I am manually trying to create hyperledger fabric multihost setup with crypto materials generated using fabric certificate authority . I am using AWS servers to deploy fabric . For this I did following steps
1- Create swarm network between 4 hosts
2- Generate crypto materials in all hosts by calling fabric-ca-server using fabric-ca-client.
3- Generate genesis block using configtxgen tool in orderer machine.Here is configuration file for configtxgen
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: ../crypto-config/ordererOrganization/msp
- &NeduetDean
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: NeduetDeanMSP
# ID to load the MSP definition as
ID: NeduetDeanMSP
MSPDir: ../crypto-config/peerOrganization/dean.neduet.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: deanpeer
Port: 7054
- °ree
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: degreeMSP
# ID to load the MSP definition as
ID: degreeMSP
MSPDir: ../crypto-config/peerOrganization/degree.neduet.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: degree
Port: 7054
- &Registrar
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: RegistrarMSP
# ID to load the MSP definition as
ID: RegistrarMSP
MSPDir: ../crypto-config/peerOrganization/registrar.neduet.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: registrar
Port: 7054
- &Examination
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: ExaminationMSP
# ID to load the MSP definition as
ID: ExaminationMSP
MSPDir: ../crypto-config/peerOrganization/examination.neduet.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: examination
Port: 7054
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both. Set the value of the capability to true to require it.
Global: &ChannelCapabilities
# V1.1 for Global is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running v1.0.x,
# but the modification of which would cause incompatibilities. Users
# should leave this flag set to true.
V1_1: true
# Orderer capabilities apply only to the orderers, and may be safely
# manipulated without concern for upgrading peers. Set the value of the
# capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Order is a catchall flag for behavior which has been
# determined to be desired for all orderers running v1.0.x, but the
# modification of which would cause incompatibilities. Users should
# leave this flag set to true.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# manipulated without concern for upgrading orderers. Set the value of the
# capability to true to require it.
Application: &ApplicationCapabilities
# V1.1 for Application is a catchall flag for behavior which has been
# determined to be desired for all peers running v1.0.x, but the
# modification of which would cause incompatibilities. Users should
# leave this flag set to true.
V1_1: true
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
FourOrgsOrdererGenesis:
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *NeduetDean
- *degree
- *Registrar
- *Examination
FourOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *NeduetDean
- *degree
- *Registrar
- *Examination
Capabilities:
<<: *ApplicationCapabilities
From another aws instance I spinup peer container and cli container with relevant crypto materials mounted on both containers . Now when trying to create channel using this command peer channel create -c obaid -o 10.0.0.1:7050 I get an error Attempted to include a member which is not in the consortium both in orderer logs and cli container . Can anyone help in fixing these issues?
These are my orderer and peer yaml files
Orderer.yaml file
version: '3'
services:
orderer1st:
image: hyperledger/fabric-orderer:1.2.1
ports:
- 7050:7050
hostname: orderer
networks:
- fabricoverlay
environment:
- ORDERER_GENERAL_LOGLEVEL=debug
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
command: orderer
volumes:
- ./channel-configuration/orderer.genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./msp:/var/hyperledger/orderer/msp
- ./peerOrganization:/var/hyperledger/allorgs
deploy:
placement:
constraints: [node.hostname == ip-xxx-xx-45-231]
networks:
fabricoverlay:
external: true
Peer and cli yaml file :
version : "3"
services:
deanpeer:
image: hyperledger/fabric-peer:1.2.1
hostname: deanpeer.neduet.com
networks:
- fabricoverlay
ports:
- 7054:7054
depends_on:
- node_orderer1st
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL= DEBUG
- CORE_PEER_ENDORSER_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION= true
- CORE_PEER_GOSSIP_ORGLEADER= leader
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_ENABLED=false
- CORE_PEER_ID=deanpeer
- CORE_PEER_ADDRESS=deanpeer:7054
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=deanpeer:7054
- CORE_PEER_LOCALMSPID= NeduetDeanMSP
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/fabric/msp
volumes:
- /var/run/:/host/var/run/
- ./Deansection/msp:/etc/hyperledger/fabric/msp
deploy:
placement:
constraints: [node.hostname == ip-172-31-19-22]
command: peer node start
cli:
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=deanpeer:7054
- CORE_PEER_LOCALMSPID=NeduetDeanMSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- CORE_CHAINCODE_KEEPALIVE=10
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- ./Deansection/msp:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- /var/run/:/host/var/run/
networks:
- fabricoverlay
deploy:
placement:
constraints: [node.hostname == ip-xxx-31-19-22]
networks:
fabricoverlay:
external: true
Related
[enter image description here][1] 2021-04-08 12:46:15.810 UTC [cli.lifecycle.chaincode] setOrdererClient -> INFO 001 Retrieved channel (mychannel) orderer endpoint: orderer.example.com:7050
Error: proposal failed with status: 500 - cannot use new lifecycle for channel 'mychannel' as it does not have the required capabilities enabled
anyone has come across this problem?
configtx.yaml
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git de
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
Profiles:
OneOrgOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
I create network files automatically through node.js.
I am building a test network with 1 orderer, 1 org and 1 peer, 1 cli and 1 ca for test.
When I create the channel using createChannel.sh based on the hyperledger fabric 2.2.1, I get some TLS-related errors inside my order container:
TLS handshake failed with error tls: first record does not look like
a TLS handshake server=Orderer remoteaddress=172.26.0.1:48124
I don't understand if the problem is in the yaml files or in another file.
Every help is welcome.
Here is my files:
createChannel.sh
# # imports
. envVar.sh
. utils.sh
CHANNEL_NAME="$1"
DELAY="$2"
MAX_RETRY="$3"
VERBOSE="$4"
: ${CHANNEL_NAME:="canal"}
: ${DELAY:="3"}
: ${MAX_RETRY:="5"}
: ${VERBOSE:="false"}
createChannel() {
setGlobals 1
# Poll in case the raft leader is not set yet
local rc=1
local COUNTER=1
while [ $rc -ne 0 -a $COUNTER -lt $MAX_RETRY ] ; do
sleep $DELAY
set -x
../bin/peer channel create -o localhost:7050 -c $CHANNEL_NAME --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/${CHANNEL_NAME}.tx --outputBlock $BLOCKFILE --tls --cafile $ORDERER_CA >&log.txt
res=$?
{ set +x; } 2>/dev/null
let rc=$res
COUNTER=$(expr $COUNTER + 1)
done
cat log.txt
verifyResult $res "Channel creation failed"
}
FABRIC_CFG_PATH=${PWD}/rede
infoln "Creating channel ${CHANNEL_NAME}"
createChannel
successln "Channel '$CHANNEL_NAME' created"
crypto-config.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
- Name: Orderer
Domain: example.com
Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: org1
Domain: org1.com
Template:
Count: 1
EnableNodeOUs: true
SANS:
- "localhost"
Users:
Count: 1
configtx.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: org1MSP
# ID to load the MSP definition as
ID: org1MSP
MSPDir: crypto-config/peerOrganizations/org1.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('org1MSP.admin', 'org1MSP.peer', 'org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('org1MSP.admin', 'org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('org1MSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('org1MSP.peer')"
# leave this flag set to true.
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V2_0 capability ensures that orderers and peers behave according
# to v2.0 channel capabilities. Orderers and peers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 capability.
# Prior to enabling V2.0 channel capabilities, ensure that all
# orderers and peers on a channel are at v2.0.0 or later.
V2_0: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V2_0 orderer capability ensures that orderers behave according
# to v2.0 orderer capabilities. Orderers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 orderer capability.
# Prior to enabling V2.0 orderer capabilities, ensure that all
# orderers on channel are at v2.0.0 or later.
V2_0: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V2_0 application capability ensures that peers behave according
# to v2.0 application capabilities. Peers from
# prior releases would behave in an incompatible way, and are therefore
# not able to participate in channels at v2.0 application capability.
# Prior to enabling V2.0 application capabilities, ensure that all
# peers on channel are at v2.0.0 or later.
V2_0: true
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
canal:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *org1
Capabilities:
<<: *ApplicationCapabilities
SampleOrgs:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *org1
base.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
services:
peer-base:
image: hyperledger/fabric-peer
dns_search: .
environment:
- GODEBUG=netdns=go
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=rede
- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
# The following setting skips the gossip handshake since we are
# are not doing mutual TLS
- CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/crypto/peer/msp
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/crypto/peer/tls/server.key
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/crypto/peer/tls/server.crt
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/crypto/peer/tls/ca.crt
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
docker-compose.yaml
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '2'
networks:
rede:
services:
orderer.example.com:
container_name: orderer.example.com
image: hyperledger/fabric-orderer
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_LISTENPORT=7050
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- CORE_PEER_TLS_ENABLED=true
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/genesis.block
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
ports:
- 7050:7050
networks:
- rede
ca_org1:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca-org1
- FABRIC_CA_SERVER_TLS_ENABLED=true
- FABRIC_CA_SERVER_PORT=9055
ports:
- "9055:9055"
command: sh -c 'fabric-ca-server start -b admin:adminpw -d'
volumes:
- ./crypto-config/peerOrganizations/org1.com/ca/:/etc/hyperledger/fabric-ca-server
container_name: ca_org1
networks:
- rede
couchdb0:
container_name: couchdb0
image: couchdb:3.1.1
# Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password
# for CouchDB. This will prevent CouchDB from operating in an "Admin Party" mode.
environment:
- COUCHDB_USER=admin
- COUCHDB_PASSWORD=adminpw
# Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service,
# for example map it to utilize Fauxton User Interface in dev environments.
ports:
- "5984:5984"
networks:
- rede
peer0.org1.com:
container_name: peer0.org1.com
image: hyperledger/fabric-peer
environment:
#Generic peer variables
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
# the following setting starts chaincode containers on the same
# bridge network as the peers
# https://docs.docker.com/compose/networking/
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
# Peer specific variabes
- CORE_PEER_ID=peer0.org1.com
- CORE_PEER_ADDRESS=peer0.org1.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.com:7051
- CORE_PEER_LOCALMSPID=org1MSP
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb0:5984
# The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
# provide the credentials for ledger to connect to CouchDB. The username and password must
# match the username and password set for the associated CouchDB.
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=admin
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=adminpw
depends_on:
- couchdb0
volumes:
- /var/run/docker.sock:/host/var/run/docker.sock
- ./crypto-config/peerOrganizations/org1.com/peers/peer0.org1.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org1.com/peers/peer0.org1.com/tls:/etc/hyperledger/fabric/tls
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
ports:
- 7051:7051
- 7080:7053
networks:
- rede
cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=INFO
#- FABRIC_LOGGING_SPEC=DEBUG
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/:/opt/gopath/src/github.com/hyperledger/fabric/peer/organizations
depends_on:
- peer0.org1.com
networks:
- rede
networkconfig.yaml
---
#
# Copyright Fujitsu Australia Software Technology, IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
#
# The network connection profile provides client applications the information about the target
# blockchain network that are necessary for the applications to interact with it. These are all
# knowledge that must be acquired from out-of-band sources. This file provides such a source.
#
name: "rede"
#
# Any properties with an "x-" prefix will be treated as application-specific, exactly like how naming
# in HTTP headers or swagger properties work. The SDK will simply ignore these fields and leave
# them for the applications to process. This is a mechanism for different components of an application
# to exchange information that are not part of the standard schema described below. In particular,
# the "x-type" property with the "hlfv1" value example below is used by Hyperledger Composer to
# determine the type of Fabric networks (v0.6 vs. v1.0) it needs to work with.
#
x-type: "canal"
#
# Describe what the target network is/does.
#
description: "desc rede"
#
# Schema version of the content. Used by the SDK to apply the corresponding parsing rules.
#
version: 1.0.0
client:
# Which organization does this application instance belong to? The value must be the name of an org
# defined under "organizations"
organization: org1
# Some SDKs support pluggable KV stores, the properties under "credentialStore"
# are implementation specific
credentialStore:
# [Optional]. Specific to FileKeyValueStore.js or similar implementations in other SDKs. Can be others
# if using an alternative impl. For instance, CouchDBKeyValueStore.js would require an object
# here for properties like url, db name, etc.
path: "/tmp/hfc-kvs"
# [Optional]. Specific to the CryptoSuite implementation. Software-based implementations like
# CryptoSuite_ECDSA_AES.js in node SDK requires a key store. PKCS#11 based implementations does
# not.
cryptoStore:
# Specific to the underlying KeyValueStore that backs the crypto key store.
path: "/tmp/hfc-cvs"
# [Optional]. Specific to Composer environment
wallet: wallet-name
#
# [Optional]. But most apps would have this section so that channel objects can be constructed
# based on the content below. If an app is creating channels, then it likely will not need this
# section.
#
channels:
# name of the channel
canal:
# Required. list of orderers designated by the application to use for transactions on this
# channel. This list can be a result of access control ("org1" can only access "ordererA"), or
# operational decisions to share loads from applications among the orderers. The values must
# be "names" of orgs defined under "organizations/peers"
orderers:
- orderer.example.com
# Required. list of peers from participating orgs
peers:
peer0.org1.com:
endorsingPeer: true
chaincodeQuery: true
ledgerQuery: true
eventSource: true
# [Optional]. what chaincodes are expected to exist on this channel? The application can use
# this information to validate that the target peers are in the expected state by comparing
# this list with the query results of getInstalledChaincodes() and getInstantiatedChaincodes()
chaincodes:
# the format follows the "cannonical name" of chaincodes by fabric code
- blockflow-app:v0.1
#
# list of participating organizations in this network
#
organizations:
org1:
mspid: org1
peers:
- peer0.org1.com
# [Optional]. Certificate Authorities issue certificates for identification purposes in a Fabric based
# network. Typically certificates provisioning is done in a separate process outside of the
# runtime network. Fabric-CA is a special certificate authority that provides a REST APIs for
# dynamic certificate management (enroll, revoke, re-enroll). The following section is only for
# Fabric-CA servers.
certificateAuthorities:
- ca-org1
# [Optional]. If the application is going to make requests that are reserved to organization
# administrators, including creating/updating channels, installing/instantiating chaincodes, it
# must have access to the admin identity represented by the private key and signing certificate.
# Both properties can be the PEM string or local path to the PEM file. Note that this is mainly for
# convenience in development mode, production systems should not expose sensitive information
# this way. The SDK should allow applications to set the org admin identity via APIs, and only use
# this route as an alternative when it exists.
adminPrivateKey:
path: ./crypto-config/peerOrganizations/org1.com/users/Admin#org1.com/msp/keystore/priv_sk
signedCert:
path: ./crypto-config/peerOrganizations/org1.com/users/Admin#org1.com/msp/signcerts/Admin#org1.com-cert.pem
#
# List of orderers to send transaction and channel create/update requests to. For the time
# being only one orderer is needed. If more than one is defined, which one get used by the
# SDK is implementation specific. Consult each SDK's documentation for its handling of orderers.
#
orderers:
orderer.example.com:
url: grpc://localhost:7050
# these are standard properties defined by the gRPC library
# they will be passed in as-is to gRPC client constructor
grpcOptions:
ssl-target-name-override: orderer.example.com
# sslProvider: openSSL
# negotiationType: TLS
# hostnameOverride: orderer.example.com
# grpc-max-send-message-length: -1
# grpc.keepalive_time_ms: 360000
# grpc.keepalive_timeout_ms: 180000
# grpc.keepalive_without_calls: true
peers:
peer0.org1.com:
url: grpc://localhost:7082
grpcOptions:
grpc.http2.keepalive_time: 15
# ssl-target-name-override: peer0.org1.com
# negotiationType: TLS
# sslProvider: openSSL
# hostnameOverride: peer1.org1.com
tlsCACerts:
path: ./crypto-config/peerOrganizations/org1.com/peers/peer0.org1.com/tls/server.crt
#
# Fabric-CA is a special kind of Certificate Authority provided by Hyperledger Fabric which allows
# certificate management to be done via REST APIs. Application may choose to use a standard
# Certificate Authority instead of Fabric-CA, in which case this section would not be specified.
#
certificateAuthorities:
ca-org1:
url: http://localhost:9054
# the properties specified under this object are passed to the 'http' client verbatim when
# making the request to the Fabric-CA server
httpOptions:
verify: true
tlsCACerts:
path: ./crypto-config/peerOrganizations/org1.com/ca/ca.org1.com-cert.pem
# Fabric-CA supports dynamic user enrollment via REST APIs. A "root" user, a.k.a registrar, is
# needed to enroll and invoke new users.
registrar: # as an array.
- enrollId: admin
enrollSecret: adminpw
# [Optional] The optional name of the CA.
## caName: ca0 no ca name!
The issue could be the TLS field is missing in the docker-compose file of the CLI service. Add the following field if you are using CLI for installing and invoking the chaincode.
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org.com/peers/peer0.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org.com/peers/peer0.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org.com/peers/peer0.com/tls/ca.crt
../bin/peer channel create -o localhost:7050 -c $CHANNEL_NAME --ordererTLSHostnameOverride orderer.example.com -f ./channel-artifacts/${CHANNEL_NAME}.tx --outputBlock $BLOCKFILE --tls --cafile $ORDERER_CA >&log.txt
Make sure $BLOCKFILE variable is set to
BLOCKFILE="/channel-artifacts/${CHANNEL_NAME}.block"
And also check you have ./channel-artifacts/${CHANNEL_NAME}.tx channel configuration file, if not you need to generate that using the below command before you create channel. You can read more about configaration transaction generator here
../bin/configtxgen -profile canal -outputCreateChannelTx ./channel-artifacts/${CHANNEL_NAME}.tx -channelID $CHANNEL_NAME
I learn to create an application using hyperledger fabrics.
This is my reference --> https://hyperledger-fabric.readthedocs.io/en/latest/build_network.html?highlight=script.sh
I got an error when create & join a channel.
When I run peer channel create -o orderer.medrecnet.com:7050 -c medrecnetChannel -f ./channel-artifacts/channel.tx --tls –cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/medrecnet.com/orderers/orderer.medrecnet.com/msp/tlscacerts/tlsca.medrecnet.com-cert.pem
After I run those command I got error 2019-02-20 09:33:25.905 UTC [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp: Setup error: nil conf reference
This is my docker-compose-base.yaml:
version: '2'
services:
orderer.medrecnet.com:
container_name: orderer.medrecnet.com
image: hyperledger/fabric-orderer:$IMAGE_TAG
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/medrecnet.com/orderers/orderer.medrecnet.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/medrecnet.com/orderers/orderer.medrecnet.com/tls/:/var/hyperledger/orderer/tls
- orderer.medrecnet.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
peer0.hospital.medrecnet.com:
container_name: peer0.hospital.medrecnet.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.hospital.medrecnet.com
- CORE_PEER_ADDRESS=peer0.hospital.medrecnet.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.hospital.medrecnet.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.hospital.medrecnet.com:7051
- CORE_PEER_LOCALMSPID=HospitalMSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/users/Admin#hospital.medrecnet.com/msp
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls:/etc/hyperledger/fabric/tls
- ../crypto-config/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp:/etc/hyperledger/fabric/msp/signcerts
- peer0.hospital.medrecnet.com:/var/hyperledger/production
ports:
- 7051:7051
- 7053:7053
peer1.doctor.medrecnet.com:
container_name: peer1.doctor.medrecnet.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.doctor.medrecnet.com
- CORE_PEER_ADDRESS=peer1.doctor.medrecnet.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.doctor.medrecnet.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.doctor.medrecnet.com:7051
- CORE_PEER_LOCALMSPID=doctorMSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/doctor.medrecnet.com/peers/peer1.doctor.medrecnet.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/doctor.medrecnet.com/peers/peer1.doctor.medrecnet.com/tls:/etc/hyperledger/fabric/tls
- peer1.doctor.medrecnet.com:/var/hyperledger/production
ports:
- 9051:7051
- 9053:7053
This is my docker-compose-cli.yaml:
version: '2'
volumes:
orderer.medrecnet.com:
peer0.hospital.medrecnet.com:
peer1.doctor.medrecnet.com:
networks:
byfn:
services:
orderer.medrecnet.com:
extends:
file: base/docker-compose-base.yaml
service: orderer.medrecnet.com
container_name: orderer.medrecnet.com
networks:
- byfn
peer0.hospital.medrecnet.com:
container_name: peer0.hospital.medrecnet.com
extends:
file: base/docker-compose-base.yaml
service: peer0.hospital.medrecnet.com
networks:
- byfn
peer1.doctor.medrecnet.com:
container_name: peer1.doctor.medrecnet.com
extends:
file: base/docker-compose-base.yaml
service: peer1.doctor.medrecnet.com
networks:
- byfn
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.hospital.medrecnet.com:7051
- CORE_PEER_LOCALMSPID=HospitalMSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- orderer.medrecnet.com
- peer0.hospital.medrecnet.com
- peer1.doctor.medrecnet.com
networks:
- byfn
This is my configtx.yaml:
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/medrecnet.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Hospital
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: HospitalMSP
# ID to load the MSP definition as
ID: HospitalMSP
MSPDir: crypto-config/peerOrganizations/hospital.medrecnet.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('HospitalMSP.admin', 'HospitalMSP.peer', 'HospitalMSP.client')"
Writers:
Type: Signature
Rule: "OR('HospitalMSP.admin', 'HospitalMSP.client')"
Admins:
Type: Signature
Rule: "OR('HospitalMSP.admin')"
# leave this flag set to true.
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.hospital.medrecnet.com
Port: 7051
- &Doctor
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: DoctorMSP
# ID to load the MSP definition as
ID: DoctorMSP
MSPDir: crypto-config/peerOrganizations/doctor.medrecnet.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('DoctorMSP.admin', 'DoctorMSP.peer', 'DoctorMSP.client')"
Writers:
Type: Signature
Rule: "OR('DoctorMSP.admin', 'DoctorMSP.client')"
Admins:
Type: Signature
Rule: "OR('DoctorMSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer1.doctor.medrecnet.com
Port: 7052
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: kafka
Addresses:
- orderer.medrecnet.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
MedrecNetOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *Hospital
- *Doctor
MedrecNetChannel:
Consortium: MedrecNetConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Hospital
- *Doctor
Capabilities:
<<: *ApplicationCapabilities
SampleDevModeKafka:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: kafka
Kafka:
Brokers:
- kafka.medrecnet.com:9092
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Hospital
- *Doctor
This is my crypto-config.yaml:
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: medrecnet.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Hospital
# ---------------------------------------------------------------------------
- Name: Hospital
Domain: hospital.medrecnet.com
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 1
# ---------------------------------------------------------------------------
# Doctor: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Doctor
Domain: doctor.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Nurse: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Nurse
Domain: nurse.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Lab: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Lab
Domain: lab.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Administration: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Administration
Domain: administration.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Patient: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Patient
Domain: patient.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
Please help me...
You need to set your CORE_PEER_MSPCONFIGPATH to /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/users/Admin#hospital.medrecnet.com/msp in cli service inside your docker-compose-cli.yaml
I think this problem is caused because Local fabric binaries and Docker images are
out of sync. This may cause problems.
So would suggest you to re-download the Local package with the matching version.
Eg-
curl -sSL {Link) | bash -s -- <fabric_version> <fabric-ca_version> <thirdparty_version>
curl -sSL (link) | bash -s -- 1.4.4 1.4.4 0.4.18
To solve it I just delete /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/users/Admin#hospital.medrecnet.com/msp in docker-compose-cli.yaml and docker-compose-base.yaml, then the error is gone and the peer is running.
Sol 0
Set correctly your $CORE_PEER_MSPCONFIGPATH
Sol 1
this is due to the absence of config.yaml , so copy it inside the peer's msp
cp ${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp/config.yaml
Sol 2
one possible reason is that the msp is erroneously generated. Check if the msp files are generated
by listing
ls ${PWD}/organizations/peerOrganizations/xxx/users/Admin#xxx/msp
if not try to regenerate (In the first node)
fabric-ca-client register --caname ca-org1 --id.name peer1 --id.secret peer1pw --id.type peer --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem
fabric-ca-client enroll -u https://peer1:peer1pw#localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp --csr.hosts peer1.org1.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem
Sol 3
Check if the volume mapping is correct in docker-compose file
try to change
../organizations/peerOrganizations/org1.example.com/peers/peer2.org1.example.com/msp
to
./organizations/peerOrganizations/org1.example.com/peers/peer2.org1.example.com/msp
DEFENDING ON THE LOCATION OF YOUR DOCKER-COMPOSE FILE
For resolving this to follow steps
Restart the docker - sudo systemctl restart docker
Then remove all the docker images by using commend
hyperledger/fabric-orderer
hyperledger/fabric-tools
hyperledger/fabric-peer
hyperledger/fabric-ccenv
hyperledger/fabric-ca
//if hyperledger -(orderer and peer) not pre install then
pull to local before using it and make sure all are same version
docker pull hyperledger/fabric-orderer:2.4
docker pull hyperledger/fabric-tools:2.4
docker pull hyperledger/fabric-peer:2.4
docker pull hyperledger/fabric-ccenv:2.4
docker pull hyperledger/fabric-ca
//if docker limtit is exceeds
sudo systemctl restart docker
// Remove image in case all image are different version
docker images
docker rmi -f imageDI(5b31d55f5f3a)
docker image prune -a
// rename it to 'latest'
docker tag hyperledger/fabric-orderer:2.4 hyperledger/fabric-orderer:latest
docker tag hyperledger/fabric-tools:2.4 hyperledger/fabric-tools:latest
docker tag hyperledger/fabric-peer:2.4 hyperledger/fabric-peer:latest
docker tag hyperledger/fabric-ccenv:2.4 hyperledger/fabric-ccenv:latest
After this process is working.
I learn to create an application using hyperledger fabrics.
This is my reference --> https://hyperledger-fabric.readthedocs.io/en/latest/build_network.html?highlight=script.sh
I got an error when create & join a channel.
When I run peer channel create -o orderer.medrecnet.com:7050 -c medrecnetChannel -f ./channel-artifacts/channel.tx --tls –cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/medrecnet.com/orderers/orderer.medrecnet.com/msp/tlscacerts/tlsca.medrecnet.com-cert.pem
After I run those command I got error 2019-02-20 09:33:25.905 UTC [main] InitCmd -> ERRO 001 Cannot run peer because error when setting up MSP of type bccsp from directory /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp: Setup error: nil conf reference
This is my docker-compose-base.yaml:
version: '2'
services:
orderer.medrecnet.com:
container_name: orderer.medrecnet.com
image: hyperledger/fabric-orderer:$IMAGE_TAG
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_KAFKA_TOPIC_REPLICATIONFACTOR=1
- ORDERER_KAFKA_VERBOSE=true
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/medrecnet.com/orderers/orderer.medrecnet.com/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/medrecnet.com/orderers/orderer.medrecnet.com/tls/:/var/hyperledger/orderer/tls
- orderer.medrecnet.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
peer0.hospital.medrecnet.com:
container_name: peer0.hospital.medrecnet.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer0.hospital.medrecnet.com
- CORE_PEER_ADDRESS=peer0.hospital.medrecnet.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.hospital.medrecnet.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.hospital.medrecnet.com:7051
- CORE_PEER_LOCALMSPID=HospitalMSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/users/Admin#hospital.medrecnet.com/msp
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls:/etc/hyperledger/fabric/tls
- ../crypto-config/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp:/etc/hyperledger/fabric/msp/signcerts
- peer0.hospital.medrecnet.com:/var/hyperledger/production
ports:
- 7051:7051
- 7053:7053
peer1.doctor.medrecnet.com:
container_name: peer1.doctor.medrecnet.com
extends:
file: peer-base.yaml
service: peer-base
environment:
- CORE_PEER_ID=peer1.doctor.medrecnet.com
- CORE_PEER_ADDRESS=peer1.doctor.medrecnet.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.doctor.medrecnet.com:7051
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.doctor.medrecnet.com:7051
- CORE_PEER_LOCALMSPID=doctorMSP
volumes:
- /var/run/:/host/var/run/
- ../crypto-config/peerOrganizations/doctor.medrecnet.com/peers/peer1.doctor.medrecnet.com/msp:/etc/hyperledger/fabric/msp
- ../crypto-config/peerOrganizations/doctor.medrecnet.com/peers/peer1.doctor.medrecnet.com/tls:/etc/hyperledger/fabric/tls
- peer1.doctor.medrecnet.com:/var/hyperledger/production
ports:
- 9051:7051
- 9053:7053
This is my docker-compose-cli.yaml:
version: '2'
volumes:
orderer.medrecnet.com:
peer0.hospital.medrecnet.com:
peer1.doctor.medrecnet.com:
networks:
byfn:
services:
orderer.medrecnet.com:
extends:
file: base/docker-compose-base.yaml
service: orderer.medrecnet.com
container_name: orderer.medrecnet.com
networks:
- byfn
peer0.hospital.medrecnet.com:
container_name: peer0.hospital.medrecnet.com
extends:
file: base/docker-compose-base.yaml
service: peer0.hospital.medrecnet.com
networks:
- byfn
peer1.doctor.medrecnet.com:
container_name: peer1.doctor.medrecnet.com
extends:
file: base/docker-compose-base.yaml
service: peer1.doctor.medrecnet.com
networks:
- byfn
cli:
container_name: cli
image: hyperledger/fabric-tools:$IMAGE_TAG
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.hospital.medrecnet.com:7051
- CORE_PEER_LOCALMSPID=HospitalMSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/peers/peer0.hospital.medrecnet.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/chaincode
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./scripts:/opt/gopath/src/github.com/hyperledger/fabric/peer/scripts/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- orderer.medrecnet.com
- peer0.hospital.medrecnet.com
- peer1.doctor.medrecnet.com
networks:
- byfn
This is my configtx.yaml:
---
################################################################################
#
# Section: Organizations
#
# - This section defines the different organizational identities which will
# be referenced later in the configuration.
#
################################################################################
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/medrecnet.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Hospital
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: HospitalMSP
# ID to load the MSP definition as
ID: HospitalMSP
MSPDir: crypto-config/peerOrganizations/hospital.medrecnet.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('HospitalMSP.admin', 'HospitalMSP.peer', 'HospitalMSP.client')"
Writers:
Type: Signature
Rule: "OR('HospitalMSP.admin', 'HospitalMSP.client')"
Admins:
Type: Signature
Rule: "OR('HospitalMSP.admin')"
# leave this flag set to true.
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.hospital.medrecnet.com
Port: 7051
- &Doctor
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: DoctorMSP
# ID to load the MSP definition as
ID: DoctorMSP
MSPDir: crypto-config/peerOrganizations/doctor.medrecnet.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('DoctorMSP.admin', 'DoctorMSP.peer', 'DoctorMSP.client')"
Writers:
Type: Signature
Rule: "OR('DoctorMSP.admin', 'DoctorMSP.client')"
Admins:
Type: Signature
Rule: "OR('DoctorMSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer1.doctor.medrecnet.com
Port: 7052
################################################################################
#
# SECTION: Capabilities
#
# - This section defines the capabilities of fabric network. This is a new
# concept as of v1.1.0 and should not be utilized in mixed networks with
# v1.0.x peers and orderers. Capabilities define features which must be
# present in a fabric binary for that binary to safely participate in the
# fabric network. For instance, if a new MSP type is added, newer binaries
# might recognize and validate the signatures from this type, while older
# binaries without this support would be unable to validate those
# transactions. This could lead to different versions of the fabric binaries
# having different world states. Instead, defining a capability for a channel
# informs those binaries without this capability that they must cease
# processing transactions until they have been upgraded. For v1.0.x if any
# capabilities are defined (including a map with all capabilities turned off)
# then the v1.0.x peer will deliberately crash.
#
################################################################################
Capabilities:
# Channel capabilities apply to both the orderers and the peers and must be
# supported by both.
# Set the value of the capability to true to require it.
Channel: &ChannelCapabilities
# V1.3 for Channel is a catchall flag for behavior which has been
# determined to be desired for all orderers and peers running at the v1.3.x
# level, but which would be incompatible with orderers and peers from
# prior releases.
# Prior to enabling V1.3 channel capabilities, ensure that all
# orderers and peers on a channel are at v1.3.0 or later.
V1_3: true
# Orderer capabilities apply only to the orderers, and may be safely
# used with prior release peers.
# Set the value of the capability to true to require it.
Orderer: &OrdererCapabilities
# V1.1 for Orderer is a catchall flag for behavior which has been
# determined to be desired for all orderers running at the v1.1.x
# level, but which would be incompatible with orderers from prior releases.
# Prior to enabling V1.1 orderer capabilities, ensure that all
# orderers on a channel are at v1.1.0 or later.
V1_1: true
# Application capabilities apply only to the peer network, and may be safely
# used with prior release orderers.
# Set the value of the capability to true to require it.
Application: &ApplicationCapabilities
# V1.3 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.3.
V1_3: true
# V1.2 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.2 (note, this need not be set if
# later version capabilities are set)
V1_2: false
# V1.1 for Application enables the new non-backwards compatible
# features and fixes of fabric v1.1 (note, this need not be set if
# later version capabilities are set).
V1_1: false
################################################################################
#
# SECTION: Application
#
# - This section defines the values to encode into a config transaction or
# genesis block for application related parameters
#
################################################################################
Application: &ApplicationDefaults
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
################################################################################
#
# SECTION: Orderer
#
# - This section defines the values to encode into a config transaction or
# genesis block for orderer related parameters
#
################################################################################
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: kafka
Addresses:
- orderer.medrecnet.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
################################################################################
#
# CHANNEL
#
# This section defines the values to encode into a config transaction or
# genesis block for channel related parameters.
#
################################################################################
Channel: &ChannelDefaults
# Policies defines the set of policies at this level of the config tree
# For Channel policies, their canonical path is
# /Channel/<PolicyName>
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities describes the channel level capabilities, see the
# dedicated Capabilities section elsewhere in this file for a full
# description
Capabilities:
<<: *ChannelCapabilities
################################################################################
#
# Profile
#
# - Different configuration profiles may be encoded here to be specified
# as parameters to the configtxgen tool
#
################################################################################
Profiles:
MedrecNetOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *Hospital
- *Doctor
MedrecNetChannel:
Consortium: MedrecNetConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Hospital
- *Doctor
Capabilities:
<<: *ApplicationCapabilities
SampleDevModeKafka:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: kafka
Kafka:
Brokers:
- kafka.medrecnet.com:9092
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Hospital
- *Doctor
This is my crypto-config.yaml:
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: medrecnet.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Hospital
# ---------------------------------------------------------------------------
- Name: Hospital
Domain: hospital.medrecnet.com
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 2
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 1
# ---------------------------------------------------------------------------
# Doctor: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Doctor
Domain: doctor.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Nurse: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Nurse
Domain: nurse.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Lab: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Lab
Domain: lab.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Administration: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Administration
Domain: administration.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
# ---------------------------------------------------------------------------
# Patient: See "Hospital" for full specification
# ---------------------------------------------------------------------------
- Name: Patient
Domain: patient.medrecnet.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 1
Please help me...
You need to set your CORE_PEER_MSPCONFIGPATH to /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/users/Admin#hospital.medrecnet.com/msp in cli service inside your docker-compose-cli.yaml
I think this problem is caused because Local fabric binaries and Docker images are
out of sync. This may cause problems.
So would suggest you to re-download the Local package with the matching version.
Eg-
curl -sSL {Link) | bash -s -- <fabric_version> <fabric-ca_version> <thirdparty_version>
curl -sSL (link) | bash -s -- 1.4.4 1.4.4 0.4.18
To solve it I just delete /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/hospital.medrecnet.com/users/Admin#hospital.medrecnet.com/msp in docker-compose-cli.yaml and docker-compose-base.yaml, then the error is gone and the peer is running.
Sol 0
Set correctly your $CORE_PEER_MSPCONFIGPATH
Sol 1
this is due to the absence of config.yaml , so copy it inside the peer's msp
cp ${PWD}/organizations/peerOrganizations/org1.example.com/msp/config.yaml ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp/config.yaml
Sol 2
one possible reason is that the msp is erroneously generated. Check if the msp files are generated
by listing
ls ${PWD}/organizations/peerOrganizations/xxx/users/Admin#xxx/msp
if not try to regenerate (In the first node)
fabric-ca-client register --caname ca-org1 --id.name peer1 --id.secret peer1pw --id.type peer --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem
fabric-ca-client enroll -u https://peer1:peer1pw#localhost:7054 --caname ca-org1 -M ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp --csr.hosts peer1.org1.example.com --tls.certfiles ${PWD}/organizations/fabric-ca/org1/tls-cert.pem
Sol 3
Check if the volume mapping is correct in docker-compose file
try to change
../organizations/peerOrganizations/org1.example.com/peers/peer2.org1.example.com/msp
to
./organizations/peerOrganizations/org1.example.com/peers/peer2.org1.example.com/msp
DEFENDING ON THE LOCATION OF YOUR DOCKER-COMPOSE FILE
For resolving this to follow steps
Restart the docker - sudo systemctl restart docker
Then remove all the docker images by using commend
hyperledger/fabric-orderer
hyperledger/fabric-tools
hyperledger/fabric-peer
hyperledger/fabric-ccenv
hyperledger/fabric-ca
//if hyperledger -(orderer and peer) not pre install then
pull to local before using it and make sure all are same version
docker pull hyperledger/fabric-orderer:2.4
docker pull hyperledger/fabric-tools:2.4
docker pull hyperledger/fabric-peer:2.4
docker pull hyperledger/fabric-ccenv:2.4
docker pull hyperledger/fabric-ca
//if docker limtit is exceeds
sudo systemctl restart docker
// Remove image in case all image are different version
docker images
docker rmi -f imageDI(5b31d55f5f3a)
docker image prune -a
// rename it to 'latest'
docker tag hyperledger/fabric-orderer:2.4 hyperledger/fabric-orderer:latest
docker tag hyperledger/fabric-tools:2.4 hyperledger/fabric-tools:latest
docker tag hyperledger/fabric-peer:2.4 hyperledger/fabric-peer:latest
docker tag hyperledger/fabric-ccenv:2.4 hyperledger/fabric-ccenv:latest
After this process is working.
I was using Hyperledger fabric for creating blockchain network. I tried out the tutorial with a single peer, single orderer etc. It worked fine. But I need to build a network like this:
i.e with multiple organization. At least 2 organizations. How do I need to specify the crypto-config.yaml, configtx.yaml etc.
Right now I used like this:
crypto-config.yaml
OrdererOrgs:
- Name: Orderer1
Domain: healthcare1.com
Specs:
- Hostname: orderer1
- Name: Orderer2
Domain: healthcare2.com
Specs:
- Hostname: orderer2
configtx.yaml
Profiles:
TwoOrgsOrdererGenesis:
Orderer:
<<: *OrdererDefaults
Organizations:
- *Orderer1
- *Orderer2
Consortiums:
SampleConsortium:
Organizations:
- *Hospital1
- *Hospital2
TwoOrgsChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Hospital1
- *Hospital2
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &Orderer1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Orderer1
# ID to load the MSP definition as
ID: Orderer1MSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/healthcare1.com/msp
- &Orderer2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Orderer2
# ID to load the MSP definition as
ID: Orderer2MSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/healthcare2.com/msp
- &Hospital1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Hospital1MSP
# ID to load the MSP definition as
ID: Hospital1MSP
MSPDir: crypto-config/peerOrganizations/hospital1.healthcare1.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.hospital1.healthcare1.com
Port: 7051
- &Hospital2
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Hospital2MSP
# ID to load the MSP definition as
ID: Hospital2MSP
MSPDir: crypto-config/peerOrganizations/hospital2.healthcare2.com/msp
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.hospital2.healthcare2.com
Port: 7051
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer1.healthcare1.com:7050
- orderer2.healthcare2.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
But I am stuck at docker-compose.yaml file. I also need to know am I going the right way or is there any mistakes in the above files also.
Any other links other than the official documentation are greatly appreciated.
AFAIK, it is not currently possible to distribute orderers across multiple organisations. At least not using the solo orderer, which needs to be a single orderer node; nor the kafka orderer system, which depends on a single Kafka cluster.
Multi-organisation ordering will probably need to wait until a BFT ordering solution is available.