Add CLI to a Peer

This guide explains how to add a CLI to an existing Hyperledger Fabric network using two methods:

1. Using the add-cli.yaml playbook: This method involves running an Ansible playbook that automates the process of adding a CLI to the network.

2. Using helm install: This method involves using the helm install command to directly install the CLI chart.

Prerequisites

• A fully configured Fabric network with Orderers and Peers.
• Corresponding crypto materials present in Hashicorp Vault or Kubernetes secrets.
• Hyperledger Bevel configured.

Method 1: Using the add-cli.yaml playbook

1. Update Configuration File

   • Edit the network.yaml file to include the new organization with the following details:
     • peerstatus: new
     • cli: enabled
     • org_status: new
     • Organization details (name, MSP ID, etc.)
     • Orderer information
   • Existing organizations should have org_status: existing
   • Existing peer(s) with cli deployed should have peerstatus: existing
   • Refer to the networkyaml-fabric.md guide for details on editing the configuration file.

   Snippet from network.channels section below:

     # The channels defined for a network with participating peers in each channel
     channels:
     - channel:
       consortium: SupplyChainConsortium
       channel_name: AllChannel
       channel_status: new
       osn_creator_org: # Organization name, whose orderers will create the channel. This field is only used with version 2.5
         name: supplychain 
       chaincodes:
         - "chaincode_name"
       orderers: 
         - supplychain
       participants:
       - organization:
         name: carrier
         type: creator       # creator organization will create the channel and instantiate chaincode, in addition to joining the channel and install chaincode
         org_status: new  # org_status must be existing when adding peer
         peers:
         - peer:
           name: peer0
           type: anchor
           peerstatus: existing    # old peers should have status as existing
           gossipAddress: peer1.carrier-net.org3proxy.blockchaincloudpoc.com:443  # Must include port, External or internal URI of the gossip peer
           peerAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
         - peer:
           name: peer1
           type: nonanchor
           peerstatus: new         # new peers should have status as new
           gossipAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443  # Must include port, External or internal URI of the gossip peer
           peerAddress: peer1.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
         ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443             # Must include port, External or internal URI of the orderer   
       - organization:
         name: supplychain
         type: joiner
         org_status: existing
         peers:
         - peer:
           name: peer0
           type: anchor
           peerstatus: existing    
           gossipAddress: peer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443
           peerAddress: peer0.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443
         - peer:
           name: peer1
           type: nonanchor
           peerstatus: existing    
           gossipAddress: peer0.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443
           peerAddress: peer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443
         ordererAddress: orderer1.supplychain-net.org1proxy.hlf.blockchaincloudpoc-develop.com:443 
   

   and from network.organizations section below:

     # Allows specification of one or many organizations that will be connecting to a network.
     # If an organization is also hosting the root of the network (e.g. doorman, membership service, etc),
     # then these services should be listed in this section as well.
     organizations:
       # Specification for the Existing Peer organization.
       - organization:
         name: carrier
         country: GB
         state: London
         location: London
         subject: "O=Carrier,OU=Carrier,L=51.50/-0.13/London,C=GB"
         external_url_suffix: org3proxy.blockchaincloudpoc.com
         org_status: new  # org_status must be existing when adding peer
         orderer_org: supplychain # Name of the organization that provides the ordering service
         ca_data:
           certificate: /path/carrier/server.crt                           # CA Server public cert must be provided when adding peer on new cluster
         ..
         ..
         services:
           - peer:
             name: peer0
             type: anchor    # This can be anchor/nonanchor. Atleast one peer should be anchor peer.    
             gossippeeraddress: peer1.carrier-net.org3proxy.blockchaincloudpoc.com:443 # No change from original configuration
             peerAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
             peerstatus: existing    # Peers that already have a cli deployed must have status as existing
             cli: enabled           # Creates a peer cli pod depending upon the (enabled/disabled) tag.          
             ..
             ..
           - peer:
             name: peer1
             type: nonanchor    # This can be anchor/nonanchor. Atleast one peer should be anchor peer.    
             gossippeeraddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External address of the existing anchor peer
             peerAddress: peer1.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
             peerstatus: new     # new peer cli should have status as new
             cli: enabled       # Creates a peer cli pod depending upon the (enabled/disabled) tag.          
             ..
             ..
   

2. Run Playbook

   Execute the following command to run the add-cli.yaml playbook:

   ansible-playbook platforms/hyperledger-fabric/configuration/add-cli.yaml --extra-vars "@path-to-network.yaml"
   

   Replace path-to-network.yaml with the actual path to your updated network.yaml file.

   This will add the CLI to the specified organization in the existing Fabric network.

Method 2: Using helm install

1. Update the fabric-cli values.yaml file

   The values.yaml file allows you to configure various aspects of the CLI, including:

   • The peer to which the CLI should connect.
   • The storage class and size for the CLI's persistent volume claim.
   • The local MSP ID of the organization.
   • The TLS status of the peer.
   • The GRPC Port of the peer.
   • The Orderer Address to which the CLI should connect.

   Refer to the fabric-cli chart documentation for a complete list of available configuration options.

2. Install the CLI Chart

   Execute the following command to install the CLI chart:

   # From platforms/hyperledger-fabric/charts directory
   helm install <release-name> ./fabric-cli --namespace <namespace> --values <values-file.yaml>
   

   Replace the following placeholders:
   • <release-name>: The desired name for the CLI release.
   • <namespace>: The Kubernetes namespace where the CLI should be deployed.
   • <values-file.yaml>: The path to a YAML file containing the CLI configuration values.

Additional Notes

• The add-cli.yaml playbook and helm install method has been tested on networks created by Bevel. Networks created using other methods may be suitable, but this has not been tested by the Bevel team.
• Ensure that the network.yaml file contains the specific network.organization details along with the orderer information.