Removing an organization in Hyperledger Fabric

• Prerequisites
• Modifying Configuration File
• Run playbook

Prerequisites

To remove an organization a fully configured Fabric network must be present already, i.e. a Fabric network which has Orderers, Peers, Channels (with all Peers already in the channels). The corresponding crypto materials should also be present in their respective Hashicorp Vault.

---

NOTE: Removing an organization has been tested on an existing network which is created by Bevel. Networks created using other methods may be suitable but this has not been tested by Bevel team.

---

Modifying Configuration File

Refer this guide for details on editing the configuration file.

While modifying the configuration file(network.yaml) for removing an organization, all the existing organizations should have org_status tag as existing and to be deleted organization should have org_status tag as delete under network.channels e.g.

    channel_status: new
    channel_name: AllChannel
    chaincodes:
      - "chaincode_name"
    orderers:
      - supplychain
    participants:
    - organization:
      name: carrier
      type: creator       # creator organization will create the channel and instantiate chaincode, in addition to joining the channel and install chaincode
      org_status: existing # Status of the organization for the existing network, can be delete / existing
      peers:
      - peer:
        name: peer0
        gossipAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443  # Must include port, External or internal URI of the gossip peer
        peerAddress: peer0.carrier-net.org3proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
      ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443             # Must include port, External or internal URI of the orderer
    - organization:
      name: store
      type: joiner        # joiner organization will only join the channel and install chaincode
      org_status: delete # Status of the organization for the existing network, can be delete / existing
      peers:
      - peer:
        name: peer0
        gossipAddress: peer0.store-net.org4proxy.blockchaincloudpoc.com:443
        peerAddress: peer0.store-net.org4proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
      ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443
    - organization:
      name: warehouse
      type: joiner
      org_status: existing # Status of the organization for the existing network, can be delete / existing
      peers:
      - peer:
        name: peer0
        gossipAddress: peer0.warehouse-net.org5proxy.blockchaincloudpoc.com:443
        peerAddress: peer0.warehouse-net.org5proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
      ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443
    - organization:
      name: manufacturer
      type: joiner
      org_status: existing # Status of the organization for the existing network, can be delete / existing
      peers:
      - peer:
        name: peer0
        gossipAddress: peer0.manufacturer-net.org2proxy.blockchaincloudpoc.com:443
        peerAddress: peer0.manufacturer-net.org2proxy.blockchaincloudpoc.com:443 # Must include port, External URI of the peer
      ordererAddress: orderer1.supplychain-net.org1proxy.blockchaincloudpoc.com:443

  # Allows specification of one or many organizations that will be connecting to a network.
  # If an organization is also hosting the root of the network (e.g. doorman, membership service, etc),
  # then these services should be listed in this section as well.

and under network.organizations as

      name: supplychain
      country: UK
      state: London
      location: London
      subject: "O=Orderer,OU=Orderer,L=51.50/-0.13/London,C=GB"
      external_url_suffix: org1proxy.blockchaincloudpoc.com
      org_status: existing # Status of the organization for the existing network, can be delete / existing
      ca_data:
        certificate: /path/supplychain/server.crt        # Path where ca public cert will be stored (if new) or read from (if existing ca)

      cloud_provider: aws   # Options: aws, azure, gcp, digitalocean, minikube
      aws:
      ..
      ..
      ca_data:
        certificate: /path/store/server.crt

      cloud_provider: aws   # Options: aws, azure, gcp, digitalocean, minikube
      aws:
        access_key: "aws_access_key"        # AWS Access key, only used when cloud_provider=aws
        secret_key: "aws_secret_key"        # AWS Secret key, only used when cloud_provider=aws

      # Kubernetes cluster deployment variables. The config file path and name has to be provided in case
      ..
      ..

The network.yaml file should contain the specific network.organization details along with the orderer information.

For reference, see network-fabric-remove-organization.yaml file here.

Run playbook

The remove-organization.yaml playbook is used to remove organization(s) from the existing network. This can be done using the following command

ansible-playbook platforms/hyperledger-fabric/configuration/remove-organization.yaml --extra-vars "@path-to-network.yaml"

---

NOTE: Make sure that the org_status label was set as new when the network is deployed for the first time. If you have additional applications, please deploy them as well.