Develop Reference

Connection to elasticsearch on kubernetes fails

I want to setup a simple single-node elasticsearch pod on kubernetes that I can connect to via my backend.
Here is the config for my service and statefulset:
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
spec:
type: ClusterIP
clusterIP: None
selector:
app: elasticsearch
ports:
- port: 9200 # To get at the elasticsearch container, just hit the service on 9200
targetPort: 9200 # routes to the exposed port on elasticsearch
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch # name of stateful
namespace: default
spec:
serviceName: elasticsearch
replicas: 1
selector:
matchLabels:
app: elasticsearch # should match service > spec.slector.app.
template:
metadata:
labels:
app: elasticsearch
spec:
volumes:
- name: elasticsearch-pvc
persistentVolumeClaim:
claimName: elasticsearch-volume-claim
containers:
- name: elasticsearch
image: docker.elastic.co/elasticsearch/elasticsearch:8.2.3
resources:
limits:
cpu: 100m
requests:
cpu: 100m
ports:
- containerPort: 9200
name: rest
protocol: TCP
- containerPort: 9300
name: inter-node
protocol: TCP
volumeMounts:
- name: elasticsearch-pvc
mountPath: /usr/share/elasticsearch/data
env:
- name: cluster.name
value: search
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: discovery.type
value: single-node
- name: ES_JAVA_OPTS
value: "-Xms512m -Xmx512m"
- name: xpack.security.enabled
value: "false"
initContainers:
- name: fix-permissions
image: busybox
command:
["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: elasticsearch-pvc
mountPath: /usr/share/elasticsearch/data
- name: increase-vm-max-map
image: busybox
command: ["sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: increase-fd-ulimit
image: busybox
command: ["sh", "-c", "ulimit -n 65536"]
securityContext:
privileged: true
I'm connecting via the javascript client ("#elastic/elasticsearch": "^8.2.1") like so:
import { Client, HttpConnection } from '#elastic/elasticsearch'
import config from '../../config'
export const client = new Client({
node: config.elasticSearch.host,
headers: {
Accept: 'application/json',
'Content-Type': 'application/json'
},
Connection: HttpConnection
})
Where config.elasticSearch.host = http://elasticsearch:9200
However when I run my initial seed script I get the following error:
/app/node_modules/#elastic/transport/lib/Transport.js:525
: new errors_1.ConnectionError(error.message, result);
^
ConnectionError: connect ECONNREFUSED 10.244.0.112:9200
I'm not entirely sure why the connection is being refused since the service should be directing the request to my elasticsearch stateful set.

MongoServerSelectionError: getaddringo EAI_AGAIN mongo

I'm getting an error when my server is connecting to the MongoDB database. Both the server and mongoDB are in containers
The docker-compose files are as follows:
docker-compose.yml
version: '3'
services:
client:
build:
context: ./client
dockerfile: Dockerfile
ports:
- 3001:3001
networks:
- mern-network
volumes:
- ./client/src:/usr/app/src
- ./client/public:/usr/app/public
depends_on:
- server
environment:
- REACT_APP_SERVER=http://localhost:5001
# - CHOKIDAR_USEPOLLING=true
# container 1: backend node server
server:
build:
context: ./server
dockerfile: Dockerfile
ports:
- '5001:5001'
networks:
- mern-network
environment:
- PORT=5001
depends_on:
- mongo
# container 2: database
mongo:
image: mongo:4.4.13
networks:
- mern-network
environment:
- MONGO_INITDB_ROOT_USERNAME=docker_mongo
- MONGO_INITDB_ROOT_PASSWORD=password
volumes:
- mongo-db:/data/db
networks:
mern-network:
driver: bridge
volumes:
mongo-db:
docker-compose.dev.yml
version: '3'
services:
# container 3: client, dev settings
client:
command: npm start
# container 1: server, dev setting
server:
build:
args:
BUILD_ENV: development
volumes:
- ./server/:/app
# - ./server/app/node_modules
environment:
- BUILD_ENV=development
- MONGO_USER=docker_mongo
- MONGO_PASSWORD=password
- SESSION_SECRET=secret123456890qwerty
command: npm run dev
# container 2: database, dev settings
mongo:
environment:
- MONGO_INITDB_ROOT_USERNAME=docker_mongo
- MONGO_INITDB_ROOT_PASSWORD=password
I have no problems accessing into the mongodb database when I inspect the container using docker exec -it but error when I connect with node. I've tried many versions of mongoose still gives me same error.
MongoServerSelectionError: getaddrinfo EAI_AGAIN mongo
at Timeout._onTimeout (/home/user/git_folder/project/server/node_modules/mongodb/lib/sdam/topology.js:312:38)
at listOnTimeout (node:internal/timers:559:17)
at processTimers (node:internal/timers:502:7) {
reason: TopologyDescription {
type: 'Unknown',
servers: Map(1) {
'mongo:27017' => ServerDescription {
_hostAddress: HostAddress { isIPv6: false, host: 'mongo', port: 27017 },
address: 'mongo:27017',
type: 'Unknown',
hosts: [],
passives: [],
arbiters: [],
tags: {},
minWireVersion: 0,
maxWireVersion: 0,
roundTripTime: -1,
lastUpdateTime: 53541928,
lastWriteDate: 0,
error: MongoNetworkError: getaddrinfo EAI_AGAIN mongo
at connectionFailureError (/home/user/git_folder/project/server/node_modules/mongodb/lib/cmap/connect.js:375:20)
at Socket.<anonymous> (/home/user/git_folder/project/server/node_modules/mongodb/lib/cmap/connect.js:295:22)
at Object.onceWrapper (node:events:640:26)
at Socket.emit (node:events:520:28)
at emitErrorNT (node:internal/streams/destroy:157:8)
at emitErrorCloseNT (node:internal/streams/destroy:122:3)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
}
},
stale: false,
compatible: true,
heartbeatFrequencyMS: 10000,
localThresholdMS: 15,
logicalSessionTimeoutMinutes: undefined
},
code: undefined
}

nodejs with docker and postgress: Error: getaddrinfo ENOTFOUND

Hello I don't know what else to do to resolve this error:
ci-api | Error: getaddrinfo ENOTFOUND ${DB_HOST}
ci-api | at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:66:26) {
ci-api | errno: 'ENOTFOUND',
ci-api | code: 'ENOTFOUND',
ci-api | syscall: 'getaddrinfo',
ci-api | hostname: '${DB_HOST}'
ci-api | }
I have a .env file with the following variables:
.env file:
SERVER_PORT=4000
DB_HOST=db-pg
DB_PORT=5432
DB_USER=spirit
DB_PASS=api
DB_NAME=emasa_ci
DockerFile:
#building code
FROM node:lts-alpine
ADD https://github.com/ufoscout/docker-compose-wait/releases/download/2.7.3/wait /wait
RUN chmod +x /wait
RUN mkdir -p /home/node/api && chown -R node:node /home/node/api
WORKDIR /home/node/api
COPY ormconfig.json .env package.json yarn.* ./
USER node
RUN yarn
COPY --chown=node:node . .
EXPOSE 4000
**My `docker-compose`:**
version: '3.7'
services:
db-pg:
image: postgres:12
container_name: db-pg
ports:
- '${DB_PORT}:5432'
environment:
ALLOW_EMPTY_PASSWORD: 'no'
POSTGRES_USER: ${DB_USER}
POSTGRES_PASSWORD: ${DB_PASS}
POSTGRES_DB: ${DB_NAME}
volumes:
- ci-postgres-data:/data
ci-api:
build: .
container_name: ci-api
volumes:
- .:/home/node/api
ports:
- '${SERVER_PORT}:${SERVER_PORT}'
depends_on:
- db-pg
command: sh -c "/wait && yarn dev"
environment:
WAIT_HOSTS: db-pg:5432
logging:
driver: 'json-file'
options:
max-size: '10m'
max-file: '5'
volumes:
ci-postgres-data:
And, this is my ORM CONFIG:
{
"type": "postgres",
"host": "${DB_HOST}",
"port": "${DB_PORT}",
"username": "${DB_USER}",
"password": "${DB_PASS}",
"database": "${DB_NAME}",
"synchronize": true,
"logging": false,
"entities": ["dist/src/entity/**/*.js"],
"migrations": ["dist/src/migration/**/*.js"],
"subscribers": ["dist/src/subscriber/**/*.js"],
"cli": {
"entitiesDir": "dist/src/entity",
"migrationsDir": "dist/src/migration",
"subscribersDir": "dist/src/subscriber"
}
}
I can't imagine the reason for this error, I basically added a script for the node to start after the start of my Postgres where db-pg is my Postgres image name.
I can't imagine what went wrong, could someone help me with this?
P.S.: I use typescript/typeorm

{
"type": "postgres",
"host": "db-pg",
"port": 5432,
"username": "spirit",
"password": "api",
"database": "emasa_ci",
"synchronize": true,
"logging": false,
"entities": ["dist/src/entity/**/*.js"],
"migrations": ["dist/src/migration/**/*.js"],
"subscribers": ["dist/src/subscriber/**/*.js"],
"cli": {
"entitiesDir": "dist/src/entity",
"migrationsDir": "dist/src/migration",
"subscribersDir": "dist/src/subscriber"
}
}
the problem was in my
ormconfig.json (was using .env)

【Hyperledger Fabric】Can't send invoke request to peer

My fabric sdk server is working as a docker container. It is running on mac.
Fabric docker containers(peers, orderers and CAs...) are also running on mac.
Now I'm trying to send invoke request from sdk container(ubuntu:18.04) to peer.
And I'm using first-network of fabric-samples.
This is peer config file(docker-compose-base.yaml).
version: '2'
services:
orderer.example.com:
container_name: orderer.example.com
extends:
file: peer-base.yaml
service: orderer-base
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
- orderer.example.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
peer0.org1.example.com:
container_name: peer0.org1.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.example.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.example.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org1.example.com:/var/hyperledger/production
ports:
- 7051:7051
peer1.org1.example.com:
container_name: peer1.org1.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org1.example.com
- CORE_PEER_ADDRESS=peer1.org1.example.com:8051
- CORE_PEER_LISTENADDRESS=0.0.0.0:8051
- CORE_PEER_CHAINCODEADDRESS=peer1.org1.example.com:8052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:8051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls:/etc/hyperledger/fabric/tls
- peer1.org1.example.com:/var/hyperledger/production
ports:
- 8051:8051
peer0.org2.example.com:
container_name: peer0.org2.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:9051
- CORE_PEER_LISTENADDRESS=0.0.0.0:9051
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:9052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:9052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:9051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.example.com:10051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org2.example.com:/var/hyperledger/production
ports:
- 9051:9051
peer1.org2.example.com:
container_name: peer1.org2.example.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.org2.example.com
- CORE_PEER_ADDRESS=peer1.org2.example.com:10051
- CORE_PEER_LISTENADDRESS=0.0.0.0:10051
- CORE_PEER_CHAINCODEADDRESS=peer1.org2.example.com:10052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:10052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:10051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:9051
- CORE_PEER_LOCALMSPID=Org2MSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
- peer1.org2.example.com:/var/hyperledger/production
ports:
- 10051:10051
This is connection file (connection-org1.json).
{
"name": "first-network-org1",
"version": "1.0.0",
"client": {
"organization": "Org1",
"connection": {
"timeout": {
"peer": {
"endorser": "300"
}
}
}
},
"organizations": {
"Org1": {
"mspid": "Org1MSP",
"peers": [
"peer0.org1.example.com",
"peer1.org1.example.com"
],
"certificateAuthorities": [
"ca.org1.example.com"
]
}
},
"peers": {
"peer0.org1.example.com": {
"url": "grpcs://host.docker.internal:7051",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICVzCCAf2gAwIBAgIQIrzVUkH/VhPQNk1YHCtj3jAKBggqhkjOPQQDAjB2MQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEfMB0GA1UEAxMWdGxz\nY2Eub3JnMS5leGFtcGxlLmNvbTAeFw0xOTEyMTIwODIwMDBaFw0yOTEyMDkwODIw\nMDBaMHYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH\nEw1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMR8wHQYD\nVQQDExZ0bHNjYS5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D\nAQcDQgAE8TqkZLAW+F2rYwnicTo2NTo1+2kYUvI28UKvgAdm1iavbwunNlBB+Gph\nLT4z/XVDjp2XP3VYdv4jmCRSmBkREKNtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1Ud\nJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1Ud\nDgQiBCDW8LHjcUuWGmLSfNXZym6gDPb9twcHkByS3Yoa/rM4YTAKBggqhkjOPQQD\nAgNIADBFAiEAieGWQzmyWS2pUORmXczUM/XCaB4t33HNtizkr62YgWUCIB7HVwss\ny7l1k9ifxb0VN7q4pzIeHTFMeH6+e6Nl3p2C\n-----END CERTIFICATE-----\n"
},
"grpcOptions": {
"ssl-target-name-override": "peer0.org1.example.com"
}
},
"peer1.org1.example.com": {
"url": "grpcs://host.docker.internal:8051",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICVzCCAf2gAwIBAgIQIrzVUkH/VhPQNk1YHCtj3jAKBggqhkjOPQQDAjB2MQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEfMB0GA1UEAxMWdGxz\nY2Eub3JnMS5leGFtcGxlLmNvbTAeFw0xOTEyMTIwODIwMDBaFw0yOTEyMDkwODIw\nMDBaMHYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH\nEw1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMR8wHQYD\nVQQDExZ0bHNjYS5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D\nAQcDQgAE8TqkZLAW+F2rYwnicTo2NTo1+2kYUvI28UKvgAdm1iavbwunNlBB+Gph\nLT4z/XVDjp2XP3VYdv4jmCRSmBkREKNtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1Ud\nJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1Ud\nDgQiBCDW8LHjcUuWGmLSfNXZym6gDPb9twcHkByS3Yoa/rM4YTAKBggqhkjOPQQD\nAgNIADBFAiEAieGWQzmyWS2pUORmXczUM/XCaB4t33HNtizkr62YgWUCIB7HVwss\ny7l1k9ifxb0VN7q4pzIeHTFMeH6+e6Nl3p2C\n-----END CERTIFICATE-----\n"
}
}
},
"certificateAuthorities": {
"ca.org1.example.com": {
"url": "https://host.docker.internal:7054",
"caName": "ca-org1",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICUTCCAfegAwIBAgIQeWwAs49jzhe2XsEmY4M0jDAKBggqhkjOPQQDAjBzMQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEcMBoGA1UEAxMTY2Eu\nb3JnMS5leGFtcGxlLmNvbTAeFw0xOTEyMTIwODIwMDBaFw0yOTEyMDkwODIwMDBa\nMHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T\nYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMRwwGgYDVQQD\nExNjYS5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE\nhvJll8VoZC+0seO0fKrpbxWWAABOt2UoCbyq540wY3YSM2GCKuD2XMTtCsiC8XEB\nbKaokdxo5WyWXOsamK1hEKNtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1UdJQQWMBQG\nCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdDgQiBCC2\nwW1+TNe+qJeskHsq1AoNdYrmgKJ2Pf12KqootThXNDAKBggqhkjOPQQDAgNIADBF\nAiEA+2pAiOxL64KxOFWoqavs5NWeO+GLN0ArS14zCsBxS4MCIAQ7nBMVPYyOHYLS\nBy/zxDAzC+NsFq1iKxyWQxq3Yu9I\n-----END CERTIFICATE-----\n"
},
"httpOptions": {
"verify": false
}
}
}
}
And this is invoke file (invoke.js).
'use strict';
const { Gateway, Wallets } = require('fabric-network');
const path = require('path');
const ccpPath = path.resolve(__dirname, 'connection-org1.json');
module.exports = async function (key, data) {
try {
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = await Wallets.newFileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const identity = await wallet.get('user1');
if (!identity) {
console.log('An identity for the user "user1" does not exist in the wallet');
console.log('Run the registerUser.js application before retrying');
return;
}
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(ccpPath, { wallet, identity: 'user1', discovery: { enabled: true, asLocalhost: true } });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork('mychannel');
// Get the contract from the network.
const contract = network.getContract('save-file-hash');
// Submit the specified transaction.
await contract.submitTransaction('registerHash', key, data.length.toString());
for(var i = 0; i < data.length; i++) {
await contract.submitTransaction('registerHash', key + i.toString(), data[i]);
}
console.log('Transactions has been submitted');
// Disconnect from the gateway.
await gateway.disconnect();
} catch (error) {
console.error(`Failed to submit transaction: ${error}`);
process.exit(1);
}
}
And this is error log.
# node main.js
Wallet path: /usr/src/app/wallet
2019-12-13T13:03:10.930Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7051 timeout:3000
2019-12-13T13:03:10.935Z - warn: [DiscoveryEndorsementHandler]: _build_endorse_group_member >> G0:1 - endorsement failed - Error: Failed to connect before the deadline URL:grpcs://localhost:7051 timeout:3000
2019-12-13T13:03:10.937Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:9051 timeout:3000
2019-12-13T13:03:10.938Z - warn: [DiscoveryEndorsementHandler]: _build_endorse_group_member >> G1:0 - endorsement failed - Error: Failed to connect before the deadline URL:grpcs://localhost:9051 timeout:3000
2019-12-13T13:03:13.938Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:8051 timeout:3000
2019-12-13T13:03:13.941Z - warn: [DiscoveryEndorsementHandler]: _build_endorse_group_member >> G0:1 - endorsement failed - Error: Failed to connect before the deadline URL:grpcs://localhost:8051 timeout:3000
2019-12-13T13:03:13.944Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:10051 timeout:3000
2019-12-13T13:03:13.944Z - warn: [DiscoveryEndorsementHandler]: _build_endorse_group_member >> G1:0 - endorsement failed - Error: Failed to connect before the deadline URL:grpcs://localhost:10051 timeout:3000
2019-12-13T13:03:13.947Z - error: [DiscoveryEndorsementHandler]: _endorse - endorsement failed::Error: Endorsement has failed
at DiscoveryEndorsementHandler._endorse (/usr/src/app/node_modules/fabric-client/lib/impl/DiscoveryEndorsementHandler.js:185:19)
at process._tickCallback (internal/process/next_tick.js:68:7)
Failed to submit transaction: Error: Endorsement has failed
When sdk server runs on mac and not a docker container, invoke request success.
And when it is a docker container, invoke request fail.
Also, user1 is already enrolled in CA-org1.
I think it is a problem with connection.
Please tell me how to send invoke request from sdk server container.

I think this is the line that is causing you a problem in the "SDK Container":
await gateway.connect(ccpPath, { wallet, identity: 'user1', discovery: { enabled: true, asLocalhost: true } });
asLocalhost: true will be substituting all the addresses with localhost and they just try to connect bsack into the SDK container which is causing the errors. When running directly on the mac the port forwarding into the docker containers works with localhost.
After you use asLocalhost: false you may have to change the various urls in the connection profile to be peer1.org1.example.com etc.

First:you can read the document:
https://hyperledger-fabric.readthedocs.io/en/latest/developapps/connectionprofile.html
There has a sample and your config miss channels:{} and orderers:{}
Second:If you don't enable tls, use the grpc:XXX.XXX, or you should use grpcs:XXX.XXX.
For example, your orderer not enable tls and you should use "url": "grpc://host.docker.internal:7050", your peers enable tls and you should use "url": "grpcs://host.docker.internal:8051".
Third:After last two steps, the query transaction should be ok. But invoke(some write transactions) may still fail. I still block here...

Not able to query the BYFN via fabric-sdk-go due to the error " no endorsement combination..."

I am trying to use fabric-sdk-go to access the fabric network which is buid up via BYFN .
I want to try to do the same thing as the cli command:
peer chaincode query -C mychannel -n mycc -c '{"Args":["query","a"]}'
but only get the error:
Failed to get endorsing peers: error getting endorsers from channel response: no endorsement combination can be satisfied.
The endorsement policy is:
-P "AND ('Org1MSP.peer','Org2MSP.peer')"
The client code is below:
configPath := "config-payment.yaml"
sdk, err := fabsdk.New(config.FromFile(configPath))
defer sdk.Close()
clientChannelContext := sdk.ChannelContext(channelID, fabsdk.WithUser("User1"), fabsdk.WithOrg(orgName))
client, err := channel.New(clientChannelContext)
args := [][]byte{[]byte("a")}
_, err = client.Query(channel.Request{ChaincodeID: ccID, Fcn: "query", Args: args},
channel.WithRetry(retry.DefaultChannelOpts))
if err != nil {
log.Fatalf("Failed to query: %s", err)
}
And the config-payment.yaml is below:
version: 1.0.0
client:
organization: org1
logging:
level: info
cryptoconfig:
path: fabric-network/first-network/crypto-config
credentialStore:
path: "/tmp/state-store"
cryptoStore:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/users/User1#org1.example.com/msp
BCCSP:
security:
enabled: true
default:
provider: "SW"
hashAlgorithm: "SHA2"
softVerify: true
level: 256
tlsCerts:
client:
key:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/users/User1#org1.example.com/tls/client.key
cert:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/users/User1#org1.example.com/tls/client.crt
channels:
_default:
peers:
peer1.org1.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
policies:
queryChannelConfig:
minResponses: 1
maxTargets: 1
retryOpts:
attempts: 5
initialBackoff: 500ms
maxBackoff: 5s
backoffFactor: 2.0
discovery:
maxTargets: 2
retryOpts:
attempts: 4
initialBackoff: 500ms
maxBackoff: 5s
backoffFactor: 2.0
eventService:
resolverStrategy: PreferOrg
balancer: Random
blockHeightLagThreshold: 5
reconnectBlockHeightLagThreshold: 8
peerMonitorPeriod: 6s
mychannel:
peers:
peer0.org1.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
peer1.org1.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
peer0.org2.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
peer1.org2.example.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
organizations:
org1:
mspid: Org1MSP
cryptoPath: peerOrganizations/org1.example.com/users/{username}#org1.example.com/msp
users:
Admin:
cert:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp/signcerts/Admin#org1.example.com-cert.pem
User1:
cert:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/users/User1#org1.example.com/msp/signcerts/User1#org1.example.com-cert.pem
peers:
- peer0.org1.example.com
- peer1.org1.example.com
org2:
mspid: Org2MSP
cryptoPath: peerOrganizations/org2.example.com/users/{username}#org2.example.com/msp
users:
Admin:
cert:
path: fabric-network/first-network/crypto-config/peerOrganizations/org2.example.com/users/Admin#org2.example.com/msp/signcerts/Admin#org2.example.com-cert.pem
User1:
cert:
path: fabric-network/first-network/crypto-config/peerOrganizations/org2.example.com/users/User1#org2.example.com/msp/signcerts/User1#org2.example.com-cert.pem
peers:
- peer0.org2.example.com
- peer1.org2.example.com
Orderer:
mspID: OrdererMSP
cryptoPath: ordererOrganizations/example.com/users/{username}#example.com/msp
peers:
- orderer.example.com
orderers:
orderer.example.com:
url: localhost:7050
grpcOptions:
ssl-target-name-override: orderer.example.com
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
allow-insecure: false
tlsCACerts:
path: fabric-network/first-network/crypto-config/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem
peers:
peer0.org1.example.com:
url: localhost:7051
eventUrl: localhost:7053
grpcOptions:
ssl-target-name-override: peer0.org1.example.com
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
allow-insecure: false
tlsCACerts:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
peer1.org1.example.com:
url: localhost:8051
eventUrl: localhost:8053
grpcOptions:
ssl-target-name-override: peer1.org1.example.com
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
allow-insecure: false
tlsCACerts:
path: fabric-network/first-network/crypto-config/peerOrganizations/org1.example.com/tlsca/tlsca.org1.example.com-cert.pem
peer0.org2.example.com:
url: localhost:9051
eventUrl: localhost:9053
grpcOptions:
ssl-target-name-override: peer0.org2.example.com
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
allow-insecure: false
tlsCACerts:
path: fabric-network/first-network/crypto-config/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem
peer1.org2.example.com:
url: localhost:10051
eventUrl: localhost:10053
grpcOptions:
ssl-target-name-override: peer1.org2.example.com
keep-alive-time: 0s
keep-alive-timeout: 20s
keep-alive-permit: false
fail-fast: false
allow-insecure: false
tlsCACerts:
path: fabric-network/first-network/crypto-config/peerOrganizations/org2.example.com/tlsca/tlsca.org2.example.com-cert.pem
entityMatchers:
peer:
- pattern: peer0.org1.example.com:7051
urlSubstitutionExp: localhost:7051
eventUrlSubstitutionExp: localhost:7053
sslTargetOverrideUrlSubstitutionExp: peer0.org1.example.com
mappedHost: peer0.org1.example.com
- pattern: peer1.org1.example.com:7051
urlSubstitutionExp: localhost:8051
eventUrlSubstitutionExp: localhost:8053
sslTargetOverrideUrlSubstitutionExp: peer1.org1.example.com
mappedHost: peer1.org1.example.com
- pattern: peer0.org2.example.com:7051
urlSubstitutionExp: localhost:9051
sslTargetOverrideUrlSubstitutionExp: peer0.org2.example.com
mappedHost: peer0.org2.example.com
- pattern: peer1.org2.example.com:7051
urlSubstitutionExp: localhost:10051
sslTargetOverrideUrlSubstitutionExp: peer1.org2.example.com
mappedHost: peer1.org2.example.com
orderer:
- pattern: orderer.example.com:7050
urlSubstitutionExp: localhost:7050
sslTargetOverrideUrlSubstitutionExp: orderer.example.com
mappedHost: orderer.example.com

Afer debuging the code, I found the root cause was due to the "Exclude" filter:
func containsPeer(peers []fab.Peer, peer fab.Peer) bool {
for _, p := range peers {
if p.URL() == peer.URL() {
return true
}
}
return false
}
peers[3].url = localhost:7051
peer.url = peer0.org1.example.com:7051
I was blocked by a connection problem, so I set the URL as localhost instead of peer0.org1.example.com. So the peer0.org1 was excluded and hence got the error: getting endorsers from channel response: no endorsement combination can be satisfied.