From 92348cb4dd380b2cbc7825f3144505001bb709da Mon Sep 17 00:00:00 2001 From: Chris Elder Date: Tue, 25 Jul 2017 10:57:08 -0400 Subject: [PATCH] [FAB-5453] Enable CouchDB passwords in Fabric Samples CouchDB usernames and passwords can be enabled by adding additional environment variables to docker compose files. The environment variables are added without values. This will create peer and couchdb containers without CouchDB passwords enabled. Initializing the variables will create a CouchDB container with and admin username and password. The peer will also be created with the CouchDB username in the ledger config. Change-Id: I56c93111b0a4bd29c714df5a50af82517641bb3b Signed-off-by: Chris Elder --- basic-network/docker-compose.yml | 10 +++++++ first-network/docker-compose-couch.yaml | 40 +++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/basic-network/docker-compose.yml b/basic-network/docker-compose.yml index 454c13bc20..68119835b0 100644 --- a/basic-network/docker-compose.yml +++ b/basic-network/docker-compose.yml @@ -61,6 +61,11 @@ services: - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb:5984 + # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD + # provide the credentials for ledger to connect to CouchDB. The username and password must + # match the username and password set for the associated CouchDB. + - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME= + - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD= working_dir: /opt/gopath/src/github.com/hyperledger/fabric command: peer node start # command: peer node start --peer-chaincodedev=true @@ -80,6 +85,11 @@ services: couchdb: container_name: couchdb image: hyperledger/fabric-couchdb:x86_64-1.0.0 + # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password + # for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode. + environment: + - COUCHDB_USER= + - COUCHDB_PASSWORD= ports: - 5984:5984 networks: diff --git a/first-network/docker-compose-couch.yaml b/first-network/docker-compose-couch.yaml index 7472a65b25..b14c7f5ca9 100644 --- a/first-network/docker-compose-couch.yaml +++ b/first-network/docker-compose-couch.yaml @@ -12,6 +12,11 @@ services: couchdb0: container_name: couchdb0 image: hyperledger/fabric-couchdb + # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password + # for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode. + environment: + - COUCHDB_USER= + - COUCHDB_PASSWORD= # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service, # for example map it to utilize Fauxton User Interface in dev environments. ports: @@ -23,12 +28,22 @@ services: environment: - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0:5984 + # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD + # provide the credentials for ledger to connect to CouchDB. The username and password must + # match the username and password set for the associated CouchDB. + - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME= + - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD= depends_on: - couchdb0 couchdb1: container_name: couchdb1 image: hyperledger/fabric-couchdb + # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password + # for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode. + environment: + - COUCHDB_USER= + - COUCHDB_PASSWORD= # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service, # for example map it to utilize Fauxton User Interface in dev environments. ports: @@ -40,12 +55,22 @@ services: environment: - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1:5984 + # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD + # provide the credentials for ledger to connect to CouchDB. The username and password must + # match the username and password set for the associated CouchDB. + - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME= + - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD= depends_on: - couchdb1 couchdb2: container_name: couchdb2 image: hyperledger/fabric-couchdb + # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password + # for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode. + environment: + - COUCHDB_USER= + - COUCHDB_PASSWORD= # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service, # for example map it to utilize Fauxton User Interface in dev environments. ports: @@ -57,12 +82,22 @@ services: environment: - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb2:5984 + # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD + # provide the credentials for ledger to connect to CouchDB. The username and password must + # match the username and password set for the associated CouchDB. + - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME= + - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD= depends_on: - couchdb2 couchdb3: container_name: couchdb3 image: hyperledger/fabric-couchdb + # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password + # for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode. + environment: + - COUCHDB_USER= + - COUCHDB_PASSWORD= # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service, # for example map it to utilize Fauxton User Interface in dev environments. ports: @@ -74,5 +109,10 @@ services: environment: - CORE_LEDGER_STATE_STATEDATABASE=CouchDB - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb3:5984 + # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD + # provide the credentials for ledger to connect to CouchDB. The username and password must + # match the username and password set for the associated CouchDB. + - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME= + - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD= depends_on: - couchdb3