I've created a network configuration with 2 orgs, each one with 1 peer and CA.
I've successfully installed and instantiated my chaincode on both peers
But after invoking a transaction this error occurs on both peers:
peer0.org1.example.com|2020-01-27 21:32:00.531 UTC [committer.txvalidator] validateTx -> ERRO 047 VSCCValidateTx for transaction txId = d18ad9c8c5e6aada47b7c8677676b4d748bf2ae16256c093ae8f9dfb0bf17779 returned error: VSCC error: endorsement policy failure, err: signature set did not satisfy policy
peer0.org2.example.com|2020-01-27 21:32:00.531 UTC [committer.txvalidator] validateTx -> ERRO 069 VSCCValidateTx for transaction txId = d18ad9c8c5e6aada47b7c8677676b4d748bf2ae16256c093ae8f9dfb0bf17779 returned error: VSCC error: endorsement policy failure, err: signature set did not satisfy policy
that's how I installed the chaincode on both peers:
peer chaincode install -n mycc -v 1.0 -l node -p /opt/gopath/src/github.com/mychaincodes/
that's how I instantiated my contract
peer chaincode instantiate -o orderer.example.com:7050 --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/orderers/orderer.example.com/msp/cacerts/ca.example.com-cert.pem -C $CHANNEL_NAME -n mycc -l node -v 1.0 -c '{"Args":[]}' -P "AND ('Org1MSP.member','Org2MSP.member')"
and that's how I invoked transaction
peer chaincode invoke -o orderer.example.com:7050 --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/example.com/ca/ca.example.com-cert.pem -C mychannel -n mycc --peerAddresses peer0.org1.example.com:7051 --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/ca/ca.org1.example.com-cert.pem -c '{"Args":["createMyAsset","001","Model X"]}'
Thanks in advance
During chaincode instantiation, you specify the endorsement policy for this chaincode as "AND ('Org1MSP.member','Org2MSP.member')", which means that peers from both organisations have to endorse the transaction.
Then you only connect to peer0.org1.example.com:7051 during chaincode invocation.
To make this work, you have to either change the endorsement policy to "OR ('Org1MSP.member','Org2MSP.member')", or connect to peers in both orgs while invoking chaincode, by adding another --peerAddresses ... entry.
Related
having trouble with new v2 chaincode lifecycle, I am using docker vm dind endpoint https://127.0.0.1 with tls on, peer has all docker client crypto material set
CORE_VM_DOCKER_TLS_ENABLED=true
CORE_VM_DOCKER_TLS_CERT=/tmp/org1/peer1/docker/cert.pem
CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=host
CORE_VM_DOCKER_TLS_KEY=/tmp/org1/peer1/docker/key.pem
CORE_VM_ENDPOINT=https://127.0.0.1:2376
CORE_VM_DOCKER_TLS_CA=/tmp/org1/peer1/docker/ca.pem
Trying to install chaincode package.
peer lifecycle chaincode install patient_consent-v0.0.1-package.tar.gz \
--peerAddresses fabric-dev-peer1-org1:7051 --connTimeout 10s \
--tlsRootCertFiles /tmp/org1/peer1/tls/msp/cacerts/fabric-dev-tlsca-org1-7052.pem \
-o fabric-dev-orderer1-org1:7050 --tls --cafile /tmp/org1/peer1/tls/msp/cacerts/fabric-dev-tlsca-org1-7052.pem
This gives me
Error: chaincode install failed with
status: 500 - failed to invoke backing implementation of 'InstallChaincode'
could not build chaincode
docker build failed
docker image inspection failed
Get https://127.0.0.1:2376/images/dev-peer1-org1-patient_consent-v0.0.1-9aedb4f5f58cb4bf18cf38f53751928caf9074c4bcb6859d8417fb37c09ab596-0acf342a6da8bfef85ec6b4d9dbe3ca4236ab9e52d903bb9fb014db836696d7b/json
remote error:
tls: bad certificate
In the peer chaincode install command, you have put the wrong tlsRootCertFiles for the orderer. The --cafile is same as the peer. It is the orderer CA file .
--tlsRootCertFiles /tmp/org1/peer1/tls/msp/cacerts/fabric-dev-tlsca-org1-7052.pem \
-o fabric-dev-orderer1-org1:7050 --tls --cafile /tmp/org1/peer1/tls/msp/cacerts/fabric-dev-tlsca-org1-7052.pem
Usually when you spin up the test-network (2.0/1),the orderer tls CA files is found at organizations/ordererOrganizations/example.com/orderers/orderer.example.com/msp/tlscacerts/tlsca.example.com-cert.pem
You can check in your setup and put the right path for orderer --cafile flag.
Error:
error getting broadcast client: orderer client failed to connect to
orderer.example.com:7050: failed to create new connection: context
deadline exceeded
I'm getting this error when trying to start a private collection in Fabric.
Following the docs properly and everything at the basic level seems to work (creating first app, creating first network, and extending first network - have not tried upgrading network parts yet). But as I create the private collections feature, it stops precisely at this step.
This happens when I start the network, go into the peer container using docker exec -it cli bash and instantiate the chaincode on the peer (peer chaincode install -n marblesp -v 1.0 -p github.com/chaincode/marbles02_private/go/) which works.
But when I instantiate it on the channel (peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile $ORDERER_CA -C mychannel -n marblesp -v 1.0 -c '{"Args":["init"]}' -P "OR('Org1MSP.member','Org2MSP.member')" --collections-config $GOPATH/src/github.com/chaincode/marbles02_private/collections_config.json --connTimeout 30s) it produces this error and I dont know how proceed further.
Can someone help me understand what's wrong here or how to get my chaincode instantiated on my channel because I have to get the private collections to work?
Its possible this question is related to some communication between different docker images as my orderer and peer are in different containers. My commands run in the peer container (atleast thats what I think) and its unable to talk to orderer container.
Here are kinematic screenshots:
UPDATE:
This is my command: (peer chaincode instantiate -o orderer.example.com:7050 --tls --cafile $ORDERER_CA -C mychannel -n marblesp -v 1.0 -c '{"Args":["init"]}' -P "OR('Org1MSP.member')" --collections-config $GOPATH/src/github.com/marbles02_private/collections_config.json --connTimeout 30s).
I get this without sudo:
Error: error getting broadcast client: orderer client failed to connect to orderer.example.com:7050: failed to create new connection: context deadline exceeded
and with sudo I get
Error: error getting endorser client for instantiate: endorser client failed to connect to 0.0.0.0:7051: failed to create new connection: context deadline exceeded
and in sudo case, it doesn't even wait 30s, it shows error within ~2 seconds.
I am new to hyperledger fabric and I am trying to create a sample blockchain network from scratch using hyperledger fabric. In order to do so, I configured "crypto-config.yaml" file, and generated the respective organization's certificates by running it against the "cryptogen" tool. I also generated the respective "channel-artifacts" by configuring the "configtx.yaml" file and running it against the configtxgen tool. I then modified the "docker-compose-cli.yaml" file and "docker-compose-base" file.
Now, in order to bootstrap the network, I ran the following docker command:
docker-compose -f docker-compose-cli.yaml up
I then executed the following commands:
docker exec -it cli bash
export CHANNEL_NAME=testChannel
peer channel create -o orderer.example.com:7050 -c testChannel -f ./channel-artifacts/testChannel.tx
On executing the "peer channel create" command I received the following error:
Error: failed to create deliver client: orderer client failed to connect to orderer.example.com:7050: failed to create new connection: context deadline exceeded
I am not sure as to why this error is occurring. My configuration for the Address section in OrdererDefaults (in configtx.yaml file) is:
Ordertype:
- solo
Addresses:
- orderer.example.com:7050
Hence, please let me know if I am missing something in order to clear the "peer channel create" issue.
do a docker ps and see if the orderer is up and running
if not do a docker logs orderer.example.com and check orderers logs
usually the orderer logs give clear clues on what has happened
read the logs and fix the issue . that's what i did
and instead of creating a peer first going inside it and creating a channel ,i suggest you create the channel first and join the peer to it afterwards
Create the channel
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.tracexyz.com/msp" peer0.org1.tracexyz.com peer channel create -o orderer.tracexyz.com:7050 -c cheeseproduction -f /etc/hyperledger/configtx/channel.tx
Add peer 0 to the channel
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.tracexyz.com/msp" peer0.org1.tracexyz.com peer channel join -b cheeseproduction.block
Fetch from peer 1
docker exec -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.tracexyz.com/msp" peer1.org1.tracexyz.com peer channel fetch config -o orderer.tracexyz.com:7050 -c cheeseproduction
Join peer 1 also to the channel
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin#org1.tracexyz.com/msp" -e "CORE_PEER_ADDRESS=peer1.org1.tracexyz.com:7061" peer0.org1.tracexyz.com peer channel join -b cheeseproduction.block
this is how i connected two peers to a single channel. my org name was tracexyz (tracexyz instead of example ) and my channel name was cheeseproduction
I guesss you can replace those with your own values
after doing these go inside the peer with
docker exec -it cli bash
it will take you inside the default peer which is peer0.org1
then do a peer channel list to see the channels to which peer0 has joined
you will see it will list cheeseproduction
I am modifying existing docker-compose.yml, crypto-config.yaml and configtx.yaml to add a extra peer to the existing hyperledger composer sample, located under hlfv11 folder of the fabric-tools/fabric-scripts.
I regenerated required certificates and genesis block and it generates the peer container without any issue.
However I am having difficulty adding this peer to a channel. I modified startFabric.sh to join this peer to a channel, however I am getting an error with following message:
Error getting endorser client channel: endorser client failed to connect to peer1.org1.example.com:8051: failed to create a new connection: context deadline exceeded.
Can someone please help or advise?
I was trying to join me additional peer to channel directly through PEER CHANELL JOIN command. It actually requires to fetch the channel through orderer on new peer and then it can join it.
Code update follows:
# Create the channel
docker exec peer0.org1.example.com peer channel create -o
orderer.example.com:7050 -c composerchannel -f
/etc/hyperledger/configtx/composer-channel.tx
# Join peer0.org1.example.com to the channel.
docker exec -e "CORE_PEER_MSPCONFIGPATH=
/etc/hyperledger/msp/users/Admin#org1.example.com/msp
peer0.org1.example.com peer channel join -b composerchannel.block
# Create the channel
docker exec -e "CORE_PEER_MSPCONFIGPATH=
/etc/hyperledger/msp/users/Admin#org1.example.com/msp"
peer1.org1.example.com peer channel fetch config -o orderer.example.com:7050
-c composerchannel
# Join peer1.org1.example.com to the channel.
docker exec -e "CORE_PEER_MSPCONFIGPATH=
/etc/hyperledger/msp/users/Admin#org1.example.com/msp
peer1.org1.example.com peer channel join -b composerchannel_config.block
I'm trying to setup simple blockchain network with Hyperledger fabric v1.0 on 2 instances.
My scenario
Instance A: Orderer and Peer0
Instance B: Peer1
I basically followed the "Use the native binaries" section of "Getting Started" page.
What I tried is I started 1 orderer and 1 peer on instanceA.
I installed, instantiated, invoked and made a query the example chaincode.
Then I started 1 peer on instanceB.
I could let peer1 on instanceB join my channel from instanceA. I could install the chaincode on peer1 from instanceA.
But I could not execute query peer1 from instanceA.
I can see at least chaincode installed on instanceB.
Error message is:
Error: Error endorsing query: rpc error: code = 2 desc = failed to obtain cds for mycc - transaction not found mycc/mychannel1
Below are commands I tried...
[InstanceA terminal1] 1. generate orderer.block
$ configtxgen -profile SampleSingleMSPSolo -outputBlock orderer.block
[InstanceA terminal2] 2. start orderer
$ CORE_PEER_LOCALMSPID=DEFAULT CORE_LOGGING_LEVEL=DEBUG ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 ORDERER_GENERAL_GENESISMETHOD=file ORDERER_GENERAL_GENESISFILE=./orderer.block
2017-04-08 23:38:41.562 UTC [orderer/multichain] NewManagerImpl -> INFO 001 Starting with system channel testchainid and orderer type solo
2017-04-08 23:38:41.562 UTC [orderer/main] NewServer -> INFO 002 Starting orderer
2017-04-08 23:38:41.562 UTC [orderer/main] main -> INFO 003 Beginning to serve requests
2017-04-08 23:39:39.881 UTC [orderer/multichain] newChain -> INFO 004 Created and starting new chain mychannel1
[InstanceA terminal1] 3. generate channel.tx
$ configtxgen -profile SampleSingleMSPSolo -outputCreateChannelTx channel.tx -channelID mychannel1
[InstanceA terminal3] 4. start peer0
$ CORE_PEER_GOSSIP_EXTERNALENDPOINT=127.0.0.1:7051 CORE_LOGGING_LEVEL=DEBUG CORE_PEER_LOCALMSPID=DEFAULT peer node start --peer-defaultchain=false
[InstanceA terminal1] 5. Create Channel
$ CORE_PEER_LOCALMSPID=DEFAULT peer channel create -o 127.0.0.1:7050 -c mychannel1 -f channel.tx
[InstanceA terminal1] 6. Join peer0 to mychannel1
$ CORE_PEER_LOCALMSPID=DEFAULT peer channel join -b mychannel1.block
Peer joined the channel!
2017-04-08 23:39:54.463 UTC [main] main -> INFO 001 Exiting.....
[InstanceA terminal1] 7. Install a chaincode
$ CORE_PEER_LOCALMSPID=DEFAULT peer chaincode install -o 127.0.0.1:7050 -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
ncode/go/chaincode_example02
2017-04-08 23:40:05.744 UTC [golang-platform] writeGopathSrc -> INFO 001 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:40:05.744 UTC [container] WriteFolderToTarPackage -> INFO 002 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:40:36.242 UTC [main] main -> INFO 003 Exiting.....
[InstanceA terminal1] 7. Instantiate the chaincode
$ CORE_PEER_ADDRESS=127.0.0.1:7051 CORE_PEER_LOCALMSPID=DEFAULT peer chaincode instantiate -o 127.0.0.1:7050 -C mychannel1 -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 -c '{"Args":["init","a", "100", "b","200"]}'
1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 -c '{"Args":["init","a", "100", "b","200"]}'
2017-04-08 23:40:39.892 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2017-04-08 23:40:39.893 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
2017-04-08 23:40:42.194 UTC [main] main -> INFO 003 Exiting.....
[InstanceA terminal1] 8. Invoke and query a command
$ CORE_PEER_ADDRESS=127.0.0.1:7051 peer chaincode invoke -o 127.0.0.1:7050 -C mychannel1 -n mycc -c '{"Args":["invoke","a","b","10"]}'
$ CORE_PEER_ADDRESS=127.0.0.1:7051 peer chaincode query -o 127.0.0.1:7050 -C mychannel1 -n mycc -c '{"Args":["query","a"]}'
Query Result: 90
2017-04-08 23:40:51.664 UTC [main] main -> INFO 001 Exiting.....
[InstanceB terminal1] 9. Create peer1 on instanceB
$ CORE_PEER_MSPCONFIGPATH=/home/kouohhashi/work/src/github.com/hyperledger/fabric/msp/sampleconfig CORE_PEER_GOSSIP_EXTERNALENDPOINT=instanceB:7051 CORE_LOGGING_LEVEL=DEBUG CORE_PEER_LOCALMSPID=DEFAULT peer node start --peer-defaultchain=false
[InstanceA terminal1] 10. Join peer1 on instance B to mychannel1 from instanceA
$ CORE_PEER_LOCALMSPID=DEFAULT CORE_PEER_ADDRESS=instanceB:7051 peer channel join -b mychannel1.block
Peer joined the channel!
2017-04-08 23:42:14.799 UTC [main] main -> INFO 001 Exiting.....
[InstanceA terminal1] 11. Install chaincode on peer1 on instanceB from instance A
$ CORE_PEER_LOCALMSPID=DEFAULT CORE_PEER_ADDRESS=instanceB:7051 peer chaincode install -o 127.0.0.1:7050 -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
2017-04-08 23:42:23.166 UTC [golang-platform] writeGopathSrc -> INFO 001 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:42:23.166 UTC [container] WriteFolderToTarPackage -> INFO 002 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:42:39.191 UTC [main] main -> INFO 003 Exiting.....
[InstanceA terminal1] 12. Query peer1 from instanceA
$ CORE_PEER_ADDRESS=instanceB:7051 peer chaincode query -o 127.0.0.1:7050 -C mychannel1 -n mycc -c '{"Args":["query","a"]}'
I got errors like below. But I can see at least mycc chaincode on
instnceB and peer join command was completed successfully.
Error: Error endorsing query: rpc error: code = 2 desc = failed to obtain cds for mycc - transaction not found mycc/mychannel1
I'm using 2 ubuntu16.04 instances and not using docker or vagrant at all. I compiled binaries by make native.
Peer1 on instanceB may not connect orderer on instanceA because I saw the error log on peer1.
2017-04-08 23:42:14.903 UTC [deliveryClient] NewDeliverService -> ERRO 286 Cannot dial to 0.0.0.0:7050, because of grpc: timed out when dialing
Looks like peer1 tried to connect 0.0.0.0 instead of instanceA.
By the way I changed the Name of Organizations to DEFAULT from SampleOrg because I got errors like below otherwise.
2017-04-08 05:17:57.919 UTC [gossip/service] configUpdated -> ERRO 25e Tried joining channel mychannel1 but our org( DEFAULT ), isn't among the orgs of the channel: [SampleOrg] , aborting.
I think this may be because peer1 on instanceB was not linked to orderder on instanceA or transaction made by peer0 was not completed and reflected on instanceB. But I have no idea how to dig in...
Please give me help.
Thanks.
I finally solved my problem.
I turned out to be simple.
The solution was changing addresses of the orderer from 127.0.0.1:7050 to (IP Address of InstanceA):7050
common/configtx/tool/configtx.yaml
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start.
# Available types are "solo" and "kafka".
OrdererType: solo
Addresses:
# - 127.0.0.1:7050
- <IP Address of InstanceA>:7050
By doing this, Peer1 on instanceB start connecting orderer on instanceA.
It looks like "CORE_PEER_COMMITTER_LEDGER_ORDERER environmental parameter" and "-o option" were not used anymore or overwritten by configtx.yaml.