ordering_service – Manage a Hyperledger Fabric ordering service

Synopsis

Create, update, or delete a Hyperledger Fabric ordering service by using the IBM Blockchain Platform.

This module works with the IBM Blockchain Platform managed service running in IBM Cloud, or the IBM Blockchain Platform software running in a Red Hat OpenShift or Kubernetes cluster.

Parameters

api_endpoint (required)

The URL for the IBM Blockchain Platform console.

Type: str

api_authtype (required)

ibmcloud - Authenticate to the IBM Blockchain Platform console using IBM Cloud authentication. You must provide a valid API key using api_key.

basic - Authenticate to the IBM Blockchain Platform console using basic authentication. You must provide both a valid API key using api_key and API secret using api_secret.

Type: str

api_key (required)

The API key for the IBM Blockchain Platform console.

Type: str

api_secret

The API secret for the IBM Blockchain Platform console.

Only required when api_authtype is basic.

Type: str

api_timeout

The timeout, in seconds, to use when interacting with the IBM Blockchain Platform console.

Type: int

Default value: 60

api_token_endpoint

The IBM Cloud IAM token endpoint to use when using IBM Cloud authentication.

Only required when api_authtype is ibmcloud, and you are using IBM internal staging servers for testing.

Type: str

Default value: https://iam.cloud.ibm.com/identity/token

state

absent - An ordering service matching the specified name will be stopped and removed.

present - Asserts that an ordering service matching the specified name and configuration exists. If no ordering service matches the specified name, an ordering service will be created. If an ordering service matches the specified name but the configuration does not match, then the ordering service will be updated, if it can be. If it cannot be updated, it will be removed and re-created with the specified configuration.

Type: str

Default value: present

name (required)

The name for the ordering service.

Type: str

msp_id

The MSP ID for this ordering service.

Only required when state is present.

Type: str

orderer_type

raft - The ordering service will use the Raft consensus algorithm.

Type: str

Default value: raft

system_channel_id

The name of the system channel for this ordering service.

Type: str

Default value: testchainid

certificate_authority

The certificate authority to use to enroll the identity for this ordering service.

You can pass a string, which is the display name of a certificate authority registered with the IBM Blockchain Platform console.

You can also pass a dictionary, which must match the result format of one of the ERROR while parsing: While parsing “M(certificate_authority_info)” at index 82: Module name “certificate_authority_info” is not a FQCN or ERROR while parsing: While parsing “M(certificate_authority)” at index 115: Module name “certificate_authority” is not a FQCN modules.

Only required when config is not specified.

Type: raw

enrollment_id

The enrollment ID, or user name, of an identity registered on the certificate authority for this ordering service.

Only required when config is not specified.

Type: str

enrollment_secret

The enrollment secret, or password, of an identity registered on the certificate authority for this ordering service.

Only required when config is not specified.

Type: str

admins

The list of administrator certificates for this ordering service.

Administrator certificates must be supplied as base64 encoded PEM files.

Only required when config is not specified.

Type: list

Elements: str

nodes

The number of ordering service nodes in this ordering service.

Only required when state is present.

Type: int

config

The initial configuration for the ordering service. This is only required if you need more advanced configuration than is provided by this module using certificate_authority and related options.

You must provide initial configuration for each ordering service node in the ordering service, as defined by nodes.

See the IBM Blockchain Platform documentation for available options: https://cloud.ibm.com/docs/services/blockchain?topic=blockchain-ibp-v2-apis#ibp-v2-apis-config

Type: list

Elements: dict

config_override

The configuration overrides for the ordering service.

You must provide configuration overrides for each ordering service node in the ordering service, as defined by nodes.

See the Hyperledger Fabric documentation for available options: https://github.com/hyperledger/fabric/blob/release-1.4/sampleconfig/core.yaml

Type: list

Elements: dict

resources

The Kubernetes resource configuration for the ordering service.

Type: dict

orderer

The Kubernetes resource configuration for the orderer container.

Type: dict

requests

The Kubernetes resource requests for the orderer container.

Type: str

cpu

The Kubernetes CPU resource request for the orderer container.

Type: str

Default value: 250m

memory

The Kubernetes memory resource request for the orderer container.

Type: str

Default value: 500M

proxy

The Kubernetes resource configuration for the proxy container.

Type: dict

requests

The Kubernetes resource requests for the proxy container.

Type: str

cpu

The Kubernetes CPU resource request for the proxy container.

Type: str

Default value: 100m

memory

The Kubernetes memory resource request for the proxy container.

Type: str

Default value: 200M

storage

The Kubernetes storage configuration for the ordering service.

Type: dict

orderer

The Kubernetes storage configuration for the orderer container.

Type: dict

size

The size of the Kubernetes persistent volume claim for the orderer container.

Type: str

Default value: 100Gi

class

The Kubernetes storage class for the the Kubernetes persistent volume claim for the orderer container.

By default, the Kubernetes storage class for the IBM Blockchain Platform console is used.

Type: str

hsm

The PKCS #11 compliant HSM configuration to use for the ordering service.

See the IBM Blockchain Platform documentation for more information: https://cloud.ibm.com/docs/blockchain?topic=blockchain-ibp-console-adv-deployment#ibp-console-adv-deployment-cfg-hsm

Type: dict

pkcs11endpoint

The HSM proxy endpoint that the ordering service should use.

Type: str

label

The HSM label that the ordering service should use.

Type: str

pin

The HSM pin that the ordering service should use.

Type: str

zones

The Kubernetes zones for this ordering service.

If specified, you must provide a Kubernetes zone for each ordering service node in the ordering service, as defined by nodes.

If you do not specify a Kubernetes zone, and multiple Kubernetes zones are available, then a random Kubernetes zone will be selected for you.

See the Kubernetes documentation for more information: https://kubernetes.io/docs/setup/best-practices/multiple-zones/

Type: list

Elements: str

version

The version of Hyperledger Fabric to use for this ordering service.

If you do not specify a version, the default Hyperledger Fabric version will be used for a new ordering service.

If you do not specify a version, an existing ordering service will not be upgraded.

If you specify a new version, an existing ordering service will be automatically upgraded.

The version can also be specified as a version range specification, for example >=2.2,<3.0, which will match Hyperledger Fabric v2.2 and greater, but not Hyperledger Fabric v3.0 and greater.

See the semantic_version Python module documentation for more information: https://python-semanticversion.readthedocs.io/en/latest/reference.html#semantic_version.SimpleSpec

Type: str

wait_timeout

The timeout, in seconds, to wait until the ordering service is available.

Type: int

Default value: 60

Examples

- name: Create ordering service
  ibm.blockchain_platform.ordering_service:
    state: present
    api_endpoint: https://ibp-console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
    msp_id: OrdererOrgMSP
    nodes: 1
    certificate_authority: Orderer Org CA
    enrollment_id: orderingorgorderer
    enrollment_secret: orderingorgordererpw
    admin_certificates:
      - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...

- name: Create five node ordering service with custom resources and storage
  ibm.blockchain_platform.ordering_service:
    state: present
    api_endpoint: https://ibp-console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
    msp_id: OrdererOrgMSP
    nodes: 5
    certificate_authority: Orderer Org CA
    enrollment_id: orderingorgorderer
    enrollment_secret: orderingorgordererpw
    admin_certificates:
      - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
    resources:
      orderer:
        requests:
          cpu: 500m
          memory: 1000M
    storage:
      orderer:
        size: 200Gi
        class: ibmc-file-gold

- name: Create ordering service that uses an HSM
  ibm.blockchain_platform.ordering_service:
    state: present
    api_endpoint: https://ibp-console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
    msp_id: OrdererOrgMSP
    nodes: 5
    certificate_authority: Orderer Org CA
    enrollment_id: orderingorgorderer
    enrollment_secret: orderingorgordererpw
    admin_certificates:
      - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
    hsm:
      pkcs11endpoint: tcp://pkcs11-proxy.example.org:2345
      label: Org1 CA label
      pin: 12345678

- name: Destroy ordering service
  ibm.blockchain_platform.ordering_service:
    state: absent
    api_endpoint: https://ibp-console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service

Return Values

ordering_service

The ordering service, as a list of ordering service nodes.

Returned: when state is present

Type: list

Elements: dict

name

The name of the ordering service node.

Type: str

Sample: Ordering Service_1

api_url

The URL for the API of the ordering service node.

Type: str

Sample: grpcs://orderingservice1-api.example.org:32000

operations_url

The URL for the operations service of the ordering service node.

Type: str

Sample: https://orderingservice1-operations.example.org:32000

grpcwp_url

The URL for the gRPC web proxy of the ordering service node.

Type: str

Sample: https://orderingservice1-grpcwebproxy.example.org:32000

msp_id

The MSP ID of the ordering service node.

Type: str

Sample: OrdererOrgMSP

pem

The TLS certificate chain for the ordering service node.

The TLS certificate chain is returned as a base64 encoded PEM.

Type: str

Sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...

tls_ca_root_cert

The TLS certificate chain for the ordering service node.

The TLS certificate chain is returned as a base64 encoded PEM.

Type: str

Sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...

tls_cert

The TLS certificate for the ordering service node.

The TLS certificate is returned as a base64 encoded PEM.

Type: str

Sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...

location

The location of the ordering service node.

Type: str

Sample: ibmcloud

system_channel_id

The name of the system channel for the ordering service node.

Type: str

Sample: testchainid

client_tls_cert

The client TLS certificate for the ordering service node.

The client TLS certificate is returned as a base64 encoded PEM.

Type: str

Sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...

server_tls_cert

The server TLS certificate for the ordering service node.

The server TLS certificate is returned as a base64 encoded PEM.

Type: str

Sample: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...

cluster_id

The unique ID of the ordering service cluster.

Type: str

Sample: abcdefgh

cluster_name

The name of the ordering service cluster.

Type: str

Sample: Ordering Service

consenter_proposal_fin

True if the ordering service node has been added to the consenter set of the system channel, false otherwise. Ordering service nodes that have not been added to the consenter set of the system channel are not ready for use.

Type: boolean

Sample: True