You can also carry out all the preceding operations using the trade.sh script. Just run the following command from within the network folder:
./trade.sh createneworg
This command, in addition to creating cryptographic material and channel configuration, generates a docker-compose configuration for just for the new organization in add_org/docker-compose-exportingEntityOrg.yaml. It runs the following services:
- One instance of a Fabric peer for the exporting entity's organization
- One instance of a Fabric CA for the exporting entity's organization
The specification and the dependencies are like those we encountered in docker-compose-e2e.yaml in Chapter 3, Setting the Stage with a Business Scenario, as follows:
services: exportingentity-ca: image: hyperledger/fabric-ca:$IMAGE_TAG environment: - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server - FABRIC_CA_SERVER_CA_NAME=ca-exportingentityorg - FABRIC_CA_SERVER_TLS_ENABLED=true - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.exportingentityorg.trade.com-cert.pem - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/fc435ccfdaf5d67251bd850a8620cde6d97a7732f89170167a02970c754e5450_sk ports: - "11054:7054" command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.exportingentityorg.trade.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/fc435ccfdaf5d67251bd850a8620cde6d97a7732f89170167a02970c754e5450_sk -b admin:adminpw -d' volumes: - ../crypto-config/peerOrganizations/exportingentityorg.trade.com/ca/:/etc/hyperledger/fabric-ca-server-config container_name: ca_peerExportingEntityOrg networks: - trade peer0.exportingentityorg.trade.com: container_name: peer0.exportingentityorg.trade.com extends: file: ../base/peer-base.yaml service: peer-base environment: - CORE_PEER_ID=peer0.exportingentityorg.trade.com - CORE_PEER_ADDRESS=peer0.exportingentityorg.trade.com:7051 - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.exportingentityorg.trade.com:7051 - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.exportingentityorg.trade.com:7051 - CORE_PEER_LOCALMSPID=ExportingEntityOrgMSP volumes: - /var/run/:/host/var/run/ - ../crypto-config/peerOrganizations/exportingentityorg.trade.com/peers/peer0.exportingentityorg.trade.com/msp:/etc/hyperledger/fabric/msp - ../crypto-config/peerOrganizations/exportingentityorg.trade.com/peers/peer0.exportingentityorg.trade.com/tls:/etc/hyperledger/fabric/tls - peer0.exportingentityorg.trade.com:/var/hyperledger/production ports: - 11051:7051 - 11053:7053 - 11055:6060 networks: - trade
This file is generated using the template YAML add_org/docker-compose-exportingEntityOrg-template.yaml, with the CA key filename (denoted by the variable EXPORTINGENTITY_CA_PRIVATE_KEY) in both the FABRIC_CA_SERVER_TLS_KEYFILE and in the command replaced with the secret key filename in crypto-config/peerOrganizations/exportingentityorg.trade.com/ca/, which in our example preceding is fc435ccfdaf5d67251bd850a8620cde6d97a7732f89170167a02970c754e5450_sk.
In addition, note that the certificate filename in the environment variables exportingentity-ca:FABRIC_CA_SERVER_TLS_CERTFILE and the paths specified in the volumes section match what was generated using cryptogen. The IDs, hostnames, and port values match what was specified in the congfigtx.yaml file. Finally, we ensure that the container ports are mapped to unique ports (in the 11,000s range) to avoid conflicts with the ports exposed by the containers of the peers and MSPs of the older organizations.