For local ubuntu Installation is being used Ubuntu Xenial - 16.04 LTS, via vagrant
$ vagrant init ubuntu/xenial64
$ vagrant upAfter the box is up we need to add the correct repository:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 8AA7AF1F1091A5FD
$ sudo add-apt-repository 'deb http://repo.sawtooth.me/ubuntu/1.0/stable xenial universe'
$ sudo apt updateInstall the package:
$ sudo apt install -y sawtoothInstall Docker adding key and repo:
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
$ sudo apt update
$ sudo apt install -y docker-ce docker-composeSystemd is the default init system for many Linux distributions, init system is also used to manage serviecs and daemons for the server at any point while the system is running.
Targets on systemd are called units, resourcers that systemd knows how to manage. Units are categorized by the type of resource they represent and they are defined with files know as unit files. To list all Units files inside the system use:
sudo systemctl list-unit-files | grep sawtoothTo fetch the ones running
sudo systemctl list-unitBy default they are not enabled or started by default, to start a the Sawtooth validator service:
$ sudo systemctl start sawtooth-validator.serviceTo stop the Sawtooth Validator use:
$ sudo systemtl stop sawtooth-validator.serviceTo start the service use enable/disable, same works for reload/restart
Finally to check the status:
$ systemctl status sawtooth-validator.servicePieces can be found in docker-compose file.
https://sawtooth.hyperledger.org/docs/core/releases/1.0/app_developers_guide/sawtooth-default.yamlThe images that follows are:
hyperledger/sawtooth-settings-tp:1.0
hyperledger/sawtooth-intkey-tp-python:1.0
hyperledger/sawtooth-xo-tp-python:1.0
hyperledger/sawtooth-validator:1.0
with the command:
sawadm keygen && \
sawtooth keygen my_key && \
sawset genesis -k /root/.sawtooth/keys/my_key.priv && \
sawadm genesis config-genesis.batch && \
sawtooth-validator -vv \
--endpoint tcp://validator:8800 \
--bind component:tcp://eth0:4004 \
--bind network:tcp://eth0:8800 \
hyperledger/sawtooth-rest-api:1.0
hyperledger/sawtooth-all:1.0
$ sawadm keygen
/etc/validator/keys/validator.pub
/etc/validator/keys/validator.priv
$ sawtooth keygen
~/.sawtooth/keys/Create the genesis blocks
$ sawset genesis -k /root/.sawtooth/my_priv.key
config-genesis.batch
$ sawadm genesis config-gensis.batch
/var/lib/sawtooth/genesis.batchAfter creating the genesis.batch:
$ systemctl start sawtooth-validator.services
/etc/default/sawtooth-validator
journalctl -u sawtooth-settings-tp -u sawtooth-validator
$ journalctl -u sawtooth-validator
genesis] genesis_batch_file: /var/lib/sawtooth/genesis.batch
genesis] block_chain_id: not yet specified
genesis] Producing genesis block from /var/lib/sawtooth/genesis.batch
genesis] Adding 1 batches
executor] no transaction processors registered for processor type sawtooth_settings: 1.0
executor] Waiting for transaction processor (sawtooth_settings, 1.0)
/etc/default/sawtooth-validator
$ systemctl start sawtooth-settings-tp.services
processor_handlers] registered transaction processor: connection_id=1, family=sawtooth_settings, version=1.0, namespaces=['000000']
ps
top–peers tcp://127.0.0.1:8800 for static and –seeds for dynamic
For PoET
sawset proposal create -k /etc/sawtooth/keys/validator.priv \
sawtooth.consensus.algorithm=poet \
sawtooth.poet.report_public_key_pem="$(cat /etc/sawtooth/ias_rk_pub.pem)" \
sawtooth.poet.valid_enclave_measurements=$(poet enclave --enclave-module sgx measurement) \
sawtooth.poet.valid_enclave_basenames=$(poet enclave --enclave-module sgx basename) \
sawtooth.poet.enclave_module_name=sawtooth_poet_sgx.poet_enclave_sgx.poet_enclave \
-o config.batchCan be found in: /etc/sawtooth/log_config
Starting the REST API can be made via Ubuntu systemd scripts or by hand
$ sudo systemctl start sawtooth-rest-api.serviceConfiguration for the service is made at /etc/default/sawtooth-rest-api To set another port of validator node set –conect tcp://localhost:4004
iptables
Setup InfluxDb - https://knabben.github.io/posts/sawtooth-grafana/
In the TP to connect use: -C tcp://localhost:4004
In the validator-process set: --bind component:tcp://127.0.0.1:4004
Systemd services setup
sudo -u sawtooth sawtooth-validator -vv --scheduler parallel || serial
/etc/sawtooth/path.toml
key_dir
data_dir
log_dir
policy_dir
/etc/sawtooth/cli.tomlstart the validators using Peering static or dynamic, with the first node with genesis block.
set –peers on all nodes
remove –peers value from the nodes, and turn the daemon off
restart the sawtooth-validator
sawset proposal create -k /etc/sawtooth/keys/validator.priv sawtooth.consensus.algorithm=dev
sudo systemctl restart sawtooth-validator
sudo systemctl restart sawtooth-rest-api
sudo systemctl restart sawtooth-settings-tpSet transaction processor connection to validator 4004 connect
Edit configuration on /etc/sawtooth/validators.toml
sudo apt-get upgrade
sudo apt-get install sawtooth*cat /etc/sawtooth/keys/validator.pub
https://knabben.github.io/posts/sawtooth-permission/
$ sawtooth-identity
$ sawtooth identity policy create policy "DENY_KEY *"
$ sawset proposal create sawtooth.identity.allowed_keysNetwork identity
On policy_dir must create the correct policy_name file.
Trust and challenge authorization types.
sawtooth identity role transactor policy_name
sawtooth identity role network policy_name
/etc/sawtooth/validator.toml - for off-chain use the configuration file:
[permissions] ROLE = POLICY_NAME
policy_dir - policy_nameApache and Nginx
$ sawset proposal create sawtooth.identity.allowed_keys=xxx