I keep getting an error when creating a hyperledger channel
2018-12-15 10:52:07.687 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied
Please advise.
Funny thing though I only get this error when I specify -channelID when I'm creating the genesis block. But it always works whenever I omit it.
I'm using the below setting to generate the channel.tx and genesis.block, I've also added the crypto configuration file.
The configtx is:
Organizations:
- &Main
Name: Main
ID: MainMSP
MSPDir: crypto-config/ordererOrganizations/blackbeard.com/msp
- &Actual
Name: Actual
ID: ActualMSP
MSPDir: crypto-config/peerOrganizations/actual.blackbeard.com/msp
AnchorPeers:
- Host: peer0.actual.blackbeard.com
Port: 7051
Application: &ApplicationDefaults
Organizations:
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.blackbeard.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
Profiles:
OneOrgGenesisBlock:
Orderer:
<<: *OrdererDefaults
Organizations:
- *Main
Consortiums:
SampleConsortium:
Organizations:
- *Actual
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Actual
And the crypto-config as below:
OrdererOrgs:
- Name: Main
Domain: blackbeard.com
Specs:
- Hostname: main
PeerOrgs:
- Name: Actual
Domain: actual.blackbeard.com
Template:
Count: 1
Users:
Count: 1
Possibly down the network with byfn.sh -m down and start it back up (Source :-Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied). If this isnt the case please provide more information :)
Related
The problem
I'm trying to create a network with two organizations and one channel. The peer from the first organization joins the channel without an issue, but when I try to add a peer from the second one to the channel I get this error in its logs:
2020-08-12 18:53:08.351 UTC [endorser] Validate -> WARN 110 access denied: channel expected MSP ID RegulatorMSP, received BrokerMSP channel= txID=5096f00a
2020-08-12 18:53:08.351 UTC [comm.grpc.server] 1 -> INFO 111 unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=172.23.0.1:36922 error="error validating proposal: access denied: channel [] creator org [BrokerMSP]" grpc.code=Unknown grpc.call_duration=5.7274ms
I've been fiddling with the configuration for the last 8 hours looking for mistakes, but came up short, and it's driving me insane.
The configuration
Here is a script that I use to spin up the network:
DOCK_FOLDER=$PWD
echo '[=======================================================]'
echo '[============== A: Set up the environment ==============]'
echo '[=======================================================]'
echo '[==================== A.1: Cleanup =====================]'
./clean.sh all # this just kills docker containers and cleans up hlf artifacts
cd config
echo ''
echo '[================= A.2: Crypto Config =================]'
cryptogen generate --config=crypto-config.yaml
export FABRIC_CFG_PATH=$PWD
echo ''
echo '[=============== A.3: Block Generation ================]'
configtxgen -outputBlock ./orderer/genesis.block -channelID ordererchannel -profile CompOrdererGenesis
echo ''
echo '[============= A.4: Transaction Generation ============]'
configtxgen -outputCreateChannelTx compchannel.tx -channelID compchannel -profile CompChannel
cd $DOCK_FOLDER
echo ''
echo '[================= A.5: Docker Compose ================]'
docker-compose -f ./config/docker-compose-base.yaml up -d
echo ''
echo '[=============== A.6: Initialize CouchDB ==============]'
sleep 5
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_users
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_replicator
curl -X PUT <username>:<password>#couchdb.regulator.com:5984/_global_changes
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_users
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_replicator
curl -X PUT <username>:<password>#couchdb.broker.com:6984/_global_changes
sleep 10
echo ''
echo '[=======================================================]'
echo '[=========== B. Manage the network: Regulator ==========]'
echo '[=======================================================]'
echo '[========== B.1: Set context to Regulator org ==========]'
export ORG_CONTEXT="regulator"
export ORG_NAME="Regulator"
export CORE_PEER_LOCALMSPID="RegulatorMSP"
export FABRIC_LOGGING_SPEC=INFO
export FABRIC_CFG_PATH=$PWD/config/regulator
export CORE_PEER_ADDRESS=peer.regulator.com:7051
export CORE_PEER_MSPCONFIGPATH=$PWD/config/crypto-config/peerOrganizations/regulator.com/users/Admin#regulator.com/msp
export ORDERER_ADDRESS=orderer.regulator.com:7050
echo ''
echo '[========== B.2: Create compchannel channel ==========]'
peer channel create -c compchannel -f ./config/compchannel.tx --outputBlock ./config/compchannel.block -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[====== B.3: Join regulator peer to compchannel ======]'
peer channel join -b ./config/compchannel.block -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[================= B.4: Update anchors =================]'
PEER_FABRIC_CFG_PATH=$FABRIC_CFG_PATH
FABRIC_CFG_PATH=./config
configtxgen -outputAnchorPeersUpdate ./config/peer-update.tx -asOrg $ORG_NAME -channelID compchannel -profile CompChannel
FABRIC_CFG_PATH=$PEER_FABRIC_CFG_PATH
peer channel update -f ./config/peer-update.tx -c compchannel -o $ORDERER_ADDRESS
sleep 10s
echo ''
echo '[=======================================================]'
echo '[============ C. Manage the network: Broker ============]'
echo '[=======================================================]'
echo '[=========== C.1: Set context to Broker org ============]'
export ORG_CONTEXT="broker"
export ORG_NAME="Broker"
export CORE_PEER_LOCALMSPID="BrokerMSP"
export FABRIC_LOGGING_SPEC=INFO
export FABRIC_CFG_PATH=$PWD/config/broker
export CORE_PEER_ADDRESS=peer.broker.com:8051
export CORE_PEER_MSPCONFIGPATH=$PWD/config/crypto-config/peerOrganizations/broker.com/users/Admin#broker.com/msp
export ORDERER_ADDRESS=orderer.regulator.com:7050
echo ''
echo '[======== C.3: Join broker peer to compchannel =======]'
peer channel join -b ./config/compchannel.block -o $ORDERER_ADDRESS ### !!! THIS STEP FAILS !!!
sleep 10s
echo ''
echo '[================= C.4: Update anchors =================]'
PEER_FABRIC_CFG_PATH=$FABRIC_CFG_PATH
FABRIC_CFG_PATH=./config
configtxgen -outputAnchorPeersUpdate ./config/peer-update.tx -asOrg $ORG_NAME -channelID compchannel -profile CompChannel
FABRIC_CFG_PATH=$PEER_FABRIC_CFG_PATH
peer channel update -f ./config/peer-update.tx -c compchannel -o $ORDERER_ADDRESS
orderer/orderer.yaml
General:
BootstrapMethod: file
BootstrapFile: /var/hyperledger/config/genesis.block
BCCSP:
Default: SW
SW:
HASH: SHA2
Security: 256
FileKeyStore:
Keystore:
LocalMSPDir: /var/hyperledger/msp
LocalMSPID: OrdererMSP
ListenAddress: 0.0.0.0
ListenPort: 7050
Cluster:
SendBufferSize: 10
ClientCertificate:
ClientPrivateKey:
ListenPort:
ListenAddress:
ServerCertificate:
ServerPrivateKey:
Keepalive:
ServerMinInterval: 60s
ServerInterval: 7200s
ServerTimeout: 20s
TLS:
Enabled: false
PrivateKey: ./server.key
Certificate: ./server.crt
RootCAs:
- ./ca.crt
ClientAuthRequired: false
ClientRootCAs:
FileLedger:
Location: /var/ledger
Prefix: hyperledger-fabric-ordererledger
Debug:
BroadcastTraceDir:
DeliverTraceDir:
Operations:
ListenAddress: 127.0.0.1:8443
TLS:
Enabled: false
Certificate:
PrivateKey:
ClientAuthRequired: false
RootCAs: []
Metrics:
Provider: disabled
Statsd:
Network: udp
Address: 127.0.0.1:8125
WriteInterval: 30s
Prefix:
Consensus:
WALDir: /var/hyperledger/production/orderer/etcdraft/wal
SnapDir: /var/hyperledger/production/orderer/etcdraft/snapshot
regulator/core.yaml (broker/core.yaml is nearly identical, just exchange regulator for broker)
peer:
id: peer.regulator.com
networkId: dev
listenAddress: 0.0.0.0:7051
address: 0.0.0.0:7051
addressAutoDetect: false
gomaxprocs: -1
keepalive:
minInterval: 60s
client:
interval: 60s
timeout: 20s
deliveryClient:
interval: 60s
timeout: 20s
gossip:
bootstrap:
useLeaderElection: false
orgLeader: true
membershipTrackerInterval: 5s
endpoint:
maxBlockCountToStore: 100
maxPropagationBurstLatency: 10ms
maxPropagationBurstSize: 10
propagateIterations: 1
propagatePeerNum: 3
pullInterval: 4s
pullPeerNum: 3
requestStateInfoInterval: 4s
publishStateInfoInterval: 4s
stateInfoRetentionInterval:
publishCertPeriod: 10s
skipBlockVerification: false
dialTimeout: 3s
connTimeout: 2s
recvBuffSize: 20
sendBuffSize: 200
digestWaitTime: 1s
requestWaitTime: 1500ms
responseWaitTime: 2s
aliveTimeInterval: 5s
aliveExpirationTimeout: 25s
reconnectInterval: 25s
externalEndpoint: peer.regulator.com:7051
election:
startupGracePeriod: 15s
membershipSampleInterval: 1s
leaderAliveThreshold: 10s
leaderElectionDuration: 5s
pvtData:
pullRetryThreshold: 60s
transientstoreMaxBlockRetention: 1000
pushAckTimeout: 3s
btlPullMargin: 10
reconcileBatchSize: 10
reconcileSleepInterval: 1m
reconciliationEnabled: true
tls:
enabled: false
clientAuthRequired: false
cert:
file: tls/server.crt
key:
file: tls/server.key
rootcert:
file: tls/ca.crt
clientRootCAs:
files:
- tls/ca.crt
clientKey:
file:
clientCert:
file:
authentication:
timewindow: 15m
fileSystemPath: /var/hyperledger/production
BCCSP:
Default: SW
SW:
Hash: SHA2
Security: 256
FileKeyStore:
KeyStore:
PKCS11:
Library:
Label:
Pin:
Hash:
Security:
FileKeyStore:
KeyStore:
mspConfigPath: /var/hyperledger/msp
localMspId: RegulatorMSP
client:
connTimeout: 3s
deliveryclient:
reconnectTotalTimeThreshold: 3600s
connTimeout: 3s
reConnectBackoffThreshold: 3600s
localMspType: bccsp
profile:
enabled: false
listenAddress: 0.0.0.0:6060
adminService:
handlers:
authFilters:
- name: DefaultAuth
- name: ExpirationCheck
decorators:
- name: DefaultDecorator
endorsers:
escc:
name: DefaultEndorsement
library:
validators:
vscc:
name: DefaultValidation
library:
validatorPoolSize:
discovery:
enabled: true
authCacheEnabled: true
authCacheMaxSize: 1000
authCachePurgeRetentionRatio: 0.75
orgMembersAllowedAccess: false
vm:
endpoint: unix:///var/run/docker.sock
docker:
tls:
enabled: false
ca:
file: docker/ca.crt
cert:
file: docker/tls.crt
key:
file: docker/tls.key
attachStdout: false
hostConfig:
NetworkMode: host
Dns:
# - 192.168.0.1
LogConfig:
Type: json-file
Config:
max-size: "50m"
max-file: "5"
Memory: 2147483648
chaincode:
id:
path:
name:
builder: $(DOCKER_NS)/fabric-ccenv:$(TWO_DIGIT_VERSION)
pull: false
golang:
runtime: $(DOCKER_NS)/fabric-baseos:$(TWO_DIGIT_VERSION)
dynamicLink: false
java:
runtime: $(DOCKER_NS)/fabric-javaenv:$(TWO_DIGIT_VERSION)
node:
runtime: $(DOCKER_NS)/fabric-nodeenv:$(TWO_DIGIT_VERSION)
externalBuilders: []
installTimeout: 300s
startuptimeout: 300s
executetimeout: 30s
mode: net
keepalive: 0
system:
_lifecycle: enable
cscc: enable
lscc: enable
escc: enable
vscc: enable
qscc: enable
logging:
level: info
shim: warning
format: "%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}"
ledger:
blockchain:
state:
stateDatabase: CouchDB
totalQueryLimit: 100000
couchDBConfig:
couchDBAddress: couchdb.regulator.com:5984
username: <username>
password: <password>
maxRetries: 3
maxRetriesOnStartup: 20
requestTimeout: 35s
internalQueryLimit: 1000
maxBatchUpdateSize: 1000
warmIndexesAfterNBlocks: 1
createGlobalChangesDB: false
history:
enableHistoryDatabase: true
pvtdataStore:
collElgProcMaxDbBatchSize: 5000
collElgProcDbBatchesInterval: 1000
operations:
listenAddress: 127.0.0.1:9443
tls:
enabled: false
cert:
file:
key:
file:
clientAuthRequired: false
clientRootCAs:
files: []
metrics:
provider: disabled
statsd:
network: udp
address: 127.0.0.1:8125
writeInterval: 10s
prefix:
configtx.yaml
Capabilities:
Application: &ApplicationCapabilities
V2_0: true
Orderer: &OrdererCapabilities
V2_0: true
Channel: &ChannelCapabilities
V2_0: true
Organizations:
- &Orderer
Name: Orderer
ID: OrdererMSP
MSPDir: ./crypto-config/ordererOrganizations/regulator.com/msp
Policies: &OrdererPolicies
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('OrdererMSP.member')"
- &Regulator
Name: Regulator
ID: RegulatorMSP
MSPDir: ./crypto-config/peerOrganizations/regulator.com/msp
Policies: &RegulatorPolicies
Readers:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
Writers:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
Admins:
Type: Signature
Rule: "OR('RegulatorMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('RegulatorMSP.member')"
AnchorPeers:
- Host: peer.regulator.com
Port: 7051
- &Broker
Name: Broker
ID: BrokerMSP
MSPDir: ./crypto-config/peerOrganizations/broker.com/msp
Policies: &BrokerPolicies
Readers:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Writers:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Admins:
Type: Signature
Rule: "OR('BrokerMSP.member')"
Endorsement:
Type: Signature
Rule: "OR('BrokerMSP.member')"
AnchorPeers:
- Host: peer.broker.com
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.regulator.com:7050
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Capabilities:
<<: *OrdererCapabilities
Application: &ApplicationDefaults
ACLs: &ACLsDefault
lscc/ChaincodeExists: /Channel/Application/Readers
lscc/GetDeploymentSpec: /Channel/Application/Readers
lscc/GetChaincodeData: /Channel/Application/Readers
lscc/GetInstantiatedChaincodes: /Channel/Application/Readers
qscc/GetChainInfo: /Channel/Application/Readers
qscc/GetBlockByNumber: /Channel/Application/Readers
qscc/GetBlockByHash: /Channel/Application/Readers
qscc/GetTransactionByID: /Channel/Application/Readers
qscc/GetBlockByTxID: /Channel/Application/Readers
cscc/GetConfigBlock: /Channel/Application/Readers
cscc/GetConfigTree: /Channel/Application/Readers
cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers
peer/Propose: /Channel/Application/Writers
peer/ChaincodeToChaincode: /Channel/Application/Readers
event/Block: /Channel/Application/Readers
event/FilteredBlock: /Channel/Application/Readers
_lifecycle/CheckCommitReadiness: /Channel/Application/Writers
_lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers
_lifecycle/QueryChaincodeDefinition: /Channel/Application/Readers
Policies: &ApplicationDefaultPolicies
Endorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "ANY Endorsement"
Organizations:
Capabilities:
<<: *ApplicationCapabilities
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "ANY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
CompOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- <<: *Orderer
Consortiums:
CompConsortium:
Organizations:
- <<: *Regulator
- <<: *Broker
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Regulator
- <<: *Broker
CompChannel:
<<: *ChannelDefaults
Consortium: CompConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Broker
- <<: *Regulator
crypto-config.yaml
OrdererOrgs:
- Name: Orderer
Domain: regulator.com
EnableNodeOUs: true
Specs:
- Hostname: orderer
PeerOrgs:
- Name: Regulator
Domain: regulator.com
EnableNodeOUs: true
Specs:
- Hostname: peer.regulator.com
CommonName: peer.regulator.com
Users:
Count: 1
- Name: Broker
Domain: broker.com
EnableNodeOUs: true
Specs:
- Hostname: peer.broker.com
CommonName: peer.broker.com
Users:
Count: 1
docker-compose-base.yaml
version: "2"
networks:
comp:
volumes:
data-orderer.regulator.com:
data-peer.regulator.com:
data-peer.broker.com:
couchdb-data-regulator:
driver: local
couchdb-data-broker:
driver: local
services:
couchdb.regulator.com:
container_name: couchdb.regulator.com
image: couchdb:latest
environment:
- COUCHDB_USER=<username>
- COUCHDB_PASSWORD=<password>
ports:
- 5984:5984
volumes:
- couchdb-data-regulator:/opt/couchdb/data
networks:
- comp
couchdb.broker.com:
container_name: couchdb.broker.com
image: couchdb:latest
environment:
- COUCHDB_USER=<username>
- COUCHDB_PASSWORD=<password>
ports:
- 6984:5984
volumes:
- couchdb-data-broker:/opt/couchdb/data
networks:
- comp
orderer.regulator.com:
container_name: orderer.regulator.com
image: hyperledger/fabric-orderer:latest
command: orderer
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
volumes:
- ${PWD}/config/orderer:/var/hyperledger/config
- ${PWD}/config/crypto-config/ordererOrganizations/regulator.com/orderers/orderer.regulator.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/ordererOrganizations/regulator.com/orderers/orderer.regulator.com/tls:/var/hyperledger/tls
- data-orderer.regulator.com:/var/ledger
ports:
- 7050:7050
networks:
- comp
peer.regulator.com:
container_name: peer.regulator.com
image: hyperledger/fabric-peer:latest
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_net
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.regulator.com:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=<username>
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=<password>
command: [sh, -c, "sleep 10 && peer node start"]
volumes:
- ${PWD}/config/regulator:/var/hyperledger/config
- ${PWD}/config/crypto-config/peerOrganizations/regulator.com/peers/peer.regulator.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/peerOrganizations/regulator.com/peers/peer.regulator.com/tls:/var/hyperledger/tls
- /var/run/:/var/run/
- data-peer.regulator.com:/var/hyperledger/production
depends_on:
- orderer.regulator.com
- couchdb.regulator.com
ports:
- 7051:7051
- 7052:7052
networks:
- comp
links:
- couchdb.regulator.com
peer.broker.com:
container_name: peer.broker.com
image: hyperledger/fabric-peer:latest
environment:
- FABRIC_CFG_PATH=/var/hyperledger/config
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_net
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb.broker.com:6984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=<username>
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=<password>
command: [sh, -c, "sleep 10 && peer node start"]
volumes:
- ${PWD}/config/regulator:/var/hyperledger/config
- ${PWD}/config/crypto-config/peerOrganizations/broker.com/peers/peer.broker.com/msp:/var/hyperledger/msp
- ${PWD}/config/crypto-config/peerOrganizations/broker.com/peers/peer.broker.com/tls:/var/hyperledger/tls
- /var/run/:/var/run/
- data-peer.broker.com:/var/hyperledger/production
depends_on:
- orderer.regulator.com
- couchdb.broker.com
ports:
- 8051:7051
- 8052:7052
networks:
- comp
links:
- couchdb.broker.com
extra_hosts:
- "couchdb.broker.com:<machines_ip>" # this one was due to some DNS resolution shenanigans
I hope somebody can help me solve this issue, cause I think I'm loosing sanity by the moment.
Turns out that I just made a goof. When you look at the docker-compose-base.yaml file under the services > peer.broker.com > volumes section, I messed up the config folder path, so both peers were running on the same configuration, but with different certificates, and that caused the discrepancy in peer authentication.
I am using the hyperledger fabric network using the basic network from fabric sample. Basic network consist of one orderer and one peer. I have install the fab car chain code in network and join the channel.Please suggest me how to add Endorsement policy to chaincode, Below are command i used to initiate the chain code
1. peer chaincode install -n fabcar -p github.com/ -v 1.1
2. peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -c '{"Args":[]}' -n fabcar -v 1.1 -P "OR('Org1MSP.peer','Org1MSP.admin','Org1MSP.member')"
I am using the fabric sdk for query the fabcar it works well. But if i try to invoke chaincode its give me error stating
Failed to submit transaction: Error: No endorsement plan available for {"chaincodes":[{"name":"fabcar"}]}
config Tx
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
Profiles:
OneOrgOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
crypto-config
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.example.com
Template:
Count: 1
Users:
Count: 1
Invoke function
async function Invoke(userwallet,usename,channelName,chaincodeName) {
try {
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = new FileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const userExists = await wallet.exists(userwallet);
if (!userExists) {
console.log('An identity for the user "user1" does not exist in the wallet');
console.log('Run the registerUser.js application before retrying');
return;
}
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(ccp, { wallet, identity: usename, discovery: { enabled: true, asLocalhost: true} });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork(channelName);
// Get the contract from the network.
const contract = network.getContract(chaincodeName);
// Submit the specified transaction.
// createCar transaction - requires 5 argument, ex: ('createCar', 'CAR12', 'Honda', 'Accord', 'Black', 'Tom')
// changeCarOwner transaction - requires 2 args , ex: ('changeCarOwner', 'CAR10', 'Dave')
await contract.submitTransaction('createCar','CAR12', 'Honda', 'Accord', 'Black', 'Tom');
//await contract.submitTransaction('changeCarOwner', 'CAR10', 'Dave');
console.log('Transaction has been submitted');
// Disconnect from the gateway.
await gateway.disconnect();
} catch (error) {
console.error(`Failed to submit transaction: ${error}`);
process.exit(1);
}
}
module.exports.Invoke = Invoke
It is weird, Let's do some trial and error
Try to make changes in the below snippet. This removes the policy do not worry a default policy will be applicable
peer chaincode instantiate -o orderer.example.com:7050 -C mychannel -c '{"Args":[]}' -n fabcar -v 1.1
Organizations:
- &OrdererOrg
Name: OrderingService
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/reliance-network.com/msp
- &RelianceCapital
Name: RelianceCapitalMSP
ID: RelianceCapitalMSP
MSPDir: crypto-config/peerOrganizations/reliancecapital.reliance-network.com/msp
AnchorPeers:
- Host: peer0.reliancecapital.reliance-network.com
Port: 7051
- &RelianceCommunications
Name: RelianceCommunicationsMSP
ID: RelianceCommunicationsMSP
MSPDir: crypto-config/peerOrganizations/reliancecommunications.reliance-network.com/msp
AnchorPeers:
- Host: peer0.reliancecommunications.reliance-network.com
Port: 9051
- &RelianceEntertainment
Name: RelianceEntertainmentMSP
ID: RelianceEntertainmentMSP
MSPDir: crypto-config/peerOrganizations/relianceentertainment.reliance-network.com/msp
AnchorPeers:
- Host: peer0.relianceentertainment.reliance-network.com
Port: 11051
- &RelianceInfrastructure
Name: RelianceInfrastructureMSP
ID: RelianceInfrastructureMSP
MSPDir: crypto-config/peerOrganizations/relianceinfrastructure.reliance-network.com/msp
AnchorPeers:
- Host: peer0.relianceinfrastructure.reliance-network.com
Port: 13051
- &ReliancePower
Name: ReliancePowerMSP
ID: ReliancePowerMSP
MSPDir: crypto-config/peerOrganizations/reliancepower.reliance-network.com/msp
AnchorPeers:
- Host: peer0.reliancepower.reliance-network.com
Port: 15051
#Capabilities
Capabilities:
Global: &ChannelCapabilities
V1_3: true
Orderer: &OrdererCapabilities
V1_1: true
Application: &ApplicationCapabilities
V1_3: true
#Application
Application: &ApplicationDefaults
Organizations:
#Orderer
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.reliance-network.com:7050
BatchTimeout: 5s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 256 MB
PreferredMaxBytes: 512 KB
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
#Profiles
Profiles:
OrdererGenesis:
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
RelianceConsortium:
Organizations:
- *RelianceCapital
- *RelianceCommunications
- *RelianceEntertainment
- *RelianceInfrastructure
- *ReliancePower
RelianceOrgs:
Consortium: RelianceConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *RelianceCapital
- *RelianceCommunications
- *RelianceEntertainment
- *RelianceInfrastructure
- *ReliancePower
Capabilities:
<<: *ApplicationCapabilities
<!-- end snippet -->
I am trying to create a network with 5 orgs.
1)Able to successfully create the crypto-config files
2) Channel artifacts are created successfully
3) Channel transaction is created successfully
4) Anchor peer transactions are created successfully
5) Created channel successfully
6) peer 0 of the first org is able to join the channel
But when peer 1 of first is trying to join the channel, getting the below error. What can be the reason.
******Error: error getting endorser client for channel: endorser client failed to connect to peer1.reliancecapital.reliance-network.com:8051: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp 192.168.64.12:8051: connect: connection refused"******
I don't know if this is still relevant, but you seem to have a DNS resolution problem on your hands. If you're launching this setup via docker-composer, then you might want to modify your /etc/host to route requests for peer1.reliancecapital.reliance-network.com to your localhost.
You can also statically bind peer1.reliancecapital.reliance-network.com to your machine's IP via the extra_hosts option in your docker-compose file. Also make sure that all your peers are in the same docker network.
I am trying to run a multi peer blockchain network using Hyperledger Fabric. My network has three peers.
Here is the configtx.yaml file:
Profiles:
ComposerOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
ComposerConsortium:
Organizations:
- *ManufacturerOrg
- *CustomerOrg
- *RegulatorOrg
ComposerChannel:
Consortium: ComposerConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *ManufacturerOrg
- *CustomerOrg
- *RegulatorOrg
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/Orderer-org/msp
- &ManufacturerOrg
Name: ManufacturerOrg
ID: ManufacturerOrgMSP
MSPDir: crypto-config/peerOrganizations/Manufacturer-org/msp
# turn off security for the peer
#AdminPrincipal: Role.MEMBER
AnchorPeers:
- Host: manufacturer-peer
Port: 7051
- &CustomerOrg
Name: CustomerOrg
ID: CustomerOrgMSP
MSPDir: crypto-config/peerOrganizations/Customer-org/msp
# turn off security for the peer
AdminPrincipal: Role.MEMBER
AnchorPeers:
- Host: customer-peer
Port: 7051
- &RegulatorOrg
Name: RegulatorOrg
ID: RegulatorOrgMSP
MSPDir: crypto-config/peerOrganizations/Regulator-org/msp
# turn off security for the peer
AdminPrincipal: Role.MEMBER
AnchorPeers:
- Host: regulator-peer
Port: 7051
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Organizations:
Application: &ApplicationDefaults
Organizations:
After building the network through docker-compose, the orderer container exits with the following error in its log file,
2018-07-23 05:02:12.544 UTC [orderer/commmon/multichannel] newLedgerResources -> CRIT 086 Error creating channelconfig bundle: initializing configtx manager failed: bad channel ID: channel ID 'ComposerChannel' contains illegal characters
panic: Error creating channelconfig bundle: initializing configtx manager failed: bad channel ID: channel ID 'ComposerChannel' contains illegal characters
It says channel ID 'ComposerChannel' contains illegal characters. Please help me understand what that means.
I'm pretty sure that there are no illegal characters in the configtx.yaml file while defining the channel
Channel ID can only contain lower-case alphanumeric characters and dashes.
Following is my configtx.yaml
It is failing to generate the genesis block with following error
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations
2018-03-13 16:24:43.389 IST [common/tools/configtxgen] func1 -> CRIT 003 Error unmarshaling config into struct: 1 error(s) decoding:
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations
panic: Error unmarshaling config into struct: 1 error(s) decoding:
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations [recovered]
panic: Error unmarshaling config into struct: 1 error(s) decoding:
'Profiles[HealthwiseChannel].Application' has invalid keys: Oragnizations
yaml file:
Capabilities:
Global: &ChannelCapabilities
V1_1: true
Orderer: &OrdererCapabilities
V1_1: true
Application: &ApplicationCapabilities
V1_1: true
Organizations:
- &OrdererOrg
Name: OrdererOrg
ID: OrdererMSP
MSPDir: crypto-config/ordererOrganizations/healthwise.com/msp
AdminPrincipal: Role.ADMIN
- &insuranceOrg1
Name: insuranceOrg1
ID: insuranceOrg1MSP
MSPDir: crypto-config/peerOrganizations/insuranceOrg1.healthwise.com/msp
AdminPrincipal: Role.ADMIN
AnchorPeers:
- Host: peer0.insuranceOrg1.healthwise.com
Port: 7051
- &insuranceOrg2
Name: insuranceOrg2
ID: insuranceOrg2MSP
MSPDir: crypto-config/peerOrganizations/insuranceOrg2.healthwise.com/msp
AdminPrincipal: Role.ADMIN
AnchorPeers:
- Host: peer0.insuranceOrg2.healthwise.com
Port: 7051
Orderer: &OrdererDefaults
OrdererType: solo
Addresses:
- orderer.healthwise.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 98 MB
PreferredMaxBytes: 512 KB
Kafka:
Brokers:
- 127.0.0.1:9092
Organizations:
- *insuranceOrg1
- *insuranceOrg2
Capabilities:
<<: *OrdererCapabilities
Application: &ApplicationDefaults
Organizations:
- *insuranceOrg1
- *insuranceOrg2
Capabilities:
<<: *ApplicationCapabilities
Profiles:
HealthwiseOrdererGenesis:
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *ApplicationCapabilities
Consortiums:
HealthwiseConsortium:
Organizations:
- <<: *OrdererOrg
- <<: *insuranceOrg1
- <<: *insuranceOrg2
HealthwiseChannel:
Capabilities:
<<: *ChannelCapabilities
Consortium: HealthwiseConsortium
Application:
<<: *ApplicationDefaults
Oragnizations:
- *OrdererOrg
- *insuranceOrg1
- *insuranceOrg2
Capabilities:
<<: *ApplicationCapabilities
Please help me figure out what is the mistake i am making.
Make sure you are running "configtxgen" in the same path where configtx.yaml is located
It can be a case of version mismatch. Make sure your version of binaries match the configuration files.