You can also carry out all the preceding operations using the trade.sh script. Just run the following command from within the network folder:

./trade.sh createneworg

This command, in addition to creating cryptographic material and channel configuration, generates a docker-compose configuration for just for the new organization in add_org/docker-compose-exportingEntityOrg.yaml. It runs the following services:

• One instance of a Fabric peer for the exporting entity's organization
• One instance of a Fabric CA for the exporting entity's organization

The specification and the dependencies are like those we encountered in docker-compose-e2e.yaml in Chapter 3, Setting the Stage with a Business Scenario, as follows:

services: 
  exportingentity-ca: 
    image: hyperledger/fabric-ca:$IMAGE_TAG 
    environment: 
      - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server 
      - FABRIC_CA_SERVER_CA_NAME=ca-exportingentityorg 
      - FABRIC_CA_SERVER_TLS_ENABLED=true 
      - FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.exportingentityorg.trade.com-cert.pem 
      - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/fc435ccfdaf5d67251bd850a8620cde6d97a7732f89170167a02970c754e5450_sk 
    ports: 
      - "11054:7054" 
    command: sh -c 'fabric-ca-server start --ca.certfile /etc/hyperledger/fabric-ca-server-config/ca.exportingentityorg.trade.com-cert.pem --ca.keyfile /etc/hyperledger/fabric-ca-server-config/fc435ccfdaf5d67251bd850a8620cde6d97a7732f89170167a02970c754e5450_sk -b admin:adminpw -d' 
    volumes: 
      - ../crypto-config/peerOrganizations/exportingentityorg.trade.com/ca/:/etc/hyperledger/fabric-ca-server-config 
    container_name: ca_peerExportingEntityOrg 
    networks: 
      - trade 

  peer0.exportingentityorg.trade.com: 
    container_name: peer0.exportingentityorg.trade.com 
    extends: 
      file: ../base/peer-base.yaml 
      service: peer-base 
    environment: 
      - CORE_PEER_ID=peer0.exportingentityorg.trade.com 
      - CORE_PEER_ADDRESS=peer0.exportingentityorg.trade.com:7051 
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.exportingentityorg.trade.com:7051 
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.exportingentityorg.trade.com:7051 
      - CORE_PEER_LOCALMSPID=ExportingEntityOrgMSP 
    volumes: 
        - /var/run/:/host/var/run/ 
        - ../crypto-config/peerOrganizations/exportingentityorg.trade.com/peers/peer0.exportingentityorg.trade.com/msp:/etc/hyperledger/fabric/msp 
        - ../crypto-config/peerOrganizations/exportingentityorg.trade.com/peers/peer0.exportingentityorg.trade.com/tls:/etc/hyperledger/fabric/tls 
        - peer0.exportingentityorg.trade.com:/var/hyperledger/production 
    ports: 
      - 11051:7051 
      - 11053:7053 
      - 11055:6060 
    networks: 
      - trade 

This file is generated using the template YAML add_org/docker-compose-exportingEntityOrg-template.yaml, with the CA key filename (denoted by the variable EXPORTINGENTITY_CA_PRIVATE_KEY) in both the FABRIC_CA_SERVER_TLS_KEYFILE and in the command replaced with the secret key filename in crypto-config/peerOrganizations/exportingentityorg.trade.com/ca/, which in our example preceding is fc435ccfdaf5d67251bd850a8620cde6d97a7732f89170167a02970c754e5450_sk.

In addition, note that the certificate filename in the environment variables exportingentity-ca:FABRIC_CA_SERVER_TLS_CERTFILE and the paths specified in the volumes section match what was generated using cryptogen. The IDs, hostnames, and port values match what was specified in the congfigtx.yaml file. Finally, we ensure that the container ports are mapped to unique ports (in the 11,000s range) to avoid conflicts with the ports exposed by the containers of the peers and MSPs of the older organizations.