当前位置: 首页 > 工具软件 > ipfs-md-wiki > 使用案例 >

IPFS私有链搭建

酆翔宇
2023-12-01

IPFS安装

官方下载Releases版本,版本号v0.10.0

[root@localhost ~]# mkdir ipfs && cd ipfs
[root@localhost ipfs]# tar -zxf go-ipfs_v0.10.0_linux-amd64.tar.gz
[root@localhost ipfs]# cd go-ipfs
[root@localhost go-ipfs]# ls
install.sh  ipfs  LICENSE  LICENSE-APACHE  LICENSE-MIT  README.md
[root@localhost go-ipfs]# sudo ./install.sh
Moved ./ipfs to /usr/local/bin
[root@localhost go-ipfs]# ipfs --version
ipfs version 0.10.0

IPFS初始化

[root@localhost go-ipfs]# ipfs init
generating ED25519 keypair...done
peer identity: 12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu
initializing IPFS node at /root/.ipfs
to get started, enter:

        ipfs cat /ipfs/QmQPeNsJPyVWPFDVHb77w8G42Fvo15z4bG2X8D2GhfbSXc/readme

[root@localhost go-ipfs]# ipfs cat /ipfs/QmQPeNsJPyVWPFDVHb77w8G42Fvo15z4bG2X8D2GhfbSXc/readme
Hello and Welcome to IPFS!

██╗██████╗ ███████╗███████╗
██║██╔══██╗██╔════╝██╔════╝
██║██████╔╝█████╗  ███████╗
██║██╔═══╝ ██╔══╝  ╚════██║
██║██║     ██║     ███████║
╚═╝╚═╝     ╚═╝     ╚══════╝

If you're seeing this, you have successfully installed
IPFS and are now interfacing with the ipfs merkledag!

 -------------------------------------------------------
| Warning:                                              |
|   This is alpha software. Use at your own discretion! |
|   Much is missing or lacking polish. There are bugs.  |
|   Not yet secure. Read the security notes for more.   |
 -------------------------------------------------------

Check out some of the other files in this directory:

  ./about
  ./help
  ./quick-start     <-- usage examples
  ./readme          <-- this file
  ./security-notes
[root@localhost go-ipfs]# 

查看本机ID

[root@localhost go-ipfs]# ipfs id
{
        "ID": "12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
        "PublicKey": "CAESILBvoj7rWdH8AQ6M++06Ze9nLiHqWCODUlyGzwr5Hk5G",
        "Addresses": null,
        "AgentVersion": "go-ipfs/0.10.0/",
        "ProtocolVersion": "ipfs/0.1.0",
        "Protocols": null
}

[root@localhost go-ipfs]# 

节点配置

IPFS安装后会在~/.ipfs/config配置文件的Bootstrap节点默认配置一些附近的节点,如果搭建私有链,需要将Bootstrap设置为空

 "Bootstrap": [
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN",
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa",
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb",
    "/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt",
    "/ip4/104.131.131.82/tcp/4001/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ",
    "/ip4/104.131.131.82/udp/4001/quic/p2p/QmaCpDMGvV2BGHeYERUEnRQAwe3N8SzbUtfsmvsqQLuvuJ"
  ],

允许其他机器访问

[root@localhost go-ipfs]# ipfs config --json Addresses.API '"/ip4/0.0.0.0/tcp/5001"'

跨域资源共享CORS配置

[root@localhost go-ipfs]# ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]'

启动服务

[root@localhost go-ipfs]# ipfs daemon
Initializing daemon...
go-ipfs version: 0.10.0
Repo version: 11
System version: amd64/linux
Golang version: go1.16.8
2021/11/16 22:16:25 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.
Swarm listening on /ip4/127.0.0.1/tcp/4001
Swarm listening on /ip4/127.0.0.1/udp/4001/quic
Swarm listening on /ip4/192.168.75.131/tcp/4001
Swarm listening on /ip4/192.168.75.131/udp/4001/quic
Swarm listening on /ip6/::1/tcp/4001
Swarm listening on /ip6/::1/udp/4001/quic
Swarm listening on /p2p-circuit
Swarm announcing /ip4/127.0.0.1/tcp/4001
Swarm announcing /ip4/127.0.0.1/udp/4001/quic
Swarm announcing /ip4/192.168.75.131/tcp/4001
Swarm announcing /ip4/192.168.75.131/udp/4001/quic
Swarm announcing /ip6/::1/tcp/4001
Swarm announcing /ip6/::1/udp/4001/quic
API server listening on /ip4/0.0.0.0/tcp/5001
WebUI: http://0.0.0.0:5001/webui
Gateway (readonly) server listening on /ip4/127.0.0.1/tcp/8080
Daemon is ready

后台启动

[root@localhost go-ipfs]# ipfs daemon &
[root@localhost go-ipfs]# ps -ef|grep ipfs
root      68929   4208  0 02:12 pts/0    00:00:00 ipfs daemon
root      71768   4208  0 02:14 pts/0    00:00:00 grep --color=auto ipfs

再次查看本机ID

[root@localhost ~]# ipfs id
{
        "ID": "12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
        "PublicKey": "CAESILBvoj7rWdH8AQ6M++06Ze9nLiHqWCODUlyGzwr5Hk5G",
        "Addresses": [
                "/ip4/127.0.0.1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                "/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                "/ip4/192.168.75.131/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                "/ip4/192.168.75.131/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                "/ip6/::1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                "/ip6/::1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu"
        ],
        "AgentVersion": "go-ipfs/0.10.0/",
        "ProtocolVersion": "ipfs/0.1.0",
        "Protocols": [
                "/ipfs/bitswap",
                "/ipfs/bitswap/1.0.0",
                "/ipfs/bitswap/1.1.0",
                "/ipfs/bitswap/1.2.0",
                "/ipfs/id/1.0.0",
                "/ipfs/id/push/1.0.0",
                "/ipfs/lan/kad/1.0.0",
                "/ipfs/ping/1.0.0",
                "/libp2p/autonat/1.0.0",
                "/libp2p/circuit/relay/0.1.0",
                "/p2p/id/delta/1.0.0",
                "/x/"
        ]
}

IPFS命令行操作

官方文档

添加文件

## 添加文件测试 返回的 QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT 就是文件的hash值
## 文本文件可通过浏览器直接查看 
## http://192.168.75.131:8080/ipfs/QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT
## 需检查 ~/.ipfs/config 配置中Gateway是否允许其他机器访问  
[root@localhost ~]# vim hello.txt
## 添加 hello world!
[root@localhost ~]# ls
anaconda-ks.cfg  go  hello.txt  ipfs
[root@localhost ~]# ipfs add hello.txt 
added QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT hello.txt

返回的 QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT 就是文件的hash值

图片、文件文件等可直接通过浏览器语言 ==> http://192.168.75.131:8080/ipfs/QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT

需检查防火墙是否允许端口访问,以及检查 ~/.ipfs/config 配置中Gateway是否允许其他机器访问

“Gateway”: “/ip4/0.0.0.0/tcp/8080”,

命令行查看文件
[root@localhost ~]# ipfs cat QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT
hello world!

IPFS WebUI

daemon 服务开启,就会尝试连接Bootstrap节点列表中的节点,同步数据,同时还会在本地开启两个服务:API服务及Web网关服务

  1. API服务

    默认在5001端口,可以通过 http://192.168.75.131:5001/webui 进行访问,这也是IPFS的一个Web版的管理控制台, 可以通过这个控制台添加文件,查看节点连接情况等等

  2. 网关服务

    默认在8080端口,由于当前浏览器还不支持通过IPFS协议(ipfs://)来访问文件,如果我们要在浏览器里访问文件的话,就需要借助于IPFS 提供的网关服务,由浏览器先访问到网关,网关去获取IPFS网络杀过了的文件。 有了网关服务,就可以通过这个链接:http://192.168.75.131:8080/ipfs/QmeV1kwh3333bsnT6YRfdCRrSgUPngKmAhhTa4RrqYPbKT来访问刚刚上传到ipfs 的文件。

多节点连接

准备两台虚拟机,分别按照以上步骤安装IPFS,并通过ipfs id命令查看节点ID

  • 192.168.75.131 12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu
  • 192.168.75.5 12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho
添加节点

使用ipfs bootstrap add /ip4/ip/tcp/4001/ipfs/hash添加节点后需重启双方的daemon服务

  • 192.168.75.131

    [root@localhost ~]# ipfs bootstrap add /ip4/192.168.75.5/tcp/4001/ipfs/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho
    added /ip4/192.168.75.5/tcp/4001/ipfs/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho
    [root@localhost ~]# ipfs id
    {
            "ID": "12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
            "PublicKey": "CAESILBvoj7rWdH8AQ6M++06Ze9nLiHqWCODUlyGzwr5Hk5G",
            "Addresses": [
                    "/ip4/127.0.0.1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                    "/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                    "/ip4/192.168.75.131/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                    "/ip4/192.168.75.131/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                    "/ip6/::1/tcp/4001/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu",
                    "/ip6/::1/udp/4001/quic/p2p/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu"
            ],
            "AgentVersion": "go-ipfs/0.10.0/",
            "ProtocolVersion": "ipfs/0.1.0",
            "Protocols": [
                    "/ipfs/bitswap",
                    "/ipfs/bitswap/1.0.0",
                    "/ipfs/bitswap/1.1.0",
                    "/ipfs/bitswap/1.2.0",
                    "/ipfs/id/1.0.0",
                    "/ipfs/id/push/1.0.0",
                    "/ipfs/lan/kad/1.0.0",
                    "/ipfs/ping/1.0.0",
                    "/libp2p/autonat/1.0.0",
                    "/libp2p/circuit/relay/0.1.0",
                    "/p2p/id/delta/1.0.0",
                    "/x/"
            ]
    }
    
  • 192.168.75.5

    [root@www go]# ipfs bootstrap add /ip4/192.168.75.131/tcp/4001/ipfs/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu
    added /ip4/192.168.75.131/tcp/4001/ipfs/12D3KooWMh6eqFVSEgotLyZPFvhZpadYzyN23vZK2yBSpzogBGxu
    [root@www go]# ipfs id
    {
            "ID": "12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho",
            "PublicKey": "CAESIG7TmfV0oluqavhf44tG71wx/XlrDt+s2yreZNmnV6i6",
            "Addresses": [
                    "/ip4/127.0.0.1/tcp/4001/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho",
                    "/ip4/127.0.0.1/udp/4001/quic/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho",
                    "/ip4/192.168.75.5/tcp/4001/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho",
                    "/ip4/192.168.75.5/udp/4001/quic/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho",
                    "/ip6/::1/tcp/4001/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho",
                    "/ip6/::1/udp/4001/quic/p2p/12D3KooWHGzA47vMzmfcWzpQLsHQN19q2t2i7mFi4hPaDoFRMpho"
            ],
            "AgentVersion": "go-ipfs/0.10.0/",
            "ProtocolVersion": "ipfs/0.1.0",
            "Protocols": [
                    "/ipfs/bitswap",
                    "/ipfs/bitswap/1.0.0",
                    "/ipfs/bitswap/1.1.0",
                    "/ipfs/bitswap/1.2.0",
                    "/ipfs/id/1.0.0",
                    "/ipfs/id/push/1.0.0",
                    "/ipfs/lan/kad/1.0.0",
                    "/ipfs/ping/1.0.0",
                    "/libp2p/autonat/1.0.0",
                    "/libp2p/circuit/relay/0.1.0",
                    "/p2p/id/delta/1.0.0",
                    "/x/"
            ]
    }
    
    

多节点共享密钥

同一个IPFS私链内的所有节点必须共享同一个密钥才能加入。

GO环境安装

因为密钥生成需要go 支持,如果本地服务器未安装 go ,请先下载安装 go

[root@localhost ~]# mkdir go && cd go
[root@localhost go]# wget https://golang.org/dl/go1.17.2.linux-amd64.tar.gz

如果下载失败,可到GO官网下载,go1.17.2版本,手动拷贝至指定目录

[root@localhost go]# tar -zxvf go1.17.2.linux-amd64.tar.gz
[root@localhost go]# sudo mv go /usr/local
[root@localhost go]# vi ~/.profile
 ## 文件末尾添加 
 export PATH=$PATH:/usr/local/go/bin
[root@localhost go]# source ~/.profile
[root@localhost go]# go version
go version go1.17.2 linux/amd64

安装密钥工具

[root@localhost go]# cd /mnt/
## 下载密钥生成工具
[root@localhost mnt]# go get -u github.com/Kubuxu/go-ipfs-swarm-key-gen/ipfs-swarm-key-gen

如果显示 connection refused,可以至GitHub仓库(Kubuxu/go-ipfs-swarm-key-gen (github.com)下载

## 编译go-ipfs-swarm-key-gen,生成可执行二进制文件
[root@localhost mnt]# sudo go build -o ipfs-swarm-key-gen go-ipfs-swarm-key-gen/ipfs-swarm-key-gen/main.go
[root@localhost mnt]# ls
go-ipfs-swarm-key-gen  ipfs-swarm-key-gen
## 使用二进制文件生成密钥文件swarm.key
[root@localhost mnt]# sudo ./ipfs-swarm-key-gen > swarm.key
[root@localhost mnt]# ls
go-ipfs-swarm-key-gen  ipfs-swarm-key-gen  swarm.key
## 查看密钥串
[root@localhost mnt]# cat swarm.key 
/key/swarm/psk/1.0.0/
/base16/
ea6021fc554524392a6d0112b03cc6055636c500638a6c59e035256ad56b4de3
[root@localhost mnt]# mv swarm.key ~/.ipfs/
[root@localhost .ipfs]# ls
api  blocks  config  datastore  datastore_spec  keystore  repo.lock  swarm.key  version

将生成的swarm.key文件同步到各节点的~/.ipfs/目录下

## 192.168.75.5 通过scp命令拷贝key文件
[root@www .ipfs]# scp -r root@192.168.75.131:~/.ipfs/swarm.key ~/.ipfs/
The authenticity of host '192.168.75.131 (192.168.75.131)' can't be established.
ECDSA key fingerprint is SHA256:pwnOQ8plHgMBKPD9PFRO8m4WtMejP0DXJRMPw4uh4AM.
ECDSA key fingerprint is MD5:0f:4e:49:39:9a:43:0d:84:b0:c2:3c:15:50:ed:04:09.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.75.131' (ECDSA) to the list of known hosts.
root@192.168.75.131's password: 
swarm.key                                                                                                                                                                    100%   95   147.4KB/s   00:00    
[root@www .ipfs]# ls
api  blocks  config  datastore  datastore_spec  keystore  repo.lock  swarm.key  version

sudo:go:找不到命令

[root@localhost mnt]# sudo vim /etc/sudoers
## Defaults secure_path后面添加go的/usr/local/go/bin路径
Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/go/bin
## :wq! 强制保存

IPFS多节点文件同步测试

  • 192.168.75.131

    ## 添加测试文件
    [root@localhost ~]# vim test.txt
    ## 输入 IPFS multi-node file synchronization test!!!
    [root@localhost ~]# ipfs add test.txt 
    added QmVWxqGwov3JPYMgmqrQPbtUWxY3DV2263kNErKt1XaxWo test.txt
    [root@localhost ~]# ipfs cat QmVWxqGwov3JPYMgmqrQPbtUWxY3DV2263kNErKt1XaxWo
    IPFS multi-node file synchronization test!!!
    
  • 192.168.75.5

    ## 根据hash查询
    [root@www .ipfs]# ipfs cat QmVWxqGwov3JPYMgmqrQPbtUWxY3DV2263kNErKt1XaxWo
    IPFS multi-node file synchronization test!!!
    

    以此说明两个节点已经连通。此时,停止75.131节点,75.5节点依然可以查询到。

参考文章:

  • https://blog.csdn.net/cljdsc/article/details/110849814
  • https://blog.csdn.net/loverson/article/details/120992335
 类似资料: