When people hear about blockchain, they often think only of cryptocurrency. However, blockchain is not just about cryptocurrency; cryptocurrency is merely one implementation of blockchain technology.
There are two types of blockchains: public and private. Public blockchains are where cryptocurrencies thrive. However, the concept of blockchain often confuses people, and as technical professionals, we sometimes struggle to explain it in simple terms. Blockchain is essentially a distributed database, a concept people can easily understand since a database is where we store data like strings, records, and so on.
In this article, I will focus on private blockchains. A private blockchain is one that is deployed within a private network and typically involves permission mechanisms such as authentication and authorization.
There are several private blockchain projects, such as Hyperledger and others. Hyperledger is a project funded by the Linux Foundation, and it includes several frameworks like Fabric, Besu, and others. In this discussion, I will focus on Hyperledger Fabric.
Hyperledger Fabric provides a comprehensive sample repository. However, one drawback is that it runs everything on a single host as a Docker container, which doesn’t fully demonstrate the decentralized nature of blockchain since all components are centralized on one machine.
I have managed to modify the repository so that each component, like peers and organizations, runs on separate physical or virtual machines. This setup helps to understand the state of each component—such as the Certificate Authority (CA), orderer, and peer—and how they interact. It also clarifies how each command or process affects each blockchain component.
I used Terraform to automate the creation and initial Docker installation. Terraform, as an Infrastructure as Code (IaC) tool, was invaluable for creating and destroying VMs, especially when I needed a clean setup after making mistakes. Terraform greatly accelerated this proof of concept (POC) setup.
I also used Ansible for configuration management. Similar to Terraform, Ansible helped me rerun commands consistently each time I recreated the setup, ensuring a consistent and stateful cluster. With Ansible, I could replay the same commands and achieve the same results every time.
An essential component is the Membership Service Provider (MSP), which allowed me to experiment with policies to protect private data within each organization—a critical aspect of private blockchains.
In the networking aspect, this setup showed how components connect to each other, helping to decouple each component into a real-world network. One important component is the Certificate Authority (CA), and this setup helped me understand how Fabric CA works and the possibility of replacing Fabric CA with other PKI products like Vault.
The Blockchain Explorer is another fantastic tool. It functions like a blockchain scanner and provides a Swagger JSON that can be imported directly into Postman to build DApps on top of it.
Setting up a complex cluster like this is prone to errors, whether in setting up the infrastructure (like networking and servers) or configuring the cluster (like the orderer and peers). The CA setup is particularly complex and can lead to misconfigurations that impact both the results and security.
Hyperledger does not recommend using Fabric CA as the CA provider. Therefore, in this report, I used Terraform to automate the infrastructure setup and Ansible to configure the cluster, reducing the chance of human error and ensuring a consistent, reliable, and repeatable setup.
I haven’t yet included Vault as a CA provider, but it will be in my next release.
I am open to collaborating on projects involving private blockchain. If you have any, please don’t hesitate to contact me so we can work together to bring the value of private blockchain to the world.
No Responses