I want to add a raft node, because this node belongs to a different organization and needs to submit channel updates to the channel.
export FABRIC_CFG_PATH=${PWD}/config
configtxgen -printOrg Orderer2Org > ./organizations/ordererOrganizations/orderer2.xiaoyin.com/orderer2.json
configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config >"config.json"
jq -s '.[0] * {"channel_group":{"groups":{"Orderer":{"groups": {"Orderer2Org":.[1]}}}}}' config.json ./organizations/ordererOrganizations/orderer2.xiaoyin.com/orderer2.json > modified_config.json
configtxlator proto_encode --input "config.json" --type common.Config >original_config.pb
configtxlator proto_encode --input "modified_config.json" --type common.Config >modified_config.pb
configtxlator compute_update --channel_id "xiaochannel" --original original_config.pb --updated modified_config.pb >config_update.pb
configtxlator proto_decode --input config_update.pb --type common.ConfigUpdate >config_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"'xiaochannel'", "type":2}},"data":{"config_update":'$(cat config_update.json)'}}}' | jq . >config_update_in_envelope.json
configtxlator proto_encode --input config_update_in_envelope.json --type common.Envelope >"orderer2_update_in_envelope.pb"
When I use the command "peer channel signconfigtx -f "orderer2_update_in_envelope.pb" at Orderer1 node,an error occurs .
2021-04-25 15:33:15.408 UTC [comm.grpc.server] 1 -> INFO 120 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Broadcast grpc.peer_address=192.168.56.3:48256 grpc.code=OK grpc.call_duration=3.814211ms
2021-04-25 15:40:53.375 UTC [orderer.common.broadcast] ProcessMessage -> WARN 121 [channel: xiaochannel] Rejecting broadcast of config message from 192.168.56.3:48258 because of error: error applying config update to existing channel 'xiaochannel': error authorizing update: error validating DeltaSet: policy for [Group] /Channel/Orderer not satisfied: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Admins' sub-policies to be satisfied
How to configure this command?
I got it.
export CORE_PEER_LOCALMSPID="Orderer1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE="/home/network/organizations/ordererOrganizations/orderer1.xiaoyin.com/orderers/osn1.orderer1.xiaoyin.com/tls/ca.crt"
export CORE_PEER_MSPCONFIGPATH=/home/network/organizations/ordererOrganizations/orderer1.xiaoyin.com/users/Admin#xiaoyin.com/
export CORE_PEER_ADDRESS=localhost:7050
peer channel signconfigtx -f "orderer2_update_in_envelope.pb"
peer channel update -o osn1.orderer1.xiaoyin.com:7050 --ordererTLSHostnameOverride osn1.orderer1.xiaoyin.com -c xiaochannel -f orderer2_update_in_envelope.pb --tls --cafile "$ORDERER_CA"
This solves the problem of permissions.
Related
I have been working on rotating Orderer node certs from cryptogen to Fabric CA.
I have been following the official documentation here-
https://hyperledger-fabric.readthedocs.io/en/release-1.4/raft_configuration.html
Below are the steps that i have tried till now -
generate new certs with *fabric CA server for each of the nodes.
update the configtx.yaml msp path with the new msp path created for orderer.
create new Orderer.json based on the new the configtx.yaml
update the system channel with new certs using jq.
Currently i am getting an issue while i try to update the system channel 'testchainid'. The error seen is -
Error: got unexpected status: BAD_REQUEST -- error applying config update to existing channel 'testchainid': error authorizing update: error validating DeltaSet: invalid mod_policy for element [Group] /Channel/Application: mod_policy not set
Sharing the steps performed on the peer cli:
peer channel fetch config config_block.pb -o orderer.org.com:7050 -c $CHANNEL_NAME --tls --cafile $ORDERER_CA
configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json
# Find the diff between current config and new config, then output a new json file
jq -s '.[0] * {"channel_group":{"groups":{"Application":{"groups": {"OrdererMSP":.[1]}}}}}' config.json Orderer.json > modified_config.json
# add fabric ca tls certs
jq 'del(.channel_group.groups.Orderer.values.ConsensusType.value.metadata.consenters[])' modified_config.json > modified_config_1.json
#new ca cert for orderer to update system channel
cert1=$(base64 /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/org.com/orderer/tls-msp/signcerts/cert.pem | sed ':a;N;$!ba;s/\n//g')
#new ca cert for orderer1 to update in system channel
cert2=$(base64 /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/org.com/orderer1/tls-msp/signcerts/cert.pem | sed ':a;N;$!ba;s/\n//g')
#new ca cert for orderer2 to update in system channel
cert3=$(base64 /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/org.com/orderer2/tls-msp/signcerts/cert.pem | sed ':a;N;$!ba;s/\n//g')
#update the new certs on to channel
jq '.channel_group.groups.Orderer.values.ConsensusType.value.metadata.consenters += [{"client_tls_cert": "'$cert1'", "host": "orderer.org.com", "port": 7050, "server_tls_cert": "'$cert1'"}] | .channel_group.groups.Orderer.values.ConsensusType.value.metadata.consenters += [{"client_tls_cert": "'$cert2'", "host": "orderer1.org.com", "port": 7050, "server_tls_cert": "'$cert2'"}] | .channel_group.groups.Orderer.values.ConsensusType.value.metadata.consenters += [{"client_tls_cert": "'$cert3'", "host": "orderer2.org.com", "port": 7050, "server_tls_cert": "'$cert3'"}] ' modified_config_1.json > modified_config_2.json
# Converts config.json into config.pb
configtxlator proto_encode --input config.json --type common.Config --output config.pb
# Converts modified_config.pb into modified_config.json
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
# Converts modified_config.pb into modified_config.json
configtxlator proto_encode --input modified_config_1.json --type common.Config --output modified_config_1.pb
# Converts modified_config.pb into modified_config.json
configtxlator proto_encode --input modified_config_2.json --type common.Config --output modified_config_2.pb
# Calculates the delta between modified_config.json config.json then output
configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config_2.pb --output Orderer_ca_update.pb
configtxlator proto_decode --input Orderer_ca_update.pb --type common.ConfigUpdate | jq . > Orderer_ca_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"testchainid", "type":2}},"data":{"config_update":'"$(cat Orderer_ca_update.json)"'}}}' | jq . > Orderer_ca_update_in_envelope.json
configtxlator proto_encode --input Orderer_ca_update_in_envelope.json --type common.Envelope --output Orderer_ca_update_in_envelope.pb
peer channel signconfigtx -f Orderer_ca_update_in_envelope.pb
peer channel update -f Orderer_ca_update_in_envelope.pb -c $CHANNEL_NAME -o orderer.org.com:7050 --tls --cafile $ORDERER_CA
Any help on how to fix the issue would be much appreciated.
I have setup the byfn from here. What I am going through that is invoking by this command.
peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n mycc -c '{"Args":["invoke","a","b","10"]}
It give me an error that iI found by docker logs {peer0_container_id}. I also set CORE_PEER_ADDRESSAUTODETECT=true
2020-01-06 08:08:39.972 UTC [vscc] Validate -> ERRO 0ad VSCC error: stateBasedValidator.Validate failed, err validation of endorsement policy for chaincode mycc in tx 9:0 failed: signature set did not satisfy policy
2020-01-06 08:08:39.973 UTC [committer.txvalidator] validateTx -> ERRO 0ae VSCCValidateTx for transaction txId = ea10c982be12ab3762b4199a349c1409fb22bde5230667be78b2394ccdb05d37 returned error: validation of endorsement policy for chaincode mycc in tx 9:0 failed: signature set did not satisfy policy
But for this command it working fine I mean transaction is valid.
peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n mycc --peerAddresses peer0.org1.example.com:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses peer0.org2.example.com:9051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"Args":["invoke","a","b","10"]}'
Is there anything to configure for invoking with the first one I mean except passing the --peerAddresses param?
I have also added the third organization from here. And here the invoke command also work i mean valid transaction.
peer chaincode invoke -o orderer.example.com:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n mycc -c '{"Args":["invoke","a","b","10"]}'
So, why does not the same invoke is not working for the byfn?
Note for byfn I have removed the all images and done it from the beginning. So here is no conflict actually.
There are 3 orgs: Org1, Org2 and Org3.
Org1 and Org2 created a consortium named SampleConsortium
Now, I want to add Org3 to the SampleConsortium. There is no channel created yet.
In the documentation, there is a tutorial to add an org to an existing channel. I want org to join the consortium not the channel.
How can I do this? Please add resources that will be very helpful.
Thanks!
I have written the script to add/delete org into consortium and add/delete org into channel.
## Make sure network is up
## Make sure certificates are generated using cryptogen
## Make sure you are executing this script in cli
## docker exec -it cli bash
export ORDERER_CA=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
export CHANNEL_NAME=byfn-sys-channel
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/users/Admin#example.com/msp
CORE_PEER_ADDRESS=orderer.example.com:7050
CORE_PEER_LOCALMSPID=OrdererMSP
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt
peer channel fetch config config_block.pb -c $CHANNEL_NAME -o orderer.example.com:7050 --tls --cafile $ORDERER_CA
configtxlator proto_decode --input config_block.pb --type common.Block | jq .data.data[0].payload.data.config > config.json
#### Add Org into Consortium ######
jq -s '.[0] * {"channel_group":{"groups":{"Consortiums":{"groups": {"SampleConsortium": {"groups": {"Org3MSP":.[1]}}}}}}}' config.json ./channel-artifacts/org3.json > modified_config.json
#### Delete Org from Consortium ######
cat config.json | jq "del(.channel_group.groups.Consortiums.groups.SampleConsortium.groups.Org3MSP)" > modified_config.json
#### Add Organization to channel #####
jq -s '.[0] * {"channel_group":{"groups":{"Application":{"groups": {"Org3MSP":.[1]}}}}}' config.json ./channel-artifacts/org3.json > modified_config.json
#### Delete Oraganization from channel ####
jq 'del(.channel_group.groups.Application.groups.Org3MSP)' config.json > modified_config.json
configtxlator proto_encode --input config.json --type common.Config --output config.pb
configtxlator proto_encode --input modified_config.json --type common.Config --output modified_config.pb
configtxlator compute_update --channel_id $CHANNEL_NAME --original config.pb --updated modified_config.pb --output org3_update.pb
configtxlator proto_decode --input org3_update.pb --type common.ConfigUpdate | jq . > org3_update.json
echo '{"payload":{"header":{"channel_header":{"channel_id":"byfn-sys-channel", "type":2}},"data":{"config_update":'$(cat org3_update.json)'}}}' | jq . > org3_update_in_envelope.json
configtxlator proto_encode --input org3_update_in_envelope.json --type common.Envelope --output org3_update_in_envelope.pb
peer channel signconfigtx -f org3_update_in_envelope.pb
peer channel update -f org3_update_in_envelope.pb -c $CHANNEL_NAME -o orderer.example.com:7050 --tls --cafile $ORDERER_CA
Thanks to #alexander for this tutorial link.
The tutorial is written by Allison Irvin
Updating the Consortium Definition in Hyperledger Fabric
The answer to this question:
We have to update the system genesis block to add a new organization
in the consortium. Then only the new organization can create a channel.
Tutorial's Intro:
The creation of channels is controlled by members of Consortia, which consist of one or more organizations that are defined at the network level. As Fabric networks evolve and grow, it is expected that the list of organizations requiring the ability to create channels will change. Therefore, we need the ability to add or modify Consortia definitions without interrupting any of the network components.
We are using Tuna-App to setup basicnetwork along with tuna-app, and trying to add additional peer. Here is the source code of tuna-app
https://github.com/hyperledger/education/tree/master/LFS171x/fabric-material
We are able to add the Peer to the basicnetwork. We verified docker containers, all peer0, peer1, cli, ca, orderer, coughdb, coughdb2, and tuna-app-1.0 are running.
Peer0 sucessfully got added to channel with following command:
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.example.com/msp" peer0.org1.example.com peer channel create -o orderer.example.com:7050 -c mychannel -f /etc/hyperledger/configtx/channel.tx
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.example.com/msp" peer0.org1.example.com peer channel join -b mychannel.block
We are trying to add Peer1 to the same channel with command:
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.example.com/msp" peer1.org1.example.com peer channel join -b mychannel.block
it throws an error:
genesis block file not found open mychannel.block: no such file or directory
Please help me. How can we resolve this issue?
Enter the cli container:
docker exec -it cli bash
In that terminal, export the required variables:
export CHANNEL_NAME=mychannel
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.example.com/msp
CORE_PEER_ADDRESS=peer1.org1.example.com:7051
Add the peer to the channel:
peer channel join -b mychannel.block
Try the below commands:
docker exec peer1.org1.example.com peer channel fetch 0 mychannel.block -o orderer.example.com:7050 -c mychannel
docker exec -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#$org1.example.com/msp" peer1.org1.example-swarm.com peer channel join -b mychannel.block
Create channel from the CLI container. As in firstnetwork.
Because mychannel.block is available only in peer0.
You can't join the channel from peer1 since no mychannel.block file is available.
I have set up data persistence in the peer and the couchdb containers and have run through the commands with the chaincode_example02 chaincode manually on both peers in the cli container (with the command line commented in docker-compose-cli.yaml). The last things I did is to shutdown the containers and then restart them. After the restart, I can query the "query" function of the chaincode without any problem and all the data are still there (balances of a and b) and the same as before I perform the shutdown. However, I get the following error when I invoke the "invoke" function on both peer containers.
Error: Error sending transaction invoke: got unexpected status: NOT_FOUND -- channel does not exist
How to restart the fabric containers (x86_64-1.1.0-preview) with data persistence so that I can perform chaincode invoke functions normally after the restart?
Ubuntu version:
Distributor ID: Ubuntu
Description: Ubuntu 17.10
Release: 17.10
Codename: artful
Hyperledger Fabric version:
x86_64-1.1.0-preview
All actions below are done with the "first-network" (byfn.sh) example:
Configuration Changes:
added the following lines in the volumes sections in docker-compose-base.yaml for peer container data persistence
for peer0.org1.example.com:
- ../persist-data/peer0org1:/var/hyperledger/production
for peer1.org1.example.com:
- ../persist-data/peer1org1:/var/hyperledger/production
for peer0.org2.example.com:
- ../persist-data/peer0org2:/var/hyperledger/production
for peer1.org2.example.com:
- ../persist-data/peer1org2:/var/hyperledger/production
added the following lines in the volumes sections in docker-compose-couch.yaml for couchdb container data persistence
for couchdb0:
- ./persist-data/couchdb0:/opt/couchdb/data
for couchdb1:
- ./persist-data/couchdb1:/opt/couchdb/data
for couchdb2:
- ./persist-data/couchdb2:/opt/couchdb/data
for couchdb3:
- ./persist-data/couchdb3:/opt/couchdb/data
I have also changed to couchdb port numbers as follow to avoid conflicts with the couchdb installed on my computer:
for couchdb0:
- "6984:5984"
for couchdb1:
- "7984:5984"
for couchdb2:
- "8984:5984"
for couchdb3:
- "9984:5984"
Actions and commands:
cd to the first-network directory
../../bin/cryptogen generate --config=./crypto-config.yaml
export FABRIC_CFG_PATH=$PWD
../../bin/configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./channel-artifacts/genesis.block
export CHANNEL_NAME=mychannel && ../../bin/configtxgen -profile TwoOrgsChannel -outputCreateChannelTx ./channel-artifacts/channel.tx -channelID $CHANNEL_NAME
../../bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org1MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org1MSP
../../bin/configtxgen -profile TwoOrgsChannel -outputAnchorPeersUpdate ./channel-artifacts/Org2MSPanchors.tx -channelID $CHANNEL_NAME -asOrg Org2MSP
docker-compose -f docker-compose-cli.yaml -f docker-compose-couch.yaml up -d
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
# enter the cli container and execute the commands in the cli container manually
docker exec -it cli bash
export CHANNEL_NAME=mychannel
peer channel create -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/channel.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peer channel join -b mychannel.block
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer channel join -b mychannel.block
peer channel update -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org1MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer channel update -o orderer.example.com:7050 -c $CHANNEL_NAME -f ./channel-artifacts/Org2MSPanchors.tx --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
peer chaincode install -n mycc -v 1.0 -p github.com/chaincode/chaincode_example02/go/
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode install -n mycc -v 1.0 -p github.com/chaincode/chaincode_example02/go/
peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -v 1.0 -c '{"Args":["init","a", "100", "b","200"]}' -P "OR ('Org1MSP.member','Org2MSP.member')"
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","10"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","a","b","5"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
exit
#get out of the cli container
docker-compose -f docker-compose-cli.yaml -f docker-compose-couch.yaml down
docker container ls
docker network ls
docker-compose -f docker-compose-cli.yaml -f docker-compose-couch.yaml up -d
docker container ls
docker network ls
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp
CORE_PEER_ADDRESS=peer0.org1.example.com:7051
CORE_PEER_LOCALMSPID="Org1MSP"
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
# enter the cli container and execute the commands in the cli container manually
docker exec -it cli bash
export CHANNEL_NAME=mychannel
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
# get error in the next two commands invoking the "invoke" function in the chaincode. The full error text is at the bottom.
peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","b","a","10"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode invoke -o orderer.example.com:7050 --tls --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -c '{"Args":["invoke","b","a","5"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","a"]}'
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp CORE_PEER_ADDRESS=peer0.org2.example.com:7051 CORE_PEER_LOCALMSPID="Org2MSP" CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt peer chaincode query -C $CHANNEL_NAME -n mycc -c '{"Args":["query","b"]}'
This is the full error text from peer0 org1:
2018-01-26 17:04:00.046 UTC [msp] GetLocalMSP -> DEBU 001 Returning existing local MSP
2018-01-26 17:04:00.046 UTC [msp] GetDefaultSigningIdentity -> DEBU 002 Obtaining default signing identity
2018-01-26 17:04:00.052 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 003 Using default escc
2018-01-26 17:04:00.052 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 004 Using default vscc
2018-01-26 17:04:00.052 UTC [chaincodeCmd] getChaincodeSpec -> DEBU 005 java chaincode disabled
2018-01-26 17:04:00.052 UTC [msp/identity] Sign -> DEBU 006 Sign: plaintext: 0AAA070A6608031A0B0880BFADD30510...696E766F6B650A01620A01610A023130
2018-01-26 17:04:00.052 UTC [msp/identity] Sign -> DEBU 007 Sign: digest: 20D7EB048A7E3F59A74A3F7C1757E7CCCFFBFD2F5D5FC8A4BFF949051F22F99E
2018-01-26 17:04:00.094 UTC [msp/identity] Sign -> DEBU 008 Sign: plaintext: 0AAA070A6608031A0B0880BFADD30510...21ED65F3952B1FE09A8E14D906B69E7C
2018-01-26 17:04:00.094 UTC [msp/identity] Sign -> DEBU 009 Sign: digest: 285F91523D88D5D88CFCF7CDA89E6C81025D58116F2F33C1BE59DAEB9AA304D6
Error: Error sending transaction invoke: got unexpected status: NOT_FOUND -- channel does not exist - version:1 response:<status:200 message:"OK" > payload:"\n &\2175\217\025\227\216Q\373a\020G\010\022{\3179\352\243\352\006\\\254\265\013\336\3070\002\237\353\315\022Y\nE\022\024\n\004lscc\022\014\n\n\n\004mycc\022\002\010\003\022-\n\004mycc\022%\n\007\n\001a\022\002\010\005\n\007\n\001b\022\002\010\005\032\007\n\001a\032\00295\032\010\n\001b\032\003205\032\003\010\310\001\"\013\022\004mycc\032\0031.0" endorsement:<endorser:"\n\007Org1MSP\022\226\006-----BEGIN CERTIFICATE-----\nMIICGjCCAcCgAwIBAgIRAIgZ0tCVwxfC3MNajGO3DKgwCgYIKoZIzj0EAwIwczEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh\nLm9yZzEuZXhhbXBsZS5jb20wHhcNMTgwMTI2MTY0NTE0WhcNMjgwMTI0MTY0NTE0\nWjBbMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN\nU2FuIEZyYW5jaXNjbzEfMB0GA1UEAxMWcGVlcjAub3JnMS5leGFtcGxlLmNvbTBZ\nMBMGByqGSM49AgEGCCqGSM49AwEHA0IABK3PyoXXOwdkwGL5hkXpxNUxF0f5+2p8\nE2jMD6xCascnLlbDs4dqcsdU5pGs/xJKJukEv+YYZabhQMOZN0ZqR+yjTTBLMA4G\nA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAILgbSt2V1f0R\nGHsGkSuIPvwktllKaUBtWskwCwjGFc+BMAoGCCqGSM49BAMCA0gAMEUCIQCZoO0k\nIoaDOdyJc5B9L4uTE8lHYMLpHZyJ0TLg5ipK/wIgPrW0LZvkrQik8/38UpfOfF/F\ndGQS8yRG2kpOv1HKH0k=\n-----END CERTIFICATE-----\n" signature:"0E\002!\000\340\347\345\036\356\020\352\216\200\037\220$rk\320\243\025\006p\315\376\340C\\YG\030P\341\022i\262\002 \031\357M\2274\t\263\263\313\002=\206\224\321\255\r!\355e\363\225+\037\340\232\216\024\331\006\266\236|" >
Usage:
peer chaincode invoke [flags]
Flags:
-C, --channelID string The channel on which this command should be executed (default "testchainid")
-c, --ctor string Constructor message for the chaincode in JSON format (default "{}")
-n, --name string Name of the chaincode
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--test.coverprofile string Done (default "coverage.cov")
--tls Use TLS when communicating with the orderer endpoint
--transient string Transient map of arguments in JSON encoding
-v, --version Display current version of fabric peer server
This is the full error text from peer0 org2:
2018-01-26 17:05:22.201 UTC [msp] GetLocalMSP -> DEBU 001 Returning existing local MSP
2018-01-26 17:05:22.201 UTC [msp] GetDefaultSigningIdentity -> DEBU 002 Obtaining default signing identity
2018-01-26 17:05:22.205 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 003 Using default escc
2018-01-26 17:05:22.206 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 004 Using default vscc
2018-01-26 17:05:22.206 UTC [chaincodeCmd] getChaincodeSpec -> DEBU 005 java chaincode disabled
2018-01-26 17:05:22.206 UTC [msp/identity] Sign -> DEBU 006 Sign: plaintext: 0AA6070A6608031A0B08D2BFADD30510...06696E766F6B650A01620A01610A0135
2018-01-26 17:05:22.206 UTC [msp/identity] Sign -> DEBU 007 Sign: digest: 26976CF7AC5443DB2390C53818E2C4B64A7278DBB874101FD4B335189333294A
2018-01-26 17:05:22.267 UTC [msp/identity] Sign -> DEBU 008 Sign: plaintext: 0AA6070A6608031A0B08D2BFADD30510...CC920EBFDA7DA672DC8EA94465B459B2
2018-01-26 17:05:22.267 UTC [msp/identity] Sign -> DEBU 009 Sign: digest: B6965F71B9DBCC7CB4788BF260A477275C4FFB9393D8176FCBAD75333F566055
Error: Error sending transaction invoke: got unexpected status: NOT_FOUND -- channel does not exist - version:1 response:<status:200 message:"OK" > payload:"\n \271\353p\303\250\000m\366dy\021(!\2043\002\305>]&u_\364o\250\335\305\026\3310\354T\022Y\nE\022\024\n\004lscc\022\014\n\n\n\004mycc\022\002\010\003\022-\n\004mycc\022%\n\007\n\001a\022\002\010\005\n\007\n\001b\022\002\010\005\032\007\n\001a\032\00290\032\010\n\001b\032\003210\032\003\010\310\001\"\013\022\004mycc\032\0031.0" endorsement:<endorser:"\n\007Org2MSP\022\226\006-----BEGIN CERTIFICATE-----\nMIICGTCCAb+gAwIBAgIQJj1f7E3ibi/1ttw70Rh8sTAKBggqhkjOPQQDAjBzMQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEZMBcGA1UEChMQb3JnMi5leGFtcGxlLmNvbTEcMBoGA1UEAxMTY2Eu\nb3JnMi5leGFtcGxlLmNvbTAeFw0xODAxMjYxNjQ1MTRaFw0yODAxMjQxNjQ1MTRa\nMFsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T\nYW4gRnJhbmNpc2NvMR8wHQYDVQQDExZwZWVyMC5vcmcyLmV4YW1wbGUuY29tMFkw\nEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHZ/3QCOmqgh/z3tnhepv4YSlvF3m8jXG\n4xDAs1xycyBiecGRbnWX93vdqDbKJvF/f3/JsBPoHPl663tJcrqQ96NNMEswDgYD\nVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwKwYDVR0jBCQwIoAgwrQVLq1wpKed\nwmIVDWSrClqEts8LWOTDlO7ncgx3a5wwCgYIKoZIzj0EAwIDSAAwRQIhALOzxd2C\nMAYj+EBYCnwbkxixSNlZI3YxA5tBnshN4oS0AiBeHWebdXsg7lMzaJtwa+r9JcRt\nUVAM4j/ydnSQsfyfRA==\n-----END CERTIFICATE-----\n" signature:"0E\002!\000\240q\3370\307Iwi\036\022\305\035}!E\234\220\213\336`o\323\344\375\311\211j\361\t\343p\023\002 \177\026\351\234s\216\276=\207(\325\223i\264\303)\314\222\016\277\332}\246r\334\216\251De\264Y\262" >
Usage:
peer chaincode invoke [flags]
Flags:
-C, --channelID string The channel on which this command should be executed (default "testchainid")
-c, --ctor string Constructor message for the chaincode in JSON format (default "{}")
-n, --name string Name of the chaincode
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--test.coverprofile string Done (default "coverage.cov")
--tls Use TLS when communicating with the orderer endpoint
--transient string Transient map of arguments in JSON encoding
-v, --version Display current version of fabric peer server
By following Gari Singh's help, I have added the following line in the volumes sections in docker-compose-base.yaml for orderer container data persistence and the problem is solved.
for orderer:
- ../persist-data/orderer:/var/hyperledger/production