WO2022010339A1 - System and method for seamless provision, configuration, and deployment of enterprise-grade private blockchain network - Google Patents

System and method for seamless provision, configuration, and deployment of enterprise-grade private blockchain network Download PDF

Info

Publication number
WO2022010339A1
WO2022010339A1 PCT/MY2020/050187 MY2020050187W WO2022010339A1 WO 2022010339 A1 WO2022010339 A1 WO 2022010339A1 MY 2020050187 W MY2020050187 W MY 2020050187W WO 2022010339 A1 WO2022010339 A1 WO 2022010339A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
unit
module
private blockchain
list
Prior art date
Application number
PCT/MY2020/050187
Other languages
French (fr)
Inventor
Ahmad Zuhairi ISMAIL
Durairaj ANBARASAN
Nizamuddin Ariffin
Siti Hajar HAMZAH
Wooi Kin Goon
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2022010339A1 publication Critical patent/WO2022010339A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1469Backup restoration techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/3006Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system is distributed, e.g. networked systems, clusters, multiprocessor systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/302Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a software system

Definitions

  • the present invention generally relates to private blockchain networks. More particularly, the present invention relates to a system for seamlessly provisioning, configuring, and deploying an enterprise-grade private blockchain network.
  • Blockchain is the underlying technology that powers cryptocurrency. Because blockchain is decentralized, it manages to be both transparent and secure. The two most common types of blockchains are private blockchains and public blockchains. The primary difference between public and private blockchains is the level of access participants are granted. Unlike public blockchains that are entirely open, private blockchains are a restrictive, permissioned blockchain that only operates within a closed network. It is the private property of an organization or an individual. It comprises specific constituent nodes on the network that are given the rights to create, view, and authorize transactions.
  • a blockchain “network” operates as a decentralized database that consists of a network of computers or devices that come to an agreement on a single version of a shared ledger. In a permissioned chain like private blockchain network, only a few trusted nodes would operate a network between organizations.
  • Enterprise-grade blockchain is a blockchain network that can be integrated and utilized for enterprise-level purposes. It is specially equipped to deal with enterprise-level organizational demands.
  • the current implementation of enterprise blockchain requires a robust blockchain network setup with redundancy infrastructure. For an organization to utilize this blockchain, they would need at least one paid staff with advanced blockchain knowledge and experience, or they would have to invest in public blockchain cloud with the commitment of monthly or annual subscription fees.
  • the existing blockchain network setup still suffers from the problems of human error associated with manual configuration, complexity and massive efforts for multi-hosts, the requirement of Internet connection for performing installation, and complexity of data recovery related to the private blockchain network.
  • the present invention provides a system for seamlessly provisioning, configuring, and deploying an enterprise-grade private blockchain network.
  • the system of the present invention may be characterized by an interface module configured for receiving a user-specified requirement having a system specification of a private blockchain network; a configurator engine module connected to the interface module configured for processing the user-specified requirement to generate a full network configuration for the said private blockchain network, comprising a function governor unit for generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification, a configuration generator unit for executing the configuration files, and a function executor unit connected to an image repository for executing the list of execution functions in the said sequential order; an optimization module connected to the interface module and the configurator engine module configured for dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, comprising a watcher unit for monitoring a list of blockchain hosts and services associated with the full network configuration, an analyzer unit for identifying an irregularity in the list of blockchain hosts and services thereof, and a tuner unit for correcting the irregularity detected thereof; and a recovery module connected to the interface module,
  • the configurator engine module further comprises an installer agent deployed on a remote node for performing installation of the private blockchain network in a different network domain and a chaincode management module.
  • the configurator engine module further comprises a configuration repository for storing the user-specified requirement, the full network configuration comprising the list of execution functions, the configuration files, and the filenames, and the list of blockchain hosts and services thereof.
  • the recovery module comprises a backup and restoration manager to manage the system backup unit, the first restoration unit, the second restoration unit, and the recovery repository thereof.
  • the user-specified requirement includes a quick-start module for a system default private blockchain network and a customized module for a customized private blockchain network.
  • the system specification comprises network attributes selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name, and organization name.
  • the irregularity includes any error in the list of blockchain hosts and services monitored thereof.
  • the list of blockchain hosts and services comprises node availability, host availability, utilization parameters, service health (up and down), number of ports, and service logs (errors and warnings).
  • the network components include peer nodes, orderer nodes, certificate authority nodes, and middleware nodes.
  • the method of the present invention may be characterized by the steps of receiving a user-specified requirement including a system specification of a private blockchain network; processing the user-specified requirement to generate a full network configuration for the said private blockchain network, including generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification; executing the configuration files; and executing the list of execution functions in the said sequential order; dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, including monitoring a list of blockchain hosts and services associated with the full network configuration; identifying an irregularity in the list of blockchain hosts and services thereof; and correcting the irregularity detected thereof; and performing a network recovery operation of the said private blockchain network, including providing a snapshot backup having network components of the said private blockchain network; providing a list of available backup sets retrievable from a recovery repository based on metadata associated thereof; and providing a restoration of a single network component selected from the said network components.
  • the present invention enables an organization to deploy its own enterprise grade private blockchain network in a highly specific, cost-effective, quick and simple manner, without the necessity of highly-knowledge and trained personnel and the use of complicated and sophisticated parts.
  • the present invention deploys the said private blockchain network in a private server and may remain effective and live without the commitment of paying subscription fees monthly or annually.
  • the system and the method of the present invention also, advantageously, permit data recovery of the private blockchain network in various ways depending on the user’s choice.
  • the present invention further monitors, analyzes and tunes the said private blockchain network automatically and dynamically, without disrupting the ongoing network and requiring extensive logistic efforts.
  • the present invention can reduce cycle time and human errors and is capable of scalability to any user requirement. It is a further advantage of the present invention that the installation of private blockchain network works in an offline mode, i.e. without the Internet connection.
  • Figure 1 is a schematic diagram of a system for seamlessly provisioning, configuring and deploying an enterprise grade private blockchain network according to one embodiment of the present invention
  • Figure 2 is a schematic diagram depicting a high level architecture of the system of Figure 1 according to one embodiment of the present invention
  • Figure 3 is a flow diagram of a method for seamlessly provisioning, configuring and deploying an enterprise grade private blockchain network according to one embodiment of the present invention
  • Figure 4 is a flow diagram of a step of processing the user-specified requirement to generate a full network configuration for the said private blockchain network as stated in the method of Figure 3 according to one embodiment of the present invention
  • Figure 5 is a flow diagram of a step of dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof as stated in the method of Figure 3 according to one embodiment of the present invention
  • Figure 6 is a flow diagram of a step of performing a network recovery operation of the said private blockchain network as stated in the method of Figure 3 according to one embodiment of the present invention
  • Figure 7 is a flow diagram representing a process flow involved in an interface module which is related to a step of receiving a user-specified requirement including a system specification of a private blockchain network according to one embodiment of the present invention
  • Figure 8 is a flow diagram representing a process flow involved in a configurator engine module which is related to the step of Figure 4 according to one embodiment of the present invention
  • Figure 9 is a flow diagram representing a process flow involved in a function governor unit according to one embodiment of the present invention.
  • Figure 10 is a flow diagram representing a process flow involved in a configurator generator unit according to one embodiment of the present invention.
  • Figure 11 is a flow diagram representing a process flow involved in a function executor unit according to one embodiment of the present invention
  • Figure 12 is a flow diagram representing a process flow involved in an optimization module which is related to the step of Figure 5 according to one embodiment of the present invention.
  • Figure 13 is a flow diagram representing a process flow involved in a recovery module which is related to the step of Figure 6 according to one embodiment of the present invention.
  • the present invention discloses a system and a method for seamlessly and efficiently provisioning, configuring, and deploying an enterprise- grade private blockchain network.
  • the system of the present invention preferably connects an application (“app”) owner, user, developer, operator, and the like to a blockchain production system.
  • the blockchain production system comprises a software development kit (SDK) with an application programming interface (API).
  • SDK is a set of tools, guidelines, and programs for developing an app for a private blockchain network.
  • SDK is connected to the API, which is a computer interface that defines interactions between software intermediaries.
  • Figure 1 schematically shows the system of the present invention and its connection with the app owner and the blockchain production system.
  • the system comprises an interface module 100, a configurator engine module 200, an optimization module 300, and a recovery module 400.
  • the interface module 100 is preferably directly connected to the blockchain production system. It is adapted for enabling communication with at least one computing device at the said blockchain production system and for setting up a communication link therefor.
  • the interface module 100 may be configured for receiving a user-specified requirement having a system specification related to a proposed private blockchain.
  • the user-specified requirement includes, but is not limited to, a quick-start module and a customized module.
  • the quick-start module is preferably chosen for setting up a system default private blockchain network.
  • the customized module is preferably chosen for setting up a customized private blockchain network.
  • the system specification of the said user-specified requirement preferably comprises network attributes that may be selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name and organization name.
  • the interface module 100 collects inputs, including the user-specified requirement thereof on the proposed private blockchain network.
  • an app owner or user may choose the quick-start module as its user- specified requirement.
  • the quick-start module comprising system default values shall be used to create the corresponding system default private blockchain network.
  • the quick-start module does not require any other inputs from the app owner or user.
  • the app owner or user may choose the customized module as its user-specified requirement.
  • the customized module allows the app owner or user to specify or select various combinations of the attributes for establishing the desired private blockchain network to suit the needs.
  • the interface module 100 preferably comprises a graphical user interface (GUI) with another API.
  • GUI graphical user interface
  • REST Representational state transfer
  • the REST API may be used for bridging the inputs from the app owner or user such as the user-specified requirement and its system specification received from the GUI thereof.
  • the inputs bridged therebetween are number of virtual machines, host numbers, username, password, port number (optional), number of organizations, domain name, and organization name.
  • the configurator engine module 200 is preferably connected to the interface module 100.
  • the configurator engine module 200 may be configured for automatically processing the user-specified requirement transmitted from the said interface module 100. Upon processing, the configurator engine module 200 generates a full network configuration for the private blockchain network proposed thereof.
  • the configurator engine module 200 comprises a function governor unit 201 , a configuration generator unit 202, a function executor 203, an image repository 204, an installer agent 205, a chaincode management module 206, and a configuration repository 207 which are exclusively linked with each other.
  • the function governor unit 201 is preferably configured for generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification. In one embodiment, the function governor unit 201 governs about 18 functions for use in the configuration generator unit 202 and the function executor 203. It receives the input from the interface module 100 and triggers the associated functions at the said configuration generator unit 202 and the said function executor 203.
  • the configuration generator unit 202 is preferably configured for executing the configuration files.
  • the configuration generator unit 202 reads the user-specification requirement and the system specification that are stored in the configuration repository 207.
  • the configuration files include crypto- yaml files, Configtx files, and Compose files.
  • the function executor unit 203 is connected to the image repository 204.
  • the function executor unit 203 is preferably configured for executing the list of execution functions in the said sequential order. It calls the functions and executes them accordingly. In certain circumstances, the function executor unit 203 requires data stored in the said image repository 204 to execute some of the said functions.
  • the execution functions include, but not limited to, those associated with test IP address, transfer prerequisites, install prerequisites, bring up orderer nodes, bring up certificate authority (CA), bring up peers, and CouchDBs, create channel, join channel and update anchor peers.
  • the installer agent 205 is deployed on a remote node. It is preferably configured for performing the installation of the private blockchain network in a different network domain. In one embodiment, the installer agent 205 is installed at the remote node when the installation is performed for different network domains. It is crucial to ensure that each different site or organization would still have their own authority control over the installation.
  • the chaincode management module 206 is preferably configured to manage a plurality of chaincodes employed for the said private blockchain network.
  • a chaincode is a piece of code that is written in one of supported languages, e.g. Java, that implements a prescribed interface, i.e. the interface module 100.
  • the chaincode can be installed and instantiated through the API at the interface module 100 onto the private blockchain network thereof, enabling interaction therebetween.
  • the chaincode includes, but is not limited to, an upload chaincode, an install chaincode, an instantiate chaincode, an upgrade chaincode, an invoke chaincode, and a query chaincode.
  • the configuration repository 207 is preferably configured for storing the said user-specified requirement, the said full network configuration comprising the list of execution functions, the configuration files and the filenames, and the said list of blockchain hosts and services. It can be made accessible, with a proper authorization, to the interface module 100, the function governor unit 201 , the configuration generator unit 202, and the installer agent 205. In a subsequent run, any previous date will be considered as default, and the app owner or user would be still able to change or amend with other attributes.
  • the optimization module 300 is connected to the interface module 100 and the configurator engine module 200. It can be configured for dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, which is retrievable from its dedicated storage in the configuration repository 207.
  • the optimization module 300 comprises a watcher unit 301 , an analyzer unit 302, and a tuner unit 303.
  • the watcher unit 301 is preferably configured for preparing and monitoring a list of blockchain hosts and services associated with the full network configuration.
  • the list of blockchain hosts and services comprises node availability, host availability, utilization parameters, service health (up and down), number of ports, and service logs (errors and warnings).
  • Peer nodes, orderer nodes and CA nodes, command line interface (CLI), REST API, and blockchain API may also be included into the said list of blockchain hosts and services.
  • the watcher unit 301 will read the said full network configuration from the configuration repository 207. Upon completion, the watcher unit 301 will automatically set up and monitor all components of the said private blockchain network provided in the list of blockchain hosts and services thereof.
  • the analyzer unit 302 is preferably configured for identifying an irregularity in the list of blockchain hosts and services thereof.
  • the irregularity includes any error in the list of blockchain hosts and services monitored thereof.
  • the irregularity may be, for example, error from logs, performance patterns, and dead services or nodes.
  • the tuner unit 303 is preferably configured for correcting the irregularity detected thereof. It is preferred that the tuner unit 303 dynamically optimize the entire private blockchain network. In one embodiment, the tuner unit 303, for example, restarts dead services, tunes service performance, regulates the number of virtual machines, domain name, organization name, and host address.
  • the recovery module 400 is connected to the interface module 100, the configurator engine module 200, and the optimization module 300. It is preferably configured for performing a network recovery operation of the said private blockchain network.
  • the recovery module 400 comprises a system backup unit 401 , a first restoration unit 402, a second restoration unit 403, a recovery repository 404, and a backup and restoration manager 405.
  • the system backup unit 401 is preferably configured for providing a snapshot backup having network components of the said private blockchain network.
  • the network components include, but not limited to, peer nodes, orderer nodes, CA nodes, and middleware nodes. It is preferred that the system backup unit 401 performs the snapshot backup to the said private blockchain network which includes node configuration, ledger data, CouchDB data, and certificates.
  • the system backup unit 401 preferably reads the live private blockchain network and write the same into the recovery repository 404 thereof. The inputs received from the app owner or user, i.e. the user-specified requirement and its system specification, will be captured and stored in the same recovery repository 404 too.
  • the first restoration unit 402 is preferably configured for providing a list of available backup sets retrievable from the recovery repository 404 based on metadata associated thereof. Based on the choice made by the app owner or user on the list of available backup sets, the first restoration unit 402 will restore a system configuration and data into the said private blockchain network which would be able to bring them to a state as if nothing happened since a specific point in time from the chosen backup set thereof.
  • the second restoration unit 403 is preferably configured for providing a restoration of a single network component selected from the said network components.
  • the second restoration unit 403 allows the app owner or user to choose which one of the network components is desired for restoration. Instead of total system restoration, the app owner or user is given an option to restore the selected one network component only, for instance, either peer node, orderer node, CA node, or middleware node. However, all peer nodes need to be restored in all or none mode.
  • the recovery repository 404 is configured to store the backup data and provide metadata associated thereof.
  • the backup and restoration manager 405 is preferably configured for managing the system backup unit 401, the first restoration unit 402, the second restoration unit 403, and the recovery repository 404 thereof. It is preferred that the backup and restoration manager 405 manages the backup activities thereof, call backup thereof, and restore the network components thereof.
  • Figure 3 provides a summarized flow diagram depicting the steps involved, as explained in the preceding paragraphs in connection with the system thereof. For purposes of clarity in explanation and understanding, the method of the present invention is described in the following section.
  • the method preferably begins with step 500 of receiving, by the interface module 100, a user-specified requirement, including a system specification of a proposed private blockchain network from the app owner or user. It is subsequently followed by step 501 of processing, by the configurator engine module 200, the user-specified requirement to generate a full network configuration for the said private blockchain network. Following that, the method initiates the step 502 of dynamically optimizing, by the optimization module 300, the private blockchain network by way of monitoring the full network configuration generated thereof. The method further provides the step 503 of performing, by the recovery module 400, a network recovery operation of the said private blockchain network.
  • Figures 4, 5, and 6 provide the flow diagrams of step 501 , step 502, and step 503, respectively.
  • step 501 preferably includes the step 501a of generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification, the step 501b of executing the configuration files, and the step 501 c of executing the list of execution functions in the said sequential order.
  • step 502 preferably includes the step 502a of monitoring a list of blockchain hosts and services associated with the full network configuration, the step 502b of identifying an irregularity in the list of blockchain hosts and services thereof, and the step 502c of correcting the irregularity detected thereof.
  • step 503 preferably includes the step 503a of providing a snapshot backup having network components of the said private blockchain network, the step 503b of providing a list of available backup sets retrievable from a recovery repository based on metadata associated thereof, and the step 503c of providing a restoration of a single network component selected from the said network components.
  • Figures 7, 8, 12 and 13 may provide greater insight to those of ordinary skill in the art as to the operation of the interface module 100 (see step 500), the configurator engine module 200 (see step 501), the optimization module 300 (see step 502) and the recovery module 400 (see step 503), respectively.
  • Figure 7 related to the operation of the interface module 100 having its flow described by step 500 begins with a user login session.
  • the user is logged in to the system of the present invention using a password through the GUI.
  • the interface module 100 will proceed to call the configurator engine module 200.
  • the configurator engine module 200 shall utilize the system default values to create the corresponding system default private blockchain network.
  • the quick-start module does not require any other inputs from the app owner or user.
  • the interface module 100 will proceed to receive a system specification from the user to set up a customized private blockchain network.
  • the system specification may include network attributes that may be selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name and organization name.
  • the configurator engine module 200 begins by way of receiving and parsing a command request transmitted from the interface module 100. It will proceed to retrieve the user-specified requirement and associated data including the user specification from the configuration repository 207. The configurator engine module 200 subsequently executes the configuration files and the list of execution functions in the predetermined sequential order until all functions are executed.
  • the configuration files include crypto-yaml files, Configtx files, and Compose files.
  • the execution functions include, but not limited to, those associated with test IP address, transfer prerequisites, install prerequisites, bring up orderer nodes, bring up CA, bring up peers, and CouchDBs, create channel, join channel and update anchor peers. Following that, the configurator engine module 200 generates a full network configuration for the private blockchain network proposed thereof.
  • Figures 9, 10, and 11 may respectively provide greater insight into the operation of the function governor unit 201 (see step 501a), the configuration generator unit 202 (see step 501 b), and the function executor unit 203 (see step 501c) of the said configurator engine module 200.
  • the function governor unit 201 accesses the configuration repository 207 to read data therefrom such as virtual machine IP addresses, usernames and passwords associated thereof. Following that, the function governor unit 201 generates a master configuration.
  • the master configuration may include a prerequisite list, nodes running on virtual machines, and port numbers to be used. For instance,
  • the function governor unit 201 reads the execution function list and dependencies (templates). It also will check the function dependencies and execution mode.
  • An example of the execution function list, for each virtual machine, is as follows:
  • the function governor unit 201 will next proceed to generate function parameters, exemplarily shown as follows:
  • function governor unit 201 generates a test function list, as follows:
  • the configuration generator unit 202 will read the configuration files and their template files to generate configuration lines depending on certain criteria, for example, different numbers of virtual machines generate different port numbers. Next, it will check the generation mode whether it is required to insert the configuration files or to insert the configuration lines while preserving other modifications. Finally, the configuration generator unit 202 writes to a destination file and outputs the configuration files.
  • the function executor unit 203 parses the function name and parameters thereof, prior to checking the validity of the function.
  • the function executor unit 203 next will check the function execution mode, for instance,
  • the function executor unit 203 will check for an exit status and return value. Upon completion, the function executor unit 203 will pass the said exit status and the return value to the calling module, e.g. the interface module 100. If the function execution mode is an asynchronized (or async) execution, then the function executor unit 203 will check for a process status. A process status checker will run in new threads, and shall be checked at a predefined interval, e.g. one minute. Upon completion, the function executor unit 203 will pass it back to the calling module thereof.
  • Figure 12 related to the operation of the optimization module 300 having its flow described by step 502 begins with the step of reading the configuration repository to build a list of blockchain hosts and services to be monitored. Following that, the optimization module 300 will execute the watcher unit 301 for monitoring the said list of blockchain hosts and services, including node availability, utilization parameters and service health by way of checking the availability of port number and service logs (for errors and warnings).
  • the collected parameters of attributes shall be forwarded to the analyzer unit 302.
  • the analyzer unit 302 will analyze the collected parameters for identifying any irregularities and requirement for attention or action. It parses the collected parameters to determine host availability, port status, service status, utilization of central processing unit (CPU), memory and storage, and trend and projection of CPU, memory and storage thereof.
  • CPU central processing unit
  • the process shall continue or iterating until an exit command is received.
  • the analyzer unit 302 will, based on the analysis, determine if an action for tuning is required. If so, then analyzer unit 302 will generate a tuning command based on the action required and executed to the tuner unit 303. A notification will be sent to an administrator to indicate that the tuning command has been executed.
  • Figure 13 related to the operation of the recovery module 400 having its flow described by step 503 begins with the step of choosing an operation from a selection comprising a system backup executable by the system backup unit 401, a system restore executable by the first restoration unit 402 and a component restore executable by the second restoration unit 403. If the system backup is chosen by the user, then the system backup unit 401 will perform a snapshot backup having network components of the said private blockchain network. If the system restore is chosen by the user, the first restoration unit 402 will provide the list of available backup sets.
  • the first restoration unit 402 will restore a system configuration and data into the said private blockchain network which would be able to bring them to a state as if nothing happened since a specific point in time from the chosen backup set thereof. If the component restore is chosen by the user, then the second restoration unit 403 will proceed with restoration of a single network component selected from the said network components. The second restoration unit 403 will allow the app owner or user to choose which one of the network components is desired for restoration. Instead of total system restoration, the app owner or user is given an option to restore the selected one network component only, for instance, either peer node, orderer node, CA node, or middleware node. However, all peer nodes need to be restored in all or none mode. Finally, the recovery module 400 will update the backup data and catalogue accordingly.
  • inventive subject matter has been described with reference to specific example embodiments, various modifications and changes may be made to these embodiments without departing from the broader scope of embodiments of the present disclosure.
  • inventive subject matter may be referred to herein, individually or collectively, by the term “invention” merely for convenience and without intending to voluntarily limit the scope of this application to any single disclosure or inventive concept if more than one is, in fact, disclosed.
  • the term “or” may be construed in either an inclusive or exclusive sense. Moreover, plural instances may be provided for resources, operations, or structures described herein as a single instance. Additionally, boundaries between various resources, operations, modules, engines, and data stores are somewhat arbitrary, and particular operations are illustrated in a context of specific illustrative configurations. Other allocations of functionality are envisioned and may fall within a scope of various embodiments of the present disclosure. In general, structures and functionality presented as separate resources in the example configurations may be implemented as a combined structure or resource. Similarly, structures and functionality presented as a single resource may be implemented as separate resources. These and other variations, modifications, additions, and improvements fall within a scope of embodiments of the present disclosure as represented by the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.
  • first means “first,” “second,” and so forth may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first contact could be termed a second contact, and, similarly, a second contact could be termed a first contact, without departing from the scope of the present example embodiments. The first contact and the second contact are both contacts, but they are not the same contact.
  • the terminology used in the description of the example embodiments herein is for the purpose of describing particular example embodiments only and is not intended to be limiting.
  • the term “if’ may be construed to mean “when” or “upon” or “in response to determining” or “in response to detecting,” depending on the context.
  • the phrase “if it is determined” or “if [a stated condition or event] is detected” may be construed to mean “upon determining” or “in response to determining” or “upon detecting [the stated condition or event]” or “in response to detecting [the stated condition or event],” depending on the context.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present invention discloses a system and a method for seamlessly provisioning, configuring, and deploying an enterprise-grade private blockchain network. The system comprises an interface module, a configurator engine module, an optimization module, and a recovery module. The configurator engine module comprising a function governor unit, a configuration generator unit, and a function executor unit processes a user-specified requirement to generate a full network configuration for the private blockchain network. The optimization module comprising a watcher unit, an analyzer unit, and a tuner unit dynamically optimizes the private blockchain network by way of monitoring the full network configuration generated thereof. The recovery module comprising a system backup unit, a first restoration unit, and a second restoration unit performs a network recovery operation of the said private blockchain network.

Description

SYSTEM AND METHOD FOR SEAMLESS PROVISION, CONFIGURATION, AND DEPLOYMENT OF ENTERPRISE-GRADE PRIVATE BLOCKCHAIN
NETWORK
FIELD OF THE INVENTION
The present invention generally relates to private blockchain networks. More particularly, the present invention relates to a system for seamlessly provisioning, configuring, and deploying an enterprise-grade private blockchain network.
BACKGROUND OF THE INVENTION
Blockchain is the underlying technology that powers cryptocurrency. Because blockchain is decentralized, it manages to be both transparent and secure. The two most common types of blockchains are private blockchains and public blockchains. The primary difference between public and private blockchains is the level of access participants are granted. Unlike public blockchains that are entirely open, private blockchains are a restrictive, permissioned blockchain that only operates within a closed network. It is the private property of an organization or an individual. It comprises specific constituent nodes on the network that are given the rights to create, view, and authorize transactions. A blockchain “network” operates as a decentralized database that consists of a network of computers or devices that come to an agreement on a single version of a shared ledger. In a permissioned chain like private blockchain network, only a few trusted nodes would operate a network between organizations.
Enterprise-grade blockchain is a blockchain network that can be integrated and utilized for enterprise-level purposes. It is specially equipped to deal with enterprise-level organizational demands. The current implementation of enterprise blockchain, however, requires a robust blockchain network setup with redundancy infrastructure. For an organization to utilize this blockchain, they would need at least one paid staff with advanced blockchain knowledge and experience, or they would have to invest in public blockchain cloud with the commitment of monthly or annual subscription fees. Apart from being time-consuming and complicated, the existing blockchain network setup still suffers from the problems of human error associated with manual configuration, complexity and massive efforts for multi-hosts, the requirement of Internet connection for performing installation, and complexity of data recovery related to the private blockchain network.
By way of background, International PCT Patent Application Publication No. WO 2019/010064 A1 discloses an event interface system that facilitates the creation and deployment of a first blockchain object and a second blockchain object on a first blockchain and a second blockchain, respectively. The system, according to the Ό64 publication, also provides an interface between the first blockchain object and the second blockchain object via the event hub. Additionally, the system can allow interaction between blockchain objects on a private blockchain and a participant on the system.
It would, therefore, be advantageous to provide a solution that would overcome the deficiencies and shortcomings of prior art by way of providing a system and a method for seamlessly, efficiently provisioning, configuring, and deploying the enterprise-grade private blockchain network. Although there are systems and methods for the same in the prior art, for many practical purposes, there is still considerable room for improvement.
SUMMARY OF THE INVENTION
The following presents a simplified summary of the invention in order to provide a basic understanding of some aspects of the invention. This summary is not an extensive overview of the invention. Its sole purpose is to present some concepts of the invention in a simplified form as a prelude to the more detailed description that is presented later.
Accordingly, the present invention provides a system for seamlessly provisioning, configuring, and deploying an enterprise-grade private blockchain network.
The system of the present invention may be characterized by an interface module configured for receiving a user-specified requirement having a system specification of a private blockchain network; a configurator engine module connected to the interface module configured for processing the user-specified requirement to generate a full network configuration for the said private blockchain network, comprising a function governor unit for generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification, a configuration generator unit for executing the configuration files, and a function executor unit connected to an image repository for executing the list of execution functions in the said sequential order; an optimization module connected to the interface module and the configurator engine module configured for dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, comprising a watcher unit for monitoring a list of blockchain hosts and services associated with the full network configuration, an analyzer unit for identifying an irregularity in the list of blockchain hosts and services thereof, and a tuner unit for correcting the irregularity detected thereof; and a recovery module connected to the interface module, the configurator engine module and the optimization module configured for performing a network recovery operation of the said private blockchain network, comprising a system backup unit for providing a snapshot backup having network components of the said private blockchain network, a first restoration unit for providing a list of available backup sets retrievable from a recovery repository based on metadata associated thereof, and a second restoration unit for providing a restoration of a single network component selected from the said network components.
Preferably, the configurator engine module further comprises an installer agent deployed on a remote node for performing installation of the private blockchain network in a different network domain and a chaincode management module.
Preferably, the configurator engine module further comprises a configuration repository for storing the user-specified requirement, the full network configuration comprising the list of execution functions, the configuration files, and the filenames, and the list of blockchain hosts and services thereof.
Preferably, the recovery module comprises a backup and restoration manager to manage the system backup unit, the first restoration unit, the second restoration unit, and the recovery repository thereof.
Preferably, the user-specified requirement includes a quick-start module for a system default private blockchain network and a customized module for a customized private blockchain network. Preferably, the system specification comprises network attributes selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name, and organization name.
Preferably, the irregularity includes any error in the list of blockchain hosts and services monitored thereof.
Preferably, the list of blockchain hosts and services comprises node availability, host availability, utilization parameters, service health (up and down), number of ports, and service logs (errors and warnings).
Preferably, the network components include peer nodes, orderer nodes, certificate authority nodes, and middleware nodes.
In accordance with another aspect of the present invention, there is provided a method for seamlessly provisioning, configuring, and deploying an enterprise- grade private blockchain network.
The method of the present invention may be characterized by the steps of receiving a user-specified requirement including a system specification of a private blockchain network; processing the user-specified requirement to generate a full network configuration for the said private blockchain network, including generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification; executing the configuration files; and executing the list of execution functions in the said sequential order; dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, including monitoring a list of blockchain hosts and services associated with the full network configuration; identifying an irregularity in the list of blockchain hosts and services thereof; and correcting the irregularity detected thereof; and performing a network recovery operation of the said private blockchain network, including providing a snapshot backup having network components of the said private blockchain network; providing a list of available backup sets retrievable from a recovery repository based on metadata associated thereof; and providing a restoration of a single network component selected from the said network components. Advantageously, the present invention enables an organization to deploy its own enterprise grade private blockchain network in a highly specific, cost-effective, quick and simple manner, without the necessity of highly-knowledge and trained personnel and the use of complicated and sophisticated parts. The present invention deploys the said private blockchain network in a private server and may remain effective and live without the commitment of paying subscription fees monthly or annually.
The system and the method of the present invention also, advantageously, permit data recovery of the private blockchain network in various ways depending on the user’s choice. The present invention further monitors, analyzes and tunes the said private blockchain network automatically and dynamically, without disrupting the ongoing network and requiring extensive logistic efforts. The present invention can reduce cycle time and human errors and is capable of scalability to any user requirement. It is a further advantage of the present invention that the installation of private blockchain network works in an offline mode, i.e. without the Internet connection.
The foregoing and other objects, features, aspects and advantages of the present invention will become better understood from a careful reading of a detailed description provided herein below with appropriate reference to the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
A more complete appreciation of the invention and many of the attendant advantages thereof will be readily as the same becomes better understood by reference to the following detailed description when considered in connection with the accompanying drawings, wherein:
Figure 1 is a schematic diagram of a system for seamlessly provisioning, configuring and deploying an enterprise grade private blockchain network according to one embodiment of the present invention;
Figure 2 is a schematic diagram depicting a high level architecture of the system of Figure 1 according to one embodiment of the present invention; Figure 3 is a flow diagram of a method for seamlessly provisioning, configuring and deploying an enterprise grade private blockchain network according to one embodiment of the present invention;
Figure 4 is a flow diagram of a step of processing the user-specified requirement to generate a full network configuration for the said private blockchain network as stated in the method of Figure 3 according to one embodiment of the present invention;
Figure 5 is a flow diagram of a step of dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof as stated in the method of Figure 3 according to one embodiment of the present invention;
Figure 6 is a flow diagram of a step of performing a network recovery operation of the said private blockchain network as stated in the method of Figure 3 according to one embodiment of the present invention;
Figure 7 is a flow diagram representing a process flow involved in an interface module which is related to a step of receiving a user-specified requirement including a system specification of a private blockchain network according to one embodiment of the present invention;
Figure 8 is a flow diagram representing a process flow involved in a configurator engine module which is related to the step of Figure 4 according to one embodiment of the present invention;
Figure 9 is a flow diagram representing a process flow involved in a function governor unit according to one embodiment of the present invention;
Figure 10 is a flow diagram representing a process flow involved in a configurator generator unit according to one embodiment of the present invention;
Figure 11 is a flow diagram representing a process flow involved in a function executor unit according to one embodiment of the present invention; Figure 12 is a flow diagram representing a process flow involved in an optimization module which is related to the step of Figure 5 according to one embodiment of the present invention; and
Figure 13 is a flow diagram representing a process flow involved in a recovery module which is related to the step of Figure 6 according to one embodiment of the present invention.
It is noted that the drawings may not be to scale. The drawings are intended to depict only typical aspects of the invention, and therefore should not be considered as limiting the scope of the invention.
DETAILED DESCRIPTION OF THE INVENTION
Essentially, the present invention discloses a system and a method for seamlessly and efficiently provisioning, configuring, and deploying an enterprise- grade private blockchain network. The system of the present invention preferably connects an application (“app”) owner, user, developer, operator, and the like to a blockchain production system. The blockchain production system comprises a software development kit (SDK) with an application programming interface (API). SDK is a set of tools, guidelines, and programs for developing an app for a private blockchain network. SDK is connected to the API, which is a computer interface that defines interactions between software intermediaries. Figure 1 schematically shows the system of the present invention and its connection with the app owner and the blockchain production system.
According to one preferred embodiment of the present invention, with reference to Figure 2, the system comprises an interface module 100, a configurator engine module 200, an optimization module 300, and a recovery module 400.
The interface module 100 is preferably directly connected to the blockchain production system. It is adapted for enabling communication with at least one computing device at the said blockchain production system and for setting up a communication link therefor. The interface module 100 may be configured for receiving a user-specified requirement having a system specification related to a proposed private blockchain. In one embodiment, the user-specified requirement includes, but is not limited to, a quick-start module and a customized module. The quick-start module is preferably chosen for setting up a system default private blockchain network. The customized module is preferably chosen for setting up a customized private blockchain network. The system specification of the said user-specified requirement preferably comprises network attributes that may be selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name and organization name.
It is preferred that the interface module 100 collects inputs, including the user-specified requirement thereof on the proposed private blockchain network. For example, an app owner or user may choose the quick-start module as its user- specified requirement. In this regard, the quick-start module comprising system default values shall be used to create the corresponding system default private blockchain network. The quick-start module does not require any other inputs from the app owner or user. In another example, the app owner or user may choose the customized module as its user-specified requirement. The customized module allows the app owner or user to specify or select various combinations of the attributes for establishing the desired private blockchain network to suit the needs.
The interface module 100 preferably comprises a graphical user interface (GUI) with another API. Representational state transfer (REST) which is a software architectural style for distributed hypermedia systems may be adopted for use with the said API to enable a hypertext representation. The REST API may be used for bridging the inputs from the app owner or user such as the user-specified requirement and its system specification received from the GUI thereof. Among the inputs bridged therebetween are number of virtual machines, host numbers, username, password, port number (optional), number of organizations, domain name, and organization name.
The configurator engine module 200 is preferably connected to the interface module 100. The configurator engine module 200 may be configured for automatically processing the user-specified requirement transmitted from the said interface module 100. Upon processing, the configurator engine module 200 generates a full network configuration for the private blockchain network proposed thereof. The configurator engine module 200 comprises a function governor unit 201 , a configuration generator unit 202, a function executor 203, an image repository 204, an installer agent 205, a chaincode management module 206, and a configuration repository 207 which are exclusively linked with each other.
The function governor unit 201 is preferably configured for generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification. In one embodiment, the function governor unit 201 governs about 18 functions for use in the configuration generator unit 202 and the function executor 203. It receives the input from the interface module 100 and triggers the associated functions at the said configuration generator unit 202 and the said function executor 203.
The configuration generator unit 202 is preferably configured for executing the configuration files. In one embodiment, the configuration generator unit 202 reads the user-specification requirement and the system specification that are stored in the configuration repository 207. The configuration files include crypto- yaml files, Configtx files, and Compose files.
The function executor unit 203 is connected to the image repository 204. The function executor unit 203 is preferably configured for executing the list of execution functions in the said sequential order. It calls the functions and executes them accordingly. In certain circumstances, the function executor unit 203 requires data stored in the said image repository 204 to execute some of the said functions. The execution functions include, but not limited to, those associated with test IP address, transfer prerequisites, install prerequisites, bring up orderer nodes, bring up certificate authority (CA), bring up peers, and CouchDBs, create channel, join channel and update anchor peers.
The installer agent 205 is deployed on a remote node. It is preferably configured for performing the installation of the private blockchain network in a different network domain. In one embodiment, the installer agent 205 is installed at the remote node when the installation is performed for different network domains. It is crucial to ensure that each different site or organization would still have their own authority control over the installation. The chaincode management module 206 is preferably configured to manage a plurality of chaincodes employed for the said private blockchain network. A chaincode is a piece of code that is written in one of supported languages, e.g. Java, that implements a prescribed interface, i.e. the interface module 100. The chaincode can be installed and instantiated through the API at the interface module 100 onto the private blockchain network thereof, enabling interaction therebetween. The chaincode includes, but is not limited to, an upload chaincode, an install chaincode, an instantiate chaincode, an upgrade chaincode, an invoke chaincode, and a query chaincode.
The configuration repository 207 is preferably configured for storing the said user-specified requirement, the said full network configuration comprising the list of execution functions, the configuration files and the filenames, and the said list of blockchain hosts and services. It can be made accessible, with a proper authorization, to the interface module 100, the function governor unit 201 , the configuration generator unit 202, and the installer agent 205. In a subsequent run, any previous date will be considered as default, and the app owner or user would be still able to change or amend with other attributes.
The optimization module 300 is connected to the interface module 100 and the configurator engine module 200. It can be configured for dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, which is retrievable from its dedicated storage in the configuration repository 207.
The optimization module 300 comprises a watcher unit 301 , an analyzer unit 302, and a tuner unit 303.
The watcher unit 301 is preferably configured for preparing and monitoring a list of blockchain hosts and services associated with the full network configuration. According to one embodiment, the list of blockchain hosts and services comprises node availability, host availability, utilization parameters, service health (up and down), number of ports, and service logs (errors and warnings). Peer nodes, orderer nodes and CA nodes, command line interface (CLI), REST API, and blockchain API may also be included into the said list of blockchain hosts and services. During its operation, the watcher unit 301 will read the said full network configuration from the configuration repository 207. Upon completion, the watcher unit 301 will automatically set up and monitor all components of the said private blockchain network provided in the list of blockchain hosts and services thereof.
The analyzer unit 302 is preferably configured for identifying an irregularity in the list of blockchain hosts and services thereof. In one embodiment, the irregularity includes any error in the list of blockchain hosts and services monitored thereof. The irregularity may be, for example, error from logs, performance patterns, and dead services or nodes.
The tuner unit 303 is preferably configured for correcting the irregularity detected thereof. It is preferred that the tuner unit 303 dynamically optimize the entire private blockchain network. In one embodiment, the tuner unit 303, for example, restarts dead services, tunes service performance, regulates the number of virtual machines, domain name, organization name, and host address.
The recovery module 400 is connected to the interface module 100, the configurator engine module 200, and the optimization module 300. It is preferably configured for performing a network recovery operation of the said private blockchain network.
The recovery module 400 comprises a system backup unit 401 , a first restoration unit 402, a second restoration unit 403, a recovery repository 404, and a backup and restoration manager 405.
The system backup unit 401 is preferably configured for providing a snapshot backup having network components of the said private blockchain network. The network components include, but not limited to, peer nodes, orderer nodes, CA nodes, and middleware nodes. It is preferred that the system backup unit 401 performs the snapshot backup to the said private blockchain network which includes node configuration, ledger data, CouchDB data, and certificates. The system backup unit 401 preferably reads the live private blockchain network and write the same into the recovery repository 404 thereof. The inputs received from the app owner or user, i.e. the user-specified requirement and its system specification, will be captured and stored in the same recovery repository 404 too. In a subsequent run, any previous date will be considered as default, and the app owner or user would be still able to change or amend with other attributes. The first restoration unit 402 is preferably configured for providing a list of available backup sets retrievable from the recovery repository 404 based on metadata associated thereof. Based on the choice made by the app owner or user on the list of available backup sets, the first restoration unit 402 will restore a system configuration and data into the said private blockchain network which would be able to bring them to a state as if nothing happened since a specific point in time from the chosen backup set thereof.
The second restoration unit 403 is preferably configured for providing a restoration of a single network component selected from the said network components. In one embodiment, the second restoration unit 403 allows the app owner or user to choose which one of the network components is desired for restoration. Instead of total system restoration, the app owner or user is given an option to restore the selected one network component only, for instance, either peer node, orderer node, CA node, or middleware node. However, all peer nodes need to be restored in all or none mode.
The recovery repository 404 is configured to store the backup data and provide metadata associated thereof.
The backup and restoration manager 405 is preferably configured for managing the system backup unit 401, the first restoration unit 402, the second restoration unit 403, and the recovery repository 404 thereof. It is preferred that the backup and restoration manager 405 manages the backup activities thereof, call backup thereof, and restore the network components thereof.
Concerning the method of the present invention, Figure 3 provides a summarized flow diagram depicting the steps involved, as explained in the preceding paragraphs in connection with the system thereof. For purposes of clarity in explanation and understanding, the method of the present invention is described in the following section.
The method preferably begins with step 500 of receiving, by the interface module 100, a user-specified requirement, including a system specification of a proposed private blockchain network from the app owner or user. It is subsequently followed by step 501 of processing, by the configurator engine module 200, the user-specified requirement to generate a full network configuration for the said private blockchain network. Following that, the method initiates the step 502 of dynamically optimizing, by the optimization module 300, the private blockchain network by way of monitoring the full network configuration generated thereof. The method further provides the step 503 of performing, by the recovery module 400, a network recovery operation of the said private blockchain network.
Figures 4, 5, and 6 provide the flow diagrams of step 501 , step 502, and step 503, respectively.
According to Figure 4, step 501 preferably includes the step 501a of generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification, the step 501b of executing the configuration files, and the step 501 c of executing the list of execution functions in the said sequential order.
According to Figure 5, step 502 preferably includes the step 502a of monitoring a list of blockchain hosts and services associated with the full network configuration, the step 502b of identifying an irregularity in the list of blockchain hosts and services thereof, and the step 502c of correcting the irregularity detected thereof.
According to Figure 6, step 503 preferably includes the step 503a of providing a snapshot backup having network components of the said private blockchain network, the step 503b of providing a list of available backup sets retrievable from a recovery repository based on metadata associated thereof, and the step 503c of providing a restoration of a single network component selected from the said network components.
Figures 7, 8, 12 and 13 may provide greater insight to those of ordinary skill in the art as to the operation of the interface module 100 (see step 500), the configurator engine module 200 (see step 501), the optimization module 300 (see step 502) and the recovery module 400 (see step 503), respectively.
Figure 7 related to the operation of the interface module 100 having its flow described by step 500 begins with a user login session. In this regard, the user is logged in to the system of the present invention using a password through the GUI. If the user selects the quick-start module being the user-specified requirement, then the interface module 100 will proceed to call the configurator engine module 200. The configurator engine module 200 shall utilize the system default values to create the corresponding system default private blockchain network. The quick-start module does not require any other inputs from the app owner or user. If the user selects the customized module being the user-specified requirement, then the interface module 100 will proceed to receive a system specification from the user to set up a customized private blockchain network. The system specification may include network attributes that may be selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name and organization name. Once the hosts and passwords are verified, the interface module 100 will store the system specification provided thereof in the configuration repository 207. Subsequently, the interface module 100 will call the configurator engine module 200 to create the said customized private blockchain network.
According to Figure 8, with reference to step 501, the configurator engine module 200 begins by way of receiving and parsing a command request transmitted from the interface module 100. It will proceed to retrieve the user-specified requirement and associated data including the user specification from the configuration repository 207. The configurator engine module 200 subsequently executes the configuration files and the list of execution functions in the predetermined sequential order until all functions are executed. The configuration files include crypto-yaml files, Configtx files, and Compose files. The execution functions include, but not limited to, those associated with test IP address, transfer prerequisites, install prerequisites, bring up orderer nodes, bring up CA, bring up peers, and CouchDBs, create channel, join channel and update anchor peers. Following that, the configurator engine module 200 generates a full network configuration for the private blockchain network proposed thereof.
Meanwhile, Figures 9, 10, and 11 may respectively provide greater insight into the operation of the function governor unit 201 (see step 501a), the configuration generator unit 202 (see step 501 b), and the function executor unit 203 (see step 501c) of the said configurator engine module 200.
In Figure 9, the function governor unit 201, with reference to step 501a, accesses the configuration repository 207 to read data therefrom such as virtual machine IP addresses, usernames and passwords associated thereof. Following that, the function governor unit 201 generates a master configuration. The master configuration may include a prerequisite list, nodes running on virtual machines, and port numbers to be used. For instance,
{“VM”: “10, 1,25, 107”,
“Config”: {“Nodes”: [“peerl ”, “peer2”, ’’ordererl”, ..] },
“VM”:”10.1.25. 108”,
“Config”: {“Nodes”: [“peer3”, “peer4”, ’’ordered”, ..]},
Subsequently, the function governor unit 201 reads the execution function list and dependencies (templates). It also will check the function dependencies and execution mode. An example of the execution function list, for each virtual machine, is as follows:
Figure imgf000017_0001
The function governor unit 201 will next proceed to generate function parameters, exemplarily shown as follows:
{“Function”: { “Name”: “GenerateConfigtx, “Parameters”:{
“Channei_Name”: “mimoschannel”}}}
Finally, function governor unit 201 generates a test function list, as follows:
{“Functions_Ust”: [“GeneretaCrypto”, “GenereateConfigtx”]}
In Figure 10, the configuration generator unit 202, with reference to step 501b, receives and parses the received parameters based on the configuration name. Next, it will check validity of those parameters to ensure the parameter data is valid. For instance, username=dj.
The configuration generator unit 202 will read the configuration files and their template files to generate configuration lines depending on certain criteria, for example, different numbers of virtual machines generate different port numbers. Next, it will check the generation mode whether it is required to insert the configuration files or to insert the configuration lines while preserving other modifications. Finally, the configuration generator unit 202 writes to a destination file and outputs the configuration files.
In Figure 11 , the function executor unit 203, with reference to step 501c, parses the function name and parameters thereof, prior to checking the validity of the function. The function executor unit 203 next will check the function execution mode, for instance,
Sync, Async, SSH CLI Call, Web service Call
If the function execution mode is synchronized (or sync) execution, then the function executor unit 203 will check for an exit status and return value. Upon completion, the function executor unit 203 will pass the said exit status and the return value to the calling module, e.g. the interface module 100. If the function execution mode is an asynchronized (or async) execution, then the function executor unit 203 will check for a process status. A process status checker will run in new threads, and shall be checked at a predefined interval, e.g. one minute. Upon completion, the function executor unit 203 will pass it back to the calling module thereof.
Figure 12 related to the operation of the optimization module 300 having its flow described by step 502 begins with the step of reading the configuration repository to build a list of blockchain hosts and services to be monitored. Following that, the optimization module 300 will execute the watcher unit 301 for monitoring the said list of blockchain hosts and services, including node availability, utilization parameters and service health by way of checking the availability of port number and service logs (for errors and warnings). The collected parameters of attributes shall be forwarded to the analyzer unit 302. The analyzer unit 302 will analyze the collected parameters for identifying any irregularities and requirement for attention or action. It parses the collected parameters to determine host availability, port status, service status, utilization of central processing unit (CPU), memory and storage, and trend and projection of CPU, memory and storage thereof. The process shall continue or iterating until an exit command is received. The analyzer unit 302 will, based on the analysis, determine if an action for tuning is required. If so, then analyzer unit 302 will generate a tuning command based on the action required and executed to the tuner unit 303. A notification will be sent to an administrator to indicate that the tuning command has been executed.
Figure 13 related to the operation of the recovery module 400 having its flow described by step 503 begins with the step of choosing an operation from a selection comprising a system backup executable by the system backup unit 401, a system restore executable by the first restoration unit 402 and a component restore executable by the second restoration unit 403. If the system backup is chosen by the user, then the system backup unit 401 will perform a snapshot backup having network components of the said private blockchain network. If the system restore is chosen by the user, the first restoration unit 402 will provide the list of available backup sets. Based on the choice made by the app owner or user on the list of available backup sets, the first restoration unit 402 will restore a system configuration and data into the said private blockchain network which would be able to bring them to a state as if nothing happened since a specific point in time from the chosen backup set thereof. If the component restore is chosen by the user, then the second restoration unit 403 will proceed with restoration of a single network component selected from the said network components. The second restoration unit 403 will allow the app owner or user to choose which one of the network components is desired for restoration. Instead of total system restoration, the app owner or user is given an option to restore the selected one network component only, for instance, either peer node, orderer node, CA node, or middleware node. However, all peer nodes need to be restored in all or none mode. Finally, the recovery module 400 will update the backup data and catalogue accordingly.
Although an overview of the inventive subject matter has been described with reference to specific example embodiments, various modifications and changes may be made to these embodiments without departing from the broader scope of embodiments of the present disclosure. Such embodiments of the inventive subject matter may be referred to herein, individually or collectively, by the term “invention” merely for convenience and without intending to voluntarily limit the scope of this application to any single disclosure or inventive concept if more than one is, in fact, disclosed.
The embodiments illustrated herein are described in sufficient detail to enable those skilled in the art to practice the teachings disclosed. Other embodiments may be used and derived therefrom, such that structural and logical substitutions and changes may be made without departing from the scope of this disclosure. The Detailed Description, therefore, is not to be taken in a limiting sense, and the scope of various embodiments is defined only by the appended claims, along with the full range of equivalents to which such claims are entitled.
As used herein, the term “or” may be construed in either an inclusive or exclusive sense. Moreover, plural instances may be provided for resources, operations, or structures described herein as a single instance. Additionally, boundaries between various resources, operations, modules, engines, and data stores are somewhat arbitrary, and particular operations are illustrated in a context of specific illustrative configurations. Other allocations of functionality are envisioned and may fall within a scope of various embodiments of the present disclosure. In general, structures and functionality presented as separate resources in the example configurations may be implemented as a combined structure or resource. Similarly, structures and functionality presented as a single resource may be implemented as separate resources. These and other variations, modifications, additions, and improvements fall within a scope of embodiments of the present disclosure as represented by the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.
The foregoing description, for the purpose of explanation, has been described with reference to specific example embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the possible example embodiments to the precise forms disclosed. Many modifications and variations are possible in view of the above teachings. The example embodiments were chosen and described in order to best explain the principles involved and their practical applications, to thereby enable others skilled in the art to best utilize the various example embodiments with various modifications as are suited to the particular use contemplated.
It will also be understood that, although the terms “first,” “second,” and so forth may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first contact could be termed a second contact, and, similarly, a second contact could be termed a first contact, without departing from the scope of the present example embodiments. The first contact and the second contact are both contacts, but they are not the same contact. The terminology used in the description of the example embodiments herein is for the purpose of describing particular example embodiments only and is not intended to be limiting. As used in the description of the example embodiments and the appended examples, the singular forms “a,” “an,” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term “and/or” as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
As used herein, the term “if’ may be construed to mean “when” or “upon” or “in response to determining” or “in response to detecting,” depending on the context. Similarly, the phrase “if it is determined” or “if [a stated condition or event] is detected” may be construed to mean “upon determining” or “in response to determining” or “upon detecting [the stated condition or event]” or “in response to detecting [the stated condition or event],” depending on the context.

Claims

1. A system for seamlessly provisioning, configuring, and deploying an enterprise- grade private blockchain network, characterized in that, the system comprising: an interface module (100) configured for receiving a user-specified requirement having a system specification of a private blockchain network; a configurator engine module (200) connected to the interface module (100) configured for processing the user-specified requirement to generate a full network configuration for the said private blockchain network, comprising: a function governor unit (201 ) for generating a list of execution functions in sequential order, configuration files and filenames derivable based on the said system specification; a configuration generator unit (202) for executing the configuration files; and a function executor unit (203) connected to an image repository (204) for executing the list of execution functions in the said sequential order; an optimization module (300) connected to the interface module (100) and the configurator engine module (200) configured for dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof, comprising: a watcher unit (301 ) for monitoring a list of blockchain hosts and services associated with the full network configuration; an analyzer unit (302) for identifying an irregularity in the list of blockchain hosts and services thereof; and a tuner unit (303) for correcting the irregularity detected thereof; and a recovery module (400) connected to the interface module (100), the configurator engine module (200) and the optimization module (300) configured for performing a network recovery operation of the said private blockchain network, comprising: a system backup unit (401 ) for providing a snapshot backup having network components of the said private blockchain network; a first restoration unit (402) for providing a list of available backup sets retrievable from a recovery repository (404) based on metadata associated thereof; and a second restoration unit (403) for providing a restoration of a single network component selected from the said network components.
2. The system according to Claim 1 , wherein the configurator engine module (200) further comprises: an installer agent (205) deployed on a remote node for performing installation of the private blockchain network in a different network domain; and a chaincode management module (206).
3. The system according to Claim 1 , wherein the configurator engine module (200) further comprises a configuration repository (207) for storing the user-specified requirement, the full network configuration comprising the list of execution functions, the configuration files and the filenames, and the list of blockchain hosts and services thereof.
4. The system according to Claim 1 , wherein the recovery module (400) comprises a backup and restoration manager (405) to manage the system backup unit (401), the first restoration unit (402), the second restoration unit (403) and the recovery repository (404) thereof.
5. The system according to Claim 1 , wherein the user-specified requirement includes a quick-start module for a system default private blockchain network and a customized module for a customized private blockchain network.
6. The system according to Claim 1 , wherein the system specification comprises network attributes selected from a group comprising network name, number of virtual machines, number of hosts, username, password, port number, number of organizations, domain name and organization name.
7. The system according to Claim 1 , wherein the irregularity includes any error in the list of blockchain hosts and services monitored thereof.
8. The system according to Claim 1 , wherein the list of blockchain hosts and services comprises node availability, host availability, utilization parameters, service health (up and down), number of ports, and service logs (errors and warnings).
9. The system according to Claim 1 , wherein the network components include peer nodes, orderer nodes, certificate authority nodes, and middleware nodes.
10. A method for seamlessly provisioning, configuring, and deploying an enterprise- grade private blockchain network, characterized in that, the method comprising the steps of: receiving a user-specified requirement including a system specification of a private blockchain network (500); processing the user-specified requirement to generate a full network configuration for the said private blockchain network (501 ), including: generating a list of execution functions in a sequential order, configuration files and filenames derivable based on the said system specification (501a); executing the configuration files (501b); and executing the list of execution functions in the said sequential order (501c); dynamically optimizing the private blockchain network by way of monitoring the full network configuration generated thereof (502), including: monitoring a list of blockchain hosts and services associated with the full network configuration (502a); identifying an irregularity in the list of blockchain hosts and services thereof (502b); and correcting the irregularity detected thereof (502c); and performing a network recovery operation of the said private blockchain network (503), including: providing a snapshot backup having network components of the said private blockchain network (503a); providing a list of available backup sets retrievable from a recovery repository based on metadata associated thereof (503b); and providing a restoration of a single network component selected from the said network components (503c).
PCT/MY2020/050187 2020-07-06 2020-12-02 System and method for seamless provision, configuration, and deployment of enterprise-grade private blockchain network WO2022010339A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2020003512 2020-07-06
MYPI2020003512 2020-07-06

Publications (1)

Publication Number Publication Date
WO2022010339A1 true WO2022010339A1 (en) 2022-01-13

Family

ID=79553533

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2020/050187 WO2022010339A1 (en) 2020-07-06 2020-12-02 System and method for seamless provision, configuration, and deployment of enterprise-grade private blockchain network

Country Status (1)

Country Link
WO (1) WO2022010339A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190013933A1 (en) * 2017-07-07 2019-01-10 Microsoft Technology Licensing, Llc Blockchain object deployment and synchronization across blockchains
WO2019210321A1 (en) * 2018-04-27 2019-10-31 Optherium Labs Ou Multi-decentralized private blockchains network
US20200112430A1 (en) * 2016-08-03 2020-04-09 James Taylor Systems and Methods for Deployment, Management and Use of Dynamic Cipher Key Systems
US20200195495A1 (en) * 2019-02-25 2020-06-18 Intel Corporation 5g network slicing with distributed ledger traceability and resource utilization inferencing
WO2020140015A1 (en) * 2018-12-28 2020-07-02 Mox-SpeedChain, LLC Private blockchain ecosystems for enabling secure computing operations

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200112430A1 (en) * 2016-08-03 2020-04-09 James Taylor Systems and Methods for Deployment, Management and Use of Dynamic Cipher Key Systems
US20190013933A1 (en) * 2017-07-07 2019-01-10 Microsoft Technology Licensing, Llc Blockchain object deployment and synchronization across blockchains
WO2019210321A1 (en) * 2018-04-27 2019-10-31 Optherium Labs Ou Multi-decentralized private blockchains network
WO2020140015A1 (en) * 2018-12-28 2020-07-02 Mox-SpeedChain, LLC Private blockchain ecosystems for enabling secure computing operations
US20200195495A1 (en) * 2019-02-25 2020-06-18 Intel Corporation 5g network slicing with distributed ledger traceability and resource utilization inferencing

Similar Documents

Publication Publication Date Title
US11880679B2 (en) System and method for supporting patching in a multitenant application server environment
US11907254B2 (en) Provisioning and managing replicated data instances
US9442813B2 (en) Replaying jobs at a secondary location of a service
US6868539B1 (en) System and method providing single application image
US10203992B2 (en) Worker node rebuild for parallel processing system
US7698391B2 (en) Performing a provisioning operation associated with a software application on a subset of the nodes on which the software application is to operate
US8296267B2 (en) Upgrade of highly available farm server groups
US9792141B1 (en) Configured generation of virtual machine images
RU2417416C2 (en) Solution deployment in server farm
US20220174096A1 (en) Automatically Deployed Information Technology (IT) System and Method with Enhanced Security
WO2016053518A1 (en) Methods and systems for portably deploying applications on one or more cloud systems
SG189899A1 (en) Machine manager service fabric
WO2017209946A1 (en) Choreographed distributed execution of programs
CN115812298A (en) Block chain management of supply failure
WO2022010339A1 (en) System and method for seamless provision, configuration, and deployment of enterprise-grade private blockchain network
Röblitz et al. Autonomic management of large clusters and their integration into the grid
US11165627B2 (en) Self-assembling and self-configuring microservices
Abbes et al. Fault tolerance based on the publish-subscribe paradigm for the bonjourgrid middleware
US11303562B1 (en) Dynamic high-availability architecture
CN116614323B (en) Cloud storage enterprise network management method and system based on Rclone
Oliveira et al. Distributed Ledger Technology to Enable Secure Management of IT Infrastructures: Development and evaluation of a Proof-of-concept tool using Hyperledger Fabric
GB2621140A (en) Configuration management system
Andersen Dependability evaluation of the spread/distributed autonomous replication management framework in a realistic deployment scenario
Bantouna et al. D5. 5b: XIFI nodes operation, maintenance, assistance and procedures updates
Hariri et al. An autonomic application development & management environment

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20944442

Country of ref document: EP

Kind code of ref document: A1