Try SpotterManage a Hyperledger Fabric peer
Authors: Simon Stone (@sstone1)
preview | supported by community
Install with ansible-galaxy collection install hyperledger.fabric_ansible_collection:==2.0.7
collections:
- name: hyperledger.fabric_ansible_collection
version: 2.0.7Create, update, or delete a Hyperledger Fabric peer.
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
- name: Create peer
hyperledger.fabric_ansible_collection.peer:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1 Peer
msp_id: Org1MSP
certificate_authority: Org1 CA
enrollment_id: org1peer
enrollment_secret: org1peerpw
admin_certificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
- name: Create peer with custom resources and storage
hyperledger.fabric_ansible_collection.peer:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1 Peer
msp_id: Org1MSP
certificate_authority: Org1 CA
enrollment_id: org1peer
enrollment_secret: org1peerpw
admin_certificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
resources:
peer:
requests:
cpu: 400m
memory: 2G
storage:
peer:
size: 200Gi
class: ibmc-file-gold
- name: Create peer that uses an HSM
hyperledger.fabric_ansible_collection.peer:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1 Peer
msp_id: Org1MSP
certificate_authority: Org1 CA
enrollment_id: org1peer
enrollment_secret: org1peerpw
admin_certificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
hsm:
pkcs11endpoint: tcp://pkcs11-proxy.example.org:2345
label: Org1 CA label
pin: 12345678
- name: Destroy peer
hyperledger.fabric_ansible_collection.peer:
state: absent
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Org1 Peer
hsm:
description:
- 'The PKCS #11 compliant HSM configuration to use for the peer.'
suboptions:
label:
description:
- The HSM label that the peer should use.
type: str
pin:
description:
- The HSM pin that the peer should use.
type: str
pkcs11endpoint:
description:
- The HSM proxy endpoint that the peer should use.
type: str
type: dict
name:
description:
- The name of the peer.
required: true
type: str
zone:
description:
- The Kubernetes zone for this peer.
- If you do not specify a Kubernetes zone, and multiple Kubernetes zones are available,
then a random Kubernetes zone will be selected for you.
- 'See the Kubernetes documentation for more information: https://kubernetes.io/docs/setup/best-practices/multiple-zones/'
type: str
state:
choices:
- absent
- present
default: present
description:
- C(absent) - A peer matching the specified name will be stopped and removed.
- C(present) - Asserts that a peer matching the specified name and configuration exists.
If no peer matches the specified name, a peer will be created. If a peer matches
the specified name but the configuration does not match, then the peer will be updated,
if it can be. If it cannot be updated, it will be removed and re-created with the
specified configuration.
type: str
admins:
description:
- The list of administrator certificates for this peer.
- Administrator certificates must be supplied as base64 encoded PEM files.
- Only required when I(config) is not specified.
elements: str
type: list
config:
description:
- The initial configuration for the peer. This is only required if you need more advanced
configuration than is provided by this module using I(certificate_authority) and
related options.
type: dict
msp_id:
description:
- The MSP ID for this peer.
- Only required when I(state) is C(present).
type: str
api_key:
description:
- The API key for the Fabric operations console.
required: true
type: str
storage:
description:
- The Kubernetes storage configuration for the peer.
suboptions:
peer:
description:
- The Kubernetes storage configuration for the peer container.
suboptions:
class:
description:
- The Kubernetes storage class for the the Kubernetes persistent volume claim
for the peer container.
- By default, the Kubernetes storage class for the Fabric operations console
is used.
type: str
size:
default: 100Gi
description:
- The size of the Kubernetes persistent volume claim for the peer container.
type: str
type: dict
statedb:
description:
- The Kubernetes storage configuration for the CouchDB container.
suboptions:
class:
description:
- The Kubernetes storage class for the the Kubernetes persistent volume claim
for the CouchDB container.
- By default, the Kubernetes storage class for the Fabric operations console
is used.
type: str
size:
default: 100Gi
description:
- The size of the Kubernetes persistent volume claim for the CouchDB container.
type: str
type: dict
type: dict
version:
description:
- The version of Hyperledger Fabric to use for this peer.
- If you do not specify a version, the default Hyperledger Fabric version will be
used for a new peer.
- If you do not specify a version, an existing peer will not be upgraded.
- If you specify a new version, an existing peer will be automatically upgraded.
- The version can also be specified as a version range specification, for example
C(>=2.2,<3.0), which will match Hyperledger Fabric v2.2 and greater, but not Hyperledger
Fabric v3.0 and greater.
- 'See the C(semantic_version) Python module documentation for more information: https://python-semanticversion.readthedocs.io/en/latest/reference.html#semantic_version.SimpleSpec'
type: str
state_db:
choices:
- couchdb
- leveldb
default: couchdb
description:
- C(couchdb) - Use CouchDB as the state database for this peer.
- C(leveldb) - Use LevelDB as the state database for this peer.
type: str
resources:
description:
- The Kubernetes resource configuration for the peer.
suboptions:
chaincodelauncher:
description:
- The Kubernetes resource configuration for the chaincode launcher container.
- This configuration is only used if the peer is using Hyperledger Fabric v2.0
or later.
suboptions:
requests:
description:
- The Kubernetes resource requests for the chaincode launcher container.
suboptions:
cpu:
default: 200m
description:
- The Kubernetes CPU resource request for the chaincode launcher container.
type: str
memory:
default: 400M
description:
- The Kubernetes memory resource request for the chaincode launcher container.
type: str
type: str
type: dict
couchdb:
description:
- The Kubernetes resource configuration for the CouchDB container.
suboptions:
requests:
description:
- The Kubernetes resource requests for the CouchDB container.
suboptions:
cpu:
default: 200m
description:
- The Kubernetes CPU resource request for the CouchDB container.
type: str
memory:
default: 400M
description:
- The Kubernetes memory resource request for the CouchDB container.
type: str
type: str
type: dict
dind:
description:
- The Kubernetes resource configuration for the Docker in Docker (DinD) container.
- This configuration is only used if the peer is using Hyperledger Fabric v1.4.
suboptions:
requests:
description:
- The Kubernetes resource requests for the Docker in Docker (DinD) container.
suboptions:
cpu:
default: 1
description:
- The Kubernetes CPU resource request for the Docker in Docker (DinD)
container.
type: str
memory:
default: 1G
description:
- The Kubernetes memory resource request for the Docker in Docker (DinD)
container.
type: str
type: str
type: dict
peer:
description:
- The Kubernetes resource configuration for the peer container.
suboptions:
requests:
description:
- The Kubernetes resource requests for the peer container.
suboptions:
cpu:
default: 200m
description:
- The Kubernetes CPU resource request for the peer container.
type: str
memory:
default: 1G
description:
- The Kubernetes memory resource request for the peer container.
type: str
type: str
type: dict
proxy:
description:
- The Kubernetes resource configuration for the proxy container.
suboptions:
requests:
description:
- The Kubernetes resource requests for the proxy container.
suboptions:
cpu:
default: 100m
description:
- The Kubernetes CPU resource request for the proxy container.
type: str
memory:
default: 200M
description:
- The Kubernetes memory resource request for the proxy container.
type: str
type: str
type: dict
type: dict
api_secret:
description:
- The API secret for the Fabric operations console.
- Only required when I(api_authtype) is C(basic).
type: str
api_timeout:
default: 60
description:
- The timeout, in seconds, to use when interacting with the Fabric operations console.
type: int
api_authtype:
description:
- C(basic) - Authenticate to the Fabric operations console using basic authentication.
You must provide both a valid API key using I(api_key) and API secret using I(api_secret).
required: true
type: str
api_endpoint:
description:
- The URL for the Fabric operations console.
required: true
type: str
wait_timeout:
default: 60
description:
- The timeout, in seconds, to wait until the peer is available.
type: int
enrollment_id:
description:
- The enrollment ID, or user name, of an identity registered on the certificate authority
for this peer.
- Only required when I(config) is not specified.
type: str
config_override:
description:
- The configuration overrides for the peer.
- 'See the Hyperledger Fabric documentation for available options: https://github.com/hyperledger/fabric/blob/release-1.4/sampleconfig/core.yaml'
type: dict
enrollment_secret:
description:
- The enrollment secret, or password, of an identity registered on the certificate
authority for this peer.
- Only required when I(config) is not specified.
type: str
certificate_authority:
description:
- The certificate authority to use to enroll the identity for this peer.
- You can pass a string, which is the display name of a certificate authority registered
with the Fabric operations console.
- You can also pass a dictionary, which must match the result format of one of the
M(certificate_authority_info) or M(certificate_authority) modules.
- Only required when I(config) is not specified.
type: raw
peer:
contains:
api_url:
description:
- The URL for the API of the peer.
sample: grpcs://org1peer-api.example.org:32000
type: str
grpcwp_url:
description:
- The URL for the gRPC web proxy of the peer.
sample: grpcs://org1peer-grpcwebproxy.example.org:32000
type: str
location:
description:
- The location of the peer.
sample: ibmcloud
type: str
msp_id:
description:
- The MSP ID of the peer.
sample: Org1MSP
type: str
name:
description:
- The name of the peer.
sample: Org1 Peer
type: str
operations_url:
description:
- The URL for the operations service of the peer.
sample: grpcs://org1peer-operations.example.org:32000
type: str
pem:
description:
- The TLS certificate chain for the peer.
- The TLS certificate chain is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
tls_ca_root_cert:
description:
- The TLS certificate chain for the peer.
- The TLS certificate chain is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
tls_cert:
description:
- The TLS certificate for the peer.
- The TLS certificate is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
description: The peer.
returned: when I(state) is C(present)
type: dict