Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED - hyperledger-fabric

I am trying to run the Hyperledger fabric Tuna app and getting the below error when running the regiseterAdmin.js
Store path:/home/chaindev/.hfc-key-store
Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]
at ClientRequest.<anonymous> (/home/chaindev/fabricProjects/src/github.com/education/LFS171x/fabric-material/tuna-app/node_modules/fabric-ca-client/lib/FabricCAClientImpl.js:711:12)
at emitOne (events.js:116:13)
at ClientRequest.emit (events.js:211:7)
at Socket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
at Socket.emit (events.js:211:7)
at emitErrorNT (internal/streams/destroy.js:64:8)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
Failed to enroll admin: Error: Failed to enroll admin

The issue was occurring for me because I had the wrong Private Key name mentioned in the docker-compose.yml file
FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/4239aa0dcd76daeeb8ba0cda701851d14504d31aad1b2ddddbac6a57365e497c_sk
When I re-generated the artificats the key file name was changed and after correction everything worked fine.
Also thanks for rocket-fabric group for mentioning the commands on how to look for logs in docker container. Below commands can be useful to debug
docker ps -a
docker logs <ca container name>

The docs need be updated on this. Localhost 127.0.0.1 does not work for Docker For Windows and Docker Toolbox as they both give their run-time IP address on start of Docker (here taken as 192.168.1.2).
This start-up IP needs to be updated in the registerAdmin.js file (or in my case enrollAdmin.js file as referred in the Tutorial "Writing First App" ).
The enrollAdmin.js needs be updated in this line:
// be sure to change the http to https when the CA is running TLS enabled
fabric_ca_client = new Fabric_CA_Client('http://192.168.1.2:7054', tlsOptions , 'ca.example.com', crypto_suite);
The output certificate should be like:
Successfully enrolled admin user "admin"
Assigned the admin user to the fabric client :: "name":"admin","mspid":"Org1MSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment": "signingIdentity":"c198861140fc723abc058c70d23395a2d7b73c926ca673b53d713053aaade419","identity":{"certificate":"-----BEGIN CERTIFICATE-----\nMIICATCCAaigAwIBAgIUK/o2ege+nT73jK/NXSgYIKoZIzj0EAwIw\nczELM...QnCkD6AiApKxxU1maQIt1TKFl3KYZWGBNDSSa6SCbob7q1p5xfpQ==\n-----END CERTIFICATE-----\n"}}}
Similar problem solved here.

As your .hfc-key-store directory is in chaindev,
Try running the following commands:
$ cd ~/chaindev/
$ rm -rf .hfc-key-store/
Then, run the command:
$ node registerAdmin.js

This can also happen if the port in PeerAdmin#Org.card does not match the port in docker-compose.yaml, I had hard time finding solution to this problem.

Mismatch in connection protocols, either you have done fabric setup without TLS and trying to connect to CA using https protocol or vice-versa.

Run docker ps and check if all the docker containers are running or not.
If it is not running run it, if it fail, download the fabric binaries.

I have the same error.
I run networkDown.sh and the run startFabric.sh again.Then it succeeded.

Related

aws-azure-login "Unable to recognize page state!"

I have trawled the net on this one and cannot find a resolution.
I have deployed an EC2 instance from a AWS RHEL 8 AMI.
I have installed all the pre-requisites for aws-azure-login but cannot connect to my accounts over SAML. (https://github.com/sportradar/aws-azure-login)
The config file has been created with parameters. When running aws-azure-login it returns the username, I press enter and then it hangs for minutes and returns the following error:
Unable to recognize page state! A screenshot has been dumped to aws-azure-login-unrecognized-state.png. If this problem persists, try running with --mode=gui or --mode=debug
After running in debug i get the following output:
Logging in with profile 'default'...
Using AWS SAML endpoint https://signin.aws.amazon.com/saml
Error: Failed to launch the browser process!
[13527:13527:1220/050718.762168:ERROR:browser_main_loop.cc(1409)] Unable to open X display.
TROUBLESHOOTING: https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md
at onClose (/usr/lib/node_modules/aws-azure-login/node_modules/puppeteer/lib/cjs/puppeteer/node/BrowserRunner.js:197:20)
at Interface.<anonymous> (/usr/lib/node_modules/aws-azure-login/node_modules/puppeteer/lib/cjs/puppeteer/node/BrowserRunner.js:187:68)
at Interface.emit (events.js:412:35)
at Interface.emit (domain.js:475:12)
at Interface.close (readline.js:530:8)
at Socket.onend (readline.js:254:10)
at Socket.emit (events.js:412:35)
at Socket.emit (domain.js:475:12)
at endReadableNT (internal/streams/readable.js:1334:12)
at processTicksAndRejections (internal/process/task_queues.js:82:21)
Node version = v14.18.2
Any pointers would be greatly appreciated.
Note: on Linux you will likely need to disable the Puppeteer sandbox
or Chrome will fail to launch:
aws-azure-login --no-sandbox
If not check Unable to open X display when trying to run google-chrome on Centos (Rhel 7.5)
I bumped into same issue on CentOS7
aws-azure-login --profile <profile_name> --no-prompt --no-sandbox --enable-chrome-network-service --no-verify-ssl
worked for me, hope I helped anyone
I was getting the same error but then I end up recreating a new profile name. This time, I made sure that my profile name was one word, all lower case, and only characters was used. Example: automation

Unable to use MongoDB on GCP cloud run and connect it to a NodeJS

I am testing a nodejs app on GCP functions and a MongoDB instance in GCP cloud run(I know this is not a good idea) but again this is a test. I am able to get the mongo image running on cloud run and I am given a service endpoint as https://mongodb.foo.bar.run.app and I have the container port in this cloud run service as 27017.
When I try and edit the mongoose.connect() method to include this service uri I am not able to connect with the app. I have the mongodb cloud run instance open to receive traffic from all traffic(Again not a good idea), but I still can't get the node app to connect.
I have setup the connection in node as mongoose.connect('mongodb://mongodb.foo.bar.run.app:27017/test');
but I get this error
Error: connect ETIMEDOUT <IP ADDRESS GOES HERE>:27017
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1146:16)
at TCPConnectWrap.callbackTrampoline (internal/async_hooks.js:129:14)
Emitted 'error' event on NativeConnection instance at:
at NativeConnection.Connection.error (/Users/foo/nodejs/bar/node_modules/mongoose/lib/connection.js:443:8)
at /Users/foo/nodejs/bar/node_modules/mongoose/lib/connection.js:472:15
at /Users/foo/nodejs/bar/node_modules/mongoose/lib/drivers/node-mongodb-native/connection.js:59:21
at /Users/foo/nodejs/bar/node_modules/mongodb/lib/db.js:232:14
at Server.<anonymous> (/Users/foo/nodejs/bar/node_modules/mongodb/lib/server.js:240:9)
at Object.onceWrapper (events.js:421:26)
at Server.emit (events.js:314:20)
at Pool.<anonymous> (/Users/foo/nodejs/bar/node_modules/mongodb-core/lib/topologies/server.js:308:68)
at Pool.emit (events.js:314:20)
at Connection.<anonymous> (/Users/foo/nodejs/bar/node_modules/mongodb-core/lib/connection/pool.js:115:12)
at Object.onceWrapper (events.js:421:26)
at Connection.emit (events.js:314:20)
at Socket.<anonymous> (/Users/foo/nodejs/bar/node_modules/mongodb-core/lib/connection/connection.js:144:49)
at Object.onceWrapper (events.js:421:26)
at Socket.emit (events.js:314:20)
at emitErrorNT (internal/streams/destroy.js:100:8) {
name: 'MongoError'
}
I tried to curl the service uri as
curl https://mongodb.foo.bar.run.app
and I get a 200 response in the mongo logs GET 200 466B but if I
curl mongodb.foo.bar.run.app
I get a 302 response code GET 302 0B.
I looked at the mongoose documentation but I couldn't figure what I was doing wrong. I know the documentation states user and password on the uri string, but when I run it locally on my docker engine I did not use a user and password and it worked.
As mentioned in the comments, it's not possible to run MongoDB on Cloud Run since as mentioned here:
Cloud Run can only receive HTTP requests or Pub/Sub push events.
Connecting to MongoDB requires a TCP protocol rather than HTTP, that's why every call to it would fail even if the port is reachable.
Cloud Run is in this sense more similar to AWS Lambda than it's to AWS Fargate as it's even billed on a per request basis rather than on resources consumed.

nodejs twitter api in docker container throw 401 error

I am working on a nodejs twitter api and it's working perfectly fine in the local env but when I try to containerize, it fails with a 401 error from twitter.js which is "HTTP 401 Unauthorized client error status response code".
Error
> node app.js
Error: Status Code: 401
at Request.<anonymous> (/usr/src/app/node_modules/twitter/lib/twitter.js:277:28)
at Request.emit (events.js:315:20)
at Request.onRequestResponse (/usr/src/app/node_modules/request/request.js:1059:10)
at ClientRequest.emit (events.js:315:20)
at HTTPParser.parserOnIncomingClient [as onIncoming] (_http_client.js:603:27)
at HTTPParser.parserOnHeadersComplete (_http_common.js:117:17)
at TLSSocket.socketOnData (_http_client.js:472:22)
at TLSSocket.emit (events.js:315:20)
at addChunk (_stream_readable.js:297:12)
at readableAddChunk (_stream_readable.js:273:9)
I did my search on this where I found that this could a time mismatch issue in the docker container. My docker container is running 1 and a half hours behind the actual time. I am not sure if this is the only issue.
My docker file
FROM node:13.13.0-alpine
# Create app directory
WORKDIR /usr/src/app
COPY package*.json ./
# Bundle app source
COPY . .
ENV KAFKA_HOST=localhost:9092 \
KAFKA_TOPIC=tweetstream
CMD ["npm", "start"]
How can I set the right time in this docker image?
OAuth requires close time synchronisation, so that is very likely to be the issue, especially if your code works outside of the container in a system where the time is synchronised.
I am on a Windows host machine and as I mentioned in the question there was a time difference between my host and the containers.
What I did to resolve the time difference?
Search Hyper-V Manager -> Docker Desktop VM (seen on right bottom) -> Settings (new popup will open)
Management -> Integration services -> Time Synchronization (uncheck) -> Apply -> ok
Again go to the same location and check the Time Synchronization -> Apply -> ok
I also feel you will have to redo it once your windows machine goes into hibernation.
Reference articles: https://thorsten-hans.com/docker-on-windows-fix-time-synchronization-issue
https://www.ivankrizsan.se/2015/10/31/time-in-docker-containers/

Helm Rocket.Chat: Error in /app/bundle/programs/server/node_modules/fibers/future.js

I just created a kubernetes cluster in AWS. What I am trying to do is create multiple deployments of Rocket.Chat for each customer (each customer needs their own server). I'm using helm to deploy Rocket.Chat (using the official chart). When I make my first deployment, I'm able to port-forward it to localhost and see the Rocket.Chat server just fine. When I make a second deployment, however, the pods go into a crashloopbackoff state. Even after deleting all the deployments and trying to start from scratch, I still get the same errors. The errors I get are:
/app/bundle/programs/server/node_modules/fibers/future.js:280
throw(ex);
^
MongoParseError: Unescaped slash in userinfo section
at parseConnectionString (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/uri_parser.js:538:21)
at connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/operations/mongo_client_ops.js:195:3)
at connectOp (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/operations/mongo_client_ops.js:284:3)
at executeOperation (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/utils.js:416:24)
at MongoClient.connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/mongo_client.js:175:10)
at Function.MongoClient.connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/mongo_client.js:341:22)
at new MongoConnection (packages/mongo/mongo_driver.js:177:11)
at new MongoInternals.RemoteCollectionDriver (packages/mongo/remote_collection_driver.js:4:16)
at Object.<anonymous> (packages/mongo/remote_collection_driver.js:38:10)
at Object.defaultRemoteCollectionDriver (packages/underscore.js:784:19)
at new Collection (packages/mongo/collection.js:97:40)
at new AccountsCommon (packages/accounts-base/accounts_common.js:23:18)
at new AccountsServer (packages/accounts-base/accounts_server.js:23:5)
at packages/accounts-base/server_main.js:7:12
at server_main.js (packages/accounts-base/server_main.js:19:1)
at fileEvaluate (packages/modules-runtime.js:336:7)
and
/app/bundle/programs/server/node_modules/fibers/future.js:313
throw(ex);
^
MongoNetworkError: failed to connect to server [fc-mongodb:27017] on first connect [MongoError: Authentication failed.]
at Pool.<anonymous> (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/topologies/server.js:431:11)
at emitOne (events.js:116:13)
at Pool.emit (events.js:211:7)
at connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/pool.js:557:14)
at callback (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connect.js:109:5)
at provider.auth.err (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connect.js:352:21)
at _authenticateSingleConnection (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/auth/auth_provider.js:66:11)
at sendAuthCommand (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/auth/scram.js:215:18)
at Connection.messageHandler (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connect.js:334:5)
at emitTwo (events.js:126:13)
at Connection.emit (events.js:214:7)
at processMessage (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connection.js:364:10)
at Socket.<anonymous> (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connection.js:533:15)
at emitOne (events.js:116:13)
at Socket.emit (events.js:211:7)
at addChunk (_stream_readable.js:263:12)
I do notice, however, that when I run helm delete fc that the persistent volumes stay in place and it seems to take forever to delete them (I have always cancelled deleting so I'm not sure if they would ever be able to). I'm guessing that the fact that the persistent volumes are still in place is the reason for why "starting from scratch" doesn't work after I've already deployed. Anyway, has anyone seen these errors before in a similar context? What did you do to fix it?
The issue is with the suggested way to generate passwords on rocket chat's helm chart. They tell you to run:
helm install stable/rocketchat --set mongodb.mongodbPassword=$(echo -n $(openssl rand -base64 32)),mongodb.mongodbRootPassword=$(echo -n $(openssl rand -base64 32))
I was able to fix this error when I switched from using openssl like the documentation recommends to pwgen. I'm the way the documentation recommended to create passwords added some illegal characters. This is what I ran instead:
helm install <installation-name> stable/rocketchat --set mongodb.mongodbPassword="$(pwgen 20 1)",mongodb.mongodbRootPassword="$(pwgen 20 1)" -f values.yaml
And it worked!

error after typing "node enrollAdmin.js" on windows

node enrollAdmin.js
error: [FabricCAClientService.js]: Failed to enroll admin, error:%o message=Calling enrollment endpoint failed with error [Error: con
nect ECONNREFUSED 127.0.0.1:7054], stack=Error: Calling enrollment endpoint fail
ed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]
at ClientRequest.request.on (C:\Users\Nibir Hira\go\src\github.com\hyperledg
er\fabric-samples\fabcar\javascript\node_modules\fabric-ca-client\lib\FabricCACl
ient.js:487:12)
at emitOne (events.js:116:13)
at ClientRequest.emit (events.js:211:7)
at Socket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
at Socket.emit (events.js:211:7)
at emitErrorNT (internal/streams/destroy.js:64:8)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
Failed to enroll admin user "admin": Error: Calling enrollment endpoint failed w
ith error [Error: connect ECONNREFUSED 127.0.0.1:7054]
Where should I do corrections? The file registeradmin.js is not even working
Here is a solution for Hyperledger Fabric v2.x. The problem is port no: 7054 is missing in test network.
In Linux (try if it works in virtual box), one way to solve is fresh restart from fabcar folder (not test network folder) then run again.
cd $HOME/fabric-samples/fabcar
./startFabric.sh javascript (by default it's goLang)
A fresh restart of the network will occur as "startFabric.sh" contains network up, down, chaincode installing, all in one.
Now try again:
node enrollAdmin.js
Worked for me.
Extra: Now you can run node registerUser.js and node invoke.js if you were about to use invoke.js .
Your node application cannot connect to the Fabric CA server running in the container - so either it is not running, has failed or possibly you have some firewall or other connectivity problem.
You can test connectivity by using wget or curl or a browser to hit this URL - http://localhost:7054/api/v1/cainfo and until you can hit this URL your enrollAdmin program will fail.
I don't use windows, but docker ps on Linux would tell me if the ca container was running, and docker logs ca.example.com would give me the log of the ca container (assuming you are running the fabcar sample on the basic sample network.)
I had the exact same problem. This worked for me:
Open VirtualBox Manager and select the “default” VM
Click “Settings”, “Network”, “Advanced”, “Port Forwarding”.
Create a new rule by clicking the “+” sign on the right and entering the following: Name -> “ca”, Host Port -> 7054, Guest Port -> 7054.
You can leave the Host IP and Guest IP unspecified.
Source:
https://developer.ibm.com/opentech/2017/11/29/running-hyperledger-fabric-windows-revised/

Resources