2020 05 01 DWG Agenda

Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit our Code of Conduct: Hyperledger Code of Conduct

Announcements

Agenda:

Discussion

  1. Release status: Pam/Joe
    1. Contributer's call - Chris stood in for doc team (ty!)
    2. Listen to recording, worthwhile
    3. BFT will have MVP early June
    4. Config transaction library demo at next contributer's meeting
      1. Moved to separate repo
    5. Deployment guide work being wrapped up for publication
    6. For Fabric 2.2, (vNext) BYFN to be removed at this time
      1. People are successfuilly moving from BYFN
  2. Create channel update from Nik
    1. Good feedback received from Pam/Joe on tutorial
    2. First article easier to get through than second
    3. There is a lot of material to get through
    4. Concept material is more difficult; maybe merge operational material first
      1. Good agreement on this approach
    5. Update second topic later, as it needs more work
  3. Contributors topic for new languages(standing topic) Pam and Nik
    1. No updates yet from Jay, still planning to do it
    2. Several people from India reached out on Malayam
      1. Maybe do this on EH call
    3. Rough pages as starting point
      1. Anthony to reach out on mailing list
      1. Public GitHub repo - https://github.com/denali49/fabric-ca-k8s
      2. Make sure you pull the latest!
      3. Done on miniKube or Cloud. Today's demo on Cloud
      4. Objective to avoid cryptogen
      5. Don't need to be expert on Kubernetes
      6. Accompanying video on YouTube -https://www.youtube.com/watch?v=PbMxqH6bNB8&feature=youtu.be
      7. YouTube shows minikube vs today Cloud
      8. Good setup covered in material
      9. Demo is for practice rather than production as not yet TLS enabled
      10. Demo starts at step 4
        1. Provision storage volume in the cloud (PVC)
        2. Many different kinds of access modes for kubernetes storage
        3. ReadWriteMany vs ReadWriteOnce on Digital Ocean (today's demo)
        4. Notes on Clouds
          1. DigitalOcean 1 CPU cluster with 0G for 11USD
          2. IBM free cluster (IKS no longer supports persistent storage on free tier)
          3. Microsoft Azure free credits
        5. Provision storage volume
        6. Start by kube commands to bind cluster to storage - uses Kube config file linked to cloud provider
        7. Provision redis storage using the provisioned volume
          1. Notice linkage from redis to PVC
      11. Step 5 puts CA job config on this infrastructure
        1. Override ENV variables using fabric-ca-server init or use -b options
        2. Follow Fabric CA deployment guide in this demo
        3. create init file using Kube job
        4. Need to copy this config file to be used by Fabric CA image to local machine for use by kubectl
        5. Use of Kubectl copy to do this shown in demo
        6. Now have Fabric-ca-server YAML file locally to modify
          1. Modify CSR section, Note a few changes...
        7. Now use kubectl to copy back to running pod
        8. Need to generate new certs based on the YAML file change – reqt to delete existing ca-cert.pem and msp directories
      12. Step 6 Start CA
        1. Now apply Fabric-ca-server start no need to pass in init no -b option required
        2. run sever using apply
        3. get pod to show CA server up and running
        4. Emphasize difference between when looking at running and job logs
        5. Logs show changes that were performed – HyperChain, Texas, etc!
      13. Step7 interact with CA using fabric-ca-client
        1. Register and enroll steps
        2. create appropriate directories on client side
        3. run successful enroll – certs in various places in local MSP folder
        4. register an org admin, then peer, then user
        5. Should recap/review identity concepts beforehand, helps understand tasks
        6. Now enroll these registered entities
        7. then list identities - initially an error – last expert was for user – expected behaviour
        8. prove this by changing to ca admin identity
        9. Now run command and it's fine!
          1. Nice demonstration point on rights
        10. Emphasis on getting properties right in the first place – cannot be changed (it's PKI)
      14. Modifies identity using fabric-ca-client identity modify
        1. Different affiliations foe different users to orgs
        2. notice changed affiliations
        3. fabric-ca-client identity modify
      15. Also list certificates using FCA command, and store certificates command too
    1. Great demo
      1. Reviewed touch points of demo
  4. Internal docs next week



Video of this week's session at: Recordings

Quarterly reports

Upcoming reports

Backlog