Develop Reference

How to connect to Hyperledger Fabric Gateway Service (new in HF 2.4) with TLS enabled?

I have a Hyperlegder Fabric network set-up which is operating fine as long as I don't use new Fabric-Gateway SDK (https://hyperledger-fabric.readthedocs.io/en/release-2.4/gateway.html).
I upgraded my network from 2.3.1 to 2.4.1 and wanted to try the new SDK, but cannot connect to the Peer. Below I give some details of my configuration.
Peer-base docker service:
peer-base:
image: hyperledger/fabric-peer
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic
- FABRIC_LOGGING_SPEC=info:gateway,comm,comm.grpc,comm.grpc.server=debug
- CORE_CHAINCODE_LOGGING_LEVEL=info
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/peer/msp
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/peer/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/peer/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/peer/tls/ca.crt
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=***
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=***
- CORE_METRICS_PROVIDER=prometheus
- CORE_OPERATIONS_LISTENADDRESS=0.0.0.0:7055
- CORE_PEER_GATEWAY_ENABLED=true
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: peer node start
volumes:
- ./config:/etc/hyperledger/configtx
- /var/run/:/host/var/run/
networks:
- basic
restart: always
After migrating to 2.4.1, I added CORE_PEER_GATEWAY_ENABLED=true.
The peer docker service, which extends the peer-base:
peer0.org1.tcash.com:
container_name: peer0.org1.tcash.com
extends:
file: docker-compose-org1-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.org1.tcash.com
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_ADDRESS=peer0.org1.tcash.com:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.tcash.com:7052
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=test2.tcash.sigmacomp.pl:7051
- CORE_PEER_GOSSIP_ENDPOINT=test2.tcash.sigmacomp.pl:7051
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0.org1.tcash.com:5984
ports:
- 7051:7051
- 7053:7053
- 7055:7055
volumes:
- ./crypto-config/peerOrganizations/org1.tcash.com/peers/peer0.org1.tcash.com:/etc/hyperledger/peer
- ./persistence/peer0.org1.tcash.com/:/var/hyperledger/production
depends_on:
- couchdb0.org1.tcash.com
extra_hosts:
- orderer0.tcash.com:146.59.17.169
- orderer1.tcash.com:146.59.17.169
- orderer2.tcash.com:146.59.17.169
- orderer3.tcash.com:146.59.17.169
- orderer4.tcash.com:146.59.17.169
- peer2.org1.tcash.com:51.195.202.90
- peer3.org1.tcash.com:51.195.202.90
- peer4.org1.tcash.com:51.68.172.244
- peer5.org1.tcash.com:51.68.172.244
No changes have been made here during migration to 2.4.1.
I can see in the Peer logs, that new gateway service has been started:
2022-01-21 12:34:09.177 UTC 0023 INFO [nodeCmd] serve -> Starting peer with Gateway enabled
2022-01-21 12:34:09.177 UTC 0024 INFO [nodeCmd] serve -> Starting peer with ID=[peer0.org1.tcash.com], network ID=[dev], address=[peer0.org1.tcash.com:7051]
2022-01-21 12:34:09.177 UTC 0025 INFO [nodeCmd] func7 -> Starting profiling server with listenAddress = 0.0.0.0:6060
2022-01-21 12:34:09.177 UTC 0026 INFO [nodeCmd] serve -> Started peer with ID=[peer0.org1.tcash.com], network ID=[dev], address=[peer0.org1.tcash.com:7051]
After deploying the network, I try to run the transaction with the following code (NodeJS):
'use strict';
const fs = require('fs');
const crypto = require('crypto');
const grpc =require('#grpc/grpc-js');
const { connect, signers } = require('#hyperledger/fabric-gateway');
async function main() {
// Main try/catch block
try {
const credentials = fs.readFileSync('walletOffline/user.cert.pem');
const identity = { mspId: 'Org1MSP', credentials };
const privateKeyPem = fs.readFileSync('walletOffline/user.key.pem');
const privateKey = crypto.createPrivateKey(privateKeyPem);
const signer = signers.newPrivateKeySigner(privateKey);
const ccpJSON = fs.readFileSync('connection.json');
const ccp = JSON.parse(ccpJSON);
const peerName = ccp.organizations.org1.peers[0];
const peerAddress = ccp.peers[peerName].url.replace('grpcs://', '');
const tlsCACert = ccp.peers[peerName].tlsCACerts.pem;
const grpcOptions = ccp.peers[peerName].grpcOptions;
const tlsRootCert = Buffer.from(tlsCACert);
const tlsCredentials = grpc.credentials.createSsl(tlsRootCert);
const client = new grpc.Client(peerAddress, tlsCredentials, grpcOptions);
const gateway = connect({identity, signer, client});
const network = gateway.getNetwork('tcashchannel');
const contract = network.getContract('tcash');
const result = await contract.evaluateTransaction('queryAccountState', '100', '');
console.log('result: ' + result);
} catch (error) {
console.log('Error: ' + error);
console.log(error.stack);
}
}
main();
As you can see, I am extracting connection parameters from the JSON connection profile. This connection profile I use with the 'old' HF Node SDK and it's working without issues. However running this code gives me the following error from contract.evaluateTransaction() after 120 seconds timeout:
GatewayError: 14 UNAVAILABLE: failed to create new connection: context deadline exceeded
at newGatewayError (/Users/michaliwanicki/git/tcash/tcash-application/node_modules/#hyperledger/fabric-gateway/dist/gatewayerror.js:40:12)
at Object.callback (/Users/michaliwanicki/git/tcash/tcash-application/node_modules/#hyperledger/fabric-gateway/dist/client.js:81:67)
at Object.onReceiveStatus (/Users/michaliwanicki/git/tcash/tcash-application/node_modules/#grpc/grpc-js/build/src/client.js:180:36)
at Object.onReceiveStatus (/Users/michaliwanicki/git/tcash/tcash-application/node_modules/#grpc/grpc-js/build/src/client-interceptors.js:365:141)
at Object.onReceiveStatus (/Users/michaliwanicki/git/tcash/tcash-application/node_modules/#grpc/grpc-js/build/src/client-interceptors.js:328:181)
at /Users/michaliwanicki/git/tcash/tcash-application/node_modules/#grpc/grpc-js/build/src/call-stream.js:182:78
at processTicksAndRejections (internal/process/task_queues.js:77:11)
I can also see the corresponding entry in the peer logs:
2022-01-21 14:24:14.961 UTC 007e INFO [comm.grpc.server] 1 -> unary call completed grpc.service=gateway.Gateway grpc.method=Evaluate grpc.peer_address=178.183.68.178:54151 error="rpc error: code = Unavailable desc = failed to create new connection: context deadline exceeded" grpc.code=Unavailable grpc.call_duration=2m0.00087636s
There are no errors or warnings in the peer log.
EDIT:
After switching logging level to DEBUG and filtering it out, I came across the following part:
2022-01-27 13:38:19.217 UTC 67af DEBU [core.comm] ServerHandshake -> Server TLS handshake completed in 69.892651ms server=PeerServer remoteaddress=178.183.68.178:58755
2022-01-27 13:38:19.356 UTC 67b0 DEBU [lockbasedtxmgr] newQueryExecutor -> constructing new query executor txid = [407898ef-0004-4f25-be10-b603a2aaf919]
2022-01-27 13:38:19.357 UTC 67b1 DEBU [statecouchdb] GetState -> GetState(). ns=, key=CHANNEL_CONFIG_ENV_BYTES
2022-01-27 13:38:19.358 UTC 67b2 DEBU [lockbasedtxmgr] Done -> Done with transaction simulation / query execution [407898ef-0004-4f25-be10-b603a2aaf919]
2022-01-27 13:38:19.358 UTC [grpc] WarningDepth -> DEBU 02f [core]Adjusting keepalive ping interval to minimum period of 10s
2022-01-27 13:38:19.359 UTC [grpc] InfoDepth -> DEBU 030 [core]parsed scheme: ""
2022-01-27 13:38:19.359 UTC [grpc] InfoDepth -> DEBU 031 [core]scheme "" not registered, fallback to default scheme
2022-01-27 13:38:19.359 UTC [grpc] InfoDepth -> DEBU 032 [core]ccResolverWrapper: sending update to cc: {[{test2.tcash.sigmacomp.pl:8051 <nil> 0 <nil>}] <nil> <nil>}
2022-01-27 13:38:19.360 UTC [grpc] InfoDepth -> DEBU 033 [core]ClientConn switching balancer to "pick_first"
2022-01-27 13:38:19.360 UTC [grpc] InfoDepth -> DEBU 034 [core]Channel switches to new LB policy "pick_first"
2022-01-27 13:38:19.360 UTC [grpc] InfoDepth -> DEBU 035 [core]Subchannel Connectivity change to CONNECTING
2022-01-27 13:38:19.360 UTC [grpc] InfoDepth -> DEBU 036 [core]pickfirstBalancer: UpdateSubConnState: 0xc002ed2b30, {CONNECTING <nil>}
2022-01-27 13:38:19.361 UTC [grpc] InfoDepth -> DEBU 037 [core]Channel Connectivity change to CONNECTING
2022-01-27 13:38:19.360 UTC [grpc] InfoDepth -> DEBU 038 [core]Subchannel picks a new address "test2.tcash.sigmacomp.pl:8051" to connect
2022-01-27 13:38:19.370 UTC [grpc] InfoDepth -> DEBU 039 [core]Subchannel Connectivity change to TRANSIENT_FAILURE
2022-01-27 13:38:19.370 UTC [grpc] InfoDepth -> DEBU 03a [core]pickfirstBalancer: UpdateSubConnState: 0xc002ed2b30, {TRANSIENT_FAILURE connection closed}
2022-01-27 13:38:19.370 UTC [grpc] InfoDepth -> DEBU 03b [core]Channel Connectivity change to TRANSIENT_FAILURE
2022-01-27 13:38:19.370 UTC [grpc] InfoDepth -> DEBU 03c [transport]transport: loopyWriter.run returning. connection error: desc = "transport is closing"
EDIT 2:
I noticed that there are some errors in peer logs belonging to the other peers in the network (not the one which is called by the client application and running the Gateway service). It seems that there is a problem with establishment of TLS between peers when using Gateway SDK:
2022-02-10 14:36:24.934 UTC 24b0 DEBU [gossip.comm] func1 -> Got message: GossipMessage: Channel: , nonce: 0, tag: CHAN_OR_ORG state_info_pull_req: Channel MAC:23b92135be842b052b823a7c87853436fb579040416405d4fdfd0b6db0aa02d9, Envelope: 39 bytes, Signature: 0 bytes
2022-02-10 14:36:24.934 UTC 24b1 DEBU [gossip.gossip] handleMessage -> Entering, 54.37.226.59:7051 5c2af6d536100ada4e7f1829978c7f0163a6589f47f44207aa51a84987fe6a5b sent us GossipMessage: Channel: , nonce: 0, tag: CHAN_OR_ORG state_info_pull_req: Channel MAC:23b92135be842b052b823a7c87853436fb579040416405d4fdfd0b6db0aa02d9, Envelope: 39 bytes, Signature: 0 bytes
2022-02-10 14:36:24.935 UTC 24b2 DEBU [gossip.gossip] handleMessage -> Exiting
2022-02-10 14:36:24.942 UTC 24b3 ERRO [core.comm] ServerHandshake -> Server TLS handshake failed in 15.541µs with error tls: first record does not look like a TLS handshake server=PeerServer remoteaddress=172.24.0.1:36394
2022-02-10 14:36:24.942 UTC [grpc] WarningDepth -> DEBU 04e [core]grpc: Server.Serve failed to complete security handshake from "172.24.0.1:36394": tls: first record does not look like a TLS handshake
I suspect that there is some piece of configuration which is required for this feature to work, which I am missing. I will appreciate if anyone can help me find it.

It looks like the gateway peer is failing to connect to another endorsing peer in the network. Are you seeing any gossip communication between the peers in the logs?
Try reducing the dialTimeout to something less than the endorsementTimeout in the core.yaml and see if it connects to the other peers.

Chaincode as external service with TLS: installed but query doesn't find it?

In the Fabric docs example for a bin/release script, there's the comment
if tls_required is true, copy TLS files (using above example, the fully qualified path for these fils would be "$RELEASE"/chaincode/server/tls)
But which files should be put there? How do they have to be named? Are they referenced somewhere? Altogether I even don't understand why they're needed anyway. We already have all certficates in the connection.json on the peer side and also TLS certficates referenced by the ChaincodeServer on the chaincode side.
I'm asking because I can't invoke my chaincode and since I don't have additional certificates within the $RELEASE folder, that might cause the problem.
This is happening on chaincode query at the CLI:
$ export CORE_PEER_MSPCONFIGPATH=/config/admin/msp
$ peer chaincode query -C channel1 -n cc-abac -c '{"Args":["query","a"]}' --clientauth --tls --cafile /config/peer/tls-msp/tlscacerts/ca-cert.pem --keyfile /config/peer/tls-msp/keystore/key.pem --certfile /config/peer/tls-msp/signcerts/cert.pem
2020-07-06 07:20:55.290 UTC [msp] loadCertificateAt -> WARN 001 Failed loading ClientOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:20:55.290 UTC [msp] loadCertificateAt -> WARN 002 Failed loading PeerOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:20:55.290 UTC [msp] loadCertificateAt -> WARN 003 Failed loading AdminOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:20:55.291 UTC [msp] loadCertificateAt -> WARN 004 Failed loading OrdererOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 005 parsed scheme: ""
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 006 scheme "" not registered, fallback to default scheme
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 007 ccResolverWrapper: sending update to cc: {[{org1-peer1:30151 <nil> 0 <nil>}] <nil> <nil>}
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 008 ClientConn switching balancer to "pick_first"
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 009 Channel switches to new LB policy "pick_first"
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 00a Subchannel Connectivity change to CONNECTING
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 00b Subchannel picks a new address "org1-peer1:30151" to connect
2020-07-06 07:20:55.302 UTC [grpc] UpdateSubConnState -> DEBU 00c pickfirstBalancer: HandleSubConnStateChange: 0xc0001aff40, {CONNECTING <nil>}
2020-07-06 07:20:55.302 UTC [grpc] Infof -> DEBU 00d Channel Connectivity change to CONNECTING
2020-07-06 07:20:55.310 UTC [grpc] Infof -> DEBU 00e Subchannel Connectivity change to READY
2020-07-06 07:20:55.310 UTC [grpc] UpdateSubConnState -> DEBU 00f pickfirstBalancer: HandleSubConnStateChange: 0xc0001aff40, {READY <nil>}
2020-07-06 07:20:55.310 UTC [grpc] Infof -> DEBU 010 Channel Connectivity change to READY
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 011 parsed scheme: ""
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 012 scheme "" not registered, fallback to default scheme
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 013 ccResolverWrapper: sending update to cc: {[{org1-peer1:30151 <nil> 0 <nil>}] <nil> <nil>}
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 014 ClientConn switching balancer to "pick_first"
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 015 Channel switches to new LB policy "pick_first"
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 016 Subchannel Connectivity change to CONNECTING
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 017 Subchannel picks a new address "org1-peer1:30151" to connect
2020-07-06 07:20:55.315 UTC [grpc] UpdateSubConnState -> DEBU 018 pickfirstBalancer: HandleSubConnStateChange: 0xc0003447f0, {CONNECTING <nil>}
2020-07-06 07:20:55.315 UTC [grpc] Infof -> DEBU 019 Channel Connectivity change to CONNECTING
2020-07-06 07:20:55.320 UTC [grpc] Infof -> DEBU 01a Subchannel Connectivity change to READY
2020-07-06 07:20:55.320 UTC [grpc] UpdateSubConnState -> DEBU 01b pickfirstBalancer: HandleSubConnStateChange: 0xc0003447f0, {READY <nil>}
2020-07-06 07:20:55.320 UTC [grpc] Infof -> DEBU 01c Channel Connectivity change to READY
Error: endorsement failure during query. response: status:500 message:"make sure the chaincode cc-abac has been successfully defined on channel channel1 and try again: chaincode definition for 'cc-abac' exists, but chaincode is not installed"
Ok, let's check if it's installed:
$ peer lifecycle chaincode queryinstalled
2020-07-06 07:27:54.192 UTC [msp] loadCertificateAt -> WARN 001 Failed loading ClientOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:27:54.192 UTC [msp] loadCertificateAt -> WARN 002 Failed loading PeerOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:27:54.192 UTC [msp] loadCertificateAt -> WARN 003 Failed loading AdminOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:27:54.193 UTC [msp] loadCertificateAt -> WARN 004 Failed loading OrdererOU certificate at [/config/admin/msp]: [could not read file /config/admin/msp: read /config/admin/msp: is a directory]
2020-07-06 07:27:54.201 UTC [grpc] Infof -> DEBU 005 parsed scheme: ""
2020-07-06 07:27:54.201 UTC [grpc] Infof -> DEBU 006 scheme "" not registered, fallback to default scheme
2020-07-06 07:27:54.201 UTC [grpc] Infof -> DEBU 007 ccResolverWrapper: sending update to cc: {[{org1-peer1:30151 <nil> 0 <nil>}] <nil> <nil>}
2020-07-06 07:27:54.201 UTC [grpc] Infof -> DEBU 008 ClientConn switching balancer to "pick_first"
2020-07-06 07:27:54.201 UTC [grpc] Infof -> DEBU 009 Channel switches to new LB policy "pick_first"
2020-07-06 07:27:54.201 UTC [grpc] Infof -> DEBU 00a Subchannel Connectivity change to CONNECTING
2020-07-06 07:27:54.202 UTC [grpc] Infof -> DEBU 00b Subchannel picks a new address "org1-peer1:30151" to connect
2020-07-06 07:27:54.202 UTC [grpc] UpdateSubConnState -> DEBU 00c pickfirstBalancer: HandleSubConnStateChange: 0xc000447800, {CONNECTING <nil>}
2020-07-06 07:27:54.202 UTC [grpc] Infof -> DEBU 00d Channel Connectivity change to CONNECTING
2020-07-06 07:27:54.209 UTC [grpc] Infof -> DEBU 00e Subchannel Connectivity change to READY
2020-07-06 07:27:54.209 UTC [grpc] UpdateSubConnState -> DEBU 00f pickfirstBalancer: HandleSubConnStateChange: 0xc000447800, {READY <nil>}
2020-07-06 07:27:54.209 UTC [grpc] Infof -> DEBU 010 Channel Connectivity change to READY
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 011 parsed scheme: ""
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 012 scheme "" not registered, fallback to default scheme
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 013 ccResolverWrapper: sending update to cc: {[{org1-peer1:30151 <nil> 0 <nil>}] <nil> <nil>}
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 014 ClientConn switching balancer to "pick_first"
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 015 Channel switches to new LB policy "pick_first"
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 016 Subchannel Connectivity change to CONNECTING
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 017 Subchannel picks a new address "org1-peer1:30151" to connect
2020-07-06 07:27:54.213 UTC [grpc] UpdateSubConnState -> DEBU 018 pickfirstBalancer: HandleSubConnStateChange: 0xc0000da8f0, {CONNECTING <nil>}
2020-07-06 07:27:54.213 UTC [grpc] Infof -> DEBU 019 Channel Connectivity change to CONNECTING
2020-07-06 07:27:54.219 UTC [grpc] Infof -> DEBU 01a Subchannel Connectivity change to READY
2020-07-06 07:27:54.219 UTC [grpc] UpdateSubConnState -> DEBU 01b pickfirstBalancer: HandleSubConnStateChange: 0xc0000da8f0, {READY <nil>}
2020-07-06 07:27:54.219 UTC [grpc] Infof -> DEBU 01c Channel Connectivity change to READY
Installed chaincodes on peer:
Package ID: cc-abac:7f7a2b755874ef0c72e6d1eb467f6e65afb488994c80a75f3c5712fcdc9ee095, Label: cc-abac
So it's installed but the query command doesn't find it?
And yes - it's installed on the correct channel:
$ peer lifecycle chaincode querycommitted --channelID channel1 --name cc-abac --cafile /config/peer/tls-msp/tlscacerts/ca-cert.pem
Committed chaincode definition for chaincode 'cc-abac' on channel 'channel1':
Version: 1.0, Sequence: 1, Endorsement Plugin: escc, Validation Plugin: vscc, Approvals: [Org1MSP: true, Org2MSP: true, Org3MSP: true]
This is the peer log at the time of the query:
[36m2020-07-06 07:31:23.605 UTC [lockbasedtxmgr] NewTxSimulator -> DEBU 12a6[0m constructing new tx simulator
[36m2020-07-06 07:31:23.605 UTC [lockbasedtxmgr] newLockBasedTxSimulator -> DEBU 12a7[0m constructing new tx simulator txid = [ed5b5de845b99b8b126e1b10d05df3849b9b108c83435f4225fc47c9a3b841c7]
[36m2020-07-06 07:31:23.605 UTC [stateleveldb] GetState -> DEBU 12a8[0m GetState(). ns=_lifecycle, key=namespaces/fields/cc-abac/Sequence
[36m2020-07-06 07:31:23.605 UTC [lockbasedtxmgr] Done -> DEBU 12a9[0m Done with transaction simulation / query execution [ed5b5de845b99b8b126e1b10d05df3849b9b108c83435f4225fc47c9a3b841c7]
[34m2020-07-06 07:31:23.605 UTC [comm.grpc.server] 1 -> INFO 12aa[0m unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=10.131.0.100:51580 grpc.peer_subject="CN=org1-peer1,OU=peer,O=Hyperledger,ST=North Carolina,C=US" grpc.code=OK grpc.call_duration=2.128156ms
[36m2020-07-06 07:31:23.608 UTC [grpc] infof -> DEBU 12ab[0m transport: loopyWriter.run returning. connection error: desc = "transport is closing"
[36m2020-07-06 07:31:23.608 UTC [grpc] warningf -> DEBU 12ac[0m transport: http2Server.HandleStreams failed to read frame: read tcp 10.130.1.219:7051->10.131.0.100:51580: read: connection reset by peer
[36m2020-07-06 07:31:23.608 UTC [grpc] infof -> DEBU 12ad[0m transport: loopyWriter.run returning. connection error: desc = "transport is closing"
10.131.0.100 is the calling CLI and 10.130.1.219 is the peer. So is there a connection problem between CLI and Peer?
Coming back to the first paragraph of this question - this is the connection.json available to the peer:
{
"address": "org1-cc1:31101",
"dial_timeout": "10s",
"tls_required": "true",
"client_auth_required": "true",
"client_key": "-----BEGIN PRIVATE KEY-----\nxxx\nxxx\nxxx\n-----END PRIVATE KEY-----",
"client_cert": "-----BEGIN CERTIFICATE-----\nxxx/xxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx/xxxn\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx=\n-----END CERTIFICATE-----",
"root_cert": "-----BEGIN CERTIFICATE-----\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\nxxx\n-----END CERTIFICATE-----"
}
Of course, xxx are just placeholders ;)
The Chaincode main() looks as follows:
func main() {
keyFile := os.Getenv("CHAINCODE_TLS_KEY_FILE")
key, err := ioutil.ReadFile(keyFile)
check(err)
certFile := os.Getenv("CHAINCODE_TLS_CERT_FILE")
cert, err := ioutil.ReadFile(certFile)
check(err)
caFile := os.Getenv("CHAINCODE_TLS_CACERT_FILE")
ca, err := ioutil.ReadFile(caFile)
check(err)
server := &shim.ChaincodeServer{
CCID: os.Getenv("CHAINCODE_CCID"),
Address: "0.0.0.0:9999",
CC: new(SimpleChaincode),
TLSProps: shim.TLSProperties{
Disabled: false,
Key: key,
Cert: cert,
ClientCACerts: ca,
},
}
err = server.Start()
if err != nil {
fmt.Printf("Error starting Simple chaincode: %s", err)
}
}

Error : issue while using createChannel command

I've been following the tutorial for the Hyperledger Fabric development
but i have this error message while trying the command ./network.sh createChannel:
Error: failed to create deliver client for orderer: orderer client failed to connect to localhost:7050: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp [::1]:7050: connectex: Aucune connexion n’a pu être établie car l’ordinateur cible l’a expressément refusée."
!!!!!!!!!!!!!!! Channel creation failed !!!!!!!!!!!!!!!!
The French part means that no connection can be established cause the targeted computer has refused it.
After searching a bit there might be an issue with the ports or ip addresses but not sure.
My logs for the different components :
Orderer service :
2020-05-27 09:13:16.388 UTC [localconfig] completeInitialization -> WARN 001 General.GenesisFile should be replaced by General.BootstrapFile
2020-05-27 09:13:16.389 UTC [localconfig] completeInitialization -> INFO 002 Kafka.Version unset, setting to 0.10.2.0
2020-05-27 09:13:16.389 UTC [orderer.common.server] prettyPrintStruct -> INFO 003 Orderer config values:
General.ListenAddress = "0.0.0.0"
General.ListenPort = 7050
General.TLS.Enabled = true
General.TLS.PrivateKey = "/var/hyperledger/orderer/tls/server.key"
General.TLS.Certificate = "/var/hyperledger/orderer/tls/server.crt"
General.TLS.RootCAs = [/var/hyperledger/orderer/tls/ca.crt]
General.TLS.ClientAuthRequired = false
General.TLS.ClientRootCAs = []
General.Cluster.ListenAddress = ""
General.Cluster.ListenPort = 0
General.Cluster.ServerCertificate = ""
General.Cluster.ServerPrivateKey = ""
General.Cluster.ClientCertificate = "/var/hyperledger/orderer/tls/server.crt"
General.Cluster.ClientPrivateKey = "/var/hyperledger/orderer/tls/server.key"
General.Cluster.RootCAs = [/var/hyperledger/orderer/tls/ca.crt]
General.Cluster.DialTimeout = 5s
General.Cluster.RPCTimeout = 7s
General.Cluster.ReplicationBufferSize = 20971520
General.Cluster.ReplicationPullTimeout = 5s
General.Cluster.ReplicationRetryTimeout = 5s
General.Cluster.ReplicationBackgroundRefreshInterval = 5m0s
General.Cluster.ReplicationMaxRetries = 12
General.Cluster.SendBufferSize = 10
General.Cluster.CertExpirationWarningThreshold = 168h0m0s
General.Cluster.TLSHandshakeTimeShift = 0s
General.Keepalive.ServerMinInterval = 1m0s
General.Keepalive.ServerInterval = 2h0m0s
General.Keepalive.ServerTimeout = 20s
General.ConnectionTimeout = 0s
General.GenesisMethod = "file"
General.GenesisFile = "/var/hyperledger/orderer/orderer.genesis.block"
General.BootstrapMethod = "file"
General.BootstrapFile = "/var/hyperledger/orderer/orderer.genesis.block"
General.Profile.Enabled = false
General.Profile.Address = "0.0.0.0:6060"
General.LocalMSPDir = "/var/hyperledger/orderer/msp"
General.LocalMSPID = "OrdererMSP"
General.BCCSP.ProviderName = "SW"
General.BCCSP.SwOpts.SecLevel = 256
General.BCCSP.SwOpts.HashFamily = "SHA2"
General.BCCSP.SwOpts.Ephemeral = true
General.BCCSP.SwOpts.FileKeystore.KeyStorePath = ""
General.BCCSP.SwOpts.DummyKeystore =
General.BCCSP.SwOpts.InmemKeystore =
General.Authentication.TimeWindow = 15m0s
General.Authentication.NoExpirationChecks = false
FileLedger.Location = "/var/hyperledger/production/orderer"
FileLedger.Prefix = "hyperledger-fabric-ordererledger"
Kafka.Retry.ShortInterval = 5s
Kafka.Retry.ShortTotal = 10m0s
Kafka.Retry.LongInterval = 5m0s
Kafka.Retry.LongTotal = 12h0m0s
Kafka.Retry.NetworkTimeouts.DialTimeout = 10s
Kafka.Retry.NetworkTimeouts.ReadTimeout = 10s
Kafka.Retry.NetworkTimeouts.WriteTimeout = 10s
Kafka.Retry.Metadata.RetryMax = 3
Kafka.Retry.Metadata.RetryBackoff = 250ms
Kafka.Retry.Producer.RetryMax = 3
Kafka.Retry.Producer.RetryBackoff = 100ms
Kafka.Retry.Consumer.RetryBackoff = 2s
Kafka.Verbose = true
Kafka.Version = 0.10.2.0
Kafka.TLS.Enabled = false
Kafka.TLS.PrivateKey = ""
Kafka.TLS.Certificate = ""
Kafka.TLS.RootCAs = []
Kafka.TLS.ClientAuthRequired = false
Kafka.TLS.ClientRootCAs = []
Kafka.SASLPlain.Enabled = false
Kafka.SASLPlain.User = ""
Kafka.SASLPlain.Password = ""
Kafka.Topic.ReplicationFactor = 1
Debug.BroadcastTraceDir = ""
Debug.DeliverTraceDir = ""
Consensus = map[SnapDir:/var/hyperledger/production/orderer/etcdraft/snapshot WALDir:/var/hyperledger/production/orderer/etcdraft/wal]
Operations.ListenAddress = "127.0.0.1:8443"
Operations.TLS.Enabled = false
Operations.TLS.PrivateKey = ""
Operations.TLS.Certificate = ""
Operations.TLS.RootCAs = []
Operations.TLS.ClientAuthRequired = false
Operations.TLS.ClientRootCAs = []
Metrics.Provider = "disabled"
Metrics.Statsd.Network = "udp"
Metrics.Statsd.Address = "127.0.0.1:8125"
Metrics.Statsd.WriteInterval = 30s
Metrics.Statsd.Prefix = ""
2020-05-27 09:13:16.400 UTC [msp] loadCertificateAt -> WARN 004 Failed loading ClientOU certificate at [/var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem]: [could not read file /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: open /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.400 UTC [msp] loadCertificateAt -> WARN 005 Failed loading PeerOU certificate at [/var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem]: [could not read file /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: open /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.400 UTC [msp] loadCertificateAt -> WARN 006 Failed loading AdminOU certificate at [/var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem]: [could not read file /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: open /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.400 UTC [msp] loadCertificateAt -> WARN 007 Failed loading OrdererOU certificate at [/var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem]: [could not read file /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: open /var/hyperledger/orderer/msp/cacerts\ca.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.434 UTC [orderer.common.server] initializeServerConfig -> INFO 008 Starting orderer with TLS enabled
2020-05-27 09:13:16.441 UTC [fsblkstorage] NewProvider -> INFO 009 Creating new file ledger directory at /var/hyperledger/production/orderer/chains
2020-05-27 09:13:16.464 UTC [orderer.common.server] extractSysChanLastConfig -> INFO 00a Bootstrapping because no existing channels
2020-05-27 09:13:16.483 UTC [orderer.common.server] Main -> INFO 00b Setting up cluster for orderer type etcdraft
2020-05-27 09:13:16.490 UTC [orderer.common.server] reuseListener -> INFO 00c Cluster listener is not configured, defaulting to use the general listener on port 7050
2020-05-27 09:13:16.490 UTC [fsblkstorage] newBlockfileMgr -> INFO 00d Getting block information from block storage
2020-05-27 09:13:16.529 UTC [orderer.consensus.etcdraft] HandleChain -> INFO 00e EvictionSuspicion not set, defaulting to 10m0s
2020-05-27 09:13:16.530 UTC [orderer.consensus.etcdraft] createOrReadWAL -> INFO 00f No WAL data found, creating new WAL at path '/var/hyperledger/production/orderer/etcdraft/wal/system-channel' channel=system-channel node=1
2020-05-27 09:13:16.536 UTC [orderer.commmon.multichannel] Initialize -> INFO 010 Starting system channel 'system-channel' with genesis block hash 22c93e29c38e9681f960d390fda12c72869fc9ebfebf0a6d1c15f60198b13119 and orderer type etcdraft
2020-05-27 09:13:16.537 UTC [orderer.consensus.etcdraft] Start -> INFO 011 Starting Raft node channel=system-channel node=1
2020-05-27 09:13:16.537 UTC [orderer.common.cluster] Configure -> INFO 012 Entering, channel: system-channel, nodes: []
2020-05-27 09:13:16.537 UTC [orderer.common.cluster] Configure -> INFO 013 Exiting
2020-05-27 09:13:16.537 UTC [orderer.consensus.etcdraft] start -> INFO 014 Starting raft node as part of a new channel channel=system-channel node=1
2020-05-27 09:13:16.537 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 015 1 became follower at term 0 channel=system-channel node=1
2020-05-27 09:13:16.538 UTC [orderer.consensus.etcdraft] newRaft -> INFO 016 newRaft 1 [peers: [], term: 0, commit: 0, applied: 0, lastindex: 0, lastterm: 0] channel=system-channel node=1
2020-05-27 09:13:16.538 UTC [orderer.consensus.etcdraft] becomeFollower -> INFO 017 1 became follower at term 1 channel=system-channel node=1
2020-05-27 09:13:16.538 UTC [orderer.common.server] Main -> INFO 018 Starting orderer:
Version: 2.1.0
Commit SHA: 1bdf975
Go version: go1.14.1
OS/Arch: linux/amd64
2020-05-27 09:13:16.538 UTC [orderer.common.server] Main -> INFO 019 Beginning to serve requests
2020-05-27 09:13:16.538 UTC [orderer.consensus.etcdraft] run -> INFO 01a This node is picked to start campaign channel=system-channel node=1
2020-05-27 09:13:16.539 UTC [orderer.consensus.etcdraft] apply -> INFO 01b Applied config change to add node 1, current nodes in channel: [1] channel=system-channel node=1
2020-05-27 09:13:17.539 UTC [orderer.consensus.etcdraft] Step -> INFO 01c 1 is starting a new election at term 1 channel=system-channel node=1
2020-05-27 09:13:17.540 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 01d 1 became pre-candidate at term 1 channel=system-channel node=1
2020-05-27 09:13:17.540 UTC [orderer.consensus.etcdraft] poll -> INFO 01e 1 received MsgPreVoteResp from 1 at term 1 channel=system-channel node=1
2020-05-27 09:13:17.540 UTC [orderer.consensus.etcdraft] becomeCandidate -> INFO 01f 1 became candidate at term 2 channel=system-channel node=1
2020-05-27 09:13:17.541 UTC [orderer.consensus.etcdraft] poll -> INFO 020 1 received MsgVoteResp from 1 at term 2 channel=system-channel node=1
2020-05-27 09:13:17.541 UTC [orderer.consensus.etcdraft] becomeLeader -> INFO 021 1 became leader at term 2 channel=system-channel node=1
2020-05-27 09:13:17.541 UTC [orderer.consensus.etcdraft] run -> INFO 022 raft.node: 1 elected leader 1 at term 2 channel=system-channel node=1
2020-05-27 09:13:17.542 UTC [orderer.consensus.etcdraft] run -> INFO 023 Leader 1 is present, quit campaign channel=system-channel node=1
2020-05-27 09:13:17.543 UTC [orderer.consensus.etcdraft] run -> INFO 024 Raft leader changed: 0 -> 1 channel=system-channel node=1
2020-05-27 09:13:17.543 UTC [orderer.consensus.etcdraft] run -> INFO 025 Start accepting requests as Raft leader at block [0] channel=system-channel node=1
Peer 1 :
2020-05-27 09:13:16.435 UTC [msp] loadCertificateAt -> WARN 001 Failed loading ClientOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.435 UTC [msp] loadCertificateAt -> WARN 002 Failed loading PeerOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.435 UTC [msp] loadCertificateAt -> WARN 003 Failed loading AdminOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.436 UTC [msp] loadCertificateAt -> WARN 004 Failed loading OrdererOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org1.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.441 UTC [nodeCmd] serve -> INFO 005 Starting peer:
Version: 2.1.0
Commit SHA: 1bdf975
Go version: go1.14.1
OS/Arch: linux/amd64
Chaincode:
Base Docker Label: org.hyperledger.fabric
Docker Namespace: hyperledger
2020-05-27 09:13:16.442 UTC [peer] getLocalAddress -> INFO 006 Auto-detected peer address: 172.18.0.3:7051
2020-05-27 09:13:16.442 UTC [peer] getLocalAddress -> INFO 007 Returning peer0.org1.example.com:7051
2020-05-27 09:13:16.469 UTC [nodeCmd] initGrpcSemaphores -> INFO 008 concurrency limit for endorser service is 2500
2020-05-27 09:13:16.470 UTC [nodeCmd] initGrpcSemaphores -> INFO 009 concurrency limit for deliver service is 2500
2020-05-27 09:13:16.470 UTC [nodeCmd] serve -> INFO 00a Starting peer with TLS enabled
2020-05-27 09:13:16.500 UTC [ledgermgmt] NewLedgerMgr -> INFO 00b Initializing LedgerMgr
2020-05-27 09:13:16.513 UTC [leveldbhelper] openDBAndCheckFormat -> INFO 00c DB is empty Setting db format as 2.0
2020-05-27 09:13:16.514 UTC [fsblkstorage] NewProvider -> INFO 00d Creating new file ledger directory at /var/hyperledger/production/ledgersData/chains/chains
2020-05-27 09:13:16.521 UTC [leveldbhelper] openDBAndCheckFormat -> INFO 00e DB is empty Setting db format as 2.0
2020-05-27 09:13:16.535 UTC [leveldbhelper] openDBAndCheckFormat -> INFO 00f DB is empty Setting db format as 2.0
2020-05-27 09:13:16.536 UTC [ledgermgmt] NewLedgerMgr -> INFO 010 Initialized LedgerMgr
2020-05-27 09:13:16.547 UTC [gossip.service] New -> INFO 011 Initialize gossip with endpoint peer0.org1.example.com:7051
2020-05-27 09:13:16.549 UTC [gossip.gossip] New -> INFO 012 Creating gossip service with self membership of Endpoint: peer0.org1.example.com:7051, InternalEndpoint: peer0.org1.example.com:7051, PKI-ID: 58df3c0a908cbbd073a6b4138ef676c652aaab118fb99179d7304206f63a0207, Metadata:
2020-05-27 09:13:16.550 UTC [lifecycle] InitializeLocalChaincodes -> INFO 013 Initialized lifecycle cache with 0 already installed chaincodes
2020-05-27 09:13:16.550 UTC [nodeCmd] computeChaincodeEndpoint -> INFO 014 Entering computeChaincodeEndpoint with peerHostname: peer0.org1.example.com
2020-05-27 09:13:16.550 UTC [nodeCmd] computeChaincodeEndpoint -> INFO 015 Exit with ccEndpoint: peer0.org1.example.com:7052
2020-05-27 09:13:16.550 UTC [gossip.gossip] start -> INFO 016 Gossip instance peer0.org1.example.com:7051 started
2020-05-27 09:13:16.560 UTC [sccapi] DeploySysCC -> INFO 017 deploying system chaincode 'lscc'
2020-05-27 09:13:16.560 UTC [sccapi] DeploySysCC -> INFO 018 deploying system chaincode 'cscc'
2020-05-27 09:13:16.560 UTC [sccapi] DeploySysCC -> INFO 019 deploying system chaincode 'qscc'
2020-05-27 09:13:16.560 UTC [sccapi] DeploySysCC -> INFO 01a deploying system chaincode '_lifecycle'
2020-05-27 09:13:16.560 UTC [nodeCmd] serve -> INFO 01b Deployed system chaincodes
2020-05-27 09:13:16.560 UTC [discovery] NewService -> INFO 01c Created with config TLS: true, authCacheMaxSize: 1000, authCachePurgeRatio: 0.750000
2020-05-27 09:13:16.560 UTC [nodeCmd] registerDiscoveryService -> INFO 01d Discovery service activated
2020-05-27 09:13:16.560 UTC [nodeCmd] serve -> INFO 01e Starting peer with ID=[peer0.org1.example.com], network ID=[dev], address=[peer0.org1.example.com:7051]
2020-05-27 09:13:16.560 UTC [nodeCmd] serve -> INFO 01f Started peer with ID=[peer0.org1.example.com], network ID=[dev], address=[peer0.org1.example.com:7051]
2020-05-27 09:13:16.560 UTC [kvledger] LoadPreResetHeight -> INFO 020 Loading prereset height from path [/var/hyperledger/production/ledgersData/chains]
2020-05-27 09:13:16.561 UTC [fsblkstorage] preResetHtFiles -> INFO 021 No active channels passed
2020-05-27 09:13:16.561 UTC [nodeCmd] func6 -> INFO 022 Starting profiling server with listenAddress = 0.0.0.0:6060
Peer 2 :
2020-05-27 09:13:16.409 UTC [msp] loadCertificateAt -> WARN 001 Failed loading ClientOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.410 UTC [msp] loadCertificateAt -> WARN 002 Failed loading PeerOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.410 UTC [msp] loadCertificateAt -> WARN 003 Failed loading AdminOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.410 UTC [msp] loadCertificateAt -> WARN 004 Failed loading OrdererOU certificate at [/etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem]: [could not read file /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: open /etc/hyperledger/fabric/msp/cacerts\ca.org2.example.com-cert.pem: no such file or directory]
2020-05-27 09:13:16.420 UTC [nodeCmd] serve -> INFO 005 Starting peer:
Version: 2.1.0
Commit SHA: 1bdf975
Go version: go1.14.1
OS/Arch: linux/amd64
Chaincode:
Base Docker Label: org.hyperledger.fabric
Docker Namespace: hyperledger
2020-05-27 09:13:16.421 UTC [peer] getLocalAddress -> INFO 006 Auto-detected peer address: 172.18.0.2:9051
2020-05-27 09:13:16.421 UTC [peer] getLocalAddress -> INFO 007 Returning peer0.org2.example.com:9051
2020-05-27 09:13:16.433 UTC [nodeCmd] initGrpcSemaphores -> INFO 008 concurrency limit for endorser service is 2500
2020-05-27 09:13:16.434 UTC [nodeCmd] initGrpcSemaphores -> INFO 009 concurrency limit for deliver service is 2500
2020-05-27 09:13:16.434 UTC [nodeCmd] serve -> INFO 00a Starting peer with TLS enabled
2020-05-27 09:13:16.472 UTC [ledgermgmt] NewLedgerMgr -> INFO 00b Initializing LedgerMgr
2020-05-27 09:13:16.492 UTC [leveldbhelper] openDBAndCheckFormat -> INFO 00c DB is empty Setting db format as 2.0
2020-05-27 09:13:16.493 UTC [fsblkstorage] NewProvider -> INFO 00d Creating new file ledger directory at /var/hyperledger/production/ledgersData/chains/chains
2020-05-27 09:13:16.501 UTC [leveldbhelper] openDBAndCheckFormat -> INFO 00e DB is empty Setting db format as 2.0
2020-05-27 09:13:16.528 UTC [leveldbhelper] openDBAndCheckFormat -> INFO 00f DB is empty Setting db format as 2.0
2020-05-27 09:13:16.528 UTC [ledgermgmt] NewLedgerMgr -> INFO 010 Initialized LedgerMgr
2020-05-27 09:13:16.542 UTC [gossip.service] New -> INFO 011 Initialize gossip with endpoint peer0.org2.example.com:9051
2020-05-27 09:13:16.547 UTC [gossip.gossip] New -> INFO 012 Creating gossip service with self membership of Endpoint: peer0.org2.example.com:9051, InternalEndpoint: peer0.org2.example.com:9051, PKI-ID: c7429efa7a899a8b3644235bc56251ffbfb45fe3f55fc0a4d199fd03b1521df4, Metadata:
2020-05-27 09:13:16.547 UTC [lifecycle] InitializeLocalChaincodes -> INFO 013 Initialized lifecycle cache with 0 already installed chaincodes
2020-05-27 09:13:16.548 UTC [nodeCmd] computeChaincodeEndpoint -> INFO 014 Entering computeChaincodeEndpoint with peerHostname: peer0.org2.example.com
2020-05-27 09:13:16.548 UTC [nodeCmd] computeChaincodeEndpoint -> INFO 015 Exit with ccEndpoint: peer0.org2.example.com:9052
2020-05-27 09:13:16.549 UTC [gossip.gossip] start -> INFO 016 Gossip instance peer0.org2.example.com:9051 started
2020-05-27 09:13:16.555 UTC [sccapi] DeploySysCC -> INFO 017 deploying system chaincode 'lscc'
2020-05-27 09:13:16.558 UTC [sccapi] DeploySysCC -> INFO 018 deploying system chaincode 'cscc'
2020-05-27 09:13:16.558 UTC [sccapi] DeploySysCC -> INFO 019 deploying system chaincode 'qscc'
2020-05-27 09:13:16.559 UTC [sccapi] DeploySysCC -> INFO 01a deploying system chaincode '_lifecycle'
2020-05-27 09:13:16.559 UTC [nodeCmd] serve -> INFO 01b Deployed system chaincodes
2020-05-27 09:13:16.559 UTC [discovery] NewService -> INFO 01c Created with config TLS: true, authCacheMaxSize: 1000, authCachePurgeRatio: 0.750000
2020-05-27 09:13:16.559 UTC [nodeCmd] registerDiscoveryService -> INFO 01d Discovery service activated
2020-05-27 09:13:16.559 UTC [nodeCmd] serve -> INFO 01e Starting peer with ID=[peer0.org2.example.com], network ID=[dev], address=[peer0.org2.example.com:9051]
2020-05-27 09:13:16.559 UTC [nodeCmd] serve -> INFO 01f Started peer with ID=[peer0.org2.example.com], network ID=[dev], address=[peer0.org2.example.com:9051]
2020-05-27 09:13:16.559 UTC [kvledger] LoadPreResetHeight -> INFO 020 Loading prereset height from path [/var/hyperledger/production/ledgersData/chains]
2020-05-27 09:13:16.559 UTC [fsblkstorage] preResetHtFiles -> INFO 021 No active channels passed
2020-05-27 09:13:16.559 UTC [nodeCmd] func6 -> INFO 022 Starting profiling server with listenAddress = 0.0.0.0:6060
There are also several warnings but don't really know their meaning.
I've tried to relaunch docker as admin , also tried to relaunch the network.

Container cli is not running,when using couchdb hyperledger fabric

I want to use chaincode-docker-devmode in fabric-samples to test my chaincode, but when I add couchdb in docker-compose-simple.yaml like this:
version: '2'
services:
orderer:
container_name: orderer
image: hyperledger/fabric-orderer
environment:
- FABRIC_LOGGING_SPEC=debug
- ORDERER_GENERAL_LISTENADDRESS=orderer
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=orderer.block
- ORDERER_GENERAL_LOCALMSPID=DEFAULT
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp
- GRPC_TRACE=all=true,
- GRPC_VERBOSITY=debug
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./msp:/etc/hyperledger/msp
- ./orderer.block:/etc/hyperledger/fabric/orderer.block
ports:
- 7050:7050
couchdb:
container_name: couchdb
image: hyperledger/fabric-couchdb
environment:
- COUCHDB_USER=
- COUCHDB_PASSWORD=
ports:
- 5984:5984
peer:
container_name: peer
image: hyperledger/fabric-peer
dns_search: .
environment:
- CORE_PEER_ID=peer
- CORE_PEER_ADDRESS=peer:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer:7051
- CORE_PEER_LOCALMSPID=DEFAULT
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=
volumes:
- /var/run/:/host/var/run/
- ./msp:/etc/hyperledger/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start --peer-chaincodedev=true
ports:
- 7051:7051
- 7053:7053
depends_on:
- orderer
- couchdb
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer:7051
- CORE_PEER_LOCALMSPID=DEFAULT
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp
working_dir: /opt/gopath/src/chaincodedev
command: /bin/bash -c './script.sh ; sleep 20'
volumes:
- /var/run/:/host/var/run/
- ./msp:/etc/hyperledger/msp
- ./../chaincode:/opt/gopath/src/chaincodedev/chaincode
- ./:/opt/gopath/src/chaincodedev/
depends_on:
- orderer
- peer
chaincode:
container_name: chaincode
image: hyperledger/fabric-ccenv
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_ID=example02
- CORE_PEER_ADDRESS=peer:7051
- CORE_PEER_LOCALMSPID=DEFAULT
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp
working_dir: /opt/gopath/src/chaincode
command: /bin/bash -c 'sleep 6000000'
volumes:
- /var/run/:/host/var/run/
- ./msp:/etc/hyperledger/msp
- ./../chaincode:/opt/gopath/src/chaincode
depends_on:
- orderer
- peer
When I start the containers, using
docker-compose -f docker-compose-simple.yaml up
Container cil will return the error:
Error: error getting endorser client for channel: endorser client failed to connect to peer:7051: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp 172.29.0.4:7051: connect: connection refused"
some same errors are solve by add command:sleep in script,
command: /bin/bash -c 'sleep 6000000'
but my Container still return same error.
peer container's logs
2020-04-13 09:01:28.850 UTC [inproccontroller] getInstance -> DEBU 0f5 chaincode instance created for qscc-1.4.1
2020-04-13 09:01:28.850 UTC [inproccontroller] func2 -> DEBU 0f6 chaincode-support started for qscc-1.4.1
2020-04-13 09:01:28.850 UTC [inproccontroller] func1 -> DEBU 0f7 chaincode started for qscc-1.4.1
2020-04-13 09:01:28.851 UTC [chaincode] handleMessage -> DEBU 0f8 [] Fabric side handling ChaincodeMessage of type: REGISTER in state created
2020-04-13 09:01:28.851 UTC [chaincode] HandleRegister -> DEBU 0f9 Received REGISTER in state created
2020-04-13 09:01:28.851 UTC [chaincode] Register -> DEBU 0fa registered handler complete for chaincode qscc:1.4.1
2020-04-13 09:01:28.851 UTC [chaincode] HandleRegister -> DEBU 0fb Got REGISTER for chaincodeID = name:"qscc:1.4.1" , sending back REGISTERED
2020-04-13 09:01:28.851 UTC [chaincode] HandleRegister -> DEBU 0fc Changed state to established for name:"qscc:1.4.1"
2020-04-13 09:01:28.851 UTC [chaincode] sendReady -> DEBU 0fd sending READY for chaincode name:"qscc:1.4.1"
2020-04-13 09:01:28.851 UTC [chaincode] sendReady -> DEBU 0fe Changed to state ready for chaincode name:"qscc:1.4.1"
2020-04-13 09:01:28.851 UTC [chaincode] Launch -> DEBU 0ff launch complete
2020-04-13 09:01:28.851 UTC [chaincode] Execute -> DEBU 100 Entry
2020-04-13 09:01:28.851 UTC [qscc] Init -> INFO 101 Init QSCC
2020-04-13 09:01:28.851 UTC [chaincode] handleMessage -> DEBU 102 [91196774] Fabric side handling ChaincodeMessage of type: COMPLETED in state ready
2020-04-13 09:01:28.852 UTC [chaincode] Notify -> DEBU 103 [91196774] notifying Txid:91196774-4c1f-4369-b977-965de44d3d1b, channelID:
2020-04-13 09:01:28.852 UTC [chaincode] Execute -> DEBU 104 Exit
2020-04-13 09:01:28.852 UTC [sccapi] deploySysCC -> INFO 105 system chaincode qscc/(github.com/hyperledger/fabric/core/scc/qscc) deployed
2020-04-13 09:01:28.852 UTC [sccapi] deploySysCC -> INFO 106 system chaincode (+lifecycle,github.com/hyperledger/fabric/core/chaincode/lifecycle) disabled
2020-04-13 09:01:28.852 UTC [nodeCmd] serve -> INFO 107 Deployed system chaincodes
2020-04-13 09:01:28.855 UTC [ccprovider] ListInstalledChaincodes -> DEBU 108 Returning []
2020-04-13 09:01:28.850 UTC [container] unlockContainer -> DEBU 109 container lock deleted(qscc-1.4.1)
2020-04-13 09:01:28.870 UTC [container] lockContainer -> DEBU 10a waiting for container(qscc-1.4.1) lock
2020-04-13 09:01:28.870 UTC [container] lockContainer -> DEBU 10b got container (qscc-1.4.1) lock
2020-04-13 09:01:28.870 UTC [container] unlockContainer -> DEBU 10c container lock deleted(qscc-1.4.1)
2020-04-13 09:01:28.880 UTC [discovery] NewService -> INFO 10d Created with config TLS: false, authCacheMaxSize: 1000, authCachePurgeRatio: 0.750000
2020-04-13 09:01:28.880 UTC [nodeCmd] registerDiscoveryService -> INFO 10e Discovery service activated
2020-04-13 09:01:28.881 UTC [nodeCmd] serve -> INFO 10f Starting peer with ID=[name:"peer" ], network ID=[dev], address=[peer:7051]
2020-04-13 09:01:28.882 UTC [nodeCmd] serve -> INFO 110 Started peer with ID=[name:"peer" ], network ID=[dev], address=[peer:7051]
2020-04-13 09:01:32.819 UTC [msp] GetDefaultSigningIdentity -> DEBU 111 Obtaining default signing identity
2020-04-13 09:01:32.819 UTC [msp.identity] Sign -> DEBU 112 Sign: plaintext: 18012A86070A2D0A09706565723A3730...455254494649434154452D2D2D2D2D0A
2020-04-13 09:01:32.819 UTC [msp.identity] Sign -> DEBU 113 Sign: digest: E3138D4C867225B5BEF15EC07062AABC2AF920CCEF7ED0545D3BB223B79F06FF
2020-04-13 09:01:32.820 UTC [msp] GetDefaultSigningIdentity -> DEBU 114 Obtaining default signing identity
2020-04-13 09:01:32.821 UTC [msp.identity] Sign -> DEBU 115 Sign: plaintext: 0A09706565723A37303531
2020-04-13 09:01:32.821 UTC [msp.identity] Sign -> DEBU 116 Sign: digest: D18B553283AFC791A71A1AB3F379E85F4599DAAE3CE5B43F6A912E5BFD23E73D
2020-04-13 09:01:33.779 UTC [msp] GetDefaultSigningIdentity -> DEBU 117 Obtaining default signing identity
2020-04-13 09:01:33.779 UTC [msp.identity] Sign -> DEBU 118 Sign: plaintext: 18012A86070A2D0A09706565723A3730...455254494649434154452D2D2D2D2D0A
2020-04-13 09:01:33.780 UTC [msp.identity] Sign -> DEBU 119 Sign: digest: EA29BD51F7F58B547912B79712CC7AE73D9CBFA0FF80817409EA7BFB1F95BF5B
2020-04-13 09:01:33.780 UTC [msp] GetDefaultSigningIdentity -> DEBU 11a Obtaining default signing identity
2020-04-13 09:01:33.780 UTC [msp.identity] Sign -> DEBU 11b Sign: plaintext: 0A09706565723A37303531
2020-04-13 09:01:33.781 UTC [msp.identity] Sign -> DEBU 11c Sign: digest: D18B553283AFC791A71A1AB3F379E85F4599DAAE3CE5B43F6A912E5BFD23E73D
2020-04-13 09:01:33.782 UTC [gossip.discovery] periodicalSendAlive -> DEBU 11d Sleeping 5s
It's part of peer container's logs, it's still running and no error in it.
Is any one have any idea?
Thanks.

channel Got error &{FORBIDDEN} while joining new peer to a channel

I created my network with a script like:
docker-compose -f $COMPOSE_FILE up -d $CA
docker-compose -f $COMPOSE_FILE up -d $ORDERER1 $PEER0 $PEER1
docker-compose -f $COMPOSE_FILE up -d $CLI
docker exec cli peer channel create -o orderer.example.com:7050 -c $CHANNEL_NAME -f /etc/hyperledger/config/channel.tx
The channel is created and if I enter the cli, inside the working directory, I can find with ls the new generated file beerchannel.block. In this directory I also have crypto, which contains genesis block and other config files, and crypto-config that contains msp and certificates.
At this point containers logs seems good.
Now I want to join peer0 to the channel with:
docker exec -e $ENV_ADDRESSP0 $CLI peer channel join -b $CHANNEL_NAME.block
As soon as I do this command, I cannot join peer0 to the channel.
The strange thing is that running the script return this message:
2019-11-22 10:04:00.868 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
2019-11-22 10:04:00.922 UTC [channelCmd] executeJoin -> INFO 002 Successfully submitted proposal to join channel
So, everything seems fine.
But when I enter the logs of orderer, I get this message repeated:
2019-11-22 09:59:07.429 UTC [fsblkstorage] newBlockfileMgr -> INFO 009 Getting block information from block storage
2019-11-22 09:59:07.438 UTC [orderer.commmon.multichannel] newChain -> INFO 00a Created and starting new chain beerchannel
2019-11-22 09:59:07.440 UTC [comm.grpc.server] 1 -> INFO 00b streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.29.0.6:41778 grpc.code=OK grpc.call_duration=25.385144ms
2019-11-22 10:04:06.923 UTC [common.deliver] deliverBlocks -> WARN 00c [channel: beerchannel] Client authorization revoked for deliver request from 172.29.0.4:48406: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied: permission denied
2019-11-22 10:04:06.923 UTC [comm.grpc.server] 1 -> INFO 00d streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.29.0.4:48406 grpc.code=OK grpc.call_duration=1.001442ms
2019-11-22 10:04:07.026 UTC [common.deliver] deliverBlocks -> WARN 00e [channel: beerchannel] Client authorization revoked for deliver request from 172.29.0.4:48408: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied: permission denied
2019-11-22 10:04:07.026 UTC [comm.grpc.server] 1 -> INFO 00f streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.29.0.4:48408 grpc.code=OK grpc.call_duration=582.912µs
Since the peer involved is peer0, I also entered in peer0 logs and found this errors:
2019-11-22 10:04:00.870 UTC [endorser] callChaincode -> INFO 029 [][ec4f5097] Entry chaincode: name:"cscc"
2019-11-22 10:04:00.870 UTC [ledgermgmt] CreateLedger -> INFO 02a Creating ledger [beerchannel] with genesis block
2019-11-22 10:04:00.874 UTC [fsblkstorage] newBlockfileMgr -> INFO 02b Getting block information from block storage
2019-11-22 10:04:00.896 UTC [kvledger] CommitWithPvtData -> INFO 02c [beerchannel] Committed block [0] with 1 transaction(s) in 16ms (state_validation=0ms block_and_pvtdata_commit=10ms state_commit=2ms) commitHash=[]
2019-11-22 10:04:00.899 UTC [ledgermgmt] CreateLedger -> INFO 02d Created ledger [beerchannel] with genesis block
2019-11-22 10:04:00.902 UTC [gossip.gossip] JoinChan -> INFO 02e Joining gossip network of channel beerchannel with 1 organizations
2019-11-22 10:04:00.902 UTC [gossip.gossip] learnAnchorPeers -> INFO 02f No configured anchor peers of Org1MSP for channel beerchannel to learn about
2019-11-22 10:04:00.917 UTC [gossip.state] NewGossipStateProvider -> INFO 030 Updating metadata information, current ledger sequence is at = 0, next expected block is = 1
2019-11-22 10:04:00.919 UTC [sccapi] deploySysCC -> INFO 031 system chaincode lscc/beerchannel(github.com/hyperledger/fabric/core/scc/lscc) deployed
2019-11-22 10:04:00.919 UTC [cscc] Init -> INFO 032 Init CSCC
2019-11-22 10:04:00.920 UTC [sccapi] deploySysCC -> INFO 033 system chaincode cscc/beerchannel(github.com/hyperledger/fabric/core/scc/cscc) deployed
2019-11-22 10:04:00.920 UTC [qscc] Init -> INFO 034 Init QSCC
2019-11-22 10:04:00.920 UTC [sccapi] deploySysCC -> INFO 035 system chaincode qscc/beerchannel(github.com/hyperledger/fabric/core/scc/qscc) deployed
2019-11-22 10:04:00.920 UTC [sccapi] deploySysCC -> INFO 036 system chaincode (+lifecycle,github.com/hyperledger/fabric/core/chaincode/lifecycle) disabled
2019-11-22 10:04:00.921 UTC [endorser] callChaincode -> INFO 037 [][ec4f5097] Exit chaincode: name:"cscc" (51ms)
2019-11-22 10:04:00.921 UTC [comm.grpc.server] 1 -> INFO 038 unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=172.29.0.6:42736 grpc.code=OK grpc.call_duration=51.473337ms
2019-11-22 10:04:06.919 UTC [gossip.election] beLeader -> INFO 039 42a5181dbddcff9d15ae32b05300e849fbcad1cf138e62f3d8b726d7b5db25d3 : Becoming a leader
2019-11-22 10:04:06.919 UTC [gossip.service] func1 -> INFO 03a Elected as a leader, starting delivery service for channel beerchannel
2019-11-22 10:04:06.923 UTC [blocksProvider] DeliverBlocks -> ERRO 03b [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:07.026 UTC [blocksProvider] DeliverBlocks -> ERRO 03c [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:07.239 UTC [blocksProvider] DeliverBlocks -> ERRO 03d [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:07.643 UTC [blocksProvider] DeliverBlocks -> ERRO 03e [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:08.445 UTC [blocksProvider] DeliverBlocks -> ERRO 03f [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:10.051 UTC [blocksProvider] DeliverBlocks -> ERRO 040 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:13.254 UTC [blocksProvider] DeliverBlocks -> ERRO 041 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:19.657 UTC [blocksProvider] DeliverBlocks -> ERRO 042 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:29.662 UTC [blocksProvider] DeliverBlocks -> ERRO 043 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:39.668 UTC [blocksProvider] DeliverBlocks -> ERRO 044 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:49.671 UTC [blocksProvider] DeliverBlocks -> ERRO 045 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:04:49.671 UTC [blocksProvider] DeliverBlocks -> ERRO 046 [beerchannel] Wrong statuses threshold passed, stopping block provider
2019-11-22 10:04:49.671 UTC [gossip.election] stopBeingLeader -> INFO 047 42a5181dbddcff9d15ae32b05300e849fbcad1cf138e62f3d8b726d7b5db25d3 Stopped being a leader
2019-11-22 10:04:49.671 UTC [gossip.service] func1 -> INFO 048 Renounced leadership, stopping delivery service for channel beerchannel
2019-11-22 10:05:56.924 UTC [gossip.election] beLeader -> INFO 049 42a5181dbddcff9d15ae32b05300e849fbcad1cf138e62f3d8b726d7b5db25d3 : Becoming a leader
2019-11-22 10:05:56.924 UTC [gossip.service] func1 -> INFO 04a Elected as a leader, starting delivery service for channel beerchannel
2019-11-22 10:05:56.929 UTC [blocksProvider] DeliverBlocks -> ERRO 04b [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:05:57.032 UTC [blocksProvider] DeliverBlocks -> ERRO 04c [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:05:57.235 UTC [blocksProvider] DeliverBlocks -> ERRO 04d [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:05:57.638 UTC [blocksProvider] DeliverBlocks -> ERRO 04e [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:05:58.441 UTC [blocksProvider] DeliverBlocks -> ERRO 04f [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:00.044 UTC [blocksProvider] DeliverBlocks -> ERRO 050 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:03.247 UTC [blocksProvider] DeliverBlocks -> ERRO 051 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:09.652 UTC [blocksProvider] DeliverBlocks -> ERRO 052 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:19.656 UTC [blocksProvider] DeliverBlocks -> ERRO 053 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:29.659 UTC [blocksProvider] DeliverBlocks -> ERRO 054 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:39.662 UTC [blocksProvider] DeliverBlocks -> ERRO 055 [beerchannel] Got error &{FORBIDDEN}
2019-11-22 10:06:39.662 UTC [blocksProvider] DeliverBlocks -> ERRO 056 [beerchannel] Wrong statuses threshold passed, stopping block provider
2019-11-22 10:06:39.662 UTC [gossip.election] stopBeingLeader -> INFO 057 42a5181dbddcff9d15ae32b05300e849fbcad1cf138e62f3d8b726d7b5db25d3 Stopped being a leader
2019-11-22 10:06:39.662 UTC [gossip.service] func1 -> INFO 058 Renounced leadership, stopping delivery service for channel beerchannel
It seems something related to permissions but I cannot understand what's wrong in here.
The cli contains the beerchannel.block file, successfully generated it and now I just want to add peer0 to the channel.
Adding configtx.yaml
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/c.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &s
Name: sMSP
ID: sMSP
MSPDir: crypto-config/peerOrganizations/s.c.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('sMSP.admin', 'sMSP.peer', 'sMSP.client')"
Writers:
Type: Signature
Rule: "OR('sMSP.admin', 'sMSP.client')"
Admins:
Type: Signature
Rule: "OR('sMSP.admin')"
AnchorPeers:
- Host: peer1.s.c.com
Port: 7051
- Host: peer2.s.c.com
Port: 8051
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer1.c.com:7050
BatchTimeout: 500ms
BatchSize:
MaxMessageCount: 15
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 kb
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Capabilities:
<<: *OrdererCapabilities
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
OneOrgOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *s
OneOrgChannel:
<<: *ChannelDefaults
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *s
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer1.c.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/c.com/orderers/orderer1.c.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/c.com/orderers/orderer1.c.com/tls/server.crt
- Host: orderer2.c.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/c.com/orderers/orderer2.c.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/c.com/orderers/orderer2.c.com/tls/server.crt
- Host: orderer3.c.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/c.com/orderers/orderer3.c.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/c.com/orderers/orderer3.c.com/tls/server.crt
Addresses:
- orderer1.c.com:7050
- orderer2.c.com:7050
- orderer3.c.com:7050
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *s

Check for the Reader policies that you have defined in your configtx.yaml this error is generated because of the policy mismatch. You have defined some specific user type(admin, peer, client) in your Reader policies but this specific user type is not passed into certificates that you have generated for your peer.
Edited:
If you want to make it generic and not specific to the identity type then you can edit the s org policies like this:
- &s
Name: sMSP
ID: sMSP
MSPDir: crypto-config/peerOrganizations/s.c.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('sMSP.member')"
Writers:
Type: Signature
Rule: "OR('sMSP.member')"
Admins:
Type: Signature
Rule: "OR('sMSP.admin')"

Check your crypto-config.yaml under peerOrgs section and add EnableNodeOUs property if missing then regenerate the crypto materials. Config example:
PeerOrgs:
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true