Azhlf tool internally use Fabric Nodejs SDK to perform the operation. It can be used to perform operation on on-prem node as long as the below pre-conditions are satisfied:
- Root certificate and MSPID of on-prem peer node should be same as root certificate and MSPID of peer organization created using AKS-HLF template.
- On-prem peer node should be accessible over public endpoint.
Please follow below steps in the given order to achieve this:
- Bring-up a peer organization on AKS-HLF template using "upload root certificate for Fabric CA" option against "certificates" in "Fabric Settings" blade.
- Setup azhlf tool for peer organization using Step1, Step2, and Step3
- Create enrollment and TLS public-private key pair for on-prem peer node using same root certificate as used in step 1 and prepare MSP folder for on-prem peer node. “admincerts” for MSP can be fetch from wallet in azhlf using the below command:
peerOrgName=<peer organization name> cat ./azhlfTool/stores/wallets/$peerOrgName/admin.$peerOrgName/admin.$peerOrgName | jq '.enrollment.identity.certificate' | tr -d '"' | sed 's/\\n/\n/g'
- Start the on-prem peer node using the MSP folder prepared in above step. Few things you need to make sure while bring up this peer node is:
(1) MSPID of peer node should be same as peer organization name used in step 1. (2)
Make sure that on-prem node is accessible on public endpoint.- Edit peer organization connection profile in azhlf tool setup in step 2 to add details of on-prem peer node in "peers" section. Connection profile is present at path “./azhlfTool/stores/connectionprofiles/<peerOrgName>.json”.
- Follow the steps mentioned here to add peer organization in the channel and then join all peer nodes in the channel.
Thanks & Regards,
Shruti Gupta