IPFS私有链搭建
IPFS安装
官方下载Releases版本,版本号v0.10.0
[root@localhost ~]# mkdir ipfs && cd ipfs
[root@localhost ipfs]# tar -zxf go-ipfs_v0.10.0_linux-amd64.tar.gz
[root@localhost ipfs]# cd go-ipfs
[root@localhost go-ipfs]# ls
install.sh ipfs LICENSE LICENSE-APACHE LICENSE-MIT README.md
[root@localhost go-ipfs]# sudo ./install.sh
Moved ./ipfs to /usr/local/bin
[root@localhost go-ipfs]# ipfs --version
ipfs version 0.10.0
IPFS初始化
[root@localhost go-ipfs]# ipfs init
generating ED25519 keypair...done
peer identity: 12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu
initializing IPFS node at /root/.ipfs
to get started, enter:
ipfs cat /ipfs/QmQPeNsJPyVWPFDVHb77w8G42Fvo15z4bG2X8D2GhfbSXc/readme
[root@localhost go-ipfs]# ipfs cat /ipfs/QmQPeNsJPyVWPFDVHb77w8G42Fvo15z4bG2X8D2GhfbSXc/readme
Hello and Welcome to IPFS!
██╗██████╗ ███████╗███████╗
██║██╔══██╗██╔════╝██╔════╝
██║██████╔╝█████╗ ███████╗
██║██╔═══╝ ██╔══╝ ╚════██║
██║██║ ██║ ███████║
╚═╝╚═╝ ╚═╝ ╚══════╝
If you're seeing this, you have successfully installed
IPFS and are now interfacing with the ipfs merkledag!
-------------------------------------------------------
| Warning: |
| This is alpha software. Use at your own discretion! |
| Much is missing or lacking polish. There are bugs. |
| Not yet secure. Read the security notes for more. |
-------------------------------------------------------
Check out some of the other files in this directory:
./about
./help
./quick-start <-- usage examples
./readme <-- this file
./security-notes
[root@localhost go-ipfs]#
查看本机ID
[root@localhost go-ipfs]# ipfs id
{
"ID": "12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"PublicKey": "CAESILBvoj7rWdH8AQ6M++06Ze9nLiHqWCODUlyGzwr5Hk5G",
"Addresses": null,
"AgentVersion": "go-ipfs/0.10.0/",
"ProtocolVersion": "ipfs/0.1.0",
"Protocols": null
}
[root@localhost go-ipfs]#
节点配置
IPFS安装后会在~/.ipfs/config
配置文件的Bootstrap节点默认配置一些附近的节点,如果搭建私有链,需要将Bootstrap设置为空
"Bootstrap": [
"/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN",
"/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa",
"/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb",
"/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt",
"/ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ",
"/ip4/104.131.131.82/udp/4001/quic/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ"
],
允许其他机器访问
[root@localhost go-ipfs]# ipfs config --json Addresses.API '"/ip4/0.0.0.0/tcp/5001"'
跨域资源共享CORS配置
[root@localhost go-ipfs]# ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]'
启动服务
[root@localhost go-ipfs]# ipfs daemon
Initializing daemon...
go-ipfs version: 0.10.0
Repo version: 11
System version: amd64/linux
Golang version: go1.16.8
2021/11/16 22:16:25 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.
Swarm listening on /ip4/127.0.0.1/tcp/4001
Swarm listening on /ip4/127.0.0.1/udp/4001/quic
Swarm listening on /ip4/192.168.75.131/tcp/4001
Swarm listening on /ip4/192.168.75.131/udp/4001/quic
Swarm listening on /ip6/::1/tcp/4001
Swarm listening on /ip6/::1/udp/4001/quic
Swarm listening on /p2p-circuit
Swarm announcing /ip4/127.0.0.1/tcp/4001
Swarm announcing /ip4/127.0.0.1/udp/4001/quic
Swarm announcing /ip4/192.168.75.131/tcp/4001
Swarm announcing /ip4/192.168.75.131/udp/4001/quic
Swarm announcing /ip6/::1/tcp/4001
Swarm announcing /ip6/::1/udp/4001/quic
API server listening on /ip4/0.0.0.0/tcp/5001
WebUI: http://0.0.0.0:5001/webui
Gateway (readonly) server listening on /ip4/127.0.0.1/tcp/8080
Daemon is ready
后台启动
[root@localhost go-ipfs]# ipfs daemon &
[root@localhost go-ipfs]# ps -ef|grep ipfs
root 68929 4208 0 02:12 pts/0 00:00:00 ipfs daemon
root 71768 4208 0 02:14 pts/0 00:00:00 grep --color=auto ipfs
再次查看本机ID
[root@localhost ~]# ipfs id
{
"ID": "12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"PublicKey": "CAESILBvoj7rWdH8AQ6M++06Ze9nLiHqWCODUlyGzwr5Hk5G",
"Addresses": [
"/ip4/127.0.0.1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"/ip4/192.168.75.131/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"/ip4/192.168.75.131/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"/ip6/::1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
"/ip6/::1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu"
],
"AgentVersion": "go-ipfs/0.10.0/",
"ProtocolVersion": "ipfs/0.1.0",
"Protocols": [
"/ipfs/bitswap",
"/ipfs/bitswap/1.0.0",
"/ipfs/bitswap/1.1.0",
"/ipfs/bitswap/1.2.0",
"/ipfs/id/1.0.0",
"/ipfs/id/push/1.0.0",
"/ipfs/lan/kad/1.0.0",
"/ipfs/ping/1.0.0",
"/libp2p/autonat/1.0.0",
"/libp2p/circuit/relay/0.1.0",
"/p2p/id/delta/1.0.0",
"/x/"
]
}
IPFS命令行操作
添加文件
## 添加文件测试 返回的 QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT 就是文件的hash值
## 文本文件可通过浏览器直接查看
## http://192.168.75.131:8080/ipfs/QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT
## 需检查 ~/.ipfs/config 配置中Gateway是否允许其他机器访问
[root@localhost ~]# vim hello.txt
## 添加 hello world!
[root@localhost ~]# ls
anaconda-ks.cfg go hello.txt ipfs
[root@localhost ~]# ipfs add hello.txt
added QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT hello.txt
返回的 QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT 就是文件的hash值
图片、文件文件等可直接通过浏览器语言 ==>
http://192.168.75.131:8080/ipfs/QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT
需检查防火墙是否允许端口访问,以及检查 ~/.ipfs/config 配置中Gateway是否允许其他机器访问
“Gateway”: “/ip4/0.0.0.0/tcp/8080”,
命令行查看文件
[root@localhost ~]# ipfs cat QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT
hello world!
IPFS WebUI
daemon 服务开启,就会尝试连接Bootstrap节点列表中的节点,同步数据,同时还会在本地开启两个服务:API服务及Web网关服务
API服务
默认在5001端口,可以通过 http://192.168.75.131:5001/webui 进行访问,这也是IPFS的一个Web版的管理控制台, 可以通过这个控制台添加文件,查看节点连接情况等等
网关服务
默认在8080端口,由于当前浏览器还不支持通过IPFS协议(ipfs://)来访问文件,如果我们要在浏览器里访问文件的话,就需要借助于IPFS 提供的网关服务,由浏览器先访问到网关,网关去获取IPFS网络杀过了的文件。 有了网关服务,就可以通过这个链接:
http://192.168.75.131:8080/ipfs/QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT
来访问刚刚上传到ipfs 的文件。
多节点连接
准备两台虚拟机,分别按照以上步骤安装IPFS,并通过
ipfs id
命令查看节点ID
- 192.168.75.131 12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu
- 192.168.75.5 12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho
添加节点
使用
ipfs bootstrap add /ip4/ip/tcp/4001/ipfs/hash
添加节点后需重启双方的daemon服务
-
192.168.75.131
[root@localhost ~]# ipfs bootstrap add /ip4/192.168.75.5/tcp/4001/ipfs/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho added /ip4/192.168.75.5/tcp/4001/ipfs/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho [root@localhost ~]# ipfs id { "ID": "12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu", "PublicKey": "CAESILBvoj7rWdH8AQ6M++06Ze9nLiHqWCODUlyGzwr5Hk5G", "Addresses": [ "/ip4/127.0.0.1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu", "/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu", "/ip4/192.168.75.131/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu", "/ip4/192.168.75.131/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu", "/ip6/::1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu", "/ip6/::1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu" ], "AgentVersion": "go-ipfs/0.10.0/", "ProtocolVersion": "ipfs/0.1.0", "Protocols": [ "/ipfs/bitswap", "/ipfs/bitswap/1.0.0", "/ipfs/bitswap/1.1.0", "/ipfs/bitswap/1.2.0", "/ipfs/id/1.0.0", "/ipfs/id/push/1.0.0", "/ipfs/lan/kad/1.0.0", "/ipfs/ping/1.0.0", "/libp2p/autonat/1.0.0", "/libp2p/circuit/relay/0.1.0", "/p2p/id/delta/1.0.0", "/x/" ] }
-
192.168.75.5
[root@www go]# ipfs bootstrap add /ip4/192.168.75.131/tcp/4001/ipfs/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu added /ip4/192.168.75.131/tcp/4001/ipfs/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu [root@www go]# ipfs id { "ID": "12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho", "PublicKey": "CAESIG7TmfV0oluqavhf44tG71wx/XlrDt+s2yreZNmnV6i6", "Addresses": [ "/ip4/127.0.0.1/tcp/4001/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho", "/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho", "/ip4/192.168.75.5/tcp/4001/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho", "/ip4/192.168.75.5/udp/4001/quic/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho", "/ip6/::1/tcp/4001/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho", "/ip6/::1/udp/4001/quic/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho" ], "AgentVersion": "go-ipfs/0.10.0/", "ProtocolVersion": "ipfs/0.1.0", "Protocols": [ "/ipfs/bitswap", "/ipfs/bitswap/1.0.0", "/ipfs/bitswap/1.1.0", "/ipfs/bitswap/1.2.0", "/ipfs/id/1.0.0", "/ipfs/id/push/1.0.0", "/ipfs/lan/kad/1.0.0", "/ipfs/ping/1.0.0", "/libp2p/autonat/1.0.0", "/libp2p/circuit/relay/0.1.0", "/p2p/id/delta/1.0.0", "/x/" ] }
多节点共享密钥
同一个IPFS私链内的所有节点必须共享同一个密钥才能加入。
GO环境安装
因为密钥生成需要go 支持,如果本地服务器未安装 go ,请先下载安装 go
[root@localhost ~]# mkdir go && cd go
[root@localhost go]# wget https://golang.org/dl/go1.17.2.linux-amd64.tar.gz
如果下载失败,可到GO官网下载,go1.17.2版本,手动拷贝至指定目录
[root@localhost go]# tar -zxvf go1.17.2.linux-amd64.tar.gz
[root@localhost go]# sudo mv go /usr/local
[root@localhost go]# vi ~/.profile
## 文件末尾添加
export PATH=$PATH:/usr/local/go/bin
[root@localhost go]# source ~/.profile
[root@localhost go]# go version
go version go1.17.2 linux/amd64
安装密钥工具
[root@localhost go]# cd /mnt/
## 下载密钥生成工具
[root@localhost mnt]# go get -u github.com/Kubuxu/go-ipfs-swarm-key-gen/ipfs-swarm-key-gen
如果显示 connection refused,可以至GitHub仓库(Kubuxu/go-ipfs-swarm-key-gen (github.com)下载
## 编译go-ipfs-swarm-key-gen,生成可执行二进制文件
[root@localhost mnt]# sudo go build -o ipfs-swarm-key-gen go-ipfs-swarm-key-gen/ipfs-swarm-key-gen/main.go
[root@localhost mnt]# ls
go-ipfs-swarm-key-gen ipfs-swarm-key-gen
## 使用二进制文件生成密钥文件swarm.key
[root@localhost mnt]# sudo ./ipfs-swarm-key-gen > swarm.key
[root@localhost mnt]# ls
go-ipfs-swarm-key-gen ipfs-swarm-key-gen swarm.key
## 查看密钥串
[root@localhost mnt]# cat swarm.key
/key/swarm/psk/1.0.0/
/base16/
ea6021fc554524392a6d0112b03cc6055636c500638a6c59e035256ad56b4de3
[root@localhost mnt]# mv swarm.key ~/.ipfs/
[root@localhost .ipfs]# ls
api blocks config datastore datastore_spec keystore repo.lock swarm.key version
将生成的
swarm.key
文件同步到各节点的~/.ipfs/
目录下
## 192.168.75.5 通过scp命令拷贝key文件
[root@www .ipfs]# scp -r root@192.168.75.131:~/.ipfs/swarm.key ~/.ipfs/
The authenticity of host '192.168.75.131 (192.168.75.131)' can't be established.
ECDSA key fingerprint is SHA256:pwnOQ8plHgMBKPD9PFRO8m4WtMejP0DXJRMPw4uh4AM.
ECDSA key fingerprint is MD5:0f:4e:49:39:9a:43:0d:84:b0:c2:3c:15:50:ed:04:09.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.75.131' (ECDSA) to the list of known hosts.
root@192.168.75.131's password:
swarm.key 100% 95 147.4KB/s 00:00
[root@www .ipfs]# ls
api blocks config datastore datastore_spec keystore repo.lock swarm.key version
sudo:go:找不到命令
[root@localhost mnt]# sudo vim /etc/sudoers
## Defaults secure_path后面添加go的/usr/local/go/bin路径
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/go/bin
## :wq! 强制保存
IPFS多节点文件同步测试
-
192.168.75.131
## 添加测试文件 [root@localhost ~]# vim test.txt ## 输入 IPFS multi-node file synchronization test!!! [root@localhost ~]# ipfs add test.txt added QmVWxqGwov3JPYMgmqrQPbtUWxY3DV2263kNErKt1XaxWo test.txt [root@localhost ~]# ipfs cat QmVWxqGwov3JPYMgmqrQPbtUWxY3DV2263kNErKt1XaxWo IPFS multi-node file synchronization test!!!
-
192.168.75.5
## 根据hash查询 [root@www .ipfs]# ipfs cat QmVWxqGwov3JPYMgmqrQPbtUWxY3DV2263kNErKt1XaxWo IPFS multi-node file synchronization test!!!
以此说明两个节点已经连通。此时,停止75.131节点,75.5节点依然可以查询到。
参考文章:
- https://blog.csdn.net/cljdsc/article/details/110849814
- https://blog.csdn.net/loverson/article/details/120992335
更多推荐
所有评论(0)