How to setup REST server to communicate with Hyperledger Fabric consortium on Azure Kubernetes Service (AKS)

Question

I set up hyperledger fabric on Hyperledger Fabric consortium on Azure Kubernetes Service (AKS) . I have installed this chaincode on the network. I have tested peer invoke and peer query command on azure-cli. It is working properly. Now I want to communicate with this hyperledger network using this REST API server. Help me to set up this REST Server.

Edited: I edited this config file with the following way. But no luck.

---
name: "balance-transfer"
x-type: "hlfv1"
description: "Balance Transfer Network"
version: "1.0"
#
# The client section will be added on a per org basis see org1.yaml and org2.yaml
#
#client:
#
# [Optional]. But most apps would have this section so that channel objects can be constructed
# based on the content below. If an app is creating channels, then it likely will not need this
# section.
#
channels:
  mychannel:
    orderers:
      - orderer1.OrdererOrg
    peers:
      peer1.org1:
        endorsingPeer: true
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: true

      peer2.org1:
        endorsingPeer: false
        chaincodeQuery: true
        ledgerQuery: true
        eventSource: false
    chaincodes:
      - mycc:v0
organizations:
  Org1:
    mspid: org1

    peers:
      - peer1.org1
      - peer2.org1
    certificateAuthorities:
      - ca-org1
    adminPrivateKey:
      path: ./artifacts/azure/peer/adminPrivateKey
    signedCert:
      path: ./artifacts/azure/peer/signcerts.pem
orderers:
  orderer1.OrdererOrg:
    url: grpcs://orderer1.XXXXXXXXXXXXXXXXX.eastus.aksapp.io:443
    grpcOptions:
      ssl-target-name-override: orderer1.XXXXXXXXXXXXXXXXX.eastus.aksapp.io

    tlsCACerts:
      path: ./artifacts/azure/orderer/ca.crt
peers:
  peer1.org1:
    url: grpcs://peer1.YYYYYYYYYYYYYY.eastus.aksapp.io:443

    grpcOptions:
      ssl-target-name-override: peer1.YYYYYYYYYYYYYY.eastus.aksapp.io
    tlsCACerts:
      path: ./artifacts/azure/peer/peer1_ca.crt

  peer2.org1:
    url: grpcs://peer2.TTTTTTTTTTTTT.eastus.aksapp.io:443
    eventUrl: grpcs://peer2.TTTTTTTTTTTTT.eastus.aksapp.io:443
    grpcOptions:
      ssl-target-name-override: peer2.VVVVVVVVVV.eastus.aksapp.io
    tlsCACerts:
      path: ./artifacts/azure/peer/peer2_ca.crt
certificateAuthorities:
  org1CA:
    url: https://ca.ZZZZZZZZZZZZZ.eastus.aksapp.io:443
    httpOptions:
      verify: false
    tlsCACerts:
      path: ./artifacts/azure/org/org1.pem
    registrar:
      - enrollId: admin
        enrollSecret: adminpw
    caName: ca.org1

connection profile for org1

{
    "certificateAuthorities": {
        "org1CA": {
            "caName": "ca.org1",
            "tlsCACerts": {
                "pem": "pem1"
            },
            "url": "https://ca.m.eastus.aksapp.io:443"
        }
    },
    "client": {
        "connection": {
            "timeout": {
                "orderer": "300",
                "peer": {
                    "endorser": "300"
                }
            }
        },
        "organization": "org1"
    },
    "name": "org1",
    "organizations": {
        "org1": {
            "certificateAuthorities": [
                "org1CA"
            ],
            "mspid": "org1",
            "peers": [
                "peer1.org1",
                "peer2.org1"
            ]
        }
    },
    "peers": {
        "peer1.org1": {
            "grpcOptions": {
                "hostnameOverride": "peer1.x.eastus.aksapp.io",
                "ssl-target-name-override": "peer1.x.eastus.aksapp.io"
            },
            "tlsCACerts": {
                "pem": "pem"
            },
            "url": "grpcs://peer1.x.eastus.aksapp.io:443"
        },
        "peer2.org1": {
            "grpcOptions": {
                "hostnameOverride": "peer2.x.eastus.aksapp.io",
                "ssl-target-name-override": "peer2.x.eastus.aksapp.io"
            },
            "tlsCACerts": {
                "pem": "pem"
            },
            "url": "grpcs://peer2.x.eastus.aksapp.io:443"
        }
    },
    "version": "1.0.0",
    "wallet": "org1"
}

Connection profile for orderer.

{
    "certificateAuthorities": {
        "OrdererOrgCA": {
            "caName": "ca.OrdererOrg",
            "tlsCACerts": {
                "pem": "pem"
            },
            "url": "https://ca.x.eastus.aksapp.io:443"
        }
    },
    "client": {
        "connection": {
            "timeout": {
                "orderer": "300",
                "peer": {
                    "endorser": "300"
                }
            }
        },
        "organization": "OrdererOrg"
    },
    "name": "OrdererOrg",
    "organizations": {
        "OrdererOrg": {
            "certificateAuthorities": [
                "OrdererOrgCA"
            ],
            "mspid": "OrdererOrg",
            "orderers": [
                "orderer1.OrdererOrg",
                "orderer2.OrdererOrg",
                "orderer3.OrdererOrg"
            ]
        }
    },
    "orderers": {
        "orderer1.OrdererOrg": {
            "grpcOptions": {
                "hostnameOverride": "orderer1.x.eastus.aksapp.io",
                "ssl-target-name-override": "orderer1.x.eastus.aksapp.io"
            },
            "tlsCACerts": {
                "pem": "pem"
            },
            "url": "grpcs://orderer1.x.eastus.aksapp.io:443"
        },
        "orderer2.OrdererOrg": {
            "grpcOptions": {
                "hostnameOverride": "orderer2.x.eastus.aksapp.io",
                "ssl-target-name-override": "orderer2.x.eastus.aksapp.io"
            },
            "tlsCACerts": {
                "pem": "pem"
            },
            "url": "grpcs://orderer2.x.eastus.aksapp.io:443"
        },
        "orderer3.OrdererOrg": {
            "grpcOptions": {
                "hostnameOverride": "orderer3.x.eastus.aksapp.io",
                "ssl-target-name-override": "orderer3.x.eastus.aksapp.io"
            },
            "tlsCACerts": {
                "pem": "pem"
            },
            "url": "grpcs://orderer3.x.eastus.aksapp.io:443"
        }
    },
    "version": "1.0.0",
    "wallet": "OrdererOrg"
}

Answer 1

You can deploy REST API server as indepedent pod (using deployment) in kubernetes. You will need to provide configuration of network using TARGET_NETWORK environment variable. This configuration can be added as file as instructed in Network configuration considerations section of README file of server.

Steps involved would be

1. Creating docker image for the API Server and push to ACR reporitory.
2. Create deployment yaml file to deploy this docker image (with environment variable for network)
3. Create service of type LoadBalancer in kubernetes which creates the load balancer in azure which would allow to make http calls.

Special attention would be needed to connect to hyberledger network using environment variable and file.