","params":['\${target_group}'],"id":83}' \${ip_port}) 814 | if [ \$(echo \${result} | grep -i failed | wc -l) -gt 0 ] || [ -z \${result} ];then 815 | echo "getBlockNumber error!" 816 | exit 1 817 | fi 818 | blockNumber=\$(echo \${result}| cut -d \" -f 10) 819 | printf "%04x" \$((\$blockNumber+0x100)) 820 | } 821 | 822 | send_a_tx() 823 | { 824 | limit=\$(block_limit) 825 | random_id="\$(date +%s)\$(printf "%09d" \${RANDOM})" 826 | if [ \${#limit} -gt 4 ];then echo "blockLimit exceed 0xffff, this scripts is unavailable!"; exit 0;fi 827 | if [ "\${version}" == "2.0.0-rc1" ];then 828 | txBytes="f8f0a02ade583745343a8f9a70b40db996fbe69c63531832858\${random_id}85174876e7ff8609184e729fff82\${limit}94d6f1a71052366dbae2f7ab2d5d5845e77965cf0d80b86448f85bce000000000000000000000000000000000000000000000000000000000000001bf5bd8a9e7ba8b936ea704292ff4aaa5797bf671fdc8526dcd159f23c1f5a05f44e9fa862834dc7cb4541558f2b4961dc39eaaf0af7f7395028658d0e01b86a371ca0e33891be86f781ebacdafd543b9f4f98243f7b52d52bac9efa24b89e257a354da07ff477eb0ba5c519293112f1704de86bd2938369fbf0db2dff3b4d9723b9a87d" 829 | else 830 | txBytes="f8eca003eb675ec791c2d19858c91d0046821c27d815e2e9c15\${random_id}0a8402faf08082\${limit}948c17cf316c1063ab6c89df875e96c9f0f5b2f74480b8644ed3885e0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a464953434f2042434f53000000000000000000000000000000000000000000000101801ba09edf7c0cb63645442aff11323916d51ec5440de979950747c0189f338afdcefda02f3473184513c6a3516e066ea98b7cfb55a79481c9db98e658dd016c37f03dcf" 831 | fi 832 | #echo \$txBytes 833 | curl -s -X POST --data '{"jsonrpc":"2.0","method":"sendRawTransaction","params":['\${target_group}', "'\$txBytes'"],"id":83}' \${ip_port} 834 | } 835 | 836 | send_many_tx() 837 | { 838 | for j in \$(seq 1 \$1) 839 | do 840 | echo 'Send transaction: ' \$j 841 | send_a_tx \${ip_port} 842 | done 843 | } 844 | getNodeVersion 845 | echo "Use version:\${version}" 846 | send_many_tx \${trans_num} 847 | 848 | EOF 849 | } 850 | 851 | generate_server_scripts() 852 | { 853 | local output=$1 854 | genTransTest "${output}" 855 | generate_script_template "$output/start_all.sh" 856 | # echo "ip_array=(\$(ifconfig | grep inet | grep -v inet6 | awk '{print \$2}'))" >> "$output/start_all.sh" 857 | # echo "if echo \${ip_array[@]} | grep -w \"${ip}\" &>/dev/null; then echo \"start node_${ip}_${i}\" && bash \${SHELL_FOLDER}/node_${ip}_${i}/start.sh; fi" >> "${output_dir}/start_all.sh" 858 | cat << EOF >> "$output/start_all.sh" 859 | dirs=(\$(ls -l \${SHELL_FOLDER} | awk '/^d/ {print \$NF}')) 860 | for directory in \${dirs[*]} 861 | do 862 | if [[ -f "\${SHELL_FOLDER}/\${directory}/config.ini" && -f "\${SHELL_FOLDER}/\${directory}/start.sh" ]];then 863 | echo "try to start \${directory}" 864 | bash \${SHELL_FOLDER}/\${directory}/start.sh & 865 | fi 866 | done 867 | wait 868 | EOF 869 | generate_script_template "$output/stop_all.sh" 870 | cat << EOF >> "$output/stop_all.sh" 871 | dirs=(\$(ls -l \${SHELL_FOLDER} | awk '/^d/ {print \$NF}')) 872 | for directory in \${dirs[*]} 873 | do 874 | if [[ -d "\${SHELL_FOLDER}/\${directory}" && -f "\${SHELL_FOLDER}/\${directory}/stop.sh" ]];then 875 | echo "try to stop \${directory}" 876 | bash \${SHELL_FOLDER}/\${directory}/stop.sh & 877 | fi 878 | done 879 | wait 880 | EOF 881 | } 882 | 883 | parse_ip_config() 884 | { 885 | local config=$1 886 | n=0 887 | while read line;do 888 | ip_array[n]=$(echo ${line} | awk '{print $1}') 889 | agency_array[n]=$(echo ${line} | awk '{print $2}') 890 | group_array[n]=$(echo ${line} | awk '{print $3}') 891 | if [ -z "${ip_array[$n]}" -o -z "${agency_array[$n]}" -o -z "${group_array[$n]}" ];then 892 | exit_with_clean "Please check ${config}, make sure there is no empty line!" 893 | fi 894 | ((++n)) 895 | done < ${config} 896 | } 897 | 898 | download_bin() 899 | { 900 | bin_path=${output_dir}/${bcos_bin_name} 901 | package_name="fisco-bcos.tar.gz" 902 | [ ! -z "${macOS}" ] && package_name="fisco-bcos-macOS.tar.gz" 903 | [ ! -z "$guomi_mode" ] && package_name="fisco-bcos-gm.tar.gz" 904 | if [[ ! -z "$guomi_mode" && ! -z ${macOS} ]];then 905 | exit_with_clean "We don't provide binary of GuoMi on macOS. Please compile source code and use -e option to specific fisco-bcos binary path" 906 | fi 907 | Download_Link="https://github.com/FISCO-BCOS/FISCO-BCOS/releases/download/v${compatibility_version}/${package_name}" 908 | LOG_INFO "Downloading fisco-bcos binary from ${Download_Link} ..." 909 | if [ $(curl -IL -o /dev/null -s -w %{http_code} https://www.fisco.com.cn/cdn/fisco-bcos/releases/download/v${compatibility_version}/${package_name}) == 200 ];then 910 | curl -LO ${Download_Link} --speed-time 30 --speed-limit 1024 -m ${download_timeout} || { 911 | LOG_INFO "Download speed is too low, try https://www.fisco.com.cn/cdn/fisco-bcos/releases/download/v${compatibility_version}/${package_name}" 912 | curl -LO https://www.fisco.com.cn/cdn/fisco-bcos/releases/download/v${compatibility_version}/${package_name} 913 | } 914 | else 915 | curl -LO ${Download_Link} 916 | fi 917 | tar -zxf ${package_name} && mv fisco-bcos ${bin_path} && rm ${package_name} 918 | chmod a+x ${bin_path} 919 | } 920 | 921 | check_bin() 922 | { 923 | echo "Checking fisco-bcos binary..." 924 | bin_version=$(${bin_path} -v) 925 | if [ -z "$(echo ${bin_version} | grep 'FISCO-BCOS')" ];then 926 | exit_with_clean "${bin_path} is wrong. Please correct it and try again." 927 | fi 928 | if [[ ! -z ${guomi_mode} && -z $(echo ${bin_version} | grep 'gm') ]];then 929 | exit_with_clean "${bin_path} isn't gm version. Please correct it and try again." 930 | fi 931 | if [[ -z ${guomi_mode} && ! -z $(echo ${bin_version} | grep 'gm') ]];then 932 | exit_with_clean "${bin_path} isn't standard version. Please correct it and try again." 933 | fi 934 | echo "Binary check passed." 935 | } 936 | 937 | main() 938 | { 939 | output_dir="$(pwd)/${output_dir}" 940 | [ -z $use_ip_param ] && help 'ERROR: Please set -l or -f option.' 941 | if [ "${use_ip_param}" == "true" ];then 942 | ip_array=(${ip_param//,/ }) 943 | elif [ "${use_ip_param}" == "false" ];then 944 | if ! parse_ip_config $ip_file ;then 945 | exit_with_clean "Parse $ip_file error!" 946 | fi 947 | else 948 | help 949 | fi 950 | 951 | 952 | dir_must_not_exists ${output_dir} 953 | mkdir -p "${output_dir}" 954 | 955 | if [ -z "${compatibility_version}" ];then 956 | compatibility_version=$(curl -s https://api.github.com/repos/FISCO-BCOS/FISCO-BCOS/releases | grep "tag_name" | grep "v2" | sort -u | tail -n 1 | cut -d \" -f 4 | sed "s/^[vV]//") 957 | fi 958 | # in case network is broken 959 | if [ -z "${compatibility_version}" ];then 960 | compatibility_version="${default_version}" 961 | fi 962 | 963 | # download fisco-bcos and check it 964 | if [ -z ${docker_mode} ];then 965 | if [[ -z ${bin_path} ]];then 966 | download_bin 967 | else 968 | check_bin 969 | fi 970 | fi 971 | if [ -z ${CertConfig} ] || [ ! -e ${CertConfig} ];then 972 | # CertConfig="${output_dir}/cert.cnf" 973 | generate_cert_conf "cert.cnf" 974 | else 975 | cp ${CertConfig} . 976 | fi 977 | 978 | if [ "${use_ip_param}" == "true" ];then 979 | for i in $(seq 0 ${#ip_array[*]});do 980 | agency_array[i]="agency" 981 | group_array[i]=1 982 | done 983 | fi 984 | 985 | # prepare CA 986 | echo "==============================================================" 987 | if [ ! -e "$ca_file" ]; then 988 | echo "Generating CA key..." 989 | dir_must_not_exists ${output_dir}/chain 990 | gen_chain_cert ${output_dir}/chain >${logfile} 2>&1 || exit_with_clean "openssl error!" 991 | mv ${output_dir}/chain ${output_dir}/cert 992 | if [ "${use_ip_param}" == "false" ];then 993 | for agency_name in ${agency_array[*]};do 994 | if [ ! -d ${output_dir}/cert/${agency_name} ];then 995 | gen_agency_cert ${output_dir}/cert ${output_dir}/cert/${agency_name} >${logfile} 2>&1 996 | fi 997 | done 998 | else 999 | gen_agency_cert ${output_dir}/cert ${output_dir}/cert/agency >${logfile} 2>&1 1000 | fi 1001 | ca_file="${output_dir}/cert/ca.key" 1002 | fi 1003 | 1004 | if [ -n "$guomi_mode" ]; then 1005 | check_and_install_tassl 1006 | 1007 | generate_cert_conf_gm "gmcert.cnf" 1008 | 1009 | echo "Generating Guomi CA key..." 1010 | dir_must_not_exists ${output_dir}/gmchain 1011 | gen_chain_cert_gm ${output_dir}/gmchain >${output_dir}/build.log 2>&1 || exit_with_clean "openssl error!" #生成secp256k1算法的CA密钥 1012 | mv ${output_dir}/gmchain ${output_dir}/gmcert 1013 | gen_agency_cert_gm ${output_dir}/gmcert ${output_dir}/gmcert/agency >${output_dir}/build.log 2>&1 1014 | ca_file="${output_dir}/gmcert/ca.key" 1015 | fi 1016 | 1017 | 1018 | echo "==============================================================" 1019 | echo "Generating keys ..." 1020 | nodeid_list="" 1021 | ip_list="" 1022 | count=0 1023 | server_count=0 1024 | groups= 1025 | ip_node_counts= 1026 | groups_count= 1027 | for line in ${ip_array[*]};do 1028 | ip=${line%:*} 1029 | num=${line#*:} 1030 | if [ -z $(echo $ip | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$") ];then 1031 | exit_with_clean "Please check IP address: ${ip}" 1032 | fi 1033 | [ "$num" == "$ip" ] || [ -z "${num}" ] && num=${node_num} 1034 | echo "Processing IP:${ip} Total:${num} Agency:${agency_array[${server_count}]} Groups:${group_array[server_count]}" 1035 | [ -z "${ip_node_counts[${ip//./}]}" ] && ip_node_counts[${ip//./}]=0 1036 | for ((i=0;i> ${logfile} 1038 | node_dir="${output_dir}/${ip}/node${ip_node_counts[${ip//./}]}" 1039 | [ -d "${node_dir}" ] && exit_with_clean "${node_dir} exist! Please delete!" 1040 | 1041 | while : 1042 | do 1043 | gen_node_cert ${output_dir}/cert/${agency_array[${server_count}]} ${node_dir} >${logfile} 2>&1 1044 | mkdir -p ${conf_path}/ 1045 | rm node.param node.private node.pubkey agency.crt 1046 | mv *.* ${conf_path}/ 1047 | 1048 | #private key should not start with 00 1049 | cd ${output_dir} 1050 | privateKey=$(openssl ec -in "${node_dir}/${conf_path}/node.key" -text 2> /dev/null| sed -n '3,5p' | sed 's/://g'| tr "\n" " "|sed 's/ //g') 1051 | len=${#privateKey} 1052 | head2=${privateKey:0:2} 1053 | if [ "64" != "${len}" ] || [ "00" == "$head2" ];then 1054 | rm -rf ${node_dir} 1055 | continue; 1056 | fi 1057 | 1058 | if [ -n "$guomi_mode" ]; then 1059 | gen_node_cert_gm ${output_dir}/gmcert/agency ${node_dir} >${output_dir}/build.log 2>&1 1060 | mkdir -p ${gm_conf_path}/ 1061 | mv ./*.* ${gm_conf_path}/ 1062 | 1063 | #private key should not start with 00 1064 | cd ${output_dir} 1065 | privateKey=$($TASSL_CMD ec -in "${node_dir}/${gm_conf_path}/gmnode.key" -text 2> /dev/null| sed -n '3,5p' | sed 's/://g'| tr "\n" " "|sed 's/ //g') 1066 | len=${#privateKey} 1067 | head2=${privateKey:0:2} 1068 | if [ "64" != "${len}" ] || [ "00" == "$head2" ];then 1069 | rm -rf ${node_dir} 1070 | continue; 1071 | fi 1072 | fi 1073 | break; 1074 | done 1075 | cat ${output_dir}/cert/${agency_array[${server_count}]}/agency.crt >> ${node_dir}/${conf_path}/node.crt 1076 | 1077 | if [ -n "$guomi_mode" ]; then 1078 | cat ${output_dir}/gmcert/agency/gmagency.crt >> ${node_dir}/${gm_conf_path}/gmnode.crt 1079 | cat ${output_dir}/gmcert/gmca.crt >> ${node_dir}/${gm_conf_path}/gmnode.crt 1080 | 1081 | #move origin conf to gm conf 1082 | rm ${node_dir}/${conf_path}/node.nodeid 1083 | cp ${node_dir}/${conf_path} ${node_dir}/${gm_conf_path}/origin_cert -r 1084 | fi 1085 | 1086 | if [ -n "$guomi_mode" ]; then 1087 | nodeid=$($TASSL_CMD ec -in "${node_dir}/${gm_conf_path}/gmnode.key" -text 2> /dev/null | perl -ne '$. > 6 and $. < 12 and ~s/[\n:\s]//g and print' | perl -ne 'print substr($_, 2)."\n"') 1088 | else 1089 | nodeid=$(openssl ec -in "${node_dir}/${conf_path}/node.key" -text 2> /dev/null | perl -ne '$. > 6 and $. < 12 and ~s/[\n:\s]//g and print' | perl -ne 'print substr($_, 2)."\n"') 1090 | fi 1091 | 1092 | if [ -n "$guomi_mode" ]; then 1093 | #remove original cert files 1094 | rm ${node_dir:?}/${conf_path} -rf 1095 | mv ${node_dir}/${gm_conf_path} ${node_dir}/${conf_path} 1096 | fi 1097 | 1098 | 1099 | if [ "${use_ip_param}" == "false" ];then 1100 | node_groups=(${group_array[server_count]//,/ }) 1101 | for j in ${node_groups[@]};do 1102 | if [ -z "${groups_count[${j}]}" ];then groups_count[${j}]=0;fi 1103 | echo "groups_count[${j}]=${groups_count[${j}]}" >> ${logfile} 1104 | groups[${j}]=$"${groups[${j}]}node.${groups_count[${j}]}=${nodeid} 1105 | " 1106 | ((++groups_count[j])) 1107 | done 1108 | else 1109 | nodeid_list=$"${nodeid_list}node.${count}=${nodeid} 1110 | " 1111 | fi 1112 | 1113 | ip_list=$"${ip_list}node.${count}="${ip}:$(( ${ip_node_counts[${ip//./}]} + port_start[0] ))" 1114 | " 1115 | ip_node_counts[${ip//./}]=$(( ${ip_node_counts[${ip//./}]} + 1 )) 1116 | ((++count)) 1117 | done 1118 | sdk_path="${output_dir}/${ip}/sdk" 1119 | if [ ! -d ${sdk_path} ];then 1120 | gen_node_cert ${output_dir}/cert/${agency_array[${server_count}]} "${sdk_path}">${logfile} 2>&1 1121 | cat ${output_dir}/cert/${agency_array[${server_count}]}/agency.crt >> node.crt 1122 | rm node.param node.private node.pubkey node.nodeid agency.crt 1123 | cp ${output_dir}/cert/ca.crt ${sdk_path}/ 1124 | cd ${output_dir} 1125 | fi 1126 | ((++server_count)) 1127 | done 1128 | 1129 | ip_node_counts=() 1130 | echo "==============================================================" 1131 | echo "Generating configurations..." 1132 | cd ${current_dir} 1133 | server_count=0 1134 | for line in ${ip_array[*]};do 1135 | ip=${line%:*} 1136 | num=${line#*:} 1137 | [ "$num" == "$ip" ] || [ -z "${num}" ] && num=${node_num} 1138 | [ -z "${ip_node_counts[${ip//./}]}" ] && ip_node_counts[${ip//./}]=0 1139 | echo "Processing IP:${ip} Total:${num} Agency:${agency_array[${server_count}]} Groups:${group_array[server_count]}" 1140 | for ((i=0;i> ${logfile} 1142 | node_dir="${output_dir}/${ip}/node${ip_node_counts[${ip//./}]}" 1143 | generate_config_ini "${node_dir}/config.ini" ${ip} "${group_array[server_count]}" 1144 | if [ "${use_ip_param}" == "false" ];then 1145 | node_groups=(${group_array[${server_count}]//,/ }) 1146 | for j in ${node_groups[@]};do 1147 | generate_group_genesis "$node_dir/${conf_path}/group.${j}.genesis" "${j}" "${groups[${j}]}" 1148 | generate_group_ini "$node_dir/${conf_path}/group.${j}.ini" 1149 | done 1150 | else 1151 | generate_group_genesis "$node_dir/${conf_path}/group.1.genesis" "1" "${nodeid_list}" 1152 | generate_group_ini "$node_dir/${conf_path}/group.1.ini" 1153 | fi 1154 | generate_node_scripts "${node_dir}" 1155 | ip_node_counts[${ip//./}]=$(( ${ip_node_counts[${ip//./}]} + 1 )) 1156 | done 1157 | generate_server_scripts "${output_dir}/${ip}" 1158 | if [ -z ${docker_mode} ];then cp "$bin_path" "${output_dir}/${ip}/fisco-bcos"; fi 1159 | if [ -n "$make_tar" ];then cd ${output_dir} && tar zcf "${ip}.tar.gz" "${ip}" && cd ${current_dir};fi 1160 | ((++server_count)) 1161 | done 1162 | rm ${logfile} 1163 | if [ "${use_ip_param}" == "false" ];then 1164 | echo "==============================================================" 1165 | for l in $(seq 0 ${#groups_count[@]});do 1166 | if [ ! -z "${groups_count[${l}]}" ];then echo "Group:${l} has ${groups_count[${l}]} nodes";fi 1167 | done 1168 | fi 1169 | 1170 | } 1171 | 1172 | check_env 1173 | parse_params $@ 1174 | main 1175 | print_result 1176 | -------------------------------------------------------------------------------- /nodes-config/gen_node_cert.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | # SHELL_FOLDER=$(cd $(dirname $0);pwd) 6 | current_dir=$(pwd) 7 | key_path="" 8 | output_dir="newNode" 9 | logfile="build.log" 10 | conf_path="conf" 11 | 12 | LOG_WARN() 13 | { 14 | local content=${1} 15 | echo -e "\033[31m[WARN] ${content}\033[0m" 16 | } 17 | 18 | LOG_INFO() 19 | { 20 | local content=${1} 21 | echo -e "\033[32m[INFO] ${content}\033[0m" 22 | } 23 | 24 | help() { 25 | echo $1 26 | cat << EOF 27 | Usage: 28 | -c [Required] cert key path 29 | -o Default ${output_dir} 30 | -h Help 31 | e.g 32 | $0 -c nodes/cert/agency -o newNode_1 33 | EOF 34 | 35 | exit 0 36 | } 37 | 38 | parse_params() 39 | { 40 | while getopts "c:o:h" option;do 41 | case $option in 42 | c) [ ! -z $OPTARG ] && key_path=$OPTARG 43 | ;; 44 | o) [ ! -z $OPTARG ] && output_dir=$OPTARG 45 | ;; 46 | h) help;; 47 | esac 48 | done 49 | } 50 | 51 | print_result() 52 | { 53 | echo "==============================================================" 54 | LOG_INFO "Cert Path : $key_path" 55 | LOG_INFO "Output Dir : $output_dir" 56 | echo "==============================================================" 57 | LOG_INFO "All completed. Files in $output_dir" 58 | } 59 | 60 | getname() { 61 | local name="$1" 62 | if [ -z "$name" ]; then 63 | return 0 64 | fi 65 | [[ "$name" =~ ^.*/$ ]] && { 66 | name="${name%/*}" 67 | } 68 | name="${name##*/}" 69 | echo "$name" 70 | } 71 | 72 | check_name() { 73 | local name="$1" 74 | local value="$2" 75 | [[ "$value" =~ ^[a-zA-Z0-9._-]+$ ]] || { 76 | echo "$name name [$value] invalid, it should match regex: ^[a-zA-Z0-9._-]+\$" 77 | exit $EXIT_CODE 78 | } 79 | } 80 | 81 | file_must_exists() { 82 | if [ ! -f "$1" ]; then 83 | echo "$1 file does not exist, please check!" 84 | exit $EXIT_CODE 85 | fi 86 | } 87 | 88 | dir_must_exists() { 89 | if [ ! -d "$1" ]; then 90 | echo "$1 DIR does not exist, please check!" 91 | exit $EXIT_CODE 92 | fi 93 | } 94 | 95 | dir_must_not_exists() { 96 | if [ -e "$1" ]; then 97 | echo "$1 DIR exists, please clean old DIR!" 98 | exit $EXIT_CODE 99 | fi 100 | } 101 | 102 | gen_cert_secp256k1() { 103 | capath="$1" 104 | certpath="$2" 105 | name="$3" 106 | type="$4" 107 | openssl ecparam -out $certpath/${type}.param -name secp256k1 108 | openssl genpkey -paramfile $certpath/${type}.param -out $certpath/${type}.key 109 | openssl pkey -in $certpath/${type}.key -pubout -out $certpath/${type}.pubkey 110 | openssl req -new -sha256 -subj "/CN=${name}/O=fisco-bcos/OU=${type}" -key $certpath/${type}.key -config $capath/cert.cnf -out $certpath/${type}.csr 111 | openssl x509 -req -days 3650 -sha256 -in $certpath/${type}.csr -CAkey $capath/agency.key -CA $capath/agency.crt\ 112 | -force_pubkey $certpath/${type}.pubkey -out $certpath/${type}.crt -CAcreateserial -extensions v3_req -extfile $capath/cert.cnf 113 | openssl ec -in $certpath/${type}.key -outform DER | tail -c +8 | head -c 32 | xxd -p -c 32 | cat >$certpath/${type}.private 114 | rm -f $certpath/${type}.csr 115 | } 116 | 117 | gen_node_cert() { 118 | if [ "" == "$(openssl ecparam -list_curves 2>&1 | grep secp256k1)" ]; then 119 | echo "openssl don't support secp256k1, please upgrade openssl!" 120 | exit -1 121 | fi 122 | agpath="$2" 123 | agency=$(getname "$agpath") 124 | ndpath="$3" 125 | node=$(getname "$ndpath") 126 | dir_must_exists "$agpath" 127 | file_must_exists "$agpath/agency.key" 128 | check_name agency "$agency" 129 | dir_must_not_exists "$ndpath" 130 | check_name node "$node" 131 | mkdir -p $ndpath 132 | gen_cert_secp256k1 "$agpath" "$ndpath" "$node" node 133 | #nodeid is pubkey 134 | openssl ec -in $ndpath/node.key -text -noout | sed -n '7,11p' | tr -d ": \n" | awk '{print substr($0,3);}' | cat >$ndpath/node.nodeid 135 | cp $agpath/ca.crt $agpath/agency.crt $ndpath 136 | } 137 | 138 | generate_script_template() 139 | { 140 | local filepath=$1 141 | cat << EOF > "${filepath}" 142 | #!/bin/bash 143 | SHELL_FOLDER=\$(cd \$(dirname \$0);pwd) 144 | 145 | EOF 146 | chmod +x ${filepath} 147 | } 148 | 149 | generate_node_scripts() 150 | { 151 | local output=$1 152 | generate_script_template "$output/start.sh" 153 | cat << EOF >> "$output/start.sh" 154 | fisco_bcos=\${SHELL_FOLDER}/../fisco-bcos 155 | cd \${SHELL_FOLDER} 156 | node=\$(basename \${SHELL_FOLDER}) 157 | node_pid=\`ps aux|grep "\${fisco_bcos}"|grep -v grep|awk '{print \$2}'\` 158 | if [ ! -z \${node_pid} ];then 159 | echo " \${node} is running, pid is \$node_pid." 160 | exit 0 161 | else 162 | nohup \${fisco_bcos} -c config.ini 2>>nohup.out & 163 | sleep 0.5 164 | fi 165 | node_pid=\`ps aux|grep "\${fisco_bcos}"|grep -v grep|awk '{print \$2}'\` 166 | if [ ! -z \${node_pid} ];then 167 | echo " \${node} start successfully" 168 | else 169 | echo " \${node} start failed" 170 | cat nohup.out 171 | fi 172 | EOF 173 | generate_script_template "$output/stop.sh" 174 | cat << EOF >> "$output/stop.sh" 175 | fisco_bcos=\${SHELL_FOLDER}/../fisco-bcos 176 | node=\$(basename \${SHELL_FOLDER}) 177 | node_pid=\`ps aux|grep "\${fisco_bcos}"|grep -v grep|awk '{print \$2}'\` 178 | try_times=5 179 | i=0 180 | while [ \$i -lt \${try_times} ] 181 | do 182 | if [ -z \${node_pid} ];then 183 | echo " \${node} isn't running." 184 | exit 0 185 | fi 186 | [ ! -z \${node_pid} ] && kill \${node_pid} 187 | sleep 0.4 188 | node_pid=\`ps aux|grep "\${fisco_bcos}"|grep -v grep|awk '{print \$2}'\` 189 | if [ -z \${node_pid} ];then 190 | echo " stop \${node} success." 191 | exit 0 192 | fi 193 | ((i=i+1)) 194 | done 195 | EOF 196 | } 197 | 198 | main() 199 | { 200 | while : 201 | do 202 | gen_node_cert "" ${key_path} ${output_dir} > ${logfile} 2>&1 203 | cd ${output_dir} 204 | mkdir -p ${conf_path}/ 205 | rm node.param node.pubkey 206 | mv *.* ${conf_path}/ 207 | cd ${current_dir} 208 | #private key should not start with 00 209 | privateKey=$(openssl ec -in "${output_dir}/${conf_path}/node.key" -text 2> /dev/null| sed -n '3,5p' | sed 's/://g'| tr "\n" " "|sed 's/ //g') 210 | len=${#privateKey} 211 | head2=${privateKey:0:2} 212 | if [ "64" != "${len}" ] || [ "00" == "$head2" ];then 213 | rm -rf ${output_dir} 214 | continue; 215 | fi 216 | break; 217 | done 218 | # generate_node_scripts "${output_dir}" 219 | cat ${key_path}/agency.crt >> ${output_dir}/${conf_path}/node.crt 220 | cat ${key_path}/ca.crt >> ${output_dir}/${conf_path}/node.crt 221 | rm ${logfile} 222 | } 223 | 224 | parse_params $@ 225 | main 226 | print_result 227 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/.transTest.sh: -------------------------------------------------------------------------------- 1 | # This script only support for block number smaller than 65535 - 256 2 | 3 | ip_port=http://127.0.0.1:8545 4 | trans_num=1 5 | target_group=1 6 | version= 7 | if [ $# -ge 1 ];then 8 | trans_num=$1 9 | fi 10 | if [ $# -ge 2 ];then 11 | target_group=$2 12 | fi 13 | 14 | getNodeVersion() 15 | { 16 | result="$(curl -X POST --data '{"jsonrpc":"2.0","method":"getClientVersion","params":[],"id":1}' ${ip_port})" 17 | version="$(echo ${result} | cut -c250- | cut -d \" -f3)" 18 | } 19 | 20 | block_limit() 21 | { 22 | result=$(curl -s -X POST --data '{"jsonrpc":"2.0","method":"getBlockNumber","params":['${target_group}'],"id":83}' ${ip_port}) 23 | if [ $(echo ${result} | grep -i failed | wc -l) -gt 0 ] || [ -z ${result} ];then 24 | echo "getBlockNumber error!" 25 | exit 1 26 | fi 27 | blockNumber=$(echo ${result}| cut -d \" -f 10) 28 | printf "%04x" $(($blockNumber+0x100)) 29 | } 30 | 31 | send_a_tx() 32 | { 33 | limit=$(block_limit) 34 | random_id="$(date +%s)$(printf "%09d" ${RANDOM})" 35 | if [ ${#limit} -gt 4 ];then echo "blockLimit exceed 0xffff, this scripts is unavailable!"; exit 0;fi 36 | if [ "${version}" == "2.0.0-rc1" ];then 37 | txBytes="f8f0a02ade583745343a8f9a70b40db996fbe69c63531832858${random_id}85174876e7ff8609184e729fff82${limit}94d6f1a71052366dbae2f7ab2d5d5845e77965cf0d80b86448f85bce000000000000000000000000000000000000000000000000000000000000001bf5bd8a9e7ba8b936ea704292ff4aaa5797bf671fdc8526dcd159f23c1f5a05f44e9fa862834dc7cb4541558f2b4961dc39eaaf0af7f7395028658d0e01b86a371ca0e33891be86f781ebacdafd543b9f4f98243f7b52d52bac9efa24b89e257a354da07ff477eb0ba5c519293112f1704de86bd2938369fbf0db2dff3b4d9723b9a87d" 38 | else 39 | txBytes="f8eca003eb675ec791c2d19858c91d0046821c27d815e2e9c15${random_id}0a8402faf08082${limit}948c17cf316c1063ab6c89df875e96c9f0f5b2f74480b8644ed3885e0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a464953434f2042434f53000000000000000000000000000000000000000000000101801ba09edf7c0cb63645442aff11323916d51ec5440de979950747c0189f338afdcefda02f3473184513c6a3516e066ea98b7cfb55a79481c9db98e658dd016c37f03dcf" 40 | fi 41 | #echo $txBytes 42 | curl -s -X POST --data '{"jsonrpc":"2.0","method":"sendRawTransaction","params":['${target_group}', "'$txBytes'"],"id":83}' ${ip_port} 43 | } 44 | 45 | send_many_tx() 46 | { 47 | for j in $(seq 1 $1) 48 | do 49 | echo 'Send transaction: ' $j 50 | send_a_tx ${ip_port} 51 | done 52 | } 53 | getNodeVersion 54 | echo "Use version:${version}" 55 | send_many_tx ${trans_num} 56 | 57 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/conf/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/conf/group.1.genesis: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; consensus algorithm type, now support PBFT(consensus_type=pbft) and Raft(consensus_type=raft) 3 | consensus_type=pbft 4 | ; the max number of transactions of a block 5 | max_trans_num=1000 6 | ; the node id of consensusers 7 | node.0=61860b824605d1253c15263a538f3614072faee18ba1533d3f7fd2296fe6c4c0becd9462d04cdc21c0c69c6e581220660f8941a829b4cfd089822763b7d96ae0 8 | node.1=665883eb607ccdd8e72e47829489e3212a3c77cc1bb300e4bd4c62a70426e97375484c78f1bc609bf987f07c25463ef90a277cfff235c3fe7c98bf3fdcc66dec 9 | node.2=2f6fee06220e479fc7ce46c0d2c29bece5c55672a26b3aca8712643c8726dda22d51b35caf9e90ab8f2dc11e7088393cf75e8917ec594341c3d5b3cfe11764d8 10 | node.3=f03ad904eb7a2ab9478c813cda5dde0e54c4aa874933e795f996140173a1c7a22cabb491ac8ebeda24c57ac56146ab8d47a37a064dd2b3f0ed76e3be83bf8218 11 | 12 | [state] 13 | ; support mpt/storage 14 | type=storage 15 | [tx] 16 | ; transaction gas limit 17 | gas_limit=300000000 18 | [group] 19 | id=1 20 | timestamp=1563437420000 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/conf/group.1.ini: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; the ttl for broadcasting pbft message 3 | ;ttl=2 4 | ; min block generation time(ms), the max block generation time is 1000 ms 5 | ;min_block_generation_time=500 6 | ;enable_dynamic_block_size=true 7 | [storage] 8 | ; storage db type, rocksdb / mysql / external, rocksdb is recommended 9 | type=rocksdb 10 | ; max cache memeory, MB 11 | max_capacity=256 12 | max_forward_block=10 13 | ; only for external 14 | max_retry=100 15 | topic=DB 16 | ; only for mysql 17 | db_ip=127.0.0.1 18 | db_port=3306 19 | db_username= 20 | db_passwd= 21 | db_name= 22 | [tx_pool] 23 | limit=150000 24 | [tx_execute] 25 | enable_parallel=true 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/conf/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICODCCASCgAwIBAgIJAMSKG7DatyH4MA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjFaFw0yOTA3MTUwODEwMjFaMDQxDjAMBgNVBAMMBW5vZGUw 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ0wCwYDVQQLDARub2RlMFYwEAYHKoZIzj0C 6 | AQYFK4EEAAoDQgAEYYYLgkYF0SU8FSY6U482FAcvruGLoVM9P3/SKW/mxMC+zZRi 7 | 0EzcIcDGnG5YEiBmD4lBqCm0z9CJgidjt9lq4KMaMBgwCQYDVR0TBAIwADALBgNV 8 | HQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBAJeNvHnQpVkl2CilFPLvPYvCfesw 9 | p/k0AAI9iYp8YbhEdUpdQie32rcoeOCZHJPqwMxGDZGOQTbkmGtftRFB6r/Ex4Qo 10 | xrxOnqOrdCYo4fKU7fcHA0ScaFVMELYF2451N1cRtsa2146iLLdfcIZbfbckRSL+ 11 | ntYbuH92oMf0YA8xuiyl9qYtDmL6vXzGYJDUDcdj8QjIRw5NLOyxfrAg67OQCebD 12 | wCmKbTuxR8vXmvMye1wUpd/9M2Ebv7RcciVRTL3e/d7xNokWUhJzHAfnAXFNUSXo 13 | r1oK0pGMSWLJ7tkNp1gU0tTJqx6cFqMXA10sqtaExEYswXuByoytryl8xys= 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/conf/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgX5ELiZbzTJaC49NjVKab 3 | 9YSNQvqzvcDbkKNvGELC6fShRANCAARhhguCRgXRJTwVJjpTjzYUBy+u4YuhUz0/ 4 | f9Ipb+bEwL7NlGLQTNwhwMacblgSIGYPiUGoKbTP0ImCJ2O32Wrg 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/conf/node.nodeid: -------------------------------------------------------------------------------- 1 | 61860b824605d1253c15263a538f3614072faee18ba1533d3f7fd2296fe6c4c0becd9462d04cdc21c0c69c6e581220660f8941a829b4cfd089822763b7d96ae0 2 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/config.ini: -------------------------------------------------------------------------------- 1 | [rpc] 2 | listen_ip=127.0.0.1 3 | channel_listen_port=20200 4 | jsonrpc_listen_port=8545 5 | [p2p] 6 | listen_ip=0.0.0.0 7 | listen_port=30300 8 | ;enable_compress=true 9 | ; nodes to connect 10 | node.0=172.17.0.1:30300 11 | node.1=172.17.0.2:30300 12 | node.2=172.17.0.3:30300 13 | node.3=172.17.0.4:30300 14 | 15 | 16 | [certificate_blacklist] 17 | ; crl.0 should be nodeid, nodeid's length is 128 18 | ;crl.0= 19 | 20 | [group] 21 | group_data_path=data/ 22 | group_config_path=conf/ 23 | 24 | [network_security] 25 | ; directory the certificates located in 26 | data_path=conf/ 27 | ; the node private key file 28 | key=node.key 29 | ; the node certificate file 30 | cert=node.crt 31 | ; the ca certificate file 32 | ca_cert=ca.crt 33 | 34 | [storage_security] 35 | enable=false 36 | key_manager_ip= 37 | key_manager_port= 38 | cipher_data_key= 39 | 40 | [chain] 41 | id=1 42 | [compatibility] 43 | ; supported_version should nerver be changed 44 | supported_version=2.0.0 45 | [log] 46 | enable=true 47 | log_path=./log 48 | ; info debug trace 49 | level=info 50 | ; MB 51 | max_log_file_size=200 52 | flush=true 53 | log_flush_threshold=100 54 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | cd ${SHELL_FOLDER} 6 | node=$(basename ${SHELL_FOLDER}) 7 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 8 | if [ ! -z ${node_pid} ];then 9 | echo " ${node} is running, container id is $node_pid. Trying to load new groups." 10 | touch config.ini.append_group 11 | exit 0 12 | else 13 | docker run -d --rm --name ${SHELL_FOLDER//\//} -v ${SHELL_FOLDER}:/data --network=host -w=/data fiscoorg/fiscobcos:v2.0.0 -c config.ini & 14 | sleep 1.5 15 | fi 16 | try_times=4 17 | i=0 18 | while [ $i -lt ${try_times} ] 19 | do 20 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 21 | success_flag=success 22 | if [[ ! -z ${node_pid} && ! -z "${success_flag}" ]];then 23 | echo -e "\033[32m ${node} start successfully\033[0m" 24 | exit 0 25 | fi 26 | sleep 0.5 27 | ((i=i+1)) 28 | done 29 | echo -e "\033[31m Exceed waiting time. Please try again to start ${node} \033[0m" 30 | tail -n20 $(docker inspect --format='{{.LogPath}}' ${SHELL_FOLDER//\//}) 31 | exit 1 32 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/node0/stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | node=$(basename ${SHELL_FOLDER}) 6 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 7 | try_times=10 8 | i=0 9 | if [ -z ${node_pid} ];then 10 | echo " ${node} isn't running." 11 | exit 0 12 | fi 13 | [ ! -z ${node_pid} ] && docker kill ${node_pid} 2>/dev/null > /dev/null 14 | while [ $i -lt ${try_times} ] 15 | do 16 | sleep 0.6 17 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 18 | if [ -z ${node_pid} ];then 19 | echo -e "\033[32m stop ${node} success.\033[0m" 20 | exit 0 21 | fi 22 | ((i=i+1)) 23 | done 24 | echo " Exceed maximum number of retries. Please try again to stop ${node}" 25 | exit 1 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/sdk/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/sdk/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICNjCCAR6gAwIBAgIJAMSKG7DatyH5MA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjFaFw0yOTA3MTUwODEwMjFaMDIxDDAKBgNVBAMMA3NkazET 5 | MBEGA1UECgwKZmlzY28tYmNvczENMAsGA1UECwwEbm9kZTBWMBAGByqGSM49AgEG 6 | BSuBBAAKA0IABGfdeWsMHApIWF/YZc/mGqwBNT6j3ZB8UXJZVoulteQeYo6dgae8 7 | yA+5yK/gheFhWMLvQ3bp1/4mBuuc0aYunpqjGjAYMAkGA1UdEwQCMAAwCwYDVR0P 8 | BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQBfxUVEh40xuqGLQZMN1PmKjzJmGSjE 9 | QTFzN363/9ZppILZvujoSlYJbSjQfFAACkiu+HmNlZdPQbOVm1d8Lia5sIG9z1mV 10 | EUVYZcLc4usVS6KpY0fvjb9yMQrROZVjE7e1kDWcClas+RxmDLJbExCZdL3foyxb 11 | 35xKNr9sRWVbid8IAOAqJabUWQjO9bxoBhmhUu2jELRv5dZCumQG5JH3G+3ZmHiq 12 | fCeCmgrCbwQeAyoQzFuCzVVP3bp0JvEnkB4mwi3Wp71PRGkaAdh2jsDP9DFJdwu6 13 | 7Vlb7OByM+bphMic69AbgpqJ3nnd8C3wUO00QxL0dhS5evOYhYUMIPSA 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/sdk/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgEWxQ4cJycRJafVP6hhcd 3 | AIatPk4VqtVXfa/npwG1loOhRANCAARn3XlrDBwKSFhf2GXP5hqsATU+o92QfFFy 4 | WVaLpbXkHmKOnYGnvMgPuciv4IXhYVjC70N26df+JgbrnNGmLp6a 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/start_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -f "${SHELL_FOLDER}/${directory}/config.ini" && -f "${SHELL_FOLDER}/${directory}/start.sh" ]];then 8 | echo "try to start ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/start.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.1/stop_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -d "${SHELL_FOLDER}/${directory}" && -f "${SHELL_FOLDER}/${directory}/stop.sh" ]];then 8 | echo "try to stop ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/stop.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/.transTest.sh: -------------------------------------------------------------------------------- 1 | # This script only support for block number smaller than 65535 - 256 2 | 3 | ip_port=http://127.0.0.1:8545 4 | trans_num=1 5 | target_group=1 6 | version= 7 | if [ $# -ge 1 ];then 8 | trans_num=$1 9 | fi 10 | if [ $# -ge 2 ];then 11 | target_group=$2 12 | fi 13 | 14 | getNodeVersion() 15 | { 16 | result="$(curl -X POST --data '{"jsonrpc":"2.0","method":"getClientVersion","params":[],"id":1}' ${ip_port})" 17 | version="$(echo ${result} | cut -c250- | cut -d \" -f3)" 18 | } 19 | 20 | block_limit() 21 | { 22 | result=$(curl -s -X POST --data '{"jsonrpc":"2.0","method":"getBlockNumber","params":['${target_group}'],"id":83}' ${ip_port}) 23 | if [ $(echo ${result} | grep -i failed | wc -l) -gt 0 ] || [ -z ${result} ];then 24 | echo "getBlockNumber error!" 25 | exit 1 26 | fi 27 | blockNumber=$(echo ${result}| cut -d \" -f 10) 28 | printf "%04x" $(($blockNumber+0x100)) 29 | } 30 | 31 | send_a_tx() 32 | { 33 | limit=$(block_limit) 34 | random_id="$(date +%s)$(printf "%09d" ${RANDOM})" 35 | if [ ${#limit} -gt 4 ];then echo "blockLimit exceed 0xffff, this scripts is unavailable!"; exit 0;fi 36 | if [ "${version}" == "2.0.0-rc1" ];then 37 | txBytes="f8f0a02ade583745343a8f9a70b40db996fbe69c63531832858${random_id}85174876e7ff8609184e729fff82${limit}94d6f1a71052366dbae2f7ab2d5d5845e77965cf0d80b86448f85bce000000000000000000000000000000000000000000000000000000000000001bf5bd8a9e7ba8b936ea704292ff4aaa5797bf671fdc8526dcd159f23c1f5a05f44e9fa862834dc7cb4541558f2b4961dc39eaaf0af7f7395028658d0e01b86a371ca0e33891be86f781ebacdafd543b9f4f98243f7b52d52bac9efa24b89e257a354da07ff477eb0ba5c519293112f1704de86bd2938369fbf0db2dff3b4d9723b9a87d" 38 | else 39 | txBytes="f8eca003eb675ec791c2d19858c91d0046821c27d815e2e9c15${random_id}0a8402faf08082${limit}948c17cf316c1063ab6c89df875e96c9f0f5b2f74480b8644ed3885e0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a464953434f2042434f53000000000000000000000000000000000000000000000101801ba09edf7c0cb63645442aff11323916d51ec5440de979950747c0189f338afdcefda02f3473184513c6a3516e066ea98b7cfb55a79481c9db98e658dd016c37f03dcf" 40 | fi 41 | #echo $txBytes 42 | curl -s -X POST --data '{"jsonrpc":"2.0","method":"sendRawTransaction","params":['${target_group}', "'$txBytes'"],"id":83}' ${ip_port} 43 | } 44 | 45 | send_many_tx() 46 | { 47 | for j in $(seq 1 $1) 48 | do 49 | echo 'Send transaction: ' $j 50 | send_a_tx ${ip_port} 51 | done 52 | } 53 | getNodeVersion 54 | echo "Use version:${version}" 55 | send_many_tx ${trans_num} 56 | 57 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/conf/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/conf/group.1.genesis: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; consensus algorithm type, now support PBFT(consensus_type=pbft) and Raft(consensus_type=raft) 3 | consensus_type=pbft 4 | ; the max number of transactions of a block 5 | max_trans_num=1000 6 | ; the node id of consensusers 7 | node.0=61860b824605d1253c15263a538f3614072faee18ba1533d3f7fd2296fe6c4c0becd9462d04cdc21c0c69c6e581220660f8941a829b4cfd089822763b7d96ae0 8 | node.1=665883eb607ccdd8e72e47829489e3212a3c77cc1bb300e4bd4c62a70426e97375484c78f1bc609bf987f07c25463ef90a277cfff235c3fe7c98bf3fdcc66dec 9 | node.2=2f6fee06220e479fc7ce46c0d2c29bece5c55672a26b3aca8712643c8726dda22d51b35caf9e90ab8f2dc11e7088393cf75e8917ec594341c3d5b3cfe11764d8 10 | node.3=f03ad904eb7a2ab9478c813cda5dde0e54c4aa874933e795f996140173a1c7a22cabb491ac8ebeda24c57ac56146ab8d47a37a064dd2b3f0ed76e3be83bf8218 11 | 12 | [state] 13 | ; support mpt/storage 14 | type=storage 15 | [tx] 16 | ; transaction gas limit 17 | gas_limit=300000000 18 | [group] 19 | id=1 20 | timestamp=1563437420000 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/conf/group.1.ini: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; the ttl for broadcasting pbft message 3 | ;ttl=2 4 | ; min block generation time(ms), the max block generation time is 1000 ms 5 | ;min_block_generation_time=500 6 | ;enable_dynamic_block_size=true 7 | [storage] 8 | ; storage db type, rocksdb / mysql / external, rocksdb is recommended 9 | type=rocksdb 10 | ; max cache memeory, MB 11 | max_capacity=256 12 | max_forward_block=10 13 | ; only for external 14 | max_retry=100 15 | topic=DB 16 | ; only for mysql 17 | db_ip=127.0.0.1 18 | db_port=3306 19 | db_username= 20 | db_passwd= 21 | db_name= 22 | [tx_pool] 23 | limit=150000 24 | [tx_execute] 25 | enable_parallel=true 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/conf/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICODCCASCgAwIBAgIJAMSKG7DatyH9MA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjJaFw0yOTA3MTUwODEwMjJaMDQxDjAMBgNVBAMMBW5vZGUw 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ0wCwYDVQQLDARub2RlMFYwEAYHKoZIzj0C 6 | AQYFK4EEAAoDQgAEZliD62B8zdjnLkeClInjISo8d8wbswDkvUxipwQm6XN1SEx4 7 | 8bxgm/mH8HwlRj75Cid8//I1w/58mL8/3MZt7KMaMBgwCQYDVR0TBAIwADALBgNV 8 | HQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBAC9i3Tzobfum7Q51i6qEQZhIeSos 9 | u7rM9gKy5TUuGUXdkaJZWpQh0DNP905MoBVJS3J8bSZU7H/UTHe/mHCbaDbxwYg1 10 | oqkJw2Jomlp+HdlJxiRL/RG4BVIDcUGWYg8JJLnb8/i4HAA9YqBnn2dr6nKrhos6 11 | DpWGK/y9TlzJvA5CWBf8MPczoz67PKG5pl3GL9RGvNdoqwi5jL3SRejgv/WVclVs 12 | Eibbw4csNijoiF1nq8BK4fAHjJxKlRwdlVjxjcvHHyx0iH/1NsoLRVax6UEP/T7P 13 | xHit27mKNwwlE2/vu8VOtwWAh0wVo73DVJEebbNNo7llJoqEUMaG9exHquE= 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/conf/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgOuUP8aOtyaRPLhE2p9Jk 3 | b8712Xjjx3L9PZM6S6mGTY2hRANCAARmWIPrYHzN2OcuR4KUieMhKjx3zBuzAOS9 4 | TGKnBCbpc3VITHjxvGCb+YfwfCVGPvkKJ3z/8jXD/nyYvz/cxm3s 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/conf/node.nodeid: -------------------------------------------------------------------------------- 1 | 665883eb607ccdd8e72e47829489e3212a3c77cc1bb300e4bd4c62a70426e97375484c78f1bc609bf987f07c25463ef90a277cfff235c3fe7c98bf3fdcc66dec 2 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/config.ini: -------------------------------------------------------------------------------- 1 | [rpc] 2 | listen_ip=127.0.0.1 3 | channel_listen_port=20200 4 | jsonrpc_listen_port=8545 5 | [p2p] 6 | listen_ip=0.0.0.0 7 | listen_port=30300 8 | ;enable_compress=true 9 | ; nodes to connect 10 | node.0=172.17.0.1:30300 11 | node.1=172.17.0.2:30300 12 | node.2=172.17.0.3:30300 13 | node.3=172.17.0.4:30300 14 | 15 | 16 | [certificate_blacklist] 17 | ; crl.0 should be nodeid, nodeid's length is 128 18 | ;crl.0= 19 | 20 | [group] 21 | group_data_path=data/ 22 | group_config_path=conf/ 23 | 24 | [network_security] 25 | ; directory the certificates located in 26 | data_path=conf/ 27 | ; the node private key file 28 | key=node.key 29 | ; the node certificate file 30 | cert=node.crt 31 | ; the ca certificate file 32 | ca_cert=ca.crt 33 | 34 | [storage_security] 35 | enable=false 36 | key_manager_ip= 37 | key_manager_port= 38 | cipher_data_key= 39 | 40 | [chain] 41 | id=1 42 | [compatibility] 43 | ; supported_version should nerver be changed 44 | supported_version=2.0.0 45 | [log] 46 | enable=true 47 | log_path=./log 48 | ; info debug trace 49 | level=info 50 | ; MB 51 | max_log_file_size=200 52 | flush=true 53 | log_flush_threshold=100 54 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | cd ${SHELL_FOLDER} 6 | node=$(basename ${SHELL_FOLDER}) 7 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 8 | if [ ! -z ${node_pid} ];then 9 | echo " ${node} is running, container id is $node_pid. Trying to load new groups." 10 | touch config.ini.append_group 11 | exit 0 12 | else 13 | docker run -d --rm --name ${SHELL_FOLDER//\//} -v ${SHELL_FOLDER}:/data --network=host -w=/data fiscoorg/fiscobcos:v2.0.0 -c config.ini & 14 | sleep 1.5 15 | fi 16 | try_times=4 17 | i=0 18 | while [ $i -lt ${try_times} ] 19 | do 20 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 21 | success_flag=success 22 | if [[ ! -z ${node_pid} && ! -z "${success_flag}" ]];then 23 | echo -e "\033[32m ${node} start successfully\033[0m" 24 | exit 0 25 | fi 26 | sleep 0.5 27 | ((i=i+1)) 28 | done 29 | echo -e "\033[31m Exceed waiting time. Please try again to start ${node} \033[0m" 30 | tail -n20 $(docker inspect --format='{{.LogPath}}' ${SHELL_FOLDER//\//}) 31 | exit 1 32 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/node0/stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | node=$(basename ${SHELL_FOLDER}) 6 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 7 | try_times=10 8 | i=0 9 | if [ -z ${node_pid} ];then 10 | echo " ${node} isn't running." 11 | exit 0 12 | fi 13 | [ ! -z ${node_pid} ] && docker kill ${node_pid} 2>/dev/null > /dev/null 14 | while [ $i -lt ${try_times} ] 15 | do 16 | sleep 0.6 17 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 18 | if [ -z ${node_pid} ];then 19 | echo -e "\033[32m stop ${node} success.\033[0m" 20 | exit 0 21 | fi 22 | ((i=i+1)) 23 | done 24 | echo " Exceed maximum number of retries. Please try again to stop ${node}" 25 | exit 1 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/sdk/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/sdk/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICNjCCAR6gAwIBAgIJAMSKG7DatyH+MA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjJaFw0yOTA3MTUwODEwMjJaMDIxDDAKBgNVBAMMA3NkazET 5 | MBEGA1UECgwKZmlzY28tYmNvczENMAsGA1UECwwEbm9kZTBWMBAGByqGSM49AgEG 6 | BSuBBAAKA0IABGvDqInOd63PpVvXxxBWDCGXbeW1bAr67baYzr6ZdN0tRhbNxNpw 7 | ijzmdqs58bwvHVkc2WED1GQ7pJgQdlMRek2jGjAYMAkGA1UdEwQCMAAwCwYDVR0P 8 | BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQCiNKebpf1yrdDJaeBd5Ne2th4LzXIN 9 | FE38Np6urIH+H0YzOxnk2xxeBM55OlXCEki6SnR5OFzQL5QSK3qq9twQVHZlrQIP 10 | qjgMkceykidz/k5iEa7tS7VrvxrgG5PrLgsadcGW958Wc4DCnbqlUzqq/YJH2Fkw 11 | sSM1x9FnAAZ+AK+sN/iq1mgCnA/kv4tZfd0gNrggCqdDSzZ8pvlt7RTeW6FYXL9A 12 | bdRrZL1yhpwk0TisT+cKAZkIQAaDqSoKORLIXfnW9oJwm2/OdNthPV/dxvZENGPv 13 | /2xdAFQiqgAM7uOG13WGHhBEQb7iLM30lHANkHOdY1yKV3MrR2TjTqSd 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/sdk/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgcl5zP+dUS2FcjyF6j9m7 3 | 5dJgE0xAbwYFI00o89gXPwOhRANCAARrw6iJznetz6Vb18cQVgwhl23ltWwK+u22 4 | mM6+mXTdLUYWzcTacIo85narOfG8Lx1ZHNlhA9RkO6SYEHZTEXpN 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/start_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -f "${SHELL_FOLDER}/${directory}/config.ini" && -f "${SHELL_FOLDER}/${directory}/start.sh" ]];then 8 | echo "try to start ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/start.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.2/stop_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -d "${SHELL_FOLDER}/${directory}" && -f "${SHELL_FOLDER}/${directory}/stop.sh" ]];then 8 | echo "try to stop ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/stop.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/.transTest.sh: -------------------------------------------------------------------------------- 1 | # This script only support for block number smaller than 65535 - 256 2 | 3 | ip_port=http://127.0.0.1:8545 4 | trans_num=1 5 | target_group=1 6 | version= 7 | if [ $# -ge 1 ];then 8 | trans_num=$1 9 | fi 10 | if [ $# -ge 2 ];then 11 | target_group=$2 12 | fi 13 | 14 | getNodeVersion() 15 | { 16 | result="$(curl -X POST --data '{"jsonrpc":"2.0","method":"getClientVersion","params":[],"id":1}' ${ip_port})" 17 | version="$(echo ${result} | cut -c250- | cut -d \" -f3)" 18 | } 19 | 20 | block_limit() 21 | { 22 | result=$(curl -s -X POST --data '{"jsonrpc":"2.0","method":"getBlockNumber","params":['${target_group}'],"id":83}' ${ip_port}) 23 | if [ $(echo ${result} | grep -i failed | wc -l) -gt 0 ] || [ -z ${result} ];then 24 | echo "getBlockNumber error!" 25 | exit 1 26 | fi 27 | blockNumber=$(echo ${result}| cut -d \" -f 10) 28 | printf "%04x" $(($blockNumber+0x100)) 29 | } 30 | 31 | send_a_tx() 32 | { 33 | limit=$(block_limit) 34 | random_id="$(date +%s)$(printf "%09d" ${RANDOM})" 35 | if [ ${#limit} -gt 4 ];then echo "blockLimit exceed 0xffff, this scripts is unavailable!"; exit 0;fi 36 | if [ "${version}" == "2.0.0-rc1" ];then 37 | txBytes="f8f0a02ade583745343a8f9a70b40db996fbe69c63531832858${random_id}85174876e7ff8609184e729fff82${limit}94d6f1a71052366dbae2f7ab2d5d5845e77965cf0d80b86448f85bce000000000000000000000000000000000000000000000000000000000000001bf5bd8a9e7ba8b936ea704292ff4aaa5797bf671fdc8526dcd159f23c1f5a05f44e9fa862834dc7cb4541558f2b4961dc39eaaf0af7f7395028658d0e01b86a371ca0e33891be86f781ebacdafd543b9f4f98243f7b52d52bac9efa24b89e257a354da07ff477eb0ba5c519293112f1704de86bd2938369fbf0db2dff3b4d9723b9a87d" 38 | else 39 | txBytes="f8eca003eb675ec791c2d19858c91d0046821c27d815e2e9c15${random_id}0a8402faf08082${limit}948c17cf316c1063ab6c89df875e96c9f0f5b2f74480b8644ed3885e0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a464953434f2042434f53000000000000000000000000000000000000000000000101801ba09edf7c0cb63645442aff11323916d51ec5440de979950747c0189f338afdcefda02f3473184513c6a3516e066ea98b7cfb55a79481c9db98e658dd016c37f03dcf" 40 | fi 41 | #echo $txBytes 42 | curl -s -X POST --data '{"jsonrpc":"2.0","method":"sendRawTransaction","params":['${target_group}', "'$txBytes'"],"id":83}' ${ip_port} 43 | } 44 | 45 | send_many_tx() 46 | { 47 | for j in $(seq 1 $1) 48 | do 49 | echo 'Send transaction: ' $j 50 | send_a_tx ${ip_port} 51 | done 52 | } 53 | getNodeVersion 54 | echo "Use version:${version}" 55 | send_many_tx ${trans_num} 56 | 57 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/conf/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/conf/group.1.genesis: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; consensus algorithm type, now support PBFT(consensus_type=pbft) and Raft(consensus_type=raft) 3 | consensus_type=pbft 4 | ; the max number of transactions of a block 5 | max_trans_num=1000 6 | ; the node id of consensusers 7 | node.0=61860b824605d1253c15263a538f3614072faee18ba1533d3f7fd2296fe6c4c0becd9462d04cdc21c0c69c6e581220660f8941a829b4cfd089822763b7d96ae0 8 | node.1=665883eb607ccdd8e72e47829489e3212a3c77cc1bb300e4bd4c62a70426e97375484c78f1bc609bf987f07c25463ef90a277cfff235c3fe7c98bf3fdcc66dec 9 | node.2=2f6fee06220e479fc7ce46c0d2c29bece5c55672a26b3aca8712643c8726dda22d51b35caf9e90ab8f2dc11e7088393cf75e8917ec594341c3d5b3cfe11764d8 10 | node.3=f03ad904eb7a2ab9478c813cda5dde0e54c4aa874933e795f996140173a1c7a22cabb491ac8ebeda24c57ac56146ab8d47a37a064dd2b3f0ed76e3be83bf8218 11 | 12 | [state] 13 | ; support mpt/storage 14 | type=storage 15 | [tx] 16 | ; transaction gas limit 17 | gas_limit=300000000 18 | [group] 19 | id=1 20 | timestamp=1563437420000 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/conf/group.1.ini: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; the ttl for broadcasting pbft message 3 | ;ttl=2 4 | ; min block generation time(ms), the max block generation time is 1000 ms 5 | ;min_block_generation_time=500 6 | ;enable_dynamic_block_size=true 7 | [storage] 8 | ; storage db type, rocksdb / mysql / external, rocksdb is recommended 9 | type=rocksdb 10 | ; max cache memeory, MB 11 | max_capacity=256 12 | max_forward_block=10 13 | ; only for external 14 | max_retry=100 15 | topic=DB 16 | ; only for mysql 17 | db_ip=127.0.0.1 18 | db_port=3306 19 | db_username= 20 | db_passwd= 21 | db_name= 22 | [tx_pool] 23 | limit=150000 24 | [tx_execute] 25 | enable_parallel=true 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/conf/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICODCCASCgAwIBAgIJAMSKG7DatyH/MA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjJaFw0yOTA3MTUwODEwMjJaMDQxDjAMBgNVBAMMBW5vZGUw 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ0wCwYDVQQLDARub2RlMFYwEAYHKoZIzj0C 6 | AQYFK4EEAAoDQgAEL2/uBiIOR5/HzkbA0sKb7OXFVnKiazrKhxJkPIcm3aItUbNc 7 | r56Qq48twR5wiDk8916JF+xZQ0HD1bPP4Rdk2KMaMBgwCQYDVR0TBAIwADALBgNV 8 | HQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBABTJQIcjSTDdtCtFxSFB0NWci/0F 9 | /TNmLnG6et0A/ScohAhCTeWufhQZERiR9s31VT626W/ExlCVxwgoUv+OnHdJsosV 10 | RqV0i/1eBrYHFe28y7G5HUo+iVyA+fLooRI5/SPnI12CwY10vp2e6WYBbjmYTtja 11 | qDxti9az93qRAq+pOScBCjl5B70fOZy6Ki9rq5CUZTQ4LkJjCMyBQltEqLpyjo60 12 | woaDD/G1rpftVa0L0QZi6hwNCTYZqn2ysR75YZe5hiW/KlsHj43z/gdYVTqAFlK1 13 | 3QQW/8PGyOgDjIDFxnTfFk45ICGQsN8Fc4tPq4t8/tequu0us6R5XcoZzEU= 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/conf/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgZPFxPD9epAQ1PmPg+mIE 3 | hu8QYkqKETJwfRbota+lXC6hRANCAAQvb+4GIg5Hn8fORsDSwpvs5cVWcqJrOsqH 4 | EmQ8hybdoi1Rs1yvnpCrjy3BHnCIOTz3XokX7FlDQcPVs8/hF2TY 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/conf/node.nodeid: -------------------------------------------------------------------------------- 1 | 2f6fee06220e479fc7ce46c0d2c29bece5c55672a26b3aca8712643c8726dda22d51b35caf9e90ab8f2dc11e7088393cf75e8917ec594341c3d5b3cfe11764d8 2 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/config.ini: -------------------------------------------------------------------------------- 1 | [rpc] 2 | listen_ip=127.0.0.1 3 | channel_listen_port=20200 4 | jsonrpc_listen_port=8545 5 | [p2p] 6 | listen_ip=0.0.0.0 7 | listen_port=30300 8 | ;enable_compress=true 9 | ; nodes to connect 10 | node.0=172.17.0.1:30300 11 | node.1=172.17.0.2:30300 12 | node.2=172.17.0.3:30300 13 | node.3=172.17.0.4:30300 14 | 15 | 16 | [certificate_blacklist] 17 | ; crl.0 should be nodeid, nodeid's length is 128 18 | ;crl.0= 19 | 20 | [group] 21 | group_data_path=data/ 22 | group_config_path=conf/ 23 | 24 | [network_security] 25 | ; directory the certificates located in 26 | data_path=conf/ 27 | ; the node private key file 28 | key=node.key 29 | ; the node certificate file 30 | cert=node.crt 31 | ; the ca certificate file 32 | ca_cert=ca.crt 33 | 34 | [storage_security] 35 | enable=false 36 | key_manager_ip= 37 | key_manager_port= 38 | cipher_data_key= 39 | 40 | [chain] 41 | id=1 42 | [compatibility] 43 | ; supported_version should nerver be changed 44 | supported_version=2.0.0 45 | [log] 46 | enable=true 47 | log_path=./log 48 | ; info debug trace 49 | level=info 50 | ; MB 51 | max_log_file_size=200 52 | flush=true 53 | log_flush_threshold=100 54 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | cd ${SHELL_FOLDER} 6 | node=$(basename ${SHELL_FOLDER}) 7 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 8 | if [ ! -z ${node_pid} ];then 9 | echo " ${node} is running, container id is $node_pid. Trying to load new groups." 10 | touch config.ini.append_group 11 | exit 0 12 | else 13 | docker run -d --rm --name ${SHELL_FOLDER//\//} -v ${SHELL_FOLDER}:/data --network=host -w=/data fiscoorg/fiscobcos:v2.0.0 -c config.ini & 14 | sleep 1.5 15 | fi 16 | try_times=4 17 | i=0 18 | while [ $i -lt ${try_times} ] 19 | do 20 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 21 | success_flag=success 22 | if [[ ! -z ${node_pid} && ! -z "${success_flag}" ]];then 23 | echo -e "\033[32m ${node} start successfully\033[0m" 24 | exit 0 25 | fi 26 | sleep 0.5 27 | ((i=i+1)) 28 | done 29 | echo -e "\033[31m Exceed waiting time. Please try again to start ${node} \033[0m" 30 | tail -n20 $(docker inspect --format='{{.LogPath}}' ${SHELL_FOLDER//\//}) 31 | exit 1 32 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/node0/stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | node=$(basename ${SHELL_FOLDER}) 6 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 7 | try_times=10 8 | i=0 9 | if [ -z ${node_pid} ];then 10 | echo " ${node} isn't running." 11 | exit 0 12 | fi 13 | [ ! -z ${node_pid} ] && docker kill ${node_pid} 2>/dev/null > /dev/null 14 | while [ $i -lt ${try_times} ] 15 | do 16 | sleep 0.6 17 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 18 | if [ -z ${node_pid} ];then 19 | echo -e "\033[32m stop ${node} success.\033[0m" 20 | exit 0 21 | fi 22 | ((i=i+1)) 23 | done 24 | echo " Exceed maximum number of retries. Please try again to stop ${node}" 25 | exit 1 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/sdk/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/sdk/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICNjCCAR6gAwIBAgIJAMSKG7DatyIAMA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjNaFw0yOTA3MTUwODEwMjNaMDIxDDAKBgNVBAMMA3NkazET 5 | MBEGA1UECgwKZmlzY28tYmNvczENMAsGA1UECwwEbm9kZTBWMBAGByqGSM49AgEG 6 | BSuBBAAKA0IABOuVGVmr6xRlSE86qBt6JOKWp7pVQugd3CID+2rGJ+xDz7VvOIaO 7 | Z3JyEy6O87KM5oPvwAX7a+JWNt0DIldBUS2jGjAYMAkGA1UdEwQCMAAwCwYDVR0P 8 | BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQB/QgOYtzgzfi/qumdM5PnTTA6jE3bQ 9 | 6Ed+THWOEQvebxlC8xRJoSDnFxezi08TJUzJy6Rcb6LexOmb6zUzIfg0fKtb0mxa 10 | 10/A8ch/Q4chEGfAn52Tpy/Fl1g6IndLIxHqqHnXAfXayQlqwttKhJrNJKbqCR1C 11 | hzIxz77J/WXHqOJwcM/vqknyzCmdC7+fqQco73nAF2zevjPi8dqfv4BdkEkYSDq6 12 | b2nQGSUyteWiL7C009UdbpweY0V9UoM67q3mRL27LQUiYlBkASwdvx0t53/MW2Vw 13 | uCKWwk4VfId8DtilAo8jPDPzY+Wbu64uZmdhDemQIaYwHoGs+c0zgq6L 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/sdk/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgIPQkXKVaIxv5ULxGkl4l 3 | Hxrqh1nTyNWSxo3BIUn0yUmhRANCAATrlRlZq+sUZUhPOqgbeiTilqe6VULoHdwi 4 | A/tqxifsQ8+1bziGjmdychMujvOyjOaD78AF+2viVjbdAyJXQVEt 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/start_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -f "${SHELL_FOLDER}/${directory}/config.ini" && -f "${SHELL_FOLDER}/${directory}/start.sh" ]];then 8 | echo "try to start ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/start.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.3/stop_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -d "${SHELL_FOLDER}/${directory}" && -f "${SHELL_FOLDER}/${directory}/stop.sh" ]];then 8 | echo "try to stop ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/stop.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/.transTest.sh: -------------------------------------------------------------------------------- 1 | # This script only support for block number smaller than 65535 - 256 2 | 3 | ip_port=http://127.0.0.1:8545 4 | trans_num=1 5 | target_group=1 6 | version= 7 | if [ $# -ge 1 ];then 8 | trans_num=$1 9 | fi 10 | if [ $# -ge 2 ];then 11 | target_group=$2 12 | fi 13 | 14 | getNodeVersion() 15 | { 16 | result="$(curl -X POST --data '{"jsonrpc":"2.0","method":"getClientVersion","params":[],"id":1}' ${ip_port})" 17 | version="$(echo ${result} | cut -c250- | cut -d \" -f3)" 18 | } 19 | 20 | block_limit() 21 | { 22 | result=$(curl -s -X POST --data '{"jsonrpc":"2.0","method":"getBlockNumber","params":['${target_group}'],"id":83}' ${ip_port}) 23 | if [ $(echo ${result} | grep -i failed | wc -l) -gt 0 ] || [ -z ${result} ];then 24 | echo "getBlockNumber error!" 25 | exit 1 26 | fi 27 | blockNumber=$(echo ${result}| cut -d \" -f 10) 28 | printf "%04x" $(($blockNumber+0x100)) 29 | } 30 | 31 | send_a_tx() 32 | { 33 | limit=$(block_limit) 34 | random_id="$(date +%s)$(printf "%09d" ${RANDOM})" 35 | if [ ${#limit} -gt 4 ];then echo "blockLimit exceed 0xffff, this scripts is unavailable!"; exit 0;fi 36 | if [ "${version}" == "2.0.0-rc1" ];then 37 | txBytes="f8f0a02ade583745343a8f9a70b40db996fbe69c63531832858${random_id}85174876e7ff8609184e729fff82${limit}94d6f1a71052366dbae2f7ab2d5d5845e77965cf0d80b86448f85bce000000000000000000000000000000000000000000000000000000000000001bf5bd8a9e7ba8b936ea704292ff4aaa5797bf671fdc8526dcd159f23c1f5a05f44e9fa862834dc7cb4541558f2b4961dc39eaaf0af7f7395028658d0e01b86a371ca0e33891be86f781ebacdafd543b9f4f98243f7b52d52bac9efa24b89e257a354da07ff477eb0ba5c519293112f1704de86bd2938369fbf0db2dff3b4d9723b9a87d" 38 | else 39 | txBytes="f8eca003eb675ec791c2d19858c91d0046821c27d815e2e9c15${random_id}0a8402faf08082${limit}948c17cf316c1063ab6c89df875e96c9f0f5b2f74480b8644ed3885e0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000a464953434f2042434f53000000000000000000000000000000000000000000000101801ba09edf7c0cb63645442aff11323916d51ec5440de979950747c0189f338afdcefda02f3473184513c6a3516e066ea98b7cfb55a79481c9db98e658dd016c37f03dcf" 40 | fi 41 | #echo $txBytes 42 | curl -s -X POST --data '{"jsonrpc":"2.0","method":"sendRawTransaction","params":['${target_group}', "'$txBytes'"],"id":83}' ${ip_port} 43 | } 44 | 45 | send_many_tx() 46 | { 47 | for j in $(seq 1 $1) 48 | do 49 | echo 'Send transaction: ' $j 50 | send_a_tx ${ip_port} 51 | done 52 | } 53 | getNodeVersion 54 | echo "Use version:${version}" 55 | send_many_tx ${trans_num} 56 | 57 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/conf/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/conf/group.1.genesis: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; consensus algorithm type, now support PBFT(consensus_type=pbft) and Raft(consensus_type=raft) 3 | consensus_type=pbft 4 | ; the max number of transactions of a block 5 | max_trans_num=1000 6 | ; the node id of consensusers 7 | node.0=61860b824605d1253c15263a538f3614072faee18ba1533d3f7fd2296fe6c4c0becd9462d04cdc21c0c69c6e581220660f8941a829b4cfd089822763b7d96ae0 8 | node.1=665883eb607ccdd8e72e47829489e3212a3c77cc1bb300e4bd4c62a70426e97375484c78f1bc609bf987f07c25463ef90a277cfff235c3fe7c98bf3fdcc66dec 9 | node.2=2f6fee06220e479fc7ce46c0d2c29bece5c55672a26b3aca8712643c8726dda22d51b35caf9e90ab8f2dc11e7088393cf75e8917ec594341c3d5b3cfe11764d8 10 | node.3=f03ad904eb7a2ab9478c813cda5dde0e54c4aa874933e795f996140173a1c7a22cabb491ac8ebeda24c57ac56146ab8d47a37a064dd2b3f0ed76e3be83bf8218 11 | 12 | [state] 13 | ; support mpt/storage 14 | type=storage 15 | [tx] 16 | ; transaction gas limit 17 | gas_limit=300000000 18 | [group] 19 | id=1 20 | timestamp=1563437420000 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/conf/group.1.ini: -------------------------------------------------------------------------------- 1 | [consensus] 2 | ; the ttl for broadcasting pbft message 3 | ;ttl=2 4 | ; min block generation time(ms), the max block generation time is 1000 ms 5 | ;min_block_generation_time=500 6 | ;enable_dynamic_block_size=true 7 | [storage] 8 | ; storage db type, rocksdb / mysql / external, rocksdb is recommended 9 | type=rocksdb 10 | ; max cache memeory, MB 11 | max_capacity=256 12 | max_forward_block=10 13 | ; only for external 14 | max_retry=100 15 | topic=DB 16 | ; only for mysql 17 | db_ip=127.0.0.1 18 | db_port=3306 19 | db_username= 20 | db_passwd= 21 | db_name= 22 | [tx_pool] 23 | limit=150000 24 | [tx_execute] 25 | enable_parallel=true 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/conf/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICODCCASCgAwIBAgIJAMSKG7DatyICMA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjNaFw0yOTA3MTUwODEwMjNaMDQxDjAMBgNVBAMMBW5vZGUw 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ0wCwYDVQQLDARub2RlMFYwEAYHKoZIzj0C 6 | AQYFK4EEAAoDQgAE8DrZBOt6KrlHjIE82l3eDlTEqodJM+eV+ZYUAXOhx6Isq7SR 7 | rI6+2iTFesVhRquNR6N6Bk3Ss/DtduO+g7+CGKMaMBgwCQYDVR0TBAIwADALBgNV 8 | HQ8EBAMCBeAwDQYJKoZIhvcNAQELBQADggEBALfzdrUIZX7l/Zt9ZnxJ0GMf+IiR 9 | VfHJJU/pAiy5idZ+8mjJdYs+CycRrte7MfKHyYuAIItlEzymtJGTF2ClFXIMkPTY 10 | TCPw5lUjJd8D+a2TcEyTy8VrdH4qgbgnQ3jXDxu0rD/HqUF61BgsgaWvD0b3sxs0 11 | s28D2jjpieJGH6jImzeSje4bGQ7ZBg4S3KxVJtLkRVPhPXzxClehJNqZNDihnIl7 12 | qmXbv1L7rC6s3NoQJkDYLWqeK4VbzRc/8ZM9D9W26VzAXRiu6cEummn8+a+k0DKg 13 | uc5Zqhl22NtRsaUokvYrLTt3wrvzWWHRu3Y3yQZtMCER+XtQj3HgPjO9cRY= 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/conf/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgOSxsfFmejsg6eULcL8cf 3 | eIidk5eVvfn52YUqthzcqP6hRANCAATwOtkE63oquUeMgTzaXd4OVMSqh0kz55X5 4 | lhQBc6HHoiyrtJGsjr7aJMV6xWFGq41Ho3oGTdKz8O12476Dv4IY 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/conf/node.nodeid: -------------------------------------------------------------------------------- 1 | f03ad904eb7a2ab9478c813cda5dde0e54c4aa874933e795f996140173a1c7a22cabb491ac8ebeda24c57ac56146ab8d47a37a064dd2b3f0ed76e3be83bf8218 2 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/config.ini: -------------------------------------------------------------------------------- 1 | [rpc] 2 | listen_ip=127.0.0.1 3 | channel_listen_port=20200 4 | jsonrpc_listen_port=8545 5 | [p2p] 6 | listen_ip=0.0.0.0 7 | listen_port=30300 8 | ;enable_compress=true 9 | ; nodes to connect 10 | node.0=172.17.0.1:30300 11 | node.1=172.17.0.2:30300 12 | node.2=172.17.0.3:30300 13 | node.3=172.17.0.4:30300 14 | 15 | 16 | [certificate_blacklist] 17 | ; crl.0 should be nodeid, nodeid's length is 128 18 | ;crl.0= 19 | 20 | [group] 21 | group_data_path=data/ 22 | group_config_path=conf/ 23 | 24 | [network_security] 25 | ; directory the certificates located in 26 | data_path=conf/ 27 | ; the node private key file 28 | key=node.key 29 | ; the node certificate file 30 | cert=node.crt 31 | ; the ca certificate file 32 | ca_cert=ca.crt 33 | 34 | [storage_security] 35 | enable=false 36 | key_manager_ip= 37 | key_manager_port= 38 | cipher_data_key= 39 | 40 | [chain] 41 | id=1 42 | [compatibility] 43 | ; supported_version should nerver be changed 44 | supported_version=2.0.0 45 | [log] 46 | enable=true 47 | log_path=./log 48 | ; info debug trace 49 | level=info 50 | ; MB 51 | max_log_file_size=200 52 | flush=true 53 | log_flush_threshold=100 54 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | cd ${SHELL_FOLDER} 6 | node=$(basename ${SHELL_FOLDER}) 7 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 8 | if [ ! -z ${node_pid} ];then 9 | echo " ${node} is running, container id is $node_pid. Trying to load new groups." 10 | touch config.ini.append_group 11 | exit 0 12 | else 13 | docker run -d --rm --name ${SHELL_FOLDER//\//} -v ${SHELL_FOLDER}:/data --network=host -w=/data fiscoorg/fiscobcos:v2.0.0 -c config.ini & 14 | sleep 1.5 15 | fi 16 | try_times=4 17 | i=0 18 | while [ $i -lt ${try_times} ] 19 | do 20 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 21 | success_flag=success 22 | if [[ ! -z ${node_pid} && ! -z "${success_flag}" ]];then 23 | echo -e "\033[32m ${node} start successfully\033[0m" 24 | exit 0 25 | fi 26 | sleep 0.5 27 | ((i=i+1)) 28 | done 29 | echo -e "\033[31m Exceed waiting time. Please try again to start ${node} \033[0m" 30 | tail -n20 $(docker inspect --format='{{.LogPath}}' ${SHELL_FOLDER//\//}) 31 | exit 1 32 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/node0/stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | fisco_bcos=${SHELL_FOLDER}/../fisco-bcos 5 | node=$(basename ${SHELL_FOLDER}) 6 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 7 | try_times=10 8 | i=0 9 | if [ -z ${node_pid} ];then 10 | echo " ${node} isn't running." 11 | exit 0 12 | fi 13 | [ ! -z ${node_pid} ] && docker kill ${node_pid} 2>/dev/null > /dev/null 14 | while [ $i -lt ${try_times} ] 15 | do 16 | sleep 0.6 17 | node_pid=$(docker ps |grep ${SHELL_FOLDER//\//} | grep -v grep|awk '{print $1}') 18 | if [ -z ${node_pid} ];then 19 | echo -e "\033[32m stop ${node} success.\033[0m" 20 | exit 0 21 | fi 22 | ((i=i+1)) 23 | done 24 | echo " Exceed maximum number of retries. Please try again to stop ${node}" 25 | exit 1 26 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/sdk/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/sdk/node.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICNjCCAR6gAwIBAgIJAMSKG7DatyIDMA0GCSqGSIb3DQEBCwUAMDUxDTALBgNV 3 | BAMMBHRlc3QxEzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTAe 4 | Fw0xOTA3MTgwODEwMjRaFw0yOTA3MTUwODEwMjRaMDIxDDAKBgNVBAMMA3NkazET 5 | MBEGA1UECgwKZmlzY28tYmNvczENMAsGA1UECwwEbm9kZTBWMBAGByqGSM49AgEG 6 | BSuBBAAKA0IABB5WaUJ+i0knx/R/HEopgEazps6Y640pUhVgQiJP1+an09L8v7TV 7 | okvD9NcN/C5Ls1+pfJLeyfsfJY7o46a8oSyjGjAYMAkGA1UdEwQCMAAwCwYDVR0P 8 | BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQCErfRHqaNcvypJ8MxsqBOEQPsC30mA 9 | GWSXsI+KX8vwnusHVraFKC7x9WxPD9AOOjS9haPT55jEt4sEf4mHm88H+mwToSYR 10 | oNouY13/b+GNo0yQs9q+BKX1aAipi7zlV0KcMgtHGLoQ/bkS0T5UvgYJMMNZSq1b 11 | snPRfl4y/kp0ysMfAqNoK/zq2OITx58S6B+lmj6ByMsraJU22YJn5/ftPqZ4Omxd 12 | 7vAxnBDAR2+IpKp1iGzhCbQdkX36HeXvFKkyuz79VtgtKu3jKfOjdidNvVofXjdW 13 | YlE6j9TIznT2aR7B8ugPKShY2ltz9LfxWJSzL0YKN+leNuqYmblovJJW 14 | -----END CERTIFICATE----- 15 | -----BEGIN CERTIFICATE----- 16 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 17 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 18 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 19 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 20 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 21 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 22 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 23 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 24 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 25 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 26 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 27 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 28 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 29 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 30 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 31 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 32 | Gg== 33 | -----END CERTIFICATE----- 34 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/sdk/node.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgKonheEUBy+l1USVHfDJ1 3 | bopCmp8PExaPh8xdkYT+UOShRANCAAQeVmlCfotJJ8f0fxxKKYBGs6bOmOuNKVIV 4 | YEIiT9fmp9PS/L+01aJLw/TXDfwuS7NfqXyS3sn7HyWO6OOmvKEs 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/start_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -f "${SHELL_FOLDER}/${directory}/config.ini" && -f "${SHELL_FOLDER}/${directory}/start.sh" ]];then 8 | echo "try to start ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/start.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/172.17.0.4/stop_all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | SHELL_FOLDER=$(cd $(dirname $0);pwd) 3 | 4 | dirs=($(ls -l ${SHELL_FOLDER} | awk '/^d/ {print $NF}')) 5 | for directory in ${dirs[*]} 6 | do 7 | if [[ -d "${SHELL_FOLDER}/${directory}" && -f "${SHELL_FOLDER}/${directory}/stop.sh" ]];then 8 | echo "try to stop ${directory}" 9 | bash ${SHELL_FOLDER}/${directory}/stop.sh & 10 | fi 11 | done 12 | wait 13 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/ca.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEowIBAAKCAQEA5ENvUA0IWUULKlhh58ZYCYD+WwTtEjpv1l0/mMyC8ImbQIlB 3 | adcfBtZK6yDli+syBhcX+tZjsA5EMG0QtnzRUZP0qOJ8XyjPYBmqxCOqNUqOfJPb 4 | NxxBzUkBf48o65T4bIu2oUxShv5rD2AF2ZnWRFVMoNDkXKsuVmKccjq3Qq6+7VO1 5 | VTyVQAH+FvHd7asuv8br9epJRC7/4wrZS2jl1UWbMO8EVIPAbXduDOpQT6s5wre5 6 | yeBSpgu0JGnvGPLiMpZCHBMrp+Jt6S3xvEJcbjYd6vTTJJ8qpH/Zvhbij4TIW86p 7 | EtOjtT2rj/abkZIXZSG+fP4L9DG1/cRpLcKUZQIDAQABAoIBADgmImaFni0fX7y9 8 | 2u+Bibxkv6yyDIL0XvhTHca/X+I9ZzQ7zxxy703mPq2R/QUrCLYYzixEumbfS4TB 9 | /190WqT/iSpV9BQQXNqd1bTDtSXAvkYEtOLcj48oyzaOh5lTnrxMrdMFjDNqt/kj 10 | PK0nO165wMy6NcJZ1V8oiKVMrjG3hYjljRgfSbm3ev6TSQCRnsKIRYGq3ZIKjITH 11 | 3DdtCUwNhbQYSlpdmXygwbzFOpHNOwqouvL+EdlGOXgMdglLfgh8r6dUGn6wujvx 12 | eL4jucU3dI5NUT3lxLFSIUfKV3eeeRp+zu7VnRFfyrih9oXqIKMJVqk34FqzN4lY 13 | ZSM54iECgYEA9yZonmY2TnF2NQCaDM2k2WTukif4uV7cM0Y/WUo5UetOS7ABz3if 14 | 0vakR/ciavbW7OYZujXIkv9P5JzMUr2Hlev/9XUvvXPGS/AuTK3tb5wqUNyQ4h4z 15 | oermlz1+tHe2w5Arcj6MGVkSCnAgGwpBUUFFtXHKh3riQQTidaSaENkCgYEA7G/l 16 | In/b7WMRSt91J18GvbcXTFLJ/E81cb4OrA0LS+3LxY+ZhzOkulfW1839Aj945eHg 17 | hofFCGA1tXt8Cg8z+6ddHRdiseMSOY8+O4InAHcAxKC5y6f/elIMcW3AQcDAhnSV 18 | 1iRiibF6wejd3iyhg7pKT2onkRLH1rhQ5YUTqG0CgYEAhB5aKuMFAOYShL7vmwyL 19 | pVMZXbRUd/PHzvksgDT3c11Qm5FZRml7NrF2nKn2EiwmNLnE4xBBSqOFN/bCGzEK 20 | PBDO4Y5lmOc9B/c7KO6JUPKwhE2EffwbKeGCpzLOevbMErsNHqNlDV/aDw5le07+ 21 | H8u+0gIkfEwqiwtra+w0F/ECgYBs7jiRJns66XOkHUOqeftvGJWhUltA5XVoC/pS 22 | hkf4GXzSbpB7W+2+9I1FK+AvUvLuZpy9HnxGmZzlGhlRwSNgBAHAT2/nKQjSgA5Z 23 | +GLjsfAmpy4yiBoKTxbwg3IaWSXaTIhj+qtzaNN310OxArr/J6ro362PByoO4ShU 24 | NnWSGQKBgGJJtNJID77PxnPVCT3vh5EBZY6HyQdaUds+REHFm3G5kDOGM7CgjpTo 25 | 9s6VnBxKZ6Zdl8+dsSmdT0Us7kAGC1r26sGmeh5BXJiMwJiYK38RZL+lSiXln0n3 26 | VmfcN9jzYLh3R253R7KiJrO7pBncl+QLe5wW9dZ90RjGsFv6CRvF 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/ca.srl: -------------------------------------------------------------------------------- 1 | D46D9EE3F6FB61F7 2 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/cert.cnf: -------------------------------------------------------------------------------- 1 | [ca] 2 | default_ca=default_ca 3 | [default_ca] 4 | default_days = 365 5 | default_md = sha256 6 | 7 | [req] 8 | distinguished_name = req_distinguished_name 9 | req_extensions = v3_req 10 | [req_distinguished_name] 11 | countryName = CN 12 | countryName_default = CN 13 | stateOrProvinceName = State or Province Name (full name) 14 | stateOrProvinceName_default =GuangDong 15 | localityName = Locality Name (eg, city) 16 | localityName_default = ShenZhen 17 | organizationalUnitName = Organizational Unit Name (eg, section) 18 | organizationalUnitName_default = fisco-bcos 19 | commonName = Organizational commonName (eg, fisco-bcos) 20 | commonName_default = fisco-bcos 21 | commonName_max = 64 22 | 23 | [ v3_req ] 24 | basicConstraints = CA:FALSE 25 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 26 | 27 | [ v4_req ] 28 | basicConstraints = CA:TRUE 29 | 30 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/test/agency.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIC/TCCAeWgAwIBAgIJANRtnuP2+2H3MA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDTALBgNVBAMMBHRlc3Qx 5 | EzARBgNVBAoMCmZpc2NvLWJjb3MxDzANBgNVBAsMBmFnZW5jeTCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAO8JbuX+2NmiQfB9ioyPklXDtWyI93Yfpnav 7 | 4XTSZJ9aLlDV41rWVLHUCpTLndDnqsJfh02k5vAl07O8I9Z8ue547dAq/Nt2DbU4 8 | 486NqmVGYRSdW2L6Ge2tpvP25hzRn70GUY5JA4x0DWtxKO3U9ha1B6OJWais8Zv1 9 | +YsFEeQ5flGS/1L7B1zMac3A1ymWSt0o9Q2T2UXZCOJD6wbtxnDtFmAwnoRQH9Nn 10 | 9MfgbqFg3PlbIPlPMvXc5jT/lTTv0IZX/qV+d5dMSv0qTcxp/V8aW4dMnGJ/jGxp 11 | 1+xUMNQET93xuMVfY+2z2XnIydVybja+/eTSF5WMVKAvmch1p28CAwEAAaMQMA4w 12 | DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHpAcgtCYvoVBhPaVuWj2 13 | rk/IIcxZR0wSA4ivXDnh+ZjeG9rdMFSA5Mll04DSeu7SSfxtBeHScwRkbEvEYYhP 14 | pMhGjONLYaqvVydQRcOv1I+tmwrm5XccE/MfXJotOSk91kXrdDOX7ncUAWm9JKF4 15 | tRj+rnPgZl7hjvmw9zyQlO6sQ6fxQPEsbzX057ctPsensKfDhn2+JzZ4NwU7FW6F 16 | v6g7qHzGVZur8QG+po8JeoXg5Vc/lNbGZlVeXtzInH2ozBM75Z7DnPFz30NxuwSa 17 | 2tBKM9LLGXc0a7JRTOo/NsM7p+Rp+Jn0p/WIX02lyLko30zpCRGF1GM9Y6wlB39G 18 | Gg== 19 | -----END CERTIFICATE----- 20 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/test/agency.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEA7wlu5f7Y2aJB8H2KjI+SVcO1bIj3dh+mdq/hdNJkn1ouUNXj 3 | WtZUsdQKlMud0Oeqwl+HTaTm8CXTs7wj1ny57njt0Cr823YNtTjjzo2qZUZhFJ1b 4 | YvoZ7a2m8/bmHNGfvQZRjkkDjHQNa3Eo7dT2FrUHo4lZqKzxm/X5iwUR5Dl+UZL/ 5 | UvsHXMxpzcDXKZZK3Sj1DZPZRdkI4kPrBu3GcO0WYDCehFAf02f0x+BuoWDc+Vsg 6 | +U8y9dzmNP+VNO/Qhlf+pX53l0xK/SpNzGn9Xxpbh0ycYn+MbGnX7FQw1ARP3fG4 7 | xV9j7bPZecjJ1XJuNr795NIXlYxUoC+ZyHWnbwIDAQABAoIBAQDL6pw0kKelYYon 8 | ArIDHyeTCpXmtSGGH5H+hiQraKB2YJRKWWzOvTEbUuyD6wACit9dWekvD5IDJAHp 9 | voJEI7rp+TfG8iUrgxZGlvWf67KFGvkOgP7I/NrJq+5VCTddNmay9oT0gM0KMKaS 10 | FcL4wUf+LwkJNc7K2l5y0e/D7NtKeStm8asKl/haARwvOC3LNAj9LxUFii6BZlDt 11 | wngxq9F/wI32C/wozuElF/bWPUA7vmOJmUTapjSty/O/ejmWzRNoavN3AXHQ+zW8 12 | Q5rEeJFCteJFDMfOGQvVGlmCNhFqyD17gA94p6XVlFOOETYKB2yvMUqac/Tl8wAk 13 | zoQbur6hAoGBAPyBSPgkfZ3kF+yo0II9ZMX8Us4FWP6P0zLAXk814e5jNFMp1Cif 14 | dCUShmtdCrkAu26alqkrZ3Ad0NphAYNsgMbpGqSLlSsswZ+IdmlM37ljc/P+jr92 15 | uBfGYhxUogFmXfPl4LhZNazf1t3t0GCp3gaNKMBzxDqFvDOWvRwcEYeVAoGBAPJY 16 | bPcsIbWn/WAvfK5cjXH4hL83Hzvg12Utse5KwTX6oJPtZoF7+BXXtzpDv5v7GJFM 17 | aUyK8nE6i+uKOcYrrMUf5NBbfv1kBDzUsJBDcvENZuYn+82Yh6ciqMWNxVO1Qc3k 18 | /hq9MjPCxt7HrSaT05mwcj3BEG5Cv+2kxXnDCOHzAoGAXY4hVR9gE5IhcyQRLVBF 19 | +D1HCOJeWOM9Iz63Mq4KKeNDzdRfsTVzOREmEL2GbYlh6NcKH1/fkWDasy7h+qnH 20 | BOv1XSYCfN62Vr+e7+D1u6Cno62bgkEgcF6ml0ycQdyFzwpLOsKC6qx81fl5DXei 21 | tdazVKsP94b5djvRkYqszAkCgYA4lKaUKsyQAfGpNE0S1G79rf0oO7FiJIOFjt6c 22 | +P0VIje9cc7d6liomN2hj9G7lCtPORzYjxQ9lWK3kmUcvHOw7lpYvxPuCxzmKu4y 23 | MF00pGFi2PD0Nmltfy0SOqBYg9giPxWInqWK6i3OM6ZcfGUJ2+VAP8QbSiBPVon4 24 | fK2lOwKBgQC2HQoyImpyReUPXm3xNiSxgF1FDckZftdukQTeNLFD10DtDIRoeJC+ 25 | yEHzNX493l4dALzQn30lYw9BlF33nc75Pswp1DQuoSaZFqcZmoubM0UH99MJjGtF 26 | 4g65jC+JzOXo61hUmUG1pzfHjJpvZW7iU/jMy/9ylAZc1nuA0BMPeQ== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/test/agency.srl: -------------------------------------------------------------------------------- 1 | C48A1BB0DAB72204 2 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/test/ca.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDPTCCAiWgAwIBAgIJANrxoSx5Q/rAMA0GCSqGSIb3DQEBCwUAMDUxDjAMBgNV 3 | BAMMBWNoYWluMRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjAe 4 | Fw0xOTA3MTgwODEwMjBaFw0yOTA3MTUwODEwMjBaMDUxDjAMBgNVBAMMBWNoYWlu 5 | MRMwEQYDVQQKDApmaXNjby1iY29zMQ4wDAYDVQQLDAVjaGFpbjCCASIwDQYJKoZI 6 | hvcNAQEBBQADggEPADCCAQoCggEBAORDb1ANCFlFCypYYefGWAmA/lsE7RI6b9Zd 7 | P5jMgvCJm0CJQWnXHwbWSusg5YvrMgYXF/rWY7AORDBtELZ80VGT9KjifF8oz2AZ 8 | qsQjqjVKjnyT2zccQc1JAX+PKOuU+GyLtqFMUob+aw9gBdmZ1kRVTKDQ5FyrLlZi 9 | nHI6t0Kuvu1TtVU8lUAB/hbx3e2rLr/G6/XqSUQu/+MK2Uto5dVFmzDvBFSDwG13 10 | bgzqUE+rOcK3ucngUqYLtCRp7xjy4jKWQhwTK6fibekt8bxCXG42Her00ySfKqR/ 11 | 2b4W4o+EyFvOqRLTo7U9q4/2m5GSF2Uhvnz+C/Qxtf3EaS3ClGUCAwEAAaNQME4w 12 | HQYDVR0OBBYEFHKeGD10hCxcJxa3KnJieWfjZTTNMB8GA1UdIwQYMBaAFHKeGD10 13 | hCxcJxa3KnJieWfjZTTNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB 14 | AGav/nvGcOQo0mukGdQiLG7gYFdVCcCeATPz8g1PKNG3MxRZBaF3UZlsVUhulVZB 15 | dQltqXt4XMh3xSQqEefXUdvNmpNxiN8BQ0mfV+hOKnv6mnOjSJ7Rrt9jBz7DGZb9 16 | cdqWHlvcuZAo5F3wGCfmLhmrkB5dntfIwaa5nSwTSyjYV5I/URQ/DBq9pvV0YEe9 17 | sDffW5y2cpNjL0qsQ6ADf/0rDKs3UpHcaITJtMA2EwAPp0qbiAxiXwYKdAfkH0kj 18 | 3wfwOlnrbkYOLhDxkTZ5ZR+h8BPl8cs6uZpv2gi8aKdxtxKzRl85KhBoYOMTLezg 19 | ykQCWUOWhDSw3CaRiZymDtY= 20 | -----END CERTIFICATE----- 21 | -------------------------------------------------------------------------------- /nodes-config/nodes/cert/test/cert.cnf: -------------------------------------------------------------------------------- 1 | [ca] 2 | default_ca=default_ca 3 | [default_ca] 4 | default_days = 365 5 | default_md = sha256 6 | 7 | [req] 8 | distinguished_name = req_distinguished_name 9 | req_extensions = v3_req 10 | [req_distinguished_name] 11 | countryName = CN 12 | countryName_default = CN 13 | stateOrProvinceName = State or Province Name (full name) 14 | stateOrProvinceName_default =GuangDong 15 | localityName = Locality Name (eg, city) 16 | localityName_default = ShenZhen 17 | organizationalUnitName = Organizational Unit Name (eg, section) 18 | organizationalUnitName_default = fisco-bcos 19 | commonName = Organizational commonName (eg, fisco-bcos) 20 | commonName_default = fisco-bcos 21 | commonName_max = 64 22 | 23 | [ v3_req ] 24 | basicConstraints = CA:FALSE 25 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 26 | 27 | [ v4_req ] 28 | basicConstraints = CA:TRUE 29 | 30 | -------------------------------------------------------------------------------- /release_note.txt: -------------------------------------------------------------------------------- 1 | V1.0.0 2 | --------------------------------------------------------------------------------