Blockchain CBSA – Objectives – Hyperledger Part 4
- IBM Baas Demo (DEMO ONLY) No support and not on the exam
I’m over here at the IBM Cloud website. What I like to do is walk through a demo of some of the functions and capabilities of the IBM blockchain as a service. So let’s go over here to blockchain and you can see it pops up blockchain there and it’s going to bring up a service name and, and location as well. But before we get into the capabilities and spin up some peers, for example, and install chain code, let’s go over here for those folks that do not have an account yet. Now there is a starter membership plan.
You get a credit of $500 to use towards your network and what you want to do is sign up for this. If you do want to play around with the blockchain as a service, I will say that there are two subscription models and there is a cost to maintain a membership from a month to month perspective. So you need to pay attention for this. I would recommend if your company doesn’t pay this, then what you want to do that is pay for the subscription is essentially use the free trial for 30 days and then cancel the account so you’re not charged at $200 a month for the starter membership.
So let’s go back to this page. Here the main page. If we scroll down, you’ll see that it has the pricing plans. This is where you get your $500 credit. This is good for you to develop on, to test, to create your peers, your nodes, to get a real feature capability of the service. The cost is 250 per month and then every peer that you have spun up is that. So this is still going to cost some money. So pay attention to what you’re using if you don’t want to have the subscription. The enterprise plan is $1,000 per month.
Again, if you’re not going to deploy an enterprise application that’s using blockchain with hyperledger, then you probably don’t want to use this. It’s going to be pretty expensive. Now the main difference between the starter plan and the enterprise plan is the fact that there’s fault tolerance put in there. And then you also have a HSM manual that you could HSM module, I should say, that you have the ability to utilize. So you want to select the starter membership.
After you get your account, it’ll go ahead and allow you to create a blockchain instance. Now I want to point out too that the region and location to deploy in Dallas is usually the default location for the starter plan and then the other locations like Sydney, Frankfurt and London, you could see that it’s regulated to typically if you use the starter plan, you’re going to be regulated to Dallas.
Just be aware of that. Now if I choose the enterprise plan, for example, I will then have some more choices if I so choose as well. But anyways, I’m going to just go ahead and get started here. I’m going to go select Create. This will take about a minute. A lot of it just depends on the latency and the amount of activity on the service. Could be your network latency, whatever that is. Now this came up pretty quick. It is loading. And what has just occurred is that it just created a blockchain network for me to start loading my chain code. And it deploys two organizations. And actually, this picture here is actually pretty valid. What it’s doing is it’s created two organizations, organization One and Organization Two with the peer and a CA as well as an MSP as well. With that said, let’s go and get started. We’ll go ahead and select Launch. When we first log in and start the service, it’s going to give us the opportunity to learn more about the platform. There’s a video sample, apps are here and instructions on how to proceed. Is there going to go ahead and get out of that.
Now, you could see that it deployed. One thing to point out here is to pay attention to the organization that you’re in. Now, the organization I have is. org one. But if I go here, I could select two as well. And you can see that pops up. You can see that it says. org two here. I’m going to go back to one. And you could see that the order and one appears there. What I want to do now is I’d like to add another peer and it allows me to add up to an additional 15 peers is what the limit is for the development environment. So I’m going to go select one. Now. The reason I’m adding another peer is I want to have multiple peers. And when I create a policy, I want the policy to enforce two peers to essentially approve the transaction, which is actually endorsing the transaction. Okay, so I have two peers here.
You can see this is starting. That’s going to go through its little effort. What I want to do here now is just walk you through a few things. You can see that it shows my membership, one and two. I could add another member. I could invite them or create them as well. Now, a channel, remember, a channel is going to be essentially how the peers are going to communicate to each other. This is going to allow you to submit transactions. Now what I want to do is I could join peers to that channel. Let’s go to join peers and just see what is there. So it looks like the other peer hasn’t actually started up yet. So that will take another minute or two. That could take a few minutes for everything to sync up. Now let’s go to notifications.
This is where I could create what is a notification? Essentially an alert when there’s a request to the channel certificate authority. I have the ability to be able to specify my certificate authority if I so choose generate certificates as well. Add users. API is here. The API list is here. What I want to point out is for developers that want to develop locally and then push out to the blockchain service, you want to go over here to the network credentials. These are the credentials you need to copy basically into your APIs for your client app. For example.
Then I go to develop code. This is where I could deploy code or go and follow the install guide or whatever I feel like doing. But here is where I want to actually install code. Now what I want to do is choose Appear and you could see that there’s no chain code that’s been installed. Now what I did is I downloaded the Marble app already. I’m going to go install it. The chain code I’m going to call this is test code one. Let’s say version is number one and it is going, but it could also be a node as well. Go here to choose files. Go to where the code is downloaded. I just have it on my desktop. Probably not a best practice, but for demo, it’s quick and easy. I’m going to go submit. Okay, the chain code has been installed.
However, let’s go see if it’s available to initialize. And it is. So I’m going to go to make it initialize here. And I could call specific arguments to get it initialized. Or I could just leave it as a default and it looks like everything looks okay. I could put in arguments too. Like, for example, if the peer doesn’t have enough storage, don’t install the chain code, whatever. I feel like adding to that, I could I’m just going to go next. Now this is where I want to pay attention to my policy. Remember, the policy is going to be the endorsement policy. So down here you can see that I have two policies, actually two members to this policy that is member A and member B. So I want to make sure that two peers endorse transactions in this case. So I have to select the endorsement policy to reflect two peers and appear as a member. Basically. Now a member is going to be part of the network, the channel as well. So I’m going to go submit. Now, it may take a few minutes for that to initialize to basically come up and running. You want to check here to validate when it’s done. It’ll error out if there’s any issues.
Now, a couple of things too. When it comes to channels, you want to of course, generally create a channel. If you’re going to deploy the Marble app, for example, you want to of course, create a channel and make sure that you have the correct peers that are part of that. In this case here, both peers have been added to the channel, for example. And then the members are listed here as well. But with that said if you want to go and try samples, I would recommend the Marbles application. There’s also the vehicle and the perishable goods examples that you could go view as well. With that said, let’s just go back to the overview before we close out here and let’s just see what we have running. We have several peers. What we could do is we could stop the peers if we don’t need to have them running anymore. That will take a few minutes.
But one of the first things we want to do is if we’re done is we want to go reset the network. We want to clean up and go back to the default config and this will clean up our network. And that way when we log back in, we practice again. Everything is good to go. Or what we could do if we’re not going to log back in in a reasonable amount of time, like a couple of hours or a day, we need to basically terminate these instances because you’re going to run up some costs for this if you don’t pay attention. So you want to go over here to let’s go to network preferences first. I forgot to show you one thing. So you can see here, this shows us we’re using the Coach DB location is Dallas as well. But let’s go back to the network here and what we want to do is let’s close this out and go back to the service details, which is this page here. Let’s go here and select Delete service.
And this will delete the service that we just spun up so that we don’t incur additional charges. Okay, now what should happen is that we should get the dashboard with nothing listed here. So there’s no services listed. So that’s what we want to see because again, if we deploy a blockchain network, then we are going to get charged for that on an hourly basis. So we don’t want that to occur. We want to use our free credits as long as possible. Now go ahead and log out and that’s going to wrap up the demo. Let’s proceed on.
- Deploy AWS with Hyperledger Fabric Part 1 (DEMO ONLY) No support & not on exam
Let’s talk about deploying AWS blockchain templates. Now at the time of writing, there’s currently templates available for ethereum and hyperledger fabric. Before we get started, we need to talk about a few things. This is AWS. It’s not as simple as deploying a template. Now if you’re not familiar with AWS us, no worries. I’m going to walk you through everything and do ensure you download the step by step instructions on how to do this. Because again, there’s more to this than just a simple discussion about AWS. And in reality, if you don’t know what a VPC is, security groups, Elastic, IPS, et cetera. When I go through the step by step process, I’ll point out at a high level what you need to know. But in reality, I’m not here to do AWS training. That’s another subject for another day. And actually the areas that we cover is literally going to be a one week class with AWS.
So please just be aware that I will get you going. But if you do have questions on why it’s done like this, take a class with AWS or on the platform that you’re watching the course now. Okay, now we need to pay attention to a where we want to deploy this. It’s currently available in three regions. Now I’m going to deploy this in Northern Virginia and we’re going to have to collect some information before we get started. Now I’ve already deployed this before so I have for example, key peers ready to go. I have security groups as well. I’m going to deploy this as a default T two medium. And again, it’s up to you to deploy this however you want and I’ll talk more about this. But this is going to use cloud formation. Cloud formation is an infrastructure as code, basically solution that allows cloud administrators to basically deploy a templated solution to essentially reduce as much manual labor as possible. Now this is similar, cloud formation is similar for example, to Google Deployment Manager. But with that said, before we can do anything here, I need to walk you through the configuration areas that we have to set up before we can deploy this. So let’s go and go to the console. Now what we want to do is first of all, we’re going to deploy this in Northern Virginia.
I need to make sure that I’m in Northern Virginia. So pay attention to where you’re at. It’s very possible that you may be in Ohio, in Northern California, and you’re trying to deploy this. And when you try to deploy this with cloud formation, you don’t see your security groups or something and that might be why because you configured them in the wrong region. So please pay attention to this. This is one of the rookie mistakes that happens quite a bit. So just be aware of your region when you go to the console. Now what I want to do is go to VPC. The first step I have to do is to create a VPC. Now I have two VPCs already here. I’m going to go to Launch Wizard. Now in the step by step instructions, I’m going to walk you through what we have to fill out here.
The reason I’m going to use the wizard is because this should make it as easy as possible for folks that don’t have AWS experience. So let’s go ahead and select. Now what I want to do is going to go ahead and populate a cedar block for us. I don’t need to have IPV Six. And once again, I want to just go through quickly what we need to get going. I’m just not able to sit here and explain every little detail on AWS because you’d want to pay me for a three day class just for what we’re going to talk about with security.
All right. Now what I’m trying to get at now my friends, is we need to pay attention to what we configure here and how we configure it. Because if we don’t pay attention, our blockchain isn’t going to work. Okay? So let’s go ahead and just double check. We could go with the defaults in this case. There’s no worries there. Availability Zone. I have the ability to select an Availability Zone if I want.
Again, I’ll take the default. The subnet name, I’m going to leave it as a public subnet. Now an end point. Now I don’t need an endpoint in this particular case, I’m going to leave that as is. I’m going to leave the DNS the way it is. I’m going to go ahead and create my VPC. Okay, let’s go. Okay, so I have my VPC. Here what I want to do now and again, I could have done this earlier as well, but just to show you how easy it is to at least get started here, what I want to call this is I’m going to call this basically hyperledger Network actually VPC. We’ll just leave it as that. Okay? Now again, what I want to do is call this and actually save it and then hit the check mark there. And again, when you do create, just if you go over here, you want to tag it appropriately and you could save it as well. Now that’s the great VPC. That’s mainly how you’d want to do this, especially if you want to create different subnets. In this case here, we’re just going to go with the default config.
That’s all we really need. And when we get into the exercise a little bit more, we’re going to configure a few other areas. So let’s go ahead and go on to the next step. And the next step is to create a security group. Now for those not familiar with AWS, think of a security group as basically a virtual firewall that is going to allow you to facilitate the traffic to the EC two instance in a manner that is acceptable to your organization. So Firewall, we know what that is. It’s just a virtual firewall. It’s to mitigate traffic issues and we’re also going to configure rules for outbound and inbound traffic to the instance as well.
So let’s go over here and select security groups. Now I have, again, some security groups already created. I could just select one of these if I want, but I want to walk you through creating it. I’m going to call this security group in this case, let’s go ahead and call this demo SG and I’m going to put Hyperledger for short just to make it again, name this whatever you want in your environment. I’m just going to name this something that’s easy to see on the screen that I have and also doesn’t overlap with other VPCs security groups, et cetera, that I already have.
Now the description I’m going to say this is for my Hyper Ledger demo class, let’s say. And then I need to select the VPC that I just created right there. Okay? Now remember, the security group is what this is going to be, a virtual firewall. We want to select again the security group and make sure that we also select the proper VPC that’s going to be affiliated with this. So let’s go create. This is now created. You can see that I have my demo security group for Hyperledger Fabric. Now let’s go over to the next exercise and talk about the next step. Now the next step is to go over to the security group and select it. And what we have to do is we need to basically select essentially our rules. We need to configure inbound and outbound rules. So what does this merely mean? We want to think about the inbound rules as essentially the firewall rules we’re going to create to allow traffic into our EC Two instance. And then the outbound rules is basically no more than the traffic that’s going to be allowed out of EC Two into the Internet. Again, basically inbound is from the Internet to EC Two, and then outbound is from EC Two to the Internet, very simply put. So we need to go edit rules here, basically. And we need to consider a couple of rules that we have to add. So let’s go ahead and add. Now of course, if we’re going to have a blockchain that we’re going to access, we need to also access EC Two. We need to add some rules. So let’s talk about some of the rules we need to add.