cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to get storage account details | Hyperledger Fabric consortium on Azure Kubernetes Service

selvaraman
Copper Contributor

‎Jun 30 2020 12:17 PM - last edited on ‎May 26 2021 01:31 PM by

‎Jun 30 2020 12:17 PM - last edited on ‎May 26 2021 01:31 PM by

How to get storage account details | Hyperledger Fabric consortium on Azure Kubernetes Service

I am new to azure and AKS. I am facing the following problem. Help me to fix this. I have created new free account and did the following steps.

For Orderer:
Basics:
subscription: Free Trial
Resource Group: hlf
Region: East US
Resource Prefix: demo

Fabric Settings:
Organization name: OrdererOrg
Fabric Network Component: Ordering Service
Number of nodes: 3
Fabric CA username: ca1
Fabric CA password: *******
Certificates: Fabric CA self signed certificate

AKS cluster settings:
Kubernetes cluster name: demo-HLF-AKS
Kubernetes version: default
DNS prefix: demo-HLF-AKS-dns
Node Size: 1x Standard DS2 v2
2 vcpus, 7 GB memory
Node count: 1
Network Configruration: Basic

"To manually create a service principal with the Azure CLI follow the documentation here"
I clicked on here link. It takes me to https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal#manually-create-a-service-pr...

I clicked on try it. After sigining in, It says no storgage mount. So I clicked on create storage.
After that I got the following information.
Subscription Id: #####-###-###-####-#######
Resource group: cloud-shell-storage-centralindia
Storage account: csg1..........a06f
File share: cs-iiiii-p-nnnn-mmm-LLLLLLLLL

I have used these information to set the following enviromnent variables in future(while building consortium).
STORAGE_SUBSCRIPTION=<subscriptionId>
STORAGE_RESOURCE_GROUP=<azureFileShareResourceGroup>
STORAGE_ACCOUNT=<azureStorageAccountName>
STORAGE_LOCATION=<azureStorageAccountLocation>
STORAGE_FILE_SHARE=<azureFileShareName>

And then I execute the following command in azure cli,
az ad sp create-for-rbac --skip-assignment --name myAKSClusterServicePrincipal
I got the following output,
{
"appId": "####-####-####-###-#####",
"displayName": "myAKSClusterServicePrincipal",
"name": "http://myAKSClusterServicePrincipal",
"password": "******-*******-z",
"tenant": "1111-11111-1111-1111-11111"
}

Here I used appId as Service principal client ID and password as Service principal client secret.

For Peer:
Basics:
subscription: Free Trial
Resource Group: hlfp
Region: East US
Resource Prefix: demop

Fabric Settings:
Organization name: Org1
Fabric Network Component: Peer Nodes
Number of nodes: 1
World state database: CouchDB
Fabric CA username: ca2
Fabric CA password: *******
Certificates: Fabric CA self signed certificate


AKS cluster settings:
Kubernetes cluster name: demop-HLF-AKS
Kubernetes version: default
DNS prefix: demop-HLF-AKS-dns
Node Size: 1x Standard DS2 v2
2 vcpus, 7 GB memory
Node count: 1
Network Configruration: Basic

I have used same Service principal client ID and Service principal client secret which is used while creating Orderer.

In azure-cli, I executed the following environment variables,
ORDERER_ORG_SUBSCRIPTION="AAAAA-BBB-CCCC-DDDD-CCCCCCC"
ORDERER_ORG_RESOURCE_GROUP="hlf"
ORDERER_ORG_NAME="OrdererOrg"
ORDERER_ADMIN_IDENTITY="admin.$ORDERER_ORG_NAME"
CHANNEL_NAME="mychannel"

PEER_ORG_SUBSCRIPTION="AAAAA-BBB-CCCC-DDDD-CCCCCCC"
PEER_ORG_RESOURCE_GROUP="hlfp"
PEER_ORG_NAME="Org1"
PEER_ADMIN_IDENTITY="admin.$PEER_ORG_NAME"

STORAGE_SUBSCRIPTION="AAAAA-BBB-CCCC-DDDD-CCCCCCC"
STORAGE_RESOURCE_GROUP="cloud-shell-storage-centralindia"
STORAGE_ACCOUNT="csg1..........a06f"
STORAGE_LOCATION="eastus"
STORAGE_FILE_SHARE="cs-iiiii-p-nnnn-mmm-LLLLLLLLL"

I got these above information, when I click azure-cli 1st time.

After this, I executed the following commands in azure-cli.

sa@Azure:~/azhlfTool$ az account set --subscription $STORAGE_SUBSCRIPTION
sa@Azure:~/azhlfTool$ az group create -l $STORAGE_LOCATION -n $STORAGE_RESOURCE_GROUP
Invalid resource group location 'eastus'. The Resource group already exists in location 'centralindia'.
sa@Azure:~/azhlfTool$ az storage account create -n $STORAGE_ACCOUNT -g $STORAGE_RESOURCE_GROUP -l $STORAGE_LOCATION --sku Standard_LRS
The resource 'csg10032000cc3ca06f' already exists in location 'centralindia' in resource group 'cloud-shell-storage-centralindia'. A resourcewith the same name cannot be created in location 'eastus'. Please select a new resource name.


sa@Azure:~/azhlfTool$ STORAGE_KEY=$(az storage account keys list --resource-group $STORAGE_RESOURCE_GROUP --account-name $STORAGE_ACCOUNT --query "[0].value" | tr -d '"')
sa@Azure:~/azhlfTool$ az storage share create --account-name $STORAGE_ACCOUNT --account-key $STORAGE_KEY --name $STORAGE_FILE_SHARE
{
"created": false
}
sa@Azure:~/azhlfTool$ STORAGE_KEY=$(az storage account keys list --resource-group $STORAGE_RESOURCE_GROUP --account-name $STORAGE_ACCOUNT --query "[0].value" | tr -d '"')
sa@Azure:~/azhlfTool$ SAS_TOKEN=$(az storage account generate-sas --account-key $STORAGE_KEY --account-name $STORAGE_ACCOUNT --expiry `date -u -d "1 day" '+%Y-%m-%dT%H:%MZ'` --https-only --permissions lruwd --resource-types sco --services f | tr -d '"')
sa@Azure:~/azhlfTool$ AZURE_FILE_CONNECTION_STRING=https://$STORAGE_ACCOUNT.file.core.windows.net/$STORAGE_FILE_SHARE?$SAS_TOKEN


sa@Azure:~/azhlfTool$ ./azhlf adminProfile import fromAzure -o $ORDERER_ORG_NAME -g $ORDERER_ORG_RESOURCE_GROUP -s $ORDERER_ORG_SUBSCRIPTION
Trying to find requested resource in Azure Blockchain Service...
Could not find Azure blockchain Hyperledger Fabric member OrdererOrg in resource group hlf
Fallback to marketplace based application...
Retrieving information about marketplace based application...
Retrieving Admin profile from application...
admin.OrdererOrg imported to wallet
sa@Azure:~/azhlfTool$ ./azhlf connectionProfile import fromAzure -g $ORDERER_ORG_RESOURCE_GROUP -s $ORDERER_ORG_SUBSCRIPTION -o $ORDERER_ORG_NAME
Trying to find requested resource in Azure Blockchain Service...
Could not find Azure blockchain Hyperledger Fabric member OrdererOrg in resource group hlf
Fallback to marketplace based application...
Retrieving information about marketplace based application...
Retrieving Connection profile from application...
Connection profile for OrdererOrg imported to /home/sa/azhlfTool/stores/connectionprofiles/OrdererOrg.json.
sa@Azure:~/azhlfTool$ ./azhlf msp import fromAzure -g $ORDERER_ORG_RESOURCE_GROUP -s $ORDERER_ORG_SUBSCRIPTION -o $ORDERER_ORG_NAME
Trying to find requested resource in Azure Blockchain Service...
Could not find Azure blockchain Hyperledger Fabric member OrdererOrg in resource group hlf
Fallback to marketplace based application...
Retrieving information about marketplace based application...
Retrieving MSP profile from application...
OrdererOrg MSP is imported to /home/sa/azhlfTool/stores/msp/OrdererOrg.json.
sa@Azure:~/azhlfTool$

sa@Azure:~/azhlfTool$ ./azhlf adminProfile import fromAzure -g $PEER_ORG_RESOURCE_GROUP -s $PEER_ORG_SUBSCRIPTION -o $PEER_ORG_NAME
Trying to find requested resource in Azure Blockchain Service...
Could not find Azure blockchain Hyperledger Fabric member Org1 in resource group hlfp
Fallback to marketplace based application...
Retrieving information about marketplace based application...
Retrieving Admin profile from application...
^[admin.Org1 imported to wallet
sa@Azure:~/azhlfTool$ ./azhlf connectionProfile import fromAzure -g $PEER_ORG_RESOURCE_GROUP -s $PEER_ORG_SUBSCRIPTION -o $PEER_ORG_NAME
Trying to find requested resource in Azure Blockchain Service...
Could not find Azure blockchain Hyperledger Fabric member Org1 in resource group hlfp
Fallback to marketplace based application...
Retrieving information about marketplace based application...
Retrieving Connection profile from application...
Connection profile for Org1 imported to /home/sa/azhlfTool/stores/connectionprofiles/Org1.json.

sa@Azure:~/azhlfTool$ ./azhlf msp import fromAzure -g $PEER_ORG_RESOURCE_GROUP -s $PEER_ORG_SUBSCRIPTION -o $PEER_ORG_NAME
Trying to find requested resource in Azure Blockchain Service...
Could not find Azure blockchain Hyperledger Fabric member Org1 in resource group hlfp
Fallback to marketplace based application...
Retrieving information about marketplace based application...
Retrieving MSP profile from application...
Org1 MSP is imported to /home/sa/azhlfTool/stores/msp/Org1.json.
sa@Azure:~/azhlfTool$

sa@Azure:~/azhlfTool$ ./azhlf channel create -c $CHANNEL_NAME -u $ORDERER_ADMIN_IDENTITY -o $ORDERER_ORG_NAME
Sending request for channel creation...
Channel mychannel successfully created.

sa@Azure:~/azhlfTool$ ./azhlf channel setAnchorPeers -c $CHANNEL_NAME -p peer1 -o $PEER_ORG_NAME -u $PEER_ADMIN_IDENTITY
Preparing anchor peers list...
Retrieving channel's latest configuration block...
2020-06-30T18:09:46.378Z - error: [Channel.js]: Channel:hrschannel received discovery error:access denied
2020-06-30T18:09:46.379Z - error: [Channel.js]: Error: Channel:hrschannel Discovery error:access denied
2020-06-30T18:09:46.380Z - error: [Network]: _initializeInternalChannel: Unable to initialize channel. Attempted to contact 1 Peers. Last error was Error: Channel:hrschannel Discovery error:access denied
Error: Unable to initialize channel. Attempted to contact 1 Peers. Last error was Error: Channel:hrschannel Discovery error:access denied
at Network._initializeInternalChannel (/home/sa/azhlfTool/node_modules/fabric-network/lib/network.js:112:12)
at <anonymous>
If no one peer joined the requested channel - provide --ordererOrg parameter to command.

 

Labels:
1,176 Views
0 Likes
0 Replies
Reply
0 Replies