I'm using HyperLedger Fabric(v1.4.1) on 3 host machines(server1:client, server2:peer nodes server3:orderer nodes).
And I want to put my raft nodes on multiple hosts.(like server1:orderer1,orderer2, server2:orderer3)
I edited docker-compose-cli.yaml below
extra hosts: (in client and peer)
- orderer1.example.com:${SERVER1}
- orderer2.example.com:${SERVER1}
- orderer3.example.com:${SERVER2}
extra hosts: (in orderer1,2)
- orderer3.example.com:${SERVER2}
extra hosts: (in orderer3)
- orderer1.example.com:${SERVER1}
- orderer2.example.com:${SERVER1}
in this case,I got that messages like this from orderer3 logs...
**
'Failed to send StepRequest to 2, because: rpc error: code = Unavailable desc = all SubConns are TransientFailure , latest
connection error: connection error: desc = "transport: authentication
handshake failed: x509: certificate is valid for orderer1.example.com,
orderer1, not orderer2.example.com" '
**
What should I do except docker-compose-cli.yaml configurations?
Thank you very mutch for all of your help.
you should also make change on configtx.yaml.
Related
I'm using RabbitMQ 3.8.5-management with the following config:
log.file = rabbit.log
log.dir = /var/log/rabbitmq
log.file.level = info
log.file.formatter = json
log.file.rotation.date = $D0
I get the following error:
12:45:12.131 [error] You've tried to set log.file.formatter, but there is no setting with that name.
12:45:12.134 [error] Did you mean one of these?
12:45:12.182 [error] log.file.level
12:45:12.182 [error] log.file
12:45:12.182 [error] log.file.rotation.date
12:45:12.182 [error] Error preparing configuration in phase transform_datatypes:
12:45:12.183 [error] - Conf file attempted to set unknown variable: log.file.formatter
According to the documentation log.file.formatter should work - what is wrong?
checked documentation on RabbitMQ.
checked other SO posts.
entered the container and remove the config - it works without it.
Looks like JSON logging and the log.file.formatter setting was added with RabbitMQ 3.9.0 release.
Try upgrading if possible.
I attempted to connect neo4j aura database using Python but failed as "Unable to retrieve routing information".
from neo4j import GraphDatabase
from neo4j.debug import watch
uri = "neo4j+s://<id>.databases.neo4j.io"
driver = GraphDatabase.driver(uri, auth=("neo4j", "<password>"))
def workload(tx):
return tx.run("RETURN 1 as n").data()
with watch("neo4j"): # enable logging
with driver.session() as session:
session.write_transaction(workload)
driver.close()
Running above python scripts returned the following log:
Attempting to update routing table from IPv4Address(('<id>.databases.neo4j.io', 7687))
[#0000] C: <RESOLVE> <id>.databases.neo4j.io:7687
[#0000] C: <OPEN> xx.xxx.xxx.xxx:7687
[#C000] C: <SECURE> <id>.databases.neo4j.io
[#0000] C: <CONNECTION FAILED> BoltSecurityError: [SSLCertVerificationError] Connection Failed. Please ensure that your database is listening on the correct host and port and that you have enabled encryption if required. Note that the default encryption setting has changed in Neo4j 4.0. See the docs for more information. Failed to establish encrypted connection. (code 1: Operation not permitted)
Failed to fetch routing info 35.xxx.xxx.xxx:7687
[#0000] C: <ROUTING> Deactivating address IPv4Address(('<id>.databases.neo4j.io', 7687))
[#0000] C: <ROUTING> table={None: RoutingTable(database=None routers={}, readers={}, writers={}, last_updated_time=0.235748575, ttl=0)}
Attempting to update routing table from
Unable to retrieve routing information
Transaction failed and will be retried in 1.1281720312998946s (Unable to retrieve routing information)
I looked into neo4j documentation and searched other places but none of the possible resolutions can be found.
Version:
Python 3.7.4
neo4j 4.4.2
I very much appreciate your input if you have ever experienced the same issues and found any way to resolve the issue.
Trying to setup the DNS challenge to get a wildcard certificate.
This is what our environment variables look like:
environment:
- TRAEFIK_ENTRYPOINTS_HTTP=true
- TRAEFIK_ENTRYPOINTS_HTTP_ADDRESS=:80
- TRAEFIK_ENTRYPOINTS_HTTPS=true
- TRAEFIK_ENTRYPOINTS_HTTPS_ADDRESS=:443
- TRAEFIK_ENTRYPOINTS_HTTPS_HTTP_TLS=true
- TRAEFIK_ENTRYPOINTS_HTTPS_HTTP_TLS_CERTRESOLVER=default
- TRAEFIK_ENTRYPOINTS_HTTPS_HTTP_TLS_DOMAINS_0_MAIN=mydomain.net
- TRAEFIK_ENTRYPOINTS_HTTPS_HTTP_TLS_DOMAINS_0_SANS=*.mydomain.net
- TRAEFIK_PROVIDERS_DOCKER=true
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT=true
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT_ACME_EMAIL=info#mydomain.net
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT_ACME_DNSCHALLENGE=true
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT_ACME_DNSCHALLENGE_PROVIDER=pdns
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT_ACME_DNSCHALLENGE_RESOLVERS=8.8.8.8:53
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT_ACME_DNSCHALLENGE_DELAYBEFORECHECK=15
- TRAEFIK_CERTIFICATESRESOLVERS_DEFAULT_ACME_STORAGE=/data/acme.json
- PDNS_API_URL=http://192.168.123.10:8081/
- PDNS_API_KEY=pdns-api-key
And this is the log it outputs:
time="2021-09-06T08:53:39+02:00" level=error msg="Unable to obtain ACME certificate for domains \"mydomain.net,*.mydomain.net\" : unable to generate a certificate for the domains [mydomain.net *.mydomain.net]: error: one or more domains had a problem:\n[*.mydomain.net] time limit exceeded: last error: read udp 192.168.160.2:38270->195.141.155.147:53: i/o timeout\n[mydomain.net] time limit exceeded: last error: read udp 192.168.160.2:49936->195.141.155.147:53: i/o timeout\n" providerName=default.acme
Already tried to increase DELAYBEFORECHECK and to set a RESOLVER without success.
The ACME challenges get created correctly in PowerDNS:
PowerDNS TXT challenge
May be someone can help or has an idea on how to get this work?
NAT reflection via UDP was not correctly setup. Now it works.
I have a problem like this. I am very new to hyper ledger fabric. I attach a shell to a running peer container in visual studio code and hit peer node start command in that terminal it gives me an error saying that,
2018-09-13 09:08:04.621 UTC [nodeCmd] status -> INFO 040 Error trying to get status from local peer: rpc error: code = Unknown desc
= access denied
status:UNKNOWN
Error: Error trying to connect to local peer: rpc error: code = Unknown desc = access denied
Can Someone help me to solve this problem? I search a lot but I was unable to find a solution to my problem. Thank You?
edit: the problem is you are using an old card with a new setup. when you create the app and then restarted the environment, it leads to the regeneration of the certificates.
I guess the problem is the FABRIC_VERSION. When you set it to hlfv1 and get bash into peer container (docker exec -it peer0.org1.example.com bash), the peer commands are working properly but when you set it to hlfv12 there are some peer commands are not working. I guess there is something wrong with the startup scripts. There is no "creds" folder exists under hlfv12/composer like hlfv1/composer by the way..
The peer node status command must be called by an administrator of the peer (someone who holds a private key matching one of the public keys in the MSP admincerts folder).
You need to run peer commands on a properly configured (by correct authentication materials) client. In my case it was CLI node.
Peer node logs:
root#bba2c96e744e:/# peer node status
2019-04-04 13:26:18.407 UTC [nodeCmd] status -> INFO 001 Error trying to get status from local peer: rpc error: code = Unknown desc = access denied
status:UNKNOWN
Error: Error trying to connect to local peer: rpc error: code = Unknown desc = access denied
root#bba2c96e744e:/# peer chaincode list --installed
Error: Bad response: 500 - access denied for [getinstalledchaincodes]: Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [This identity is not an admin]
root#bba2c96e744e:/# peer logging getlevel system
Error: rpc error: code = Unknown desc = access denied
CLI node logs:
root#4079f33980f3:/# peer node status
status:STARTED
root#4079f33980f3:/# peer chaincode list --installed
Get installed chaincodes on peer:
Name: ccc, Version: 1.0, Path: chaincode/ccc, Id: e75e5770a29401d840b46a775854a1bb8576c6d83cf2832dce650d2a984ab29a
root#4079f33980f3:/# peer logging getlevel system
2019-04-04 13:26:02.287 UTC [cli/logging] getLevel -> INFO 001 Current log level for peer module 'system': INFO
I followed this tutorial to setup myorg/composer-rest-server and everything was working fine till I import card but when I make a GET request to /api/system/ping it returns 500 Error:
{"error":{"statusCode":500,"name":"Error","message":"Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]","stack":"Error: Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]\n at client.getUserContext.then.then.catch (/home/composer/.npm-global/lib/node_modules/composer-rest-server/node_modules/composer-connector-hlfv1/lib/hlfconnection.js:393:34)\n at <anonymous>\n at process._tickDomainCallback (internal/process/next_tick.js:228:7)"}}
So I checked the logs for rest container, it can't seem to find 127.0.0.1:7054. Here is the error log.
Unhandled error for request GET /api/system/ping: Error: Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]
at client.getUserContext.then.then.catch (/home/composer/.npm-global/lib/node_modules/composer-rest-server/node_modules/composer-connector-hlfv1/lib/hlfconnection.js:393:34)
at <anonymous>
at process._tickDomainCallback (internal/process/next_tick.js:228:7)
So I checked the logs for the container ca.org1.example.com, and it is listening to port 7054
2018/04/01 09:57:25 [DEBUG] CA initialization successful
2018/04/01 09:57:25 [INFO] Home directory for default CA: /etc/hyperledger/fabric-ca-server
2018/04/01 09:57:25 [DEBUG] 1 CA instance(s) running on server
2018/04/01 09:57:25 [INFO] Listening on http://0.0.0.0:7054
I think i need to change 127.0.0.1 to 0.0.0.0 but not sure how to do it the right way. Could also be a firewall issue?
Here's my .composer/cards/restadmin#myserver/connection.json
{"name":"hlfv1","x-type":"hlfv1","x-commitTimeout":300,"version":"1.0.0","client":{"organization":"Org1","connection":{"timeout":{"peer":{"endorser":"300","eventHub":"300","eventReg":"300"},"orderer":"300"}}},"channels":{"composerchannel":{"orderers":["orderer.example.com"],"peers":{"peer0.org1.example.com":{}}}},"organizations":{"Org1":{"mspid":"Org1MSP","peers":["peer0.org1.example.com"],"certificateAuthorities":["ca.org1.example.com"]}},"orderers":{"orderer.example.com":{"url":"grpc://orderer.example.com:7050"}},"peers":{"peer0.org1.example.com":{"url":"grpc://peer0.org1.example.com:7051","eventUrl":"grpc://peer0.org1.example.com:7053"}},"certificateAuthorities":{"ca.org1.example.com":{"url":"http://ca.org1.example.com:7054","caName":"ca.org1.example.com"}}}
I'm using AWS EC2
OS: Ubuntu 16.04.3 LTS,
Docker: 17.12.0-ce,
Composer: v0.19.0
Fabric: v1.1
Which card have you imported? If it is the restadmin card, I think you may have imported a Card containing an expired One-Time secret. After the rest admin card was used to start the REST server (in the container) the secret was replaced with certificates - so if you export the restadmin card again with a different name composer card export -c restadmin#trade-network -f restadmin-cert.card you will see that it is a larger file because of the certificates. You should be able to import and use this new .card file.
(If you were using a different card e.g. jdoe - did you run the sed command for this card to correct the addresses?)