I am getting an error when following the tutorial for adding an new organization in the channel .
The command I typed is
./eyfn.sh up
The output below is the error I got.
+ res=1
+ set +x
+ peer channel join -b mychannel.block
CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/ca.crt
CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.key
CORE_PEER_LOCALMSPID=Org3MSP
CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/peers/peer0.org3.example.com/tls/server.crt
CORE_PEER_TLS_ENABLED=true
CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org3.example.com/users/Admin#org3.example.com/msp
CORE_PEER_ID=Org3cli
CORE_LOGGING_LEVEL=INFO
CORE_PEER_ADDRESS=peer0.org3.example.com:7051
2018-06-19 22:08:40.019 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: proposal failed (err: rpc error: code = Unknown desc = chaincode error (status: 500, message: Cannot create ledger from genesis block, due to LedgerID already exists))
Usage:
peer channel join [flags]
Flags:
-b, --blockpath string Path to file containing genesis block
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
--logging-level string Default logging level and overrides, see core.yaml for full syntax
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer.
--tls Use TLS when communicating with the orderer endpoint
-v, --version Display current version of fabric peer server
peer0.org3 failed to join the channel, Retry after 3 seconds
Specifically the error in the outputs seems to be this,
Error: proposal failed (err: rpc error: code = Unknown desc = chaincode error (status: 500, message: Cannot create ledger from genesis block, due to LedgerID already exists))
I am following instructions from the http://hyperledger-fabric.readthedocs.io/en/release-1.1/channel_update_tutorial.html.
Any guidance seem to be helpful.
Run this command
./byfn.sh -m down
And then run
./eyfn.sh up
Hope this help!
Related
While running the following command, I'm getting the above error.
Command:
./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-go -ccl go
More details:
Query installed successful on peer0.org1 on channel
Using organization 1
+ peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile /home/haritam/fabric-samples/test-network/organizations/ordererOrganizations/example.com/tlsca/tlsca.example.com-cert.pem --channelID mychannel --name basic --version 1.0 --package-id
Perform chaincode operations:
'package|install|queryinstalled|getinstalledpackage|approveformyorg|queryapproved|checkcommitreadiness|commit|querycommitted'
Usage:
peer lifecycle chaincode '[command]'
Available Commands:
approveformyorg Approve the chaincode definition for my org.
checkcommitreadiness Check whether a chaincode definition is ready to be committed on a channel.
commit Commit the chaincode definition on the channel. getinstalledpackage Get an installed chaincode package from a peer. install Install a chaincode.
package Package a chaincode
queryapproved Query an 'org'\''s' approved chaincode definition from its peer.
querycommitted Query the committed chaincode definitions by channel on a peer.
queryinstalled Query the installed chaincodes on a peer.
Flags:
--cafile string Path to file containing PEM-encoded trusted 'certificate(s)' for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect '(default' '3s)'
-h, --help help for chaincode
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
Use '"peer' lifecycle chaincode '[command]' '--help"' for more information about a command. --sequence 1
+ res=1
Error: invalid argument "duration" for "--connTimeout" flag: time: invalid duration duration
Usage:
peer lifecycle chaincode approveformyorg [flags]
Flags:
--channel-config-policy string The endorsement policy associated to this chaincode specified as a channel config policy reference
-C, --channelID string The channel on which this command should be executed
--collections-config string The fully qualified path to the collection JSON file including the file name
--connectionProfile string The fully qualified path to the connection profile that provides the necessary connection information for the network. Note: currently only supported for providing peer connection information
-E, --endorsement-plugin string The name of the endorsement plugin to be used for this chaincode
-h, --help help for approveformyorg
--init-required Whether the chaincode requires invoking 'init'
-n, --name string Name of the chaincode
--package-id string The identifier of the chaincode install package
--peerAddresses stringArray The addresses of the peers to connect to
--sequence int The sequence number of the chaincode definition for the channel
--signature-policy string The endorsement policy associated to this chaincode specified as a signature policy
--tlsRootCertFiles stringArray If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag
-V, --validation-plugin string The name of the validation plugin to be used for this chaincode
-v, --version string Version of the chaincode
--waitForEvent Whether to wait for the event from each peer's deliver filtered service signifying that the transaction has been committed successfully (default true)
--waitForEventTimeout duration Time to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully (default 30s)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect (default 3s)
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
Chaincode definition approved on peer0.org1 on channel 'mychannel' failed
Deploying chaincode failed
Was trying to deploy a chaincode on mychannel while following the documentation tutorial.
https://hyperledger-fabric.readthedocs.io/en/latest/test_network.html
I'm trying out the NFT Auction repo at https://github.com/hyperledger-labs/nft-auction
I get the error
Error: The required parameter 'sequence' is empty. Rerun the command with --sequence flag
Finished vendoring Go dependencies
Skipping Chaincode packaging and installing...
Using organization org1
Installed chaincodes on peer:
Query installed successful on peer0.org1 on channel
Using organization org1
Error: The required parameter 'sequence' is empty. Rerun the command with --sequence flag
Usage:
peer lifecycle chaincode approveformyorg [flags]
Flags:
--channel-config-policy string The endorsement policy associated to this chaincode specified as a channel config policy reference
-C, --channelID string The channel on which this command should be executed
--collections-config string The fully qualified path to the collection JSON file including the file name
--connectionProfile string The fully qualified path to the connection profile that provides the necessary connection information for the network. Note: currently only supported for providing peer connection information
-E, --endorsement-plugin string The name of the endorsement plugin to be used for this chaincode
-h, --help help for approveformyorg
--init-required Whether the chaincode requires invoking 'init'
-n, --name string Name of the chaincode
--package-id string The identifier of the chaincode install package
--peerAddresses stringArray The addresses of the peers to connect to
--sequence int The sequence number of the chaincode definition for the channel
--signature-policy string The endorsement policy associated to this chaincode specified as a signature policy
--tlsRootCertFiles stringArray If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag
-V, --validation-plugin string The name of the validation plugin to be used for this chaincode
-v, --version string Version of the chaincode
--waitForEvent Whether to wait for the event from each peer's deliver filtered service signifying that the transaction has been committed successfully (default true)
--waitForEventTimeout duration Time to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully (default 30s)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect (default 3s)
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
Chaincode definition approved on peer0.org1 on channel 'defaultchannel' failed
Deploying chaincode failed
Tried looking at the Issues tab of the repo
You must pass a --sequence number to the command. The first time the chaincode is deployed it should be set to '1', and then increment from there.
For example:
peer lifecycle chaincode approveformyorg -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --channelID mychannel --name basic --version 1.0 --package-id $CC_PACKAGE_ID --sequence 1 --tls --cafile "${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem"
See the full example at https://hyperledger-fabric.readthedocs.io/en/latest/deploy_chaincode.html#approve-a-chaincode-definition.
I am trying to invoke my chain code using command taken from hyperledger tutorial:
peer chaincode invoke -o localhost:7050 --ordererTLSHostnameOverride orderer.example.com --tls --cafile ${PWD}/organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem -C mychannel -n basic --peerAddresses localhost:7051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt --peerAddresses localhost:9051 --tlsRootCertFiles ${PWD}/organizations/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt -c '{"function":"InitLedger","Args":[]}'
But I get the error that flag is unknown, also error message shows it is known - existed flag. I am so confused.
Error: unknown flag: --tlsRootCertFiLes
Usage:
peer chaincode invoke [flags]
Flags:
-C, --channelID string The channel on which this command should be executed
--connectionProfile string Connection profile that provides the necessary connection information for the network. Note: currently only supported for providing peer connection information
-c, --ctor string Constructor message for the chaincode in JSON format (default "{}")
-h, --help help for invoke
-I, --isInit Is this invocation for init (useful for supporting legacy chaincodes in the new lifecycle)
-n, --name string Name of the chaincode
--peerAddresses stringArray The addresses of the peers to connect to
--tlsRootCertFiles stringArray If TLS is enabled, the paths to the TLS root cert files of the peers to connect to. The order and number of certs specified should match the --peerAddresses flag
--waitForEvent Whether to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully
--waitForEventTimeout duration Time to wait for the event from each peer's deliver filtered service signifying that the 'invoke' transaction has been committed successfully (default 30s)
Global Flags:
--cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
--certfile string Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--clientauth Use mutual TLS when communicating with the orderer endpoint
--connTimeout duration Timeout for client to connect (default 3s)
--keyfile string Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
-o, --orderer string Ordering service endpoint
--ordererTLSHostnameOverride string The hostname override to use when validating the TLS connection to the orderer
--tls Use TLS when communicating with the orderer endpoint
--tlsHandshakeTimeShift duration The amount of time to shift backwards for certificate expiration checks during TLS handshakes with the orderer endpoint
--transient string Transient map of arguments in JSON encoding
My related path variables:
export CORE_PEER_TLS_ENABLED=true
export CORE_PEER_LOCALMSPID="Org1MSP"
export CORE_PEER_TLS_ROOTCERT_FILE=/home/vagrant/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tl$
export CORE_PEER_MSPCONFIGPATH=/home/vagrant/fabric-samples/test-network/organizations/peerOrganizations/org1.example.com/users/Admin#org1.example.com/msp
export CORE_PEER_ADDRESS=localhost:7051
This error does seem strange.
Is it possible that you are using an older version of Hyperledger Fabric that does not support multiple endorsing nodes? (I'm referencing this old post.)
Have you tested this with an endorsement policy that only requires a single peer node? (In that case, you could leave out the --tlsRootCertFiLes from your command, since you already provided it as an environmental variable.
Lastly, did you set your FABRIC_CFG_PATH variable? (e.g. export FABRIC_CFG_PATH=$PWD/../config/ )
I have a problem with instantiating chaincode in Hyperledger fabric Network with comm:
peer chaincode instantiate -o orderer.ex.com:7050 -C roaming -n chaincode -v 1.1 -c '{"Args":[]}' -P "AND ('ORG1MSP.member')" --tls --cafile /etc/hyperledger/fabric/config/ca.crt
The peer is joined the channel and chaincode is installed on it.
The log of orderer is:
ERRO 029 TLS handshake failed with error tls: oversized record received with length 64774 server=Orderer
WARN 02a Error reading from 172.16.0.81:34562: rpc error: code = Canceled desc = context canceled
INFO 02b streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.16.0.81:34562 error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.call
WARN 02c Error reading from 172.16.0.81:35318: rpc error: code = Canceled desc = context canceled
In the log of the peer - nothing interesting.
The error looks like the client is trying to communicate speak HTTP/GRPC to a server expecting HTTPS/GRPCS (or viceversa)
If your fabric network endpoints are not encrypted, remove the --tls and --cafile flags.
Otherwise, make sure to use an encrypted endpoint for the orderer (e.g. orderer.ex.com:443 if it's exposed via HTTPS with an ingress controller) and the peer as well (CORE_PEER_ADDRESS)
I have also found when enabling TLS that the following environment variables are needed in addition to the --tls and --cafile above:
CORE_PEER_TLS_ROOTCERT_FILE=/path/to/ca/pem (e.g. `letsencryptauthorityx3.pem`)
CORE_PEER_TLS_ENABLED=true
How can we implement TLS in first-network?i have tried by adding the below section in peers.What is the need to configure peers by Tls?
CORE_PEER_TLS_ENABLED=true
CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
I am working on multi organisation network setup using first network of fabric samples.one of the organisation say org1 has created a channel by passing tls certs of orderer ,the other organisation org2 has to fetch the channel created by org1 and join the peers into the channel.when i do fetch action using peer channel fetch by passing tls certs of orderer ,i got the error like
peer channel fetch config-o orderer.example.com:7050 -c channelone1 -f --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
connection error: desc = "transport: Error while dialing dial tcp 98.124.199.121:7050: connect: connection refused". Reconnecting...
and in orderer logs ,i got error as :
TLS handshake failed with error tls: client didn't provide a certificate {"server": "Orderer", "remote address": "172.24.0.4:49608"}
Created the channel using:
peer channel create -o orderer.example.com:7050 -c channelone1 -f ./channel-artifacts/channel-one.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
Output is: Received block is 0
By default the first-network will start with TLS enabled.
The four environment variables you refer to are included in the file base/peer-base.yaml the the peer-base file is "included" by use of the extends: and file: base/docker-compose-base.yaml