Try SpotterManage a Hyperledger Fabric ordering service node
Authors: Simon Stone (@sstone1)
preview | supported by community
Install with ansible-galaxy collection install hyperledger_labs.fabric_ansible_collection:==2.0.0
collections:
- name: hyperledger_labs.fabric_ansible_collection
version: 2.0.0Create, update, or delete a Hyperledger Fabric ordering service node.
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
- name: Create ordering service node
hyperledger.fabric_ansible_collection.ordering_service_node:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Ordering Service Node 2
msp_id: OrdererOrgMSP
certificate_authority: Orderer Org CA
enrollment_id: orderingorgorderer
enrollment_secret: orderingorgordererpw
admin_certificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
- name: Create ordering service node with custom resources and storage
hyperledger.fabric_ansible_collection.ordering_service_node:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Ordering Service Node 2
msp_id: OrdererOrgMSP
certificate_authority: Orderer Org CA
enrollment_id: orderingorgorderer
enrollment_secret: orderingorgordererpw
admin_certificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
resources:
orderer:
requests:
cpu: 500m
memory: 1000M
storage:
orderer:
size: 200Gi
class: ibmc-file-gold
- name: Create ordering service node that uses an HSM
hyperledger.fabric_ansible_collection.ordering_service_node:
state: present
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Ordering Service Node 2
msp_id: OrdererOrgMSP
nodes: 5
certificate_authority: Orderer Org CA
enrollment_id: orderingorgorderer
enrollment_secret: orderingorgordererpw
admin_certificates:
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
hsm:
pkcs11endpoint: tcp://pkcs11-proxy.example.org:2345
label: Org1 CA label
pin: 12345678
- name: Destroy ordering service node
hyperledger.fabric_ansible_collection.ordering_service_node:
state: absent
api_endpoint: https://console.example.org:32000
api_authtype: basic
api_key: xxxxxxxx
api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
name: Ordering Service Node 2
hsm:
description:
- 'The PKCS #11 compliant HSM configuration to use for the ordering service node.'
suboptions:
label:
description:
- The HSM label that the ordering service node should use.
type: str
pin:
description:
- The HSM pin that the ordering service node should use.
type: str
pkcs11endpoint:
description:
- The HSM proxy endpoint that the ordering service node should use.
type: str
type: dict
name:
description:
- The name for the ordering service node.
required: true
type: str
zone:
description:
- The Kubernetes zone for this ordering service node.
- If you do not specify a Kubernetes zone, and multiple Kubernetes zones are available,
then a random Kubernetes zone will be selected for you.
- 'See the Kubernetes documentation for more information: https://kubernetes.io/docs/setup/best-practices/multiple-zones/'
type: str
state:
choices:
- absent
- present
default: present
description:
- C(absent) - An ordering service node matching the specified name will be stopped
and removed.
- C(present) - Asserts that an ordering service node matching the specified name and
configuration exists. If no ordering service node matches the specified name, an
ordering service node will be created. If an ordering service node matches the specified
name but the configuration does not match, then the ordering service node will be
updated, if it can be. If it cannot be updated, it will be removed and re-created
with the specified configuration.
type: str
admins:
description:
- The list of administrator certificates for this ordering service node.
- Administrator certificates must be supplied as base64 encoded PEM files.
- Only required when I(config) is not specified.
elements: str
type: list
config:
description:
- The initial configuration for the ordering service node. This is only required if
you need more advanced configuration than is provided by this module using I(certificate_authority)
and related options.
type: dict
msp_id:
description:
- The MSP ID for this ordering service node.
- Only required when I(state) is C(present).
type: str
api_key:
description:
- The API key for the Fabric operations console.
required: true
type: str
storage:
description:
- The Kubernetes storage configuration for the ordering service node.
suboptions:
orderer:
description:
- The Kubernetes storage configuration for the orderer container.
suboptions:
class:
description:
- The Kubernetes storage class for the the Kubernetes persistent volume claim
for the orderer container.
- By default, the Kubernetes storage class for the Fabric operations console
is used.
type: str
size:
default: 100Gi
description:
- The size of the Kubernetes persistent volume claim for the orderer container.
type: str
type: dict
type: dict
version:
description:
- The version of Hyperledger Fabric to use for this ordering service node.
- If you do not specify a version, the default Hyperledger Fabric version will be
used for a new ordering service node.
- If you do not specify a version, an existing ordering service node will not be upgraded.
- If you specify a new version, an existing ordering service node will be automatically
upgraded.
- The version can also be specified as a version range specification, for example
C(>=2.2,<3.0), which will match Hyperledger Fabric v2.2 and greater, but not Hyperledger
Fabric v3.0 and greater.
- 'See the C(semantic_version) Python module documentation for more information: https://python-semanticversion.readthedocs.io/en/latest/reference.html#semantic_version.SimpleSpec'
type: str
resources:
description:
- The Kubernetes resource configuration for the ordering service node.
suboptions:
orderer:
description:
- The Kubernetes resource configuration for the orderer container.
suboptions:
requests:
description:
- The Kubernetes resource requests for the orderer container.
suboptions:
cpu:
default: 250m
description:
- The Kubernetes CPU resource request for the orderer container.
type: str
memory:
default: 500M
description:
- The Kubernetes memory resource request for the orderer container.
type: str
type: str
type: dict
proxy:
description:
- The Kubernetes resource configuration for the proxy container.
suboptions:
requests:
description:
- The Kubernetes resource requests for the proxy container.
suboptions:
cpu:
default: 100m
description:
- The Kubernetes CPU resource request for the proxy container.
type: str
memory:
default: 200M
description:
- The Kubernetes memory resource request for the proxy container.
type: str
type: str
type: dict
type: dict
api_secret:
description:
- The API secret for the Fabric operations console.
- Only required when I(api_authtype) is C(basic).
type: str
api_timeout:
default: 60
description:
- The timeout, in seconds, to use when interacting with the Fabric operations console.
type: int
api_authtype:
description:
- C(basic) - Authenticate to the Fabric operations console using basic authentication.
You must provide both a valid API key using I(api_key) and API secret using I(api_secret).
required: true
type: str
api_endpoint:
description:
- The URL for the Fabric operations console.
required: true
type: str
config_block:
description:
- The path to where the config block for the system channel is stored.
- You must first update the config for the system channel by adding this ordering
service node into the consenter set of the system channel.
- The config block will only be submitted to the ordering service node if the ordering
service node has been pre-created and is not ready for use.
type: str
orderer_type:
choices:
- raft
default: raft
description:
- C(raft) - The ordering service node will use the Raft consensus algorithm.
type: str
wait_timeout:
default: 60
description:
- The timeout, in seconds, to wait until the ordering service node is available.
type: int
enrollment_id:
description:
- The enrollment ID, or user name, of an identity registered on the certificate authority
for this ordering service node.
- Only required when I(config) is not specified.
type: str
config_override:
description:
- The configuration overrides for the ordering service node.
- 'See the Hyperledger Fabric documentation for available options: https://github.com/hyperledger/fabric/blob/release-1.4/sampleconfig/core.yaml'
type: dict
ordering_service:
description:
- The name of the ordering service that this ordering service node belongs to.
- You can pass a string, which is the display name of a ordering service registered
with the Fabric operations console.
- You can also pass a dictionary, which must match the result format of one of the
M(ordering_service_info) or M(ordering_service) modules.
- Only required when I(config) is not specified.
type: str
enrollment_secret:
description:
- The enrollment secret, or password, of an identity registered on the certificate
authority for this ordering service node.
- Only required when I(config) is not specified.
type: str
system_channel_id:
default: testchainid
description:
- The name of the system channel for this ordering service node.
type: str
certificate_authority:
description:
- The certificate authority to use to enroll the identity for this ordering service
node.
- You can pass a string, which is the display name of a certificate authority registered
with the Fabric operations console.
- You can also pass a dictionary, which must match the result format of one of the
M(certificate_authority_info) or M(certificate_authority) modules.
- Only required when I(config) is not specified.
type: raw
ordering_service_node:
contains:
api_url:
description:
- The URL for the API of the ordering service node.
sample: grpcs://orderingservice1-api.example.org:32000
type: str
client_tls_cert:
description:
- The client TLS certificate for the ordering service node.
- The client TLS certificate is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
cluster_id:
description:
- The unique ID of the ordering service cluster.
sample: abcdefgh
type: str
cluster_name:
description:
- The name of the ordering service cluster.
sample: Ordering Service
type: str
consenter_proposal_fin:
description:
- True if the ordering service node has been added to the consenter set of the
system channel, false otherwise. Ordering service nodes that have not been
added to the consenter set of the system channel are not ready for use.
sample: true
type: boolean
grpcwp_url:
description:
- The URL for the gRPC web proxy of the ordering service node.
sample: https://orderingservice1-grpcwebproxy.example.org:32000
type: str
location:
description:
- The location of the ordering service node.
sample: ibmcloud
type: str
msp_id:
description:
- The MSP ID of the ordering service node.
sample: OrdererOrgMSP
type: str
name:
description:
- The name of the ordering service node.
sample: Ordering Service_1
type: str
operations_url:
description:
- The URL for the operations service of the ordering service node.
sample: https://orderingservice1-operations.example.org:32000
type: str
pem:
description:
- The TLS certificate chain for the ordering service node.
- The TLS certificate chain is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
server_tls_cert:
description:
- The server TLS certificate for the ordering service node.
- The server TLS certificate is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
system_channel_id:
description:
- The name of the system channel for the ordering service node.
sample: testchainid
type: str
tls_ca_root_cert:
description:
- The TLS certificate chain for the ordering service node.
- The TLS certificate chain is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
tls_cert:
description:
- The TLS certificate for the ordering service node.
- The TLS certificate is returned as a base64 encoded PEM.
sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
type: str
description:
- The ordering service node.
returned: when I(state) is C(present)
type: dict