ordering_service – Manage a Hyperledger Fabric ordering service
Synopsis
Create, update, or delete a Hyperledger Fabric ordering service.
This module works with the IBM Support for Hyperledger Fabric software or the Hyperledger Fabric Open Source Stack running in a Red Hat OpenShift or Kubernetes cluster.
Parameters
- api_endpoint (required)
The URL for the Fabric operations console.
Type: str- api_authtype (required)
basic- Authenticate to the Fabric operations console using basic authentication. You must provide both a valid API key using api_key and API secret using api_secret.Type: str- api_key (required)
The API key for the Fabric operations console.
Type: str- api_secret
The API secret for the Fabric operations console.
Only required when api_authtype is
basic.Type: str- api_timeout
The timeout, in seconds, to use when interacting with the Fabric operations console.
Type: intDefault value:60- state
absent- An ordering service matching the specified name will be stopped and removed.
present- Asserts that an ordering service matching the specified name and configuration exists. If no ordering service matches the specified name, an ordering service will be created. If an ordering service matches the specified name but the configuration does not match, then the ordering service will be updated, if it can be. If it cannot be updated, it will be removed and re-created with the specified configuration.Type: strDefault value:present- name (required)
The name for the ordering service.
Type: str- msp_id
The MSP ID for this ordering service.
Only required when state is
present.Type: str- orderer_type
raft- The ordering service will use the Raft consensus algorithm.Type: strDefault value:raft- system_channel_id
The name of the system channel for this ordering service.
Type: strDefault value:testchainid- certificate_authority
The certificate authority to use to enroll the identity for this ordering service.
You can pass a string, which is the display name of a certificate authority registered with the Fabric operations console.
You can also pass a dictionary, which must match the result format of one of the ERROR while parsing: While parsing “M(certificate_authority_info)” at index 82: Module name “certificate_authority_info” is not a FQCN or ERROR while parsing: While parsing “M(certificate_authority)” at index 115: Module name “certificate_authority” is not a FQCN modules.
Only required when config is not specified.
Type: raw- enrollment_id
The enrollment ID, or user name, of an identity registered on the certificate authority for this ordering service.
Only required when config is not specified.
Type: str- enrollment_secret
The enrollment secret, or password, of an identity registered on the certificate authority for this ordering service.
Only required when config is not specified.
Type: str- admins
The list of administrator certificates for this ordering service.
Administrator certificates must be supplied as base64 encoded PEM files.
Only required when config is not specified.
Type: listElements: str- nodes
The number of ordering service nodes in this ordering service.
Only required when state is
present.Type: int- config
The initial configuration for the ordering service. This is only required if you need more advanced configuration than is provided by this module using certificate_authority and related options.
You must provide initial configuration for each ordering service node in the ordering service, as defined by nodes.
Type: listElements: dict- config_override
The configuration overrides for the ordering service.
You must provide configuration overrides for each ordering service node in the ordering service, as defined by nodes.
See the Hyperledger Fabric documentation for available options: https://github.com/hyperledger/fabric/blob/release-1.4/sampleconfig/core.yaml
Type: listElements: dict- resources
The Kubernetes resource configuration for the ordering service.
Type: dict
- orderer
The Kubernetes resource configuration for the orderer container.
Type: dict
- requests
The Kubernetes resource requests for the orderer container.
Type: str
- cpu
The Kubernetes CPU resource request for the orderer container.
Type: strDefault value:250m- memory
The Kubernetes memory resource request for the orderer container.
Type: strDefault value:500M- proxy
The Kubernetes resource configuration for the proxy container.
Type: dict
- requests
The Kubernetes resource requests for the proxy container.
Type: str
- cpu
The Kubernetes CPU resource request for the proxy container.
Type: strDefault value:100m- memory
The Kubernetes memory resource request for the proxy container.
Type: strDefault value:200M- storage
The Kubernetes storage configuration for the ordering service.
Type: dict
- orderer
The Kubernetes storage configuration for the orderer container.
Type: dict
- size
The size of the Kubernetes persistent volume claim for the orderer container.
Type: strDefault value:100Gi- class
The Kubernetes storage class for the the Kubernetes persistent volume claim for the orderer container.
By default, the Kubernetes storage class for the Fabric operations console is used.
Type: str- hsm
The PKCS #11 compliant HSM configuration to use for the ordering service.
Type: dict
- pkcs11endpoint
The HSM proxy endpoint that the ordering service should use.
Type: str- label
The HSM label that the ordering service should use.
Type: str- pin
The HSM pin that the ordering service should use.
Type: str- zones
The Kubernetes zones for this ordering service.
If specified, you must provide a Kubernetes zone for each ordering service node in the ordering service, as defined by nodes.
If you do not specify a Kubernetes zone, and multiple Kubernetes zones are available, then a random Kubernetes zone will be selected for you.
See the Kubernetes documentation for more information: https://kubernetes.io/docs/setup/best-practices/multiple-zones/
Type: listElements: str- version
The version of Hyperledger Fabric to use for this ordering service.
If you do not specify a version, the default Hyperledger Fabric version will be used for a new ordering service.
If you do not specify a version, an existing ordering service will not be upgraded.
If you specify a new version, an existing ordering service will be automatically upgraded.
The version can also be specified as a version range specification, for example
>=2.2,<3.0, which will match Hyperledger Fabric v2.2 and greater, but not Hyperledger Fabric v3.0 and greater.See the
semantic_versionPython module documentation for more information: https://python-semanticversion.readthedocs.io/en/latest/reference.html#semantic_version.SimpleSpecType: str- wait_timeout
The timeout, in seconds, to wait until the ordering service is available.
Type: intDefault value:60
Examples
- name: Create ordering service
  hyperledger.fabric_ansible_collection.ordering_service:
    state: present
    api_endpoint: https://console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
    msp_id: OrdererOrgMSP
    nodes: 1
    certificate_authority: Orderer Org CA
    enrollment_id: orderingorgorderer
    enrollment_secret: orderingorgordererpw
    admin_certificates:
      - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
- name: Create five node ordering service with custom resources and storage
  hyperledger.fabric_ansible_collection.ordering_service:
    state: present
    api_endpoint: https://console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
    msp_id: OrdererOrgMSP
    nodes: 5
    certificate_authority: Orderer Org CA
    enrollment_id: orderingorgorderer
    enrollment_secret: orderingorgordererpw
    admin_certificates:
      - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
    resources:
      orderer:
        requests:
          cpu: 500m
          memory: 1000M
    storage:
      orderer:
        size: 200Gi
        class: ibmc-file-gold
- name: Create ordering service that uses an HSM
  hyperledger.fabric_ansible_collection.ordering_service:
    state: present
    api_endpoint: https://console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
    msp_id: OrdererOrgMSP
    nodes: 5
    certificate_authority: Orderer Org CA
    enrollment_id: orderingorgorderer
    enrollment_secret: orderingorgordererpw
    admin_certificates:
      - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...
    hsm:
      pkcs11endpoint: tcp://pkcs11-proxy.example.org:2345
      label: Org1 CA label
      pin: 12345678
- name: Destroy ordering service
  hyperledger.fabric_ansible_collection.ordering_service:
    state: absent
    api_endpoint: https://console.example.org:32000
    api_authtype: basic
    api_key: xxxxxxxx
    api_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    name: Ordering Service
Return Values
- ordering_service
The ordering service, as a list of ordering service nodes.
Returned: when state ispresentType: listElements: dict
- name
The name of the ordering service node.
Type: strSample:Ordering Service_1- api_url
The URL for the API of the ordering service node.
Type: strSample:grpcs://orderingservice1-api.example.org:32000- operations_url
The URL for the operations service of the ordering service node.
Type: strSample:https://orderingservice1-operations.example.org:32000- grpcwp_url
The URL for the gRPC web proxy of the ordering service node.
Type: strSample:https://orderingservice1-grpcwebproxy.example.org:32000- msp_id
The MSP ID of the ordering service node.
Type: strSample:OrdererOrgMSP- pem
The TLS certificate chain for the ordering service node.
The TLS certificate chain is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...- tls_ca_root_cert
The TLS certificate chain for the ordering service node.
The TLS certificate chain is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...- tls_cert
The TLS certificate for the ordering service node.
The TLS certificate is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...- location
The location of the ordering service node.
Type: strSample:ibmcloud- system_channel_id
The name of the system channel for the ordering service node.
Type: strSample:testchainid- client_tls_cert
The client TLS certificate for the ordering service node.
The client TLS certificate is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...- server_tls_cert
The server TLS certificate for the ordering service node.
The server TLS certificate is returned as a base64 encoded PEM.
Type: strSample:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0t...- cluster_id
The unique ID of the ordering service cluster.
Type: strSample:abcdefgh- cluster_name
The name of the ordering service cluster.
Type: strSample:Ordering Service- consenter_proposal_fin
True if the ordering service node has been added to the consenter set of the system channel, false otherwise. Ordering service nodes that have not been added to the consenter set of the system channel are not ready for use.
Type: booleanSample:True