Creating the configuration file for the IBM MQ Bridge to blockchain
Enter your queue manager and your blockchain network parameters to create the configuration file for the IBM MQ Bridge to blockchain to connect to your IBM MQ and IBM Blockchain networks.
Before you begin
- We created and configured your blockchain network.
- You have the credentials file from your blockchain network.
- You installed the IBM MQ Bridge to blockchain, on your x86 Linux environment.
- You have the IBM MQ Bridge to blockchain, IBM MQ Version 9.0.4 Redistributable Java client, and IBM Java runtime environment Version 8 on your x86 Linux.
This task takes you through the minimal setup that is needed to create the IBM MQ Bridge to blockchain configuration file and successfully connect to your IBM Blockchain and IBM MQ networks.
We can use the bridge to connect to blockchain networks that are based on Hyperledger Fabric v1.0 architecture. To use the bridge, you need configuration information from your blockchain network. In each step in this task we can find example configuration details that are based on two differently configured blockchain networks:
- Hyperledger Fabric network that runs in Docker. For more information, see Get started with Hyperledger Fabric, Writing your first application, and Example Hyperledger Fabric network credentials file.
- Hyperledger Fabric network that runs in a Kubernetes cluster in IBM Cloud (formerly Bluemix®). For more information, see Develop in a cloud sandbox on IBM Blockchain Platform, and Example Kubernetes container cluster network configuration file.
For more information on the meaning and options for all the IBM MQ Bridge to blockchain parameters, see the runmqbcb command. You must consider your own security requirements and customize the parameters appropriate to your deployment.
Procedure
- Run the bridge to create a configuration file. You need the parameters from your blockchain network credentials file and from your z/OS® queue manager. Run the bridge script from the bin directory of the location where you unpacked the bridge when you moved it from your z/OS environment in task Configure IBM MQ Advanced for z/OS VUE for use with blockchain.
./runmqbcb -o config_file_name.cfgAs the following example illustrates, the existing values are shown inside the brackets. Press Enter to accept existing values, press Space then Enter to clear values, and type inside the brackets then press Enter to add new values. We can separate lists of values (such as peers) by commas, or by entering each value on a new line. A blank line ends the list.Note: We cannot edit the existing values. We can keep, replace, or clear them.- Enter values for the connection to your z/OS queue manager. Minimum values that are needed for the connection are the queue manager name, the names of the bridge input and identity queues that you defined. For connections to remote queue managers, you also need MQ Channel and MQ Conname (host address and port where the queue manager is running). To use TLS for connecting to IBM MQ in step 6, you must use JNDI or CCDT and specify MQ CCDT URL or JNDI implementation class and JNDI provider URL accordingly.
Connection to Queue Manager --------------------------- Queue Manager : [z/OS_qmgr_name] Bridge Input Queue : [APPL1.BLOCKCHAIN.INPUT.QUEUE] Bridge User Identity Queue : [SYSTEM.BLOCKCHAIN.IDENTITY.QUEUE] MQ Channel : [SYSTEM.DEF.SVRCONN] MQ Conname : [host1.example.com(3714)] MQ CCDT URL : [] JNDI implementation class : [] JNDI provider URL : [] MQ Userid : [] MQ Password : []- Enter the login details for the certificate authority for your blockchain network. The default values for your local Hyperledger Fabric and Kubernetes cluster examples are admin for Userid and adminpw for Enrollment Secret. If you changed these values for your blockchain network, ensure that we use the correct values to configure the bridge.
Blockchain - User Identification -------------------------------- Blockchain Userid : []admin Enrollment Secret : []******- Enter the membership service provider id (MSPid) that governs membership and identity rules for your blockchain network. From your credentials file, provide the msp_id parameter for the Organisation Name and Organisation MSPId. From the Example Hyperledger Fabric network credentials file, use the CORE_PEER_LOCALMSPID value from the peer section of the file. From the Example Kubernetes container cluster network configuration file, use the mspID value.
Blockchain - Organisation Identification ---------------------------------------- Organisation Name : []Org1MSP Organisation MSPId : []Org1MSP- Enter your blockchain network server location values: From your Example Hyperledger Fabric network credentials file, provide the names and server:port locations for certificate authority, peer, and orderer elements.
Blockchain server locations --------------------------- Certificate Authority servers : [ca.example.com Docker_container_host:7054] (for example ca.example.com localhost:7054) Peer servers : [peer0 localhost:7051] Orderer servers : [orderer0 localhost:7050] Peer Event servers : [peer0 localhost:7053] Location of PEM file for Blockchain certificate : []From your Example Kubernetes container cluster network configuration file, provide the names and server:port locations for certificate authority, peer, and orderer elements.Blockchain server locations --------------------------- Certificate Authority servers : [CA1 your_blockchain_network_public_ip_address:30000] (for example CA1 123.456.789.10:30000) Peer servers : [blockchain-org1peer1 your_blockchain_network_public_ip_address:30110] Orderer servers : [blockchain-orderer your_blockchain_network_public_ip_address:31010] Peer Event servers : [blockchain-org1peer1 your_blockchain_network_public_ip_address:30111] Location of PEM file for Blockchain certificate : []- Enter certificate stores values for TLS connections. The bridge acts as an IBM MQ Java client that is connecting to a queue manager, which means that it can be configured to use TLS security to connect securely in the same way as any other IBM MQ Java client. Configuration of TLS connection details is exposed only after you specify JNDI or CCDT information in step 2.
Certificate stores for TLS connections -------------------------------------- Personal keystore : [] Keystore password : [] Trusted store for signer certs : [] Trusted store password : [] Use TLS for MQ connection : [N] Timeout for Blockchain operations : [12]- Enter the location for the log file for the IBM MQ Bridge to blockchain. You must specify the log file name and location, in the configuration file or on the command line.
Behavior of bridge program -------------------------- Runtime logfile for copy of stdout/stderr : [/var/mqm/errors/runmqbcb.log] Done.
Results
We created the configuration file that the IBM MQ Bridge to blockchain uses to connect to your IBM Blockchain network and to your IBM MQ z/OS queue manager.
What to do next
Work through the steps for Running the IBM MQ Bridge to blockchain