From 714bcb0a9f7fc3ba1e3a0df53a61ec098ecafb16 Mon Sep 17 00:00:00 2001 From: Tatsuya Sato Date: Mon, 27 Jan 2025 19:06:03 +0900 Subject: [PATCH] test-network-k8s: Introduce initial support for BFT orderers (#1294) This patch adds initial support for BFT orderers in the test-network-k8s. When `TEST_NETWORK_ORDERER_TYPE` is set to `bft`, the network launches four orderers configured with SmartBFT. Signed-off-by: Tatsuya Sato --- .../config/org0/bft/configtx-template.yaml | 358 ++++++++++++++++++ .../config/org0/configtx-template.yaml | 2 +- test-network-k8s/kube/org0/org0-orderer4.yaml | 160 ++++++++ test-network-k8s/network | 2 + test-network-k8s/scripts/channel.sh | 39 +- test-network-k8s/scripts/test_network.sh | 8 + 6 files changed, 561 insertions(+), 8 deletions(-) create mode 100644 test-network-k8s/config/org0/bft/configtx-template.yaml create mode 100644 test-network-k8s/kube/org0/org0-orderer4.yaml diff --git a/test-network-k8s/config/org0/bft/configtx-template.yaml b/test-network-k8s/config/org0/bft/configtx-template.yaml new file mode 100644 index 0000000000..01e1a1aca9 --- /dev/null +++ b/test-network-k8s/config/org0/bft/configtx-template.yaml @@ -0,0 +1,358 @@ +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +--- +################################################################################ +# +# Section: Organizations +# +# - This section defines the different organizational identities which will +# be referenced later in the configuration. +# +################################################################################ +Organizations: + + # SampleOrg defines an MSP using the sampleconfig. It should never be used + # in production but may be used as a template for other definitions + - &OrdererOrg + # DefaultOrg defines the organization which is used in the sampleconfig + # of the fabric.git development environment + Name: OrdererOrg + + # ID to load the MSP definition as + ID: OrdererMSP + + # MSPDir is the filesystem path which contains the MSP configuration + MSPDir: ./channel-msp/ordererOrganizations/org0/msp + + # Policies defines the set of policies at this level of the config tree + # For organization policies, their canonical path is usually + # /Channel/// + Policies: + Readers: + Type: Signature + Rule: "OR('OrdererMSP.member')" + Writers: + Type: Signature + Rule: "OR('OrdererMSP.member')" + Admins: + Type: Signature + Rule: "OR('OrdererMSP.admin')" + + OrdererEndpoints: + - org0-orderer1.${ORG0_NS}.svc.cluster.local:6050 + - org0-orderer2.${ORG0_NS}.svc.cluster.local:6050 + - org0-orderer3.${ORG0_NS}.svc.cluster.local:6050 + - org0-orderer4.${ORG0_NS}.svc.cluster.local:6050 + + - &Org1 + # DefaultOrg defines the organization which is used in the sampleconfig + # of the fabric.git development environment + Name: Org1MSP + + # ID to load the MSP definition as + ID: Org1MSP + + MSPDir: ./channel-msp/peerOrganizations/org1/msp + + # Policies defines the set of policies at this level of the config tree + # For organization policies, their canonical path is usually + # /Channel/// + Policies: + Readers: + Type: Signature + Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')" + Writers: + Type: Signature + Rule: "OR('Org1MSP.admin', 'Org1MSP.client')" + Admins: + Type: Signature + Rule: "OR('Org1MSP.admin')" + Endorsement: + Type: Signature + Rule: "OR('Org1MSP.peer')" + + # leave this flag set to true. + AnchorPeers: + # AnchorPeers defines the location of peers which can be used + # for cross org gossip communication. Note, this value is only + # encoded in the genesis block in the Application section context + - Host: org1-peer1.${ORG1_NS}.svc.cluster.local + Port: 7051 + + - &Org2 + # DefaultOrg defines the organization which is used in the sampleconfig + # of the fabric.git development environment + Name: Org2MSP + + # ID to load the MSP definition as + ID: Org2MSP + + MSPDir: ./channel-msp/peerOrganizations/org2/msp + + # Policies defines the set of policies at this level of the config tree + # For organization policies, their canonical path is usually + # /Channel/// + Policies: + Readers: + Type: Signature + Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')" + Writers: + Type: Signature + Rule: "OR('Org2MSP.admin', 'Org2MSP.client')" + Admins: + Type: Signature + Rule: "OR('Org2MSP.admin')" + Endorsement: + Type: Signature + Rule: "OR('Org2MSP.peer')" + + AnchorPeers: + # AnchorPeers defines the location of peers which can be used + # for cross org gossip communication. Note, this value is only + # encoded in the genesis block in the Application section context + - Host: org2-peer1.${ORG2_NS}.svc.cluster.local + Port: 7051 + +################################################################################ +# +# SECTION: Capabilities +# +# - This section defines the capabilities of fabric network. This is a new +# concept as of v1.1.0 and should not be utilized in mixed networks with +# v1.0.x peers and orderers. Capabilities define features which must be +# present in a fabric binary for that binary to safely participate in the +# fabric network. For instance, if a new MSP type is added, newer binaries +# might recognize and validate the signatures from this type, while older +# binaries without this support would be unable to validate those +# transactions. This could lead to different versions of the fabric binaries +# having different world states. Instead, defining a capability for a channel +# informs those binaries without this capability that they must cease +# processing transactions until they have been upgraded. For v1.0.x if any +# capabilities are defined (including a map with all capabilities turned off) +# then the v1.0.x peer will deliberately crash. +# +################################################################################ +Capabilities: + # Channel capabilities apply to both the orderers and the peers and must be + # supported by both. + # Set the value of the capability to true to require it. + Channel: &ChannelCapabilities + # V3.0 for Channel is a catchall flag for behavior which has been + # determined to be desired for all orderers and peers running at the v3.0.0 + # level, but which would be incompatible with orderers and peers from + # prior releases. + # Prior to enabling V3.0 channel capabilities, ensure that all + # orderers and peers on a channel are at v3.0.0 or later. + V3_0: true + + # Orderer capabilities apply only to the orderers, and may be safely + # used with prior release peers. + # Set the value of the capability to true to require it. + Orderer: &OrdererCapabilities + # V2_0 orderer capability ensures that orderers behave according + # to v2.0 orderer capabilities. Orderers from + # prior releases would behave in an incompatible way, and are therefore + # not able to participate in channels at v2.0 orderer capability. + # Prior to enabling V2.0 orderer capabilities, ensure that all + # orderers on channel are at v2.0.0 or later. + V2_0: true + + # Application capabilities apply only to the peer network, and may be safely + # used with prior release orderers. + # Set the value of the capability to true to require it. + Application: &ApplicationCapabilities + # V2_0 application capability ensures that peers behave according + # to v2.0 application capabilities. Peers from + # prior releases would behave in an incompatible way, and are therefore + # not able to participate in channels at v2.0 application capability. + # Prior to enabling V2.0 application capabilities, ensure that all + # peers on channel are at v2.0.0 or later. + V2_5: true + +################################################################################ +# +# SECTION: Application +# +# - This section defines the values to encode into a config transaction or +# genesis block for application related parameters +# +################################################################################ +Application: &ApplicationDefaults + + # Organizations is the list of orgs which are defined as participants on + # the application side of the network + Organizations: + + # Policies defines the set of policies at this level of the config tree + # For Application policies, their canonical path is + # /Channel/Application/ + Policies: + Readers: + Type: ImplicitMeta + Rule: "ANY Readers" + Writers: + Type: ImplicitMeta + Rule: "ANY Writers" + Admins: + Type: ImplicitMeta + Rule: "MAJORITY Admins" + LifecycleEndorsement: + Type: Signature + Rule: "OR('Org1MSP.peer','Org2MSP.peer')" + Endorsement: + Type: Signature + Rule: "OR('Org1MSP.peer','Org2MSP.peer')" + + Capabilities: + <<: *ApplicationCapabilities +################################################################################ +# +# SECTION: Orderer +# +# - This section defines the values to encode into a config transaction or +# genesis block for orderer related parameters +# +################################################################################ +Orderer: &OrdererDefaults + # Batch Timeout: The amount of time to wait before creating a batch + BatchTimeout: 2s + + # Batch Size: Controls the number of messages batched into a block + BatchSize: + + # Max Message Count: The maximum number of messages to permit in a batch + MaxMessageCount: 10 + + # Absolute Max Bytes: The absolute maximum number of bytes allowed for + # the serialized messages in a batch. + AbsoluteMaxBytes: 99 MB + + # Preferred Max Bytes: The preferred maximum number of bytes allowed for + # the serialized messages in a batch. A message larger than the preferred + # max bytes will result in a batch larger than preferred max bytes. + PreferredMaxBytes: 512 KB + + # Organizations is the list of orgs which are defined as participants on + # the orderer side of the network + Organizations: + + # Policies defines the set of policies at this level of the config tree + # For Orderer policies, their canonical path is + # /Channel/Orderer/ + Policies: + Readers: + Type: ImplicitMeta + Rule: "ANY Readers" + Writers: + Type: ImplicitMeta + Rule: "ANY Writers" + Admins: + Type: ImplicitMeta + Rule: "MAJORITY Admins" + # BlockValidation specifies what signatures must be included in the block + # from the orderer for the peer to validate it. + BlockValidation: + Type: ImplicitMeta + Rule: "ANY Writers" + +################################################################################ +# +# CHANNEL +# +# This section defines the values to encode into a config transaction or +# genesis block for channel related parameters. +# +################################################################################ +Channel: &ChannelDefaults + # Policies defines the set of policies at this level of the config tree + # For Channel policies, their canonical path is + # /Channel/ + Policies: + # Who may invoke the 'Deliver' API + Readers: + Type: ImplicitMeta + Rule: "ANY Readers" + # Who may invoke the 'Broadcast' API + Writers: + Type: ImplicitMeta + Rule: "ANY Writers" + # By default, who may modify elements at this config level + Admins: + Type: ImplicitMeta + Rule: "MAJORITY Admins" + + # Capabilities describes the channel level capabilities, see the + # dedicated Capabilities section elsewhere in this file for a full + # description + Capabilities: + <<: *ChannelCapabilities + +################################################################################ +# +# Profile +# +# - Different configuration profiles may be encoded here to be specified +# as parameters to the configtxgen tool +# +################################################################################ +Profiles: + ChannelUsingBFT: + <<: *ChannelDefaults + Orderer: + <<: *OrdererDefaults + Organizations: + - *OrdererOrg + Capabilities: *OrdererCapabilities + OrdererType: BFT + SmartBFT: + RequestBatchMaxCount: 100 + RequestBatchMaxInterval: 50ms + RequestForwardTimeout: 2s + RequestComplainTimeout: 20s + RequestAutoRemoveTimeout: 3m0s + ViewChangeResendInterval: 5s + ViewChangeTimeout: 20s + LeaderHeartbeatTimeout: 1m0s + CollectTimeout: 1s + RequestBatchMaxBytes: 10485760 + IncomingMessageBufferSize: 200 + RequestPoolSize: 100000 + LeaderHeartbeatCount: 10 + ConsenterMapping: + - ID: 1 + Host: org0-orderer1 + Port: 6050 + MSPID: OrdererMSP + Identity: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer1/cert.pem + ClientTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer1/tls/signcerts/tls-cert.pem + ServerTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer1/tls/signcerts/tls-cert.pem + - ID: 2 + Host: org0-orderer2 + Port: 6050 + MSPID: OrdererMSP + Identity: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer2/cert.pem + ClientTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer2/tls/signcerts/tls-cert.pem + ServerTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer2/tls/signcerts/tls-cert.pem + - ID: 3 + Host: org0-orderer3 + Port: 6050 + MSPID: OrdererMSP + Identity: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer3/cert.pem + ClientTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer3/tls/signcerts/tls-cert.pem + ServerTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer3/tls/signcerts/tls-cert.pem + - ID: 4 + Host: org0-orderer4 + Port: 6050 + MSPID: OrdererMSP + Identity: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer4/cert.pem + ClientTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer4/tls/signcerts/tls-cert.pem + ServerTLSCert: ./channel-msp/ordererOrganizations/org0/orderers/org0-orderer4/tls/signcerts/tls-cert.pem + Application: + <<: *ApplicationDefaults + Organizations: + - *Org1 + - *Org2 + Capabilities: *ApplicationCapabilities diff --git a/test-network-k8s/config/org0/configtx-template.yaml b/test-network-k8s/config/org0/configtx-template.yaml index 5bbbf93fe9..ba825db9c7 100644 --- a/test-network-k8s/config/org0/configtx-template.yaml +++ b/test-network-k8s/config/org0/configtx-template.yaml @@ -169,7 +169,7 @@ Capabilities: # not able to participate in channels at v2.0 application capability. # Prior to enabling V2.0 application capabilities, ensure that all # peers on channel are at v2.0.0 or later. - V2_0: true + V2_5: true ################################################################################ # diff --git a/test-network-k8s/kube/org0/org0-orderer4.yaml b/test-network-k8s/kube/org0/org0-orderer4.yaml new file mode 100644 index 0000000000..425d1f6943 --- /dev/null +++ b/test-network-k8s/kube/org0/org0-orderer4.yaml @@ -0,0 +1,160 @@ +# +# Copyright IBM Corp. All Rights Reserved. +# +# SPDX-License-Identifier: Apache-2.0 +# + +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: org0-orderer4-tls-cert + namespace: ${ORG0_NS} +spec: + isCA: false + privateKey: + algorithm: ECDSA + size: 256 + dnsNames: + - localhost + - org0-orderer4 + - org0-orderer4.${ORG0_NS}.svc.cluster.local + - org0-orderer4.${DOMAIN} + - org0-orderer4-admin.${DOMAIN} + ipAddresses: + - 127.0.0.1 + secretName: org0-orderer4-tls-cert + issuerRef: + name: org0-tls-cert-issuer + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: org0-orderer4-env +data: + FABRIC_CFG_PATH: /var/hyperledger/fabric/config + FABRIC_LOGGING_SPEC: INFO # debug:cauthdsl,policies,msp,common.configtx,common.channelconfig=info + ORDERER_GENERAL_LISTENADDRESS: 0.0.0.0 + ORDERER_GENERAL_LISTENPORT: "6050" + ORDERER_GENERAL_LOCALMSPID: OrdererMSP + ORDERER_GENERAL_LOCALMSPDIR: /var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/org0-orderer4.org0.example.com/msp + ORDERER_GENERAL_TLS_ENABLED: "true" + ORDERER_GENERAL_TLS_CERTIFICATE: /var/hyperledger/fabric/config/tls/tls.crt + ORDERER_GENERAL_TLS_ROOTCAS: /var/hyperledger/fabric/config/tls/ca.crt + ORDERER_GENERAL_TLS_PRIVATEKEY: /var/hyperledger/fabric/config/tls/tls.key + ORDERER_GENERAL_BOOTSTRAPMETHOD: none + ORDERER_CHANNELPARTICIPATION_ENABLED: "true" + ORDERER_ADMIN_TLS_ENABLED: "true" + ORDERER_ADMIN_TLS_CERTIFICATE: /var/hyperledger/fabric/config/tls/tls.crt + ORDERER_ADMIN_TLS_ROOTCAS: /var/hyperledger/fabric/config/tls/ca.crt + ORDERER_ADMIN_TLS_PRIVATEKEY: /var/hyperledger/fabric/config/tls/tls.key + # Authenticate client connections with the org's ecert / admin user enrollments + ORDERER_ADMIN_TLS_CLIENTROOTCAS: "[/var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/org0-orderer4.org0.example.com/msp/cacerts/org0-ca.pem]" + ORDERER_FILELEDGER_LOCATION: /var/hyperledger/fabric/data/orderer4 + ORDERER_CONSENSUS_WALDIR: /var/hyperledger/fabric/data/orderer4/etcdraft/wal + ORDERER_CONSENSUS_SNAPDIR: /var/hyperledger/fabric/data/orderer4/etcdraft/wal + ORDERER_OPERATIONS_LISTENADDRESS: 0.0.0.0:8443 + ORDERER_ADMIN_LISTENADDRESS: 0.0.0.0:9443 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: org0-orderer4 +spec: + replicas: 1 + selector: + matchLabels: + app: org0-orderer4 + template: + metadata: + labels: + app: org0-orderer4 + spec: + containers: + - name: main + image: ${FABRIC_CONTAINER_REGISTRY}/fabric-orderer:${FABRIC_VERSION} + imagePullPolicy: IfNotPresent + envFrom: + - configMapRef: + name: org0-orderer4-env + ports: + - containerPort: 6050 + - containerPort: 8443 + - containerPort: 9443 + volumeMounts: + - name: fabric-volume + mountPath: /var/hyperledger + - name: fabric-config + mountPath: /var/hyperledger/fabric/config + - name: tls-cert-volume + mountPath: /var/hyperledger/fabric/config/tls + readOnly: true + volumes: + - name: fabric-volume + persistentVolumeClaim: + claimName: fabric-org0 + - name: fabric-config + configMap: + name: org0-config + - name: tls-cert-volume + secret: + secretName: org0-orderer4-tls-cert +--- +apiVersion: v1 +kind: Service +metadata: + name: org0-orderer4 +spec: + ports: + - name: general + port: 6050 + protocol: TCP + - name: operations + port: 8443 + protocol: TCP + - name: admin + port: 9443 + protocol: TCP + selector: + app: org0-orderer4 + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + labels: + app: org0-orderer4 + name: org0-orderer4 +spec: + ingressClassName: nginx + rules: + - host: org0-orderer4.${DOMAIN} + http: + paths: + - backend: + service: + name: org0-orderer4 + port: + name: general + path: / + pathType: ImplementationSpecific + - host: org0-orderer4-admin.${DOMAIN} + http: + paths: + - backend: + service: + name: org0-orderer4 + port: + name: admin + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - org0-orderer4.${DOMAIN} + - hosts: + - org0-orderer4-admin.${DOMAIN} diff --git a/test-network-k8s/network b/test-network-k8s/network index e43fc34270..9d4414d8ae 100755 --- a/test-network-k8s/network +++ b/test-network-k8s/network @@ -47,6 +47,7 @@ context ORG1_NS ${NS} context ORG2_NS ${NS} context DOMAIN localho.st context CHANNEL_NAME mychannel +context ORDERER_TYPE raft # or bft for BFT Orderer (for Fabric v3.0+) context ORDERER_TIMEOUT 10s # see https://github.com/hyperledger/fabric/issues/3372 context TEMP_DIR ${PWD}/build context CHAINCODE_BUILDER ccaas # see https://github.com/hyperledgendary/fabric-builder-k8s/blob/main/docs/TEST_NETWORK_K8S.md @@ -77,6 +78,7 @@ function print_help() { log "Network name \t\t: ${NETWORK_NAME}" log "Ingress domain \t\t: ${DOMAIN}" log "Channel name \t\t: ${CHANNEL_NAME}" + log "Orderer type \t\t: ${ORDERER_TYPE}" log log "--- Cluster Information" log "Cluster runtime \t: ${CLUSTER_RUNTIME}" diff --git a/test-network-k8s/scripts/channel.sh b/test-network-k8s/scripts/channel.sh index b0e76ffc2d..942681a177 100644 --- a/test-network-k8s/scripts/channel.sh +++ b/test-network-k8s/scripts/channel.sh @@ -150,9 +150,12 @@ function create_channel_MSP() { create_channel_org_MSP org1 peer $ORG1_NS create_channel_org_MSP org2 peer $ORG2_NS - extract_orderer_tls_cert org0 orderer1 - extract_orderer_tls_cert org0 orderer2 - extract_orderer_tls_cert org0 orderer3 + extract_orderer_cert org0 orderer1 + extract_orderer_cert org0 orderer2 + extract_orderer_cert org0 orderer3 + if [ "${ORDERER_TYPE}" == "bft" ]; then + extract_orderer_cert org0 orderer4 + fi pop_fn } @@ -185,13 +188,13 @@ function create_channel_org_MSP() { create_msp_config_yaml ${ca_name} ca-signcert.pem ${ORG_MSP_DIR} } -# Extract an orderer's TLS signing certificate for inclusion in the channel config block -function extract_orderer_tls_cert() { +# Extract an orderer's signing certificate for inclusion in the channel config block +function extract_orderer_cert() { local org=$1 local orderer=$2 local ns=$ORG0_NS - echo "Extracting TLS cert for $org $orderer" + echo "Extracting cert for $org $orderer" ORDERER_TLS_DIR=${TEMP_DIR}/channel-msp/ordererOrganizations/${org}/orderers/${org}-${orderer}/tls mkdir -p $ORDERER_TLS_DIR/signcerts @@ -200,14 +203,33 @@ function extract_orderer_tls_cert() { | jq -r .data.\"tls.crt\" \ | base64 -d \ > ${ORDERER_TLS_DIR}/signcerts/tls-cert.pem + + # For the orderer type is BFT, retrieve the enrollment certificate from the pod + POD_NAME=$(kubectl -n $ns get pods -l app=${org}-${orderer} -o jsonpath="{.items[0].metadata.name}") + # - Check if the pod exists before proceeding + if [ -z "$POD_NAME" ]; then + fatalln "Error: No Pod found with label app=${org}-${orderer} in namespace $ns" + fi + # - Copy the enrollment certificate from the pod to the local machine + kubectl -n $ns cp ${POD_NAME}:var/hyperledger/fabric/organizations/ordererOrganizations/${org}.example.com/orderers/${org}-${orderer}.${org}.example.com/msp/signcerts/cert.pem ${TEMP_DIR}/channel-msp/ordererOrganizations/${org}/orderers/${org}-${orderer}/cert.pem } function create_genesis_block() { push_fn "Creating channel genesis block" + + # Define the default channel configtx and profile + local profile="TwoOrgsApplicationGenesis" cat ${PWD}/config/org0/configtx-template.yaml | envsubst > ${TEMP_DIR}/configtx.yaml + + # Overwrite configtx and profile for bft orderer + if [ "${ORDERER_TYPE}" == "bft" ]; then + cat ${PWD}/config/org0/bft/configtx-template.yaml | envsubst > ${TEMP_DIR}/configtx.yaml + profile="ChannelUsingBFT" + fi + FABRIC_CFG_PATH=${TEMP_DIR} \ configtxgen \ - -profile TwoOrgsApplicationGenesis \ + -profile $profile \ -channelID $CHANNEL_NAME \ -outputBlock ${TEMP_DIR}/genesis_block.pb @@ -222,6 +244,9 @@ function join_channel_orderers() { join_channel_orderer org0 orderer1 join_channel_orderer org0 orderer2 join_channel_orderer org0 orderer3 + if [ "${ORDERER_TYPE}" == "bft" ]; then + join_channel_orderer org0 orderer4 + fi # todo: readiness / liveiness equivalent for channel? Needs a little bit to settle before peers can join. sleep 10 diff --git a/test-network-k8s/scripts/test_network.sh b/test-network-k8s/scripts/test_network.sh index 2f5ea8585b..3903bfe27b 100755 --- a/test-network-k8s/scripts/test_network.sh +++ b/test-network-k8s/scripts/test_network.sh @@ -16,6 +16,11 @@ function launch_orderers() { kubectl -n $ORG0_NS rollout status deploy/org0-orderer2 kubectl -n $ORG0_NS rollout status deploy/org0-orderer3 + if [ "${ORDERER_TYPE}" == "bft" ]; then + apply_template kube/org0/org0-orderer4.yaml $ORG0_NS + kubectl -n $ORG0_NS rollout status deploy/org0-orderer4 + fi + pop_fn } @@ -115,6 +120,9 @@ function create_local_MSP() { create_orderer_local_MSP org0 orderer1 create_orderer_local_MSP org0 orderer2 create_orderer_local_MSP org0 orderer3 + if [ "${ORDERER_TYPE}" == "bft" ]; then + create_orderer_local_MSP org0 orderer4 + fi create_peer_local_MSP org1 peer1 $ORG1_NS create_peer_local_MSP org1 peer2 $ORG1_NS