Deploy Business Network Archive (.bna) files to your IBM Blockchain

Updated on: August 18, 2021
,

Let me get real with you for a moment! The world of business and networking is dynamic and changes every minute of your workspace. Your performance either boosts or breaks. That being said, it is highly recommended and rather essential for business associates to create a stable and reliable Business Network Definition to experience profitable and sustainable growth in business.

So in this post, I’m going to tell you how you can instantly create an effective Business Network Archive (.bna) using IBM Blockchain Platform.

Hyperledger BNA file deploy

What is a Business Network Archive?

Creating an effective Business Network Archive is very important for deploying and updating Business Networks. Before a business network definition can be deployed it must be packaged into a Business Network Archive (.bna) file. The composer archive creates command is used to create a BNA file from a root folder on disk. Once this .bna file has been created, it can be deployed to a runtime using the composer network deploy command using a suitable Connection Profile. This connection profile can be easily created using the IBM Blockchain Platform.

What is IBM Blockchain Platform?

IBM Blockchain Platform is basically a developer tool that will help you create a Business Network Definition, which can then be packaged up into a .bna file (Business Network Archive). This helps create a development environment that allows you to deploy .bna files to a local or IBM Blockchain Platform Service on IBM Cloud for development and sharing.

Before You Start: Prerequisites

  • You will first need to install the preliminary Composer Development Environment to create the required business network archive (.bna) file. You can search on the Internet and read about the installation of Installing Hyperledger Composer. This Hyperledger documentation also provides guidance on writing your business network.
  • You will also need access to an Enterprise Service instance on IBM Cloud. For this you will have to register an account at Bluemix.net and then create a service via the IBM Blockchain Service.

How to create a connection.json file for your IBM Cloud Blockchain Service?

  • First and foremost you will need to create a directory to store your Bluemix connection details,
e.g.       /Users/myUserId/.composer-connection-profiles/bmx-hlfv1
  • When you set up the Local Development Environment you should keep in mind that you already should have created part of this directory structure. If you are developing on a Mac, for example, you will already have a directory structure.
e.g.      /Users/myUserId/.composer-connection-profiles/hlfv1
  • You can search for “Installing a development environment” if you have yet to do this.
  • Always remember that each connection profile should contain a jsonfile.
  • Now create a new directory under the .composer-connection-profiles, for the IBM Cloud Service instance. This will be the name of the profile that you will use when working with Hyperledger composer and your IBM Blockchain Platform service.

e.g. bmx-hlfv1

  • mkdir -p ~/.composer-connection-profiles/bmx-hlfv1 cd ~/.composer-connection-profiles/bmx-hlfv1The directory structure you create should look like /Users/myUserId/.composer-connection-profiles/bmx-hlfv1
  • Now create a file in this newly created directory using your favorite editor and name it connection.json.
  • You can use the following as a code template for your jsonfile.
 {

    "name": "bmx-hlfv1",

    "description": "A description for a V1 Profile",

    "type": "hlfv1",

    "orderers": [

        {

            "url": "grpcs://abca.4.secure.blockchain.ibm.com:12345"

        }

    ],

    "ca": {

        "url": "https://abc.4.secure.blockchain.ibm.com:98765",

        "name": "PeerOrg1CA"

    },

    "peers": [

        {

            "requestURL": "grpcs://abcd.4.secure.blockchain.ibm.com:22222",

            "eventURL": "grpcs://abcd.4.secure.blockchain.ibm.com:33333"

        }

    ],

    "keyValStore": "/Users/jeff/.composer-credentials-mychannel-hsbn",

    "channel": "mychannel",

    "mspID": "PeerOrg1",

    "globalCert": "",

    "timeout: 300

}
  • From your IBM Blockchain Platform dashboard on IBM Cloud, select “Overview” from the navigation menu on the left panel. Then click on the “Service Credentials” option to display the information for the members of the channel where you want to deploy your business network archive.

Essential IBM Blockchain options and customizations

Once you have set up your connection.json file on your Blockchain Platform, you will need to know more about the important and relevant tweaks and modifications of various important options.

Orderers

You may have multiple orderers in your Service Credentials, but only one orderer is required for your connection.json file. Just replace the orderer url values in the template like mentioned below.

“url”: “grpcs://abca.4.secure.blockchain.ibm.com:12345”

Modify this “url” value with your service credentials and information.

CA (Certificate Authority)

Now modify the Certificate Authority value in your connection.json with both the url and the caName in the Certificate Authorities section.

Peers

Now we need to set the URL for each Peer requestURL and eventURL. This is quite simple, just modify the connection.json file and replace the url attribute with the url value with the eventUrl found in your Service Credential.

Your event URL should look similar to this, although your ports and host address should be different.

"peers": [   {       "requestURL": "grpcs://abca.4.secure.blockchain.ibm.com:12345",       "eventURL": "grpcs://abca.4.secure.blockchain.ibm.com:12345" }

globalCert

For each orderer and peer on the IBM Blockchain Platform, there is a tlsCACerts attribute which all contain the same certificate. This attribute is a dummy value by default. You will need to replace this dummy value in the connection.json file template with the tlsCACerts value. It should look like this.

"globalCert": "-----BEGIN CERTIFICATE-----r.......

How to prepare peers by uploading the certificate to provide administrative authority?

One important prerequisite for taking this forward is that you must perform this step first before creating your channel. You won’t be able to start the business network without doing so.

  • First, you should request certificates for an identity that is a member of your Membership Service Provider (msp). This should be an attribute registrar containing attributes for enrollIdand  For example:

"registrar": [  {      "affiliation": "org1",      "enrollId": "admin",      "enrollSecret": "PA55W0RD12"  } ],

  • You should issue the following command to request the certificates.

"composer identity request -p bmx-hlfv1 -i admin -s PA55W0RD12"

  • This will download 3 files into the .identityCredentials So in the above example there will be 2 files called admin-pub.pemand admin-priv.pem that are based on the enrollID.
  • Select Members from the navigation menu on the left panel, then select the Certificates menu option and click on the Add Certificate button.
  • Now enter a unique name for this certificate in the Name field.
  • Open the file admin-pub.pemcreated earlier in your favorite editor. Copy the contents of this file into the Key field and hit the Submit button.
  • Restart your peers using the next model.
  • Once the peers have been created, they will appear in the list of certificates. If you wish to add more peers you should press the arrow symbol to apply the certificates to newly added peers.

Creating your channel

Now that you’ve learned how to prepare peers for you Blockchain Platform, you need to learn how to create your channel.

Deploy BNA file IBM

  • First, select Channels from the navigation menu on the left panel and hit the New Channel button.
  • Enter a Channel Name and do ensure that it matches the name you have specified in your connection profile and press Next.
  • Give permissions as required and press Next.
  • Now select the policy of the number of Operators that need to accept Channel updates and submit Request.
  • Now go to the Notifications section where there will be a new request to review. Click on this Review Request button.
  • Press the Accept option and you will be taken back to the Notifications section where the request can now be submitted.
  • Press the Submit Request button and your new Channel will be created.

How to import a new identity to administer your BNA?

Now let’s learn how to create an identity using the certificates requested previously. This new identity will install chain-code onto the peers that have your uploaded public certificate.

To take this forward, simply run the following command.

"composer identity import -p bmx-hlfv1 -u admin -c ~/.identityCredentials/admin-pub.pem -k ~/.identityCredentials/admin-priv.pem"

How to deploy BNA?

Now let’s deploy your .bna file to the IBM Blockchain Platform. All you need to do is point to the appropriate connection profile using the newly created admin ID.

"composer network deploy -a myNetwork.bna -p bmx-hlfv1 -i admin -s anyString"

Your Business Network Definition is now ready and you can now deploy Business Network Archive (.bna) files to your IBM Blockchain Platform Enterprise on IBM Cloud.

Post Tags: #Blockchain #BNA deploy #IBM blockchain
Saurabh Mukhekar
Saurabh Mukhekar is a Professional Tech Blogger. World Traveler. He is also thinker, maker, life long learner, hybrid developer, edupreneur, mover & shaker. He's captain planet of BlogSaays and seemingly best described in rhyme. Follow Him On Facebook

Leave a Reply

Your email address will not be published. Required fields are marked *