Work with Channels
A channel is a private communication pathway between two or more members of a Hyperledger Fabric network on Amazon Managed Blockchain. Each transaction on a Hyperledger Fabric network occurs on a channel. A network must contain at least one channel and a network on Managed Blockchain can have up to eight channels.
Each channel has its own transaction ledger. The ordering service on the network manages transactions according to a channel configuration that a member creates. The channel configuration specifies which members participate in the channel, the peer nodes that can transact on the channel, and the policies that govern channel updates.
To participate on a channel, a member must join at least one peer node to the channel. A peer node can belong to multiple channels, but ledger data from one channel can't pass to ledger data in another channel. A member shares their admin certificates and root CA with the channel creator when they join the channel. These artifacts allow the ordering service to authenticate and authorize members of the channel when they join their peer nodes to the channel.
Optionally, a channel also can contain private data collections. A private data collection allows a subset of channel members to share ledger data independently of the ordering service. Private data collections are supported only with Hyperledger Fabric 1.4 or later. Private data collections require that at least one peer node for a member is set up as an anchor peer. For more information, see Add an Anchor Peer to a Channel and Work with Private Data Collections in Hyperledger Fabric on Managed Blockchain.
Create a Channel
A channel creator is a member that uses their Hyperledger Fabric client to create a channel configuration file. The channel creator then runs a command that outputs a channel transaction file based on that configuration file. Finally, the channel creator uses the transaction file to run a command that creates the channel with the Hyperledger Fabric ordering service on Managed Blockchain. The channel creator must get security artifacts from channel members to be able to add the members to the channel.
After the channel is created, channel members, including the channel creator, download the channel genesis block to their respective Hyperledger Fabric client machines and join peer nodes to the channel.
To create and join a Hyperledger Fabric channel on Managed Blockchain
The following steps specify file locations in terms of both the Hyperledger Fabric client machine's file system and the Hyperledger Fabric CLI Docker container file system, as appropriate. When the CLI is installed, the Docker Compose configuration file maps these locations to one another. For more information, see step 3.4 in the Getting Started tutorial of this guide.
In the following examples, the client machine directory /home/ec2-user
is
mapped to the container directory /opt/home
. In steps where you
save artifacts, the steps use the client machine file system. In steps where you
reference artifacts in CLI commands and configuration files, the steps use the
container file system.
-
Each member that joins a channel shares its security artifacts with the channel creator. The channel creator saves the artifacts on the Hyperledger Fabric client machine. The channel creator then references the location of these artifacts in the next step. For more information about sharing artifacts, see Step 8.4 and 8.5 in the getting started tutorial of this guide. Sharing artifacts is a prerequisite for the steps below.
-
On your Hyperledger Fabric client machine, create a configuration file in yaml format named
configtx.yaml
. Save this file to a file location on your Hyperledger Fabric client machine that is mapped to the CLI container file system. The following steps use/home/ec2-user
, which is mapped to/opt/home
.Use the examples below as a starting point. For more information about configuration files, see Channel configuration (configtx)
in the Hyperledger Fabric documentation. Replace the following configuration parameters as appropriate for your channel, and add sections as required for additional members. -
Org<n>MemberID
is the respective member ID for each channel participant, for example,m-K46ICRRXJRCGRNNS4ES4XUUS5A
. -
Org<n>AdminMSPDir
is the Docker container file system directory where security artifacts for each corresponding member are saved. For example,opt/home/Org2AdminMSP
references artifacts saved to/home/ec2-user/Org2AdminMSP
on the channel creator's client machine.
The configtx file for a Hyperledger Fabric 1.4 network includes application settings to enable expanded features. These settings are not supported in Hyperledger Fabric 1.2 channels. Examples for version 1.2 and 1.4 networks are provided below.
-
-
The channel creator uses the Hyperledger Fabric CLI configtxgen
command as shown in the following example to write a channel creation transaction. Replace the following configuration parameters as appropriate for your channel.
-
/opt/home/ourchannel.pb
is the channel creation transaction file that the command creates. Specify the file location using the container file system. -
TwoOrgChannel
is the profile specified in theconfigtx.yaml
from the previous step. -
ourchannel
is the channel ID that will be used for the channel. -
/opt/home/
for the--configPath
option is the container location where theconfigtx.yaml
file is saved.
docker exec cli configtxgen \ -outputCreateChannelTx
/opt/home/ourchannel.pb
\ -profileTwoOrgChannel
-channelIDourchannel
\ --configPath/opt/home/
-
-
The channel creator uses the Hyperledger Fabric CLI channel create
command to create a channel and write the genesis block to the orderer. The -f
option specifies the transaction file that you created in the previous step, and the$ORDERER
environment variable in the example has been set to the endpoint of the network orderer for simplicity—for example,orderer.n-MWY63ZJZU5HGNCMBQER7IN6OIU.managedblockchain.amazonaws.com:
.30001
docker exec cli peer channel create -c ourchannel \ -f /opt/home/ourchannel.pb -o $ORDERER \ --cafile /opt/home/managedblockchain-tls-chain.pem --tls
-
To join a peer node to the channel, each member must fetch the channel genesis block from the orderer, write it to a file, and then reference that genesis block when they join their peer or peers.
-
To get the channel genesis block, each member uses the Hyperledger Fabric CLI peer channel fetch oldest
command. In the following example, the genesis block is written to a file in the container file system, /opt/home/ourchannel.block
. The$ORDERER
variable is used in the same ways the previous step, and theourchannel
channel ID is specified.docker exec cli peer channel fetch oldest
/opt/home/ourchannel.block
\ -c ourchannel -o $ORDERER \ --cafile /opt/home/managedblockchain-tls-chain.pem --tls -
Using the channel genesis block file created above, each member uses the Hyperledger Fabric peer channel join
command to join their member's peer node to the channel. docker exec cli peer channel join -b
/opt/home/ourchannel.block
\ -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls
-