Organizations:
- &OrdererOrg
Name: OrderingService
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/reliance-network.com/msp
- &RelianceCapital
Name: RelianceCapitalMSP
ID: RelianceCapitalMSP
MSPDir: crypto-config/peerOrganizations/reliancecapital.reliance-network.com/msp
AnchorPeers:
- Host: peer0.reliancecapital.reliance-network.com
Port: 7051
- &RelianceCommunications
Name: RelianceCommunicationsMSP
ID: RelianceCommunicationsMSP
MSPDir: crypto-config/peerOrganizations/reliancecommunications.reliance-network.com/msp
AnchorPeers:
- Host: peer0.reliancecommunications.reliance-network.com
Port: 9051
- &RelianceEntertainment
Name: RelianceEntertainmentMSP
ID: RelianceEntertainmentMSP
MSPDir: crypto-config/peerOrganizations/relianceentertainment.reliance-network.com/msp
AnchorPeers:
- Host: peer0.relianceentertainment.reliance-network.com
Port: 11051
- &RelianceInfrastructure
Name: RelianceInfrastructureMSP
ID: RelianceInfrastructureMSP
MSPDir: crypto-config/peerOrganizations/relianceinfrastructure.reliance-network.com/msp
AnchorPeers:
- Host: peer0.relianceinfrastructure.reliance-network.com
Port: 13051
- &ReliancePower
Name: ReliancePowerMSP
ID: ReliancePowerMSP
MSPDir: crypto-config/peerOrganizations/reliancepower.reliance-network.com/msp
AnchorPeers:
- Host: peer0.reliancepower.reliance-network.com
Port: 15051
#Capabilities
Capabilities:
Global: &ChannelCapabilities
V1_3: true
Orderer: &OrdererCapabilities
V1_1: true
Application: &ApplicationCapabilities
V1_3: true
#Application
Application: &ApplicationDefaults
Organizations:
#Orderer
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.reliance-network.com:7050
BatchTimeout: 5s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 256 MB
PreferredMaxBytes: 512 KB
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
#Profiles
Profiles:
OrdererGenesis:
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
RelianceConsortium:
Organizations:
- *RelianceCapital
- *RelianceCommunications
- *RelianceEntertainment
- *RelianceInfrastructure
- *ReliancePower
RelianceOrgs:
Consortium: RelianceConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *RelianceCapital
- *RelianceCommunications
- *RelianceEntertainment
- *RelianceInfrastructure
- *ReliancePower
Capabilities:
<<: *ApplicationCapabilities
<!-- end snippet -->
I am trying to create a network with 5 orgs.
1)Able to successfully create the crypto-config files
2) Channel artifacts are created successfully
3) Channel transaction is created successfully
4) Anchor peer transactions are created successfully
5) Created channel successfully
6) peer 0 of the first org is able to join the channel
But when peer 1 of first is trying to join the channel, getting the below error. What can be the reason.
******Error: error getting endorser client for channel: endorser client failed to connect to peer1.reliancecapital.reliance-network.com:8051: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp 192.168.64.12:8051: connect: connection refused"******
I don't know if this is still relevant, but you seem to have a DNS resolution problem on your hands. If you're launching this setup via docker-composer, then you might want to modify your /etc/host to route requests for peer1.reliancecapital.reliance-network.com to your localhost.
You can also statically bind peer1.reliancecapital.reliance-network.com to your machine's IP via the extra_hosts option in your docker-compose file. Also make sure that all your peers are in the same docker network.
Related
Network configuration:
I have a Hyperledger Fabric network with 5 orgs and 6 channels. Each org has a single peer, and the orderer is part of one of the peer organizations (named PSU). All organizations are members of the channels "uam.psu.registration", "fuh.vertiport.operations", and "air.traffic.control". All channels except one (PSU) are members on the channel "fuh.financial.operations". All organizations except Fly-Us-Hospitality are part of the channel "vehicle.telemetry". Only PSU is part of the channel "secure.airspace".
Issue:
I successfully create all the channels and join the organizations to the corresponding channels without error. Then I try to update the anchor peers. For each org, for each channel it participates in, I run peer channel update -o localhost:7050 --ordererTLSHostnameOverrider orderer.psu.secure.airspace -c <channel_name> -f ./channel-artifacts/<channel_name>/<org>MSPanchors.tx --tls true --cafile $ORDERER_CA where $ORDERER_CA is set appropriately.
It doesn't show any error message on the terminal, but on logspout I see
peer0.boeing.secure.airspace.com|2020-09-15 19:58:10.384 UTC [gossip.comm] authenticateRemotePeer -> ERRO 001 Failed verifying signature from 172.29.0.2:59660 : implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied
peer0.boeing.secure.airspace.com|2020-09-15 19:58:10.384 UTC [gossip.comm] GossipStream -> ERRO 002 Authentication failed: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied
For each peer channel update... command mentioned above. Any one have any ideas why I'm seeing this?
Here is my configtx.yaml file:
Organizations:
- &PSU
Name: PSUMSP
SkipAsForeign: false
ID: PSUMSP
MSPDir: crypto-config/peerOrganizations/psu.secure.airspace.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('PSUMSP.member')"
Writers:
Type: Signature
Rule: "OR('PSUMSP.member')"
Admins:
Type: Signature
Rule: "OR('PSUMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('PSUMSP.member')"
OrdererEndpoints:
- orderer.psu.secure.airspace.com:7050
AnchorPeers:
- Host: peer0.psu.secure.airspace.com
Port: 7051
- &Boeing
Name: BoeingMSP
ID: BoeingMSP
MSPDir: crypto-config/peerOrganizations/boeing.secure.airspace.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('BoeingMSP.member')"
Writers:
Type: Signature
Rule: "OR('BoeingMSP.member')"
Admins:
Type: Signature
Rule: "OR('BoeingMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('BoeingMSP.member')"
AnchorPeers:
- Host: peer0.boeing.secure.airspace.com
Port: 8051
- &Uber
Name: UberMSP
ID: UberMSP
MSPDir: crypto-config/peerOrganizations/uber.secure.airspace.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('UberMSP.member')"
Writers:
Type: Signature
Rule: "OR('UberMSP.member')"
Admins:
Type: Signature
Rule: "OR('UberMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('UberMSP.member')"
AnchorPeers:
- Host: peer0.uber.secure.airspace.com
Port: 9051
- &AirBus
Name: AirBusMSP
ID: AirBusMSP
MSPDir: crypto-config/peerOrganizations/airbus.secure.airspace.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('AirBusMSP.member')"
Writers:
Type: Signature
Rule: "OR('AirBusMSP.member')"
Admins:
Type: Signature
Rule: "OR('AirBusMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('AirBusMSP.member')"
AnchorPeers:
- Host: peer0.airbus.secure.airspace.com
Port: 10051
- &Fly-Us-Hospitality
Name: Fly-Us-HospitalityMSP
ID: Fly-Us-HospitalityMSP
MSPDir: crypto-config/peerOrganizations/fly-us-hospitality.secure.airspace.com/msP
Policies:
Readers:
Type: Signature
Rule: "OR('Fly-Us-HospitalityMSP.member')"
Writers:
Type: Signature
Rule: "OR('Fly-Us-HospitalityMSP.member')"
Admins:
Type: Signature
Rule: "OR('Fly-Us-HospitalityMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('Fly-Us-HospitalityMSP.member')"
AnchorPeers:
- Host: peer0.fly-us-hospitality.secure.airspace.com
Port: 11051
Capabilities:
Channel: &ChannelCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Application: &ApplicationCapabilities
V2_0: true
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.psu.secure.airspace.com
Port: 7050
ClientTLSCert: crypto-config/peerOrganizations/psu.secure.airspace.com/peers/orderer.psu.secure.airspace.com/tls/server.crt
ServerTLSCert: crypto-config/peerOrganizations/psu.secure.airspace.com/peers/orderer.psu.secure.airspace.com/tls/server.crt
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Organizations:
- *PSU
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
RegistrationProfile:
Consortium:
GeneralChannel:
Consortium: GeneralConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *PSU
- *Boeing
- *Uber
- *AirBus
- *Fly-Us-Hospitality
Capabilities:
<<: *ApplicationCapabilities
VehicleOperationsChannel:
Consortium: VehicleOperationsConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *PSU
- *Boeing
- *Uber
- *AirBus
Capabilities:
<<: *ApplicationCapabilities
FinancialOperationsChannel:
Consortium: FinancialOperationsConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Boeing
- *Uber
- *AirBus
- *Fly-Us-Hospitality
Capabilities:
<<: *ApplicationCapabilities
SecureAirspaceChannel:
Consortium: SecureAirspaceConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *PSU
Capabilities:
<<: *ApplicationCapabilities
OrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *PSU
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SecureAirspaceConsortium:
Organizations:
- *PSU
FinancialOperationsConsortium:
Organizations:
- *Boeing
- *Uber
- *AirBus
- *Fly-Us-Hospitality
VehicleOperationsConsortium:
Organizations:
- *PSU
- *Boeing
- *Uber
- *AirBus
GeneralConsortium:
Organizations:
- *PSU
- *Boeing
- *Uber
- *AirBus
- *Fly-Us-Hospitality
And my docker-compose.yaml file
version: "2"
#networks:
# network3.1:
services:
ca-psu:
container_name: ca.psu.secure.airspace.com
hostname: ca.psu.secure.airspace.com
extends:
file: docker-ca-base.yaml
service: ca-base
environment:
- FABRIC_CA_SERVER_CA_NAME=ca.psu.secure.airspace.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.psu.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-tls/tlscs.psu.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_PORT=7054
ports:
- "7054:7054"
volumes:
- ./crypto-config/peerOrganizations/psu.secure.airspace.com/ca/:/etc/hyperledger/fabric-ca-server-config
- ./crypto-config/peerOrganizations/psu.secure.airspace.com/tslca/:/etc/hyperledger/fabric-ca-server-tls
ca-boeing:
container_name: ca.boeing.secure.airspace.com
hostname: ca.boeing.secure.airspace.com
extends:
file: docker-ca-base.yaml
service: ca-base
environment:
- FABRIC_CA_SERVER_CA_NAME=ca.boeing.secure.airspace.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.boeing.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-tls/tlscs.boeing.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_PORT=8054
ports:
- "8054:7054"
volumes:
- ./crypto-config/peerOrganizations/boeing.secure.airspace.com/ca/:/etc/hyperledger/fabric-ca-server-config
- ./crypto-config/peerOrganizations/boeing.secure.airspace.com/tslca/:/etc/hyperledger/fabric-ca-server-tls
ca-uber:
container_name: ca.uber.secure.airspace.com
hostname: ca.uber.secure.airspace.com
extends:
file: docker-ca-base.yaml
service: ca-base
environment:
- FABRIC_CA_SERVER_CA_NAME=ca.uber.secure.airspace.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.uber.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-tls/tlscs.uber.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_PORT=9054
ports:
- "9054:7054"
volumes:
- ./crypto-config/peerOrganizations/uber.secure.airspace.com/ca/:/etc/hyperledger/fabric-ca-server-config
- ./crypto-config/peerOrganizations/uber.secure.airspace.com/tslca/:/etc/hyperledger/fabric-ca-server-tls
ca-airbus:
container_name: ca.airbus.secure.airspace.com
hostname: ca.airbus.secure.airspace.com
extends:
file: docker-ca-base.yaml
service: ca-base
environment:
- FABRIC_CA_SERVER_CA_NAME=ca.airbus.secure.airspace.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.airbus.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-tls/tlscs.airbus.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_PORT=10054
ports:
- "10054:7054"
volumes:
- ./crypto-config/peerOrganizations/airbus.secure.airspace.com/ca/:/etc/hyperledger/fabric-ca-server-config
- ./crypto-config/peerOrganizations/airbus.secure.airspace.com/tslca/:/etc/hyperledger/fabric-ca-server-tls
ca-fly-us-hospitality:
container_name: ca.fly-us-hospitality.secure.airspace.com
hostname: ca.fly-us-hospitality.secure.airspace.com
extends:
file: docker-ca-base.yaml
service: ca-base
environment:
- FABRIC_CA_SERVER_CA_NAME=ca.fly-us-hospitality.secure.airspace.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.fly-us-hospitality.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_TLS_CERTFILE=/etc/hyperledger/fabric-ca-server-tls/tlscs.fly-us-hospitality.secure.airspace.com-cert.pem
- FABRIC_CA_SERVER_PORT=11054
ports:
- "11054:7054"
volumes:
- ./crypto-config/peerOrganizations/fly-us-hospitality.secure.airspace.com/ca/:/etc/hyperledger/fabric-ca-server-config
- ./crypto-config/peerOrganizations/fly-us-hospitality.secure.airspace.com/tslca/:/etc/hyperledger/fabric-ca-server-tls
orderer.psu.secure.airspace.com:
container_name: orderer.psu.secure.airspace.com
image: hyperledger/fabric-orderer:2.2
dns_search: .
environment:
- ORDERER_GENERAL_LOGLEVEL=ERROR
- FABRIC_LOGGING_SPEC=ERROR
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/genesis.block
- ORDERER_GENERAL_LOCALMSPID=PSUMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_LISTENPORT=7050
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderers
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/genesis.block
- ./crypto-config/peerOrganizations/psu.secure.airspace.com/peers/orderer.psu.secure.airspace.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/peerOrganizations/psu.secure.airspace.com/peers/orderer.psu.secure.airspace.com/tls:/var/hyperledger/orderer/tls
ports:
- 7050:7050
peer0.psu.secure.airspace.com:
container_name: peer0.psu.secure.airspace.com
extends:
file: docker-peer-base.yaml
service: peer-base
environment:
- CORE_PEER_LOCALMSPID=PSUMSP
- CORE_PEER_ID=peer0.psu.secure.airspace.com
- CORE_PEER_ADDRESS=peer0.psu.secure.airspace.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.psu.secure.airspace.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.psu.secure.airspace.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.psu.secure.airspace.com:7051
volumes:
- ./crypto-config/peerOrganizations/psu.secure.airspace.com/peers/peer0.psu.secure.airspace.com/msp:/etc/hyperledger/crypto/peer/msp
- ./crypto-config/peerOrganizations/psu.secure.airspace.com/peers/peer0.psu.secure.airspace.com/tls:/etc/hyperledger/crypto/peer/tls
- /var/run:/host/var/run
- ../channel-artifacts:/etc/hyperledger/channel
ports:
- 7051:7051
peer0.boeing.secure.airspace.com:
container_name: peer0.boeing.secure.airspace.com
extends:
file: docker-peer-base.yaml
service: peer-base
environment:
- CORE_PEER_LOCALMSPID=BoeingMSP
- CORE_PEER_ID=peer0.boeing.secure.airspace.com
- CORE_PEER_ADDRESS=peer0.boeing.secure.airspace.com:8051
- CORE_PEER_LISTENADDRESS=0.0.0.0:8051
- CORE_PEER_CHAINCODEADDRESS=peer0.boeing.secure.airspace.com:8052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.boeing.secure.airspace.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.boeing.secure.airspace.com:8051
volumes:
- ./crypto-config/peerOrganizations/boeing.secure.airspace.com/peers/peer0.boeing.secure.airspace.com/msp:/etc/hyperledger/crypto/peer/msp
- ./crypto-config/peerOrganizations/boeing.secure.airspace.com/peers/peer0.boeing.secure.airspace.com/tls:/etc/hyperledger/crypto/peer/tls
- /var/run:/host/var/run
- ../channel-artifacts:/etc/hyperledger/channel
ports:
- 8051:8051
peer0.uber.secure.airspace.com:
container_name: peer0.uber.secure.airspace.com
extends:
file: docker-peer-base.yaml
service: peer-base
environment:
- CORE_PEER_LOCALMSPID=UberMSP
- CORE_PEER_ID=peer0.uber.secure.airspace.com
- CORE_PEER_ADDRESS=peer0.uber.secure.airspace.com:9051
- CORE_PEER_LISTENADDRESS=0.0.0.0:9051
- CORE_PEER_CHAINCODEADDRESS=peer0.uber.secure.airspace.com:9052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:9052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.uber.secure.airspace.com:9051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.uber.secure.airspace.com:9051
volumes:
- ./crypto-config/peerOrganizations/uber.secure.airspace.com/peers/peer0.uber.secure.airspace.com/msp:/etc/hyperledger/crypto/peer/msp
- ./crypto-config/peerOrganizations/uber.secure.airspace.com/peers/peer0.uber.secure.airspace.com/tls:/etc/hyperledger/crypto/peer/tls
- /var/run:/host/var/run
- ../channel-artifacts:/etc/hyperledger/channel
ports:
- 9051:9051
peer0.airbus.secure.airspace.com:
container_name: peer0.airbus.secure.airspace.com
extends:
file: docker-peer-base.yaml
service: peer-base
environment:
- CORE_PEER_LOCALMSPID=AirBusMSP
- CORE_PEER_ID=peer0.airbus.secure.airspace.com
- CORE_PEER_ADDRESS=peer0.airbus.secure.airspace.com:10051
- CORE_PEER_LISTENADDRESS=0.0.0.0:10051
- CORE_PEER_CHAINCODEADDRESS=peer0.airbus.secure.airspace.com:10052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:10052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.airbus.secure.airspace.com:10051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.airbus.secure.airspace.com:10051
volumes:
- ./crypto-config/peerOrganizations/airbus.secure.airspace.com/peers/peer0.airbus.secure.airspace.com/msp:/etc/hyperledger/crypto/peer/msp
- ./crypto-config/peerOrganizations/airbus.secure.airspace.com/peers/peer0.airbus.secure.airspace.com/tls:/etc/hyperledger/crypto/peer/tls
- /var/run:/host/var/run
- ../channel-artifacts:/etc/hyperledger/channel
ports:
- 10051:10051
peer0.fly-us-hospitality.secure.airspace.com:
container_name: peer0.fly-us-hospitality.secure.airspace.com
extends:
file: docker-peer-base.yaml
service: peer-base
environment:
- CORE_PEER_LOCALMSPID=Fly-Us-HospitalityMSP
- CORE_PEER_ID=peer0.fly-us-hospitality.secure.airspace.com
- CORE_PEER_ADDRESS=peer0.fly-us-hospitality.secure.airspace.com:11051
- CORE_PEER_LISTENADDRESS=0.0.0.0:11051
- CORE_PEER_CHAINCODEADDRESS=peer0.fly-us-hospitality.secure.airspace.com:11052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:11052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.fly-us-hospitality.secure.airspace.com:11051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.fly-us-hospitality.secure.airspace.com:11051
volumes:
- ./crypto-config/peerOrganizations/fly-us-hospitality.secure.airspace.com/peers/peer0.fly-us-hospitality.secure.airspace.com/msp:/etc/hyperledger/crypto/peer/msp
- ./crypto-config/peerOrganizations/fly-us-hospitality.secure.airspace.com/peers/peer0.fly-us-hospitality.secure.airspace.com/tls:/etc/hyperledger/crypto/peer/tls
- /var/run:/host/var/run
- ../channel-artifacts:/etc/hyperledger/channel
ports:
- 11051:11051
Before executing each peer channel update .. command, I update the corresponding environment variables:
CORE_PEER_LOCALMSPID=MSP
CORE_PEER_TLS_ROOTCERT_FILE=/peerOrganizations/<org.domain>/peers/peer0.<org.domain>/tls/ca.crt
CORE_PEER_MSPCONFIGPATH=/peerOrganizations/<org.domain>/users/Admin#<org.domain>/msp
CORE_PEER_ADDRESS=localhost:
Note: I am not affiliated with any companies whose name I am using in this network.
Before executing the peer update command, please check below env variables.
# change Org1MSP to your org msp name
export CORE_PEER_LOCALMSPID="Org1MSP"
# here org name accordingly
export CORE_PEER_MSPCONFIGPATH=${PWD}/crypto-config/peerOrganizations/org1.com/users/Admin#org1.com/msp
export CORE_PEER_TLS_ROOTCERT_FILE=${PWD}/crypto-config/peerOrganizations/org1.com/peers/peer1.org1.com/tls/ca.crt
Above values are for reference only. You have to check that they are pointing to correct path.
The problem
I'm trying to create a network with two organizations and one channel. The peer from the first organization joins the channel without an issue, but when I try to add a peer from the second one to the channel I get this error in its logs:
2020-08-12 18:53:08.351 UTC [endorser] Validate -> WARN 110 access denied: channel expected MSP ID RegulatorMSP, received BrokerMSP channel= txID=5096f00a
2020-08-12 18:53:08.351 UTC [comm.grpc.server] 1 -> INFO 111 unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=172.23.0.1:36922 error="error validating proposal: access denied: channel [] creator org [BrokerMSP]" grpc.code=Unknown grpc.call_duration=5.7274ms
I've been fiddling with the configuration for the last 8 hours looking for mistakes, but came up short, and it's driving me insane.
The configuration
Here is a script that I use to spin up the network:
DOCK_FOLDER=$PWD
echo '[=======================================================]'
echo '[============== A: Set up the environment ==============]'
echo '[=======================================================]'
echo '[==================== A.1: Cleanup =====================]'
./clean.sh all # this just kills docker containers and cleans up hlf artifacts
cd config
echo ''
echo '[================= A.2: Crypto Config =================]'
cryptogen generate --config=crypto-config.yaml
export FABRIC_CFG_PATH=$PWD
echo ''
echo '[=============== A.3: Block Generation ================]'
configtxgen -outputBlock ./orderer/genesis.block -channelID ordererchannel -profile CompOrdererGenesis
echo ''
echo '[============= A.4: Transaction Generation ============]'
configtxgen -outputCreateChannelTx compchannel.tx -channelID compchannel -profile CompChannel
cd $DOCK_FOLDER
echo ''
echo '[================= A.5: Docker Compose ================]'
docker-compose -f ./config/docker-compose-base.yaml up -d
echo ''
echo '[=============== A.6: Initialize CouchDB ==============]'
sleep 5
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_users
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_replicator
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_global_changes
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_users
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_replicator
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_global_changes
sleep 10
echo ''
echo '[=======================================================]'
echo '[=========== B. Manage the network: Regulator ==========]'
echo '[=======================================================]'
echo '[========== B.1: Set context to Regulator org ==========]'
export ORG_CONTEXT="regulator"
export ORG_NAME="Regulator"
export CORE_PEER_LOCALMSPID="RegulatorMSP"
export FABRIC_LOGGING_SPEC=INFO
export FABRIC_CFG_PATH=$PWD/config/regulator
export CORE_PEER_ADDRESS=peer.regulator.com:7051
export CORE_PEER_MSPCONFIGPATH=$PWD/config/crypto-config/peerOrganizations/regulator.com/users/Admin#regulator.com/msp
export ORDERER_ADDRESS=orderer.regulator.com:7050
echo ''
echo '[========== B.2: Create compchannel channel ==========]'
peer channel create -c compchannel -f ./config/compchannel.tx --outputBlock ./config/compchannel.block -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[====== B.3: Join regulator peer to compchannel ======]'
peer channel join -b ./config/compchannel.block -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[================= B.4: Update anchors =================]'
PEER_FABRIC_CFG_PATH=$FABRIC_CFG_PATH
FABRIC_CFG_PATH=./config
configtxgen -outputAnchorPeersUpdate ./config/peer-update.tx -asOrg $ORG_NAME -channelID compchannel -profile CompChannel
FABRIC_CFG_PATH=$PEER_FABRIC_CFG_PATH
peer channel update -f ./config/peer-update.tx -c compchannel -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[=======================================================]'
echo '[============ C. Manage the network: Broker ============]'
echo '[=======================================================]'
echo '[=========== C.1: Set context to Broker org ============]'
export ORG_CONTEXT="broker"
export ORG_NAME="Broker"
export CORE_PEER_LOCALMSPID="BrokerMSP"
export FABRIC_LOGGING_SPEC=INFO
export FABRIC_CFG_PATH=$PWD/config/broker
export CORE_PEER_ADDRESS=peer.broker.com:8051
export CORE_PEER_MSPCONFIGPATH=$PWD/config/crypto-config/peerOrganizations/broker.com/users/Admin#broker.com/msp
export ORDERER_ADDRESS=orderer.regulator.com:7050
echo ''
echo '[======== C.3: Join broker peer to compchannel =======]'
peer channel join -b ./config/compchannel.block -o $ORDERER_ADDRESS ### !!! THIS STEP FAILS !!!
sleep 10s
echo ''
echo '[================= C.4: Update anchors =================]'
PEER_FABRIC_CFG_PATH=$FABRIC_CFG_PATH
FABRIC_CFG_PATH=./config
configtxgen -outputAnchorPeersUpdate ./config/peer-update.tx -asOrg $ORG_NAME -channelID compchannel -profile CompChannel
FABRIC_CFG_PATH=$PEER_FABRIC_CFG_PATH
peer channel update -f ./config/peer-update.tx -c compchannel -o $ORDERER_ADDRESS
orderer/orderer.yaml
General:
BootstrapMethod: file
BootstrapFile: /var/hyperledger/config/genesis.block
BCCSP:
Default: SW
SW:
HASH: SHA2
Security: 256
FileKeyStore:
Keystore:
LocalMSPDir: /var/hyperledger/msp
LocalMSPID: OrdererMSP
ListenAddress: 0.0.0.0
ListenPort: 7050
Cluster:
SendBufferSize: 10
ClientCertificate:
ClientPrivateKey:
ListenPort:
ListenAddress:
ServerCertificate:
ServerPrivateKey:
Keepalive:
ServerMinInterval: 60s
ServerInterval: 7200s
ServerTimeout: 20s
TLS:
Enabled: false
PrivateKey: ./server.key
Certificate: ./server.crt
RootCAs:
- ./ca.crt
ClientAuthRequired: false
ClientRootCAs:
FileLedger:
Location: /var/ledger
Prefix: hyperledger-fabric-ordererledger
Debug:
BroadcastTraceDir:
DeliverTraceDir:
Operations:
ListenAddress: 127.0.0.1:8443
TLS:
Enabled: false
Certificate:
PrivateKey:
ClientAuthRequired: false
RootCAs: []
Metrics:
Provider: disabled
Statsd:
Network: udp
Address: 127.0.0.1:8125
WriteInterval: 30s
Prefix:
Consensus:
WALDir: /var/hyperledger/production/orderer/etcdraft/wal
SnapDir: /var/hyperledger/production/orderer/etcdraft/snapshot
regulator/core.yaml (broker/core.yaml is nearly identical, just exchange regulator for broker)
peer:
id: peer.regulator.com
networkId: dev
listenAddress: 0.0.0.0:7051
address: 0.0.0.0:7051
addressAutoDetect: false
gomaxprocs: -1
keepalive:
minInterval: 60s
client:
interval: 60s
timeout: 20s
deliveryClient:
interval: 60s
timeout: 20s
gossip:
bootstrap:
useLeaderElection: false
orgLeader: true
membershipTrackerInterval: 5s
endpoint:
maxBlockCountToStore: 100
maxPropagationBurstLatency: 10ms
maxPropagationBurstSize: 10
propagateIterations: 1
propagatePeerNum: 3
pullInterval: 4s
pullPeerNum: 3
requestStateInfoInterval: 4s
publishStateInfoInterval: 4s
stateInfoRetentionInterval:
publishCertPeriod: 10s
skipBlockVerification: false
dialTimeout: 3s
connTimeout: 2s
recvBuffSize: 20
sendBuffSize: 200
digestWaitTime: 1s
requestWaitTime: 1500ms
responseWaitTime: 2s
aliveTimeInterval: 5s
aliveExpirationTimeout: 25s
reconnectInterval: 25s
externalEndpoint: peer.regulator.com:7051
election:
startupGracePeriod: 15s
membershipSampleInterval: 1s
leaderAliveThreshold: 10s
leaderElectionDuration: 5s
pvtData:
pullRetryThreshold: 60s
transientstoreMaxBlockRetention: 1000
pushAckTimeout: 3s
btlPullMargin: 10
reconcileBatchSize: 10
reconcileSleepInterval: 1m
reconciliationEnabled: true
tls:
enabled: false
clientAuthRequired: false
cert:
file: tls/server.crt
key:
file: tls/server.key
rootcert:
file: tls/ca.crt
clientRootCAs:
files:
- tls/ca.crt
clientKey:
file:
clientCert:
file:
authentication:
timewindow: 15m
fileSystemPath: /var/hyperledger/production
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore:
PKCS11:
Library:
Label:
Pin:
Hash:
Security:
FileKeyStore:
KeyStore:
mspConfigPath: /var/hyperledger/msp
localMspId: RegulatorMSP
client:
connTimeout: 3s
deliveryclient:
reconnectTotalTimeThreshold: 3600s
connTimeout: 3s
reConnectBackoffThreshold: 3600s
localMspType: bccsp
profile:
enabled: false
listenAddress: 0.0.0.0:6060
adminService:
handlers:
authFilters:
- name: DefaultAuth
- name: ExpirationCheck
decorators:
- name: DefaultDecorator
endorsers:
escc:
name: DefaultEndorsement
library:
validators:
vscc:
name: DefaultValidation
library:
validatorPoolSize:
discovery:
enabled: true
authCacheEnabled: true
authCacheMaxSize: 1000
authCachePurgeRetentionRatio: 0.75
orgMembersAllowedAccess: false
vm:
endpoint: unix:///var/run/docker.sock
docker:
tls:
enabled: false
ca:
file: docker/ca.crt
cert:
file: docker/tls.crt
key:
file: docker/tls.key
attachStdout: false
hostConfig:
NetworkMode: host
Dns:
# - 192.168.0.1
LogConfig:
Type: json-file
Config:
max-size: "50m"
max-file: "5"
Memory: 2147483648
chaincode:
id:
path:
name:
builder: $(DOCKER_NS)/fabric-ccenv:$(TWO_DIGIT_VERSION)
pull: false
golang:
runtime: $(DOCKER_NS)/fabric-baseos:$(TWO_DIGIT_VERSION)
dynamicLink: false
java:
runtime: $(DOCKER_NS)/fabric-javaenv:$(TWO_DIGIT_VERSION)
node:
runtime: $(DOCKER_NS)/fabric-nodeenv:$(TWO_DIGIT_VERSION)
externalBuilders: []
installTimeout: 300s
startuptimeout: 300s
executetimeout: 30s
mode: net
keepalive: 0
system:
_lifecycle: enable
cscc: enable
lscc: enable
escc: enable
vscc: enable
qscc: enable
logging:
level: info
shim: warning
format: "%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}"
ledger:
blockchain:
state:
stateDatabase: CouchDB
totalQueryLimit: 100000
couchDBConfig:
couchDBAddress: couchdb.regulator.com:5984
username: <username>
password: <password>
maxRetries: 3
maxRetriesOnStartup: 20
requestTimeout: 35s
internalQueryLimit: 1000
maxBatchUpdateSize: 1000
warmIndexesAfterNBlocks: 1
createGlobalChangesDB: false
history:
enableHistoryDatabase: true
pvtdataStore:
collElgProcMaxDbBatchSize: 5000
collElgProcDbBatchesInterval: 1000
operations:
listenAddress: 127.0.0.1:9443
tls:
enabled: false
cert:
file:
key:
file:
clientAuthRequired: false
clientRootCAs:
files: []
metrics:
provider: disabled
statsd:
network: udp
address: 127.0.0.1:8125
writeInterval: 10s
prefix:
configtx.yaml
Capabilities:
Application: &ApplicationCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Channel: &ChannelCapabilities
V2_0: true
Organizations:
- &Orderer
Name: Orderer
ID: OrdererMSP
MSPDir: ./crypto-config/ordererOrganizations/regulator.com/msp
Policies: &OrdererPolicies
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('OrdererMSP.member')"
- &Regulator
Name: Regulator
ID: RegulatorMSP
MSPDir: ./crypto-config/peerOrganizations/regulator.com/msp
Policies: &RegulatorPolicies
Readers:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
Writers:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
Admins:
Type: Signature
Rule: "OR('RegulatorMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
AnchorPeers:
- Host: peer.regulator.com
Port: 7051
- &Broker
Name: Broker
ID: BrokerMSP
MSPDir: ./crypto-config/peerOrganizations/broker.com/msp
Policies: &BrokerPolicies
Readers:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Writers:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Admins:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Endorsement:
Type: Signature
Rule: "OR('BrokerMSP.member')"
AnchorPeers:
- Host: peer.broker.com
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.regulator.com:7050
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Capabilities:
<<: *OrdererCapabilities
Application: &ApplicationDefaults
ACLs: &ACLsDefault
lscc/ChaincodeExists: /Channel/Application/Readers
lscc/GetDeploymentSpec: /Channel/Application/Readers
lscc/GetChaincodeData: /Channel/Application/Readers
lscc/GetInstantiatedChaincodes: /Channel/Application/Readers
qscc/GetChainInfo: /Channel/Application/Readers
qscc/GetBlockByNumber: /Channel/Application/Readers
qscc/GetBlockByHash: /Channel/Application/Readers
qscc/GetTransactionByID: /Channel/Application/Readers
qscc/GetBlockByTxID: /Channel/Application/Readers
cscc/GetConfigBlock: /Channel/Application/Readers
cscc/GetConfigTree: /Channel/Application/Readers
cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers
peer/Propose: /Channel/Application/Writers
peer/ChaincodeToChaincode: /Channel/Application/Readers
event/Block: /Channel/Application/Readers
event/FilteredBlock: /Channel/Application/Readers
_lifecycle/CheckCommitReadiness: /Channel/Application/Writers
_lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers
_lifecycle/QueryChaincodeDefinition: /Channel/Application/Readers
Policies: &ApplicationDefaultPolicies
Endorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Organizations:
Capabilities:
<<: *ApplicationCapabilities
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
CompOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- <<: *Orderer
Consortiums:
CompConsortium:
Organizations:
- <<: *Regulator
- <<: *Broker
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Regulator
- <<: *Broker
CompChannel:
<<: *ChannelDefaults
Consortium: CompConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Broker
- <<: *Regulator
crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: regulator.com
EnableNodeOUs: true
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Regulator
Domain: regulator.com
EnableNodeOUs: true
Specs:
- Hostname: peer.regulator.com
CommonName: peer.regulator.com
Users:
Count: 1
- Name: Broker
Domain: broker.com
EnableNodeOUs: true
Specs:
- Hostname: peer.broker.com
CommonName: peer.broker.com
Users:
Count: 1
docker-compose-base.yaml
version: "2"
networks:
comp:
volumes:
data-orderer.regulator.com:
data-peer.regulator.com:
data-peer.broker.com:
couchdb-data-regulator:
driver: local
couchdb-data-broker:
driver: local
services:
couchdb.regulator.com:
container_name: couchdb.regulator.com
image: couchdb:latest
environment:
- COUCHDB_USER=<username>
- COUCHDB_PASSWORD=<password>
ports:
- 5984:5984
volumes:
- couchdb-data-regulator:/opt/couchdb/data
networks:
- comp
couchdb.broker.com:
container_name: couchdb.broker.com
image: couchdb:latest
environment:
- COUCHDB_USER=<username>
- COUCHDB_PASSWORD=<password>
ports:
- 6984:5984
volumes:
- couchdb-data-broker:/opt/couchdb/data
networks:
- comp
orderer.regulator.com:
container_name: orderer.regulator.com
image: hyperledger/fabric-orderer:latest
command: orderer
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
volumes:
- ${PWD}/config/orderer:/var/hyperledger/config
- ${PWD}/config/crypto-config/ordererOrganizations/regulator.com/orderers/orderer.regulator.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/ordererOrganizations/regulator.com/orderers/orderer.regulator.com/tls:/var/hyperledger/tls
- data-orderer.regulator.com:/var/ledger
ports:
- 7050:7050
networks:
- comp
peer.regulator.com:
container_name: peer.regulator.com
image: hyperledger/fabric-peer:latest
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_net
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.regulator.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=<username>
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=<password>
command: [sh, -c, "sleep 10 && peer node start"]
volumes:
- ${PWD}/config/regulator:/var/hyperledger/config
- ${PWD}/config/crypto-config/peerOrganizations/regulator.com/peers/peer.regulator.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/peerOrganizations/regulator.com/peers/peer.regulator.com/tls:/var/hyperledger/tls
- /var/run/:/var/run/
- data-peer.regulator.com:/var/hyperledger/production
depends_on:
- orderer.regulator.com
- couchdb.regulator.com
ports:
- 7051:7051
- 7052:7052
networks:
- comp
links:
- couchdb.regulator.com
peer.broker.com:
container_name: peer.broker.com
image: hyperledger/fabric-peer:latest
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_net
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.broker.com:6984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=<username>
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=<password>
command: [sh, -c, "sleep 10 && peer node start"]
volumes:
- ${PWD}/config/regulator:/var/hyperledger/config
- ${PWD}/config/crypto-config/peerOrganizations/broker.com/peers/peer.broker.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/peerOrganizations/broker.com/peers/peer.broker.com/tls:/var/hyperledger/tls
- /var/run/:/var/run/
- data-peer.broker.com:/var/hyperledger/production
depends_on:
- orderer.regulator.com
- couchdb.broker.com
ports:
- 8051:7051
- 8052:7052
networks:
- comp
links:
- couchdb.broker.com
extra_hosts:
- "couchdb.broker.com:<machines_ip>" # this one was due to some DNS resolution shenanigans
I hope somebody can help me solve this issue, cause I think I'm loosing sanity by the moment.
Turns out that I just made a goof. When you look at the docker-compose-base.yaml file under the services > peer.broker.com > volumes section, I messed up the config folder path, so both peers were running on the same configuration, but with different certificates, and that caused the discrepancy in peer authentication.
I keep getting an error when creating a hyperledger channel
2018-12-15 10:52:07.687 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied
Please advise.
Funny thing though I only get this error when I specify -channelID when I'm creating the genesis block. But it always works whenever I omit it.
I'm using the below setting to generate the channel.tx and genesis.block, I've also added the crypto configuration file.
The configtx is:
Organizations:
- &Main
Name: Main
ID: MainMSP
MSPDir: crypto-config/ordererOrganizations/blackbeard.com/msp
- &Actual
Name: Actual
ID: ActualMSP
MSPDir: crypto-config/peerOrganizations/actual.blackbeard.com/msp
AnchorPeers:
- Host: peer0.actual.blackbeard.com
Port: 7051
Application: &ApplicationDefaults
Organizations:
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.blackbeard.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
Profiles:
OneOrgGenesisBlock:
Orderer:
<<: *OrdererDefaults
Organizations:
- *Main
Consortiums:
SampleConsortium:
Organizations:
- *Actual
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Actual
And the crypto-config as below:
OrdererOrgs:
- Name: Main
Domain: blackbeard.com
Specs:
- Hostname: main
PeerOrgs:
- Name: Actual
Domain: actual.blackbeard.com
Template:
Count: 1
Users:
Count: 1
Possibly down the network with byfn.sh -m down and start it back up (Source :-Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied). If this isnt the case please provide more information :)
I am trying to run a multi peer blockchain network using Hyperledger Fabric. My network has three peers.
Here is the configtx.yaml file:
Profiles:
ComposerOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
ComposerConsortium:
Organizations:
- *ManufacturerOrg
- *CustomerOrg
- *RegulatorOrg
ComposerChannel:
Consortium: ComposerConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *ManufacturerOrg
- *CustomerOrg
- *RegulatorOrg
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/Orderer-org/msp
- &ManufacturerOrg
Name: ManufacturerOrg
ID: ManufacturerOrgMSP
MSPDir: crypto-config/peerOrganizations/Manufacturer-org/msp
# turn off security for the peer
#AdminPrincipal: Role.MEMBER
AnchorPeers:
- Host: manufacturer-peer
Port: 7051
- &CustomerOrg
Name: CustomerOrg
ID: CustomerOrgMSP
MSPDir: crypto-config/peerOrganizations/Customer-org/msp
# turn off security for the peer
AdminPrincipal: Role.MEMBER
AnchorPeers:
- Host: customer-peer
Port: 7051
- &RegulatorOrg
Name: RegulatorOrg
ID: RegulatorOrgMSP
MSPDir: crypto-config/peerOrganizations/Regulator-org/msp
# turn off security for the peer
AdminPrincipal: Role.MEMBER
AnchorPeers:
- Host: regulator-peer
Port: 7051
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Organizations:
Application: &ApplicationDefaults
Organizations:
After building the network through docker-compose, the orderer container exits with the following error in its log file,
2018-07-23 05:02:12.544 UTC [orderer/commmon/multichannel] newLedgerResources -> CRIT 086 Error creating channelconfig bundle: initializing configtx manager failed: bad channel ID: channel ID 'ComposerChannel' contains illegal characters
panic: Error creating channelconfig bundle: initializing configtx manager failed: bad channel ID: channel ID 'ComposerChannel' contains illegal characters
It says channel ID 'ComposerChannel' contains illegal characters. Please help me understand what that means.
I'm pretty sure that there are no illegal characters in the configtx.yaml file while defining the channel
Channel ID can only contain lower-case alphanumeric characters and dashes.
Following is my configtx.yaml
It is failing to generate the genesis block with following error
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations
2018-03-13 16:24:43.389 IST [common/tools/configtxgen] func1 -> CRIT 003 Error unmarshaling config into struct: 1 error(s) decoding:
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations
panic: Error unmarshaling config into struct: 1 error(s) decoding:
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations [recovered]
panic: Error unmarshaling config into struct: 1 error(s) decoding:
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations
yaml file:
Capabilities:
Global: &ChannelCapabilities
V1_1: true
Orderer: &OrdererCapabilities
V1_1: true
Application: &ApplicationCapabilities
V1_1: true
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/healthwise.com/msp
AdminPrincipal: Role.ADMIN
- &insuranceOrg1
Name: insuranceOrg1
ID: insuranceOrg1MSP
MSPDir: crypto-config/peerOrganizations/insuranceOrg1.healthwise.com/msp
AdminPrincipal: Role.ADMIN
AnchorPeers:
- Host: peer0.insuranceOrg1.healthwise.com
Port: 7051
- &insuranceOrg2
Name: insuranceOrg2
ID: insuranceOrg2MSP
MSPDir: crypto-config/peerOrganizations/insuranceOrg2.healthwise.com/msp
AdminPrincipal: Role.ADMIN
AnchorPeers:
- Host: peer0.insuranceOrg2.healthwise.com
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.healthwise.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
- *insuranceOrg1
- *insuranceOrg2
Capabilities:
<<: *OrdererCapabilities
Application: &ApplicationDefaults
Organizations:
- *insuranceOrg1
- *insuranceOrg2
Capabilities:
<<: *ApplicationCapabilities
Profiles:
HealthwiseOrdererGenesis:
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *ApplicationCapabilities
Consortiums:
HealthwiseConsortium:
Organizations:
- <<: *OrdererOrg
- <<: *insuranceOrg1
- <<: *insuranceOrg2
HealthwiseChannel:
Capabilities:
<<: *ChannelCapabilities
Consortium: HealthwiseConsortium
Application:
<<: *ApplicationDefaults
Oragnizations:
- *OrdererOrg
- *insuranceOrg1
- *insuranceOrg2
Capabilities:
<<: *ApplicationCapabilities
Please help me figure out what is the mistake i am making.
Make sure you are running "configtxgen" in the same path where configtx.yaml is located
It can be a case of version mismatch. Make sure your version of binaries match the configuration files.