Develop Reference

pika rabbitmq docker with tls-gen connection reset, no logs

I've configured a docker w rabbitmq, copied the certs from tls-gen there, stop/started and I can only get the connection established and a server reset right after sending a TLS Client Hello. No useful message from ssl. Logs all empty. Troubleshoot TLS guide didn't help. Thanks for any help.
docker run -d -it --hostname=[REDACTED] -e RABBITMQ_LOGS=/var/log/rabbitmq/ -e RABBITMQ_SASL_LOGS=/var/log/rabbitmq/ -e RABBITMQ_DEFAULT_USER=[REDACTED] -e RABBITMQ_DEFAULT_PASS=[REDACTED] --name rabbitmq1 -p [REDACTED]:5672 -p [REDACTED]:15672 -v /scratch/databases/rabbitmq/var/lib/rabbitmq:/var/lib/rabbitmq rabbitmq:3-management
docker cp tls-gen/basic/result/ca_certificate.pem rabbitmq1:/etc/rabbitmq/
docker cp tls-gen/basic/result/server_key.pem rabbitmq1:/etc/rabbitmq/
docker cp tls-gen/basic/result/server_certificate.pem rabbitmq1:/etc/rabbitmq/
docker exec -it rabbitmq1 /bin/bash -c "cd /etc/rabbitmq;chown rabbitmq:rabbitmq *.pem"
docker cp rabbitmq.conf rabbitmq1:/etc/rabbitmq/
docker exec -it rabbitmq1 /bin/bash -c "cd /etc/rabbitmq;chown rabbitmq:rabbitmq rabbitmq.conf"
I was sure to restart the container so the changes were applied. Also double checked cert permissions.
docker:/etc/rabbitmq/
-rw-rw-r--. 1 rabbitmq rabbitmq 1.2K Nov 22 02:29 ca_certificate.pem
drwxrwxrwx. 1 rabbitmq rabbitmq 61 Nov 6 01:51 conf.d
-rw-r--r--. 1 root root 71 Nov 22 07:34 enabled_plugins
-rw-r--r--. 1 rabbitmq rabbitmq 578 Nov 22 07:34 rabbitmq.conf
-rw-rw-r--. 1 rabbitmq rabbitmq 1.3K Nov 22 02:29 server_certificate.pem
-rw-------. 1 rabbitmq rabbitmq 1.9K Nov 22 02:29 server_key.pem
Redirected logs here knowing that the container start env variables should overide. Either way, logs seemed empty.
/etc/rabbitmq/rabbitmq.conf
loopback_users.guest = false
# listeners.tcp.default = 5672
management.tcp.port = 15672
listeners.tcp = none
listeners.ssl.default = 5671
ssl_options.cacertfile = /etc/rabbitmq/ca_certificate.pem
ssl_options.certfile = /etc/rabbitmq/server_certificate.pem
ssl_options.keyfile = /etc/rabbitmq/server_key.pem
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = false
ssl_options.password = [REDACTED]
log.dir = /tmp/
log.file = r.log
log.file.level = debug
Tried multiple configurations for context.options to no avail.
receive.py (python)
#!/usr/bin/env python
import ssl, pika, sys, os
import traceback
from pika.credentials import ExternalCredentials
def main():
connection = None
credentials = pika.PlainCredentials('[REDACTED]', '[REDACTED]')
context = ssl.create_default_context(cafile="tls-gen/basic/result/ca_certificate.pem")
context.load_cert_chain("tls-gen/basic/result/client_certificate.pem", "tls-gen/basic/result/client_key.pem")
#context.options = dict(ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED)
ssl_options = pika.SSLOptions(context, "[REDACTED]")
#ssl_options = pika.SSLOptions(ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT), "local")
#ssl_options = pika.SSLOptions(ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER), "localhost")
#ssl_options = ssl_options | pika.SSLOptions(ssl.SSLContext(ssl.PROTOCOL_TLSv1_2), "[REDACTED]")
try:
connection = pika.BlockingConnection(pika.ConnectionParameters(host='[REDACTED]',
port=[REDACTED],
virtual_host='/',
ssl_options = ssl_options)),
credentials=credentials))
#credentials=ExternalCredentials()))
except Exception as e:
exc_type, _, exc_tb = sys.exc_info()
fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1]
print("receive: ({0}) {1} {2} {3}".format(str(e), exc_type, fname, exc_tb.tb_lineno))
traceback.print_exc()
sys.exit(1)
channel = connection.channel()
channel.queue_declare(queue='hello')
def callback(ch, method, properties, body):
print(" [x] Received %r" % body)
channel.basic_consume(queue='hello', on_message_callback=callback, auto_ack=True)
print(' [*] Waiting for messages. To exit press CTRL+C')
channel.start_consuming()
if __name__ == '__main__':
try:
main()
except KeyboardInterrupt:
print('Interrupted')
try:
sys.exit(0)
except SystemExit:
os._exit(0)
A wrong PEM password here generates a very different message, I'm sure I'm using the right one.
python3 receive.py
Enter PEM pass phrase:
receive: ([Errno 104] Connection reset by peer) <class 'ConnectionResetError'> receive.py 18
Traceback (most recent call last):
File "receive.py", line 18, in main
connection = pika.BlockingConnection(pika.ConnectionParameters(host='[REDACTED]',
File "[REDACTED]/rabbitmq/pika/venv/lib/python3.8/site-packages/pika/adapters/blocking_connection.py", line 359, in __init__
self._impl = self._create_connection(parameters, _impl_class)
File "[REDACTED]/rabbitmq/pika/venv/lib/python3.8/site-packages/pika/adapters/blocking_connection.py", line 450, in _create_connection
raise self._reap_last_connection_workflow_error(error)
File "[REDACTED]/rabbitmq/pika/venv/lib/python3.8/site-packages/pika/adapters/utils/io_services_utils.py", line 636, in _do_ssl_handshake
self._sock.do_handshake()
File "/usr/local/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ConnectionResetError: [Errno 104] Connection reset by peer
It looks like openssl likes the connection.
openssl s_client -connect localhost:5671
CONNECTED(00000003)
Can't use SSL_get_servername
depth=1 CN = TLSGenSelfSignedtRootCA, L = $$$$
verify error:num=19:self signed certificate in certificate chain
verify return:1
depth=0 CN = [REDACTED], O = server
verify return:1
---
Certificate chain
0 s:CN = [REDACTED], O = server
i:CN = TLSGenSelfSignedtRootCA, L = $$$$
1 s:CN = TLSGenSelfSignedtRootCA, L = $$$$
i:CN = TLSGenSelfSignedtRootCA, L = $$$$
---
Server certificate
-----BEGIN CERTIFICATE-----
[REDACTED]
-----END CERTIFICATE-----
subject=CN = [REDACTED], O = server
issuer=CN = TLSGenSelfSignedtRootCA, L = $$$$
---
Acceptable client certificate CA names
CN = TLSGenSelfSignedtRootCA, L = $$$$
Client Certificate Types: ECDSA sign, RSA sign, DSA sign
Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2338 bytes and written 431 bytes
Verification error: self signed certificate in certificate chain
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: [REDACTED]
Session-ID-ctx:
Master-Key: [REDACTED]
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1606031943
Timeout : 7200 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
Extended master secret: no
---
closed

here the steps I took to fix this:
Get rid of the docker and install a local rabbitmq on mac for debugging this configuration. For some reason, the rabbitmq docker wasn't logging anything;
I've added a real valid letsencrypt certificate to the server;
first error I saw in the client after that was the following:
ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1076)
This is because verify_peer is enabled, in that case we needed to bundle the ca_certificate.pem from tls-gen/basic/result/ca_certificate.pem to the chain.pem
cat ../tls-gen/basic/result/ca_certificate.pem chain.pem > chain_bundle.pem
rabbitmq.conf
...
ssl_options.cacertfile = /usr/local/etc/rabbitmq/chain_bundle.pem # <- bundled w self signed cert
ssl_options.certfile = /usr/local/etc/rabbitmq/cert.pem
ssl_options.keyfile = /usr/local/etc/rabbitmq/privkey.pem
...
after that, a different error on pika showed:
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)
That's because pika didn't like tls-gen/basic/result/ca_certificate.pem, instead, I used venv//lib/python3.7/site-packages/certifi/cacert.pem after installing pip install certifi.
Later on, I bundled tls-gen/basic/result/ca_certificate.pem + venv//lib/python3.7/site-packages/certifi/cacert.pem, and added a password to context.load_cert_chain
Wireshark shows messages fully encrypted, now I just need to deploy.
EDIT:
I was able to run it via docker after re-trying the configuration that worked:
#/bin/bash
docker run -d -it --hostname=\
-e RABBITMQ_LOGS=/tmp/log\
-e RABBITMQ_DEFAULT_USER=\
-e RABBITMQ_DEFAULT_PASS=\
-e RABBITMQ_SSL_CACERTFILE=/cert/chain_bundle2.pem \
-e RABBITMQ_SSL_CERTFILE=/cert/cert.pem\
-e RABBITMQ_SSL_KEYFILE=/cert/privkey.pem\
-e RABBITMQ_SSL_FAIL_IF_NO_PEER_CERT=true\
-e RABBITMQ_SSL_VERIFY=verify_peer\
--name rabbitmq1-verifypeer -p ... :5671 -p ... :15672\
-v ... /rabbitmq/var/log:/tmp/log\
-v ... /rabbitmq/var/lib/rabbitmq:/var/lib/rabbitmq\
-v ... /cert/:/cert/ rabbitmq:3.8.9-management

CRIT 002 Failed to initialize local MSP: could not load a valid signer certificate from directory /var/hyperledger/orderer/msp/signcerts

I try this toutorial https://github.com/grepruby/ERC20-Token-On-Hyperledger
node: v8.11.4
go: go1.12.6 darwin/amd64
hyperledgerfabric: ? (maybe 1.2.1)
Python3.4
When './buildERC20TokenNetwork.sh up' command executed, the error occur.
Error: failed to create deliver client: orderer client failed to connect to orderer.techracers.com:7050: failed to create new connection: context deadline exceeded
!!!!!!!!!!!!!!! Channel creation failed !!!!!!!!!!!!!!!!
========= ERROR !!! FAILED to execute End-2-End Scenario ===========
detail
./buildERC20TokenNetwork.sh up
Starting for channel 'mychannel' with CLI timeout of '10' seconds and CLI delay of '3' seconds
Continue? [Y/n] Y
proceeding ...
./buildERC20TokenNetwork.sh: line 46: /Users/ogasawara/hyperledger-fabric/ERC20-Token-On-Hyperledger/network/../bin/configtxlator: cannot execute binary file
LOCAL_VERSION=
DOCKER_IMAGE_VERSION=1.2.1
=================== WARNING ===================
Local fabric binaries and docker images are
out of sync. This may cause problems.
===============================================
peer1.org2.techracers.com is up-to-date
Starting orderer.techracers.com ...
peer0.org2.techracers.com is up-to-date
peer1.org1.techracers.com is up-to-date
Starting orderer.techracers.com ... done
cli is up-to-date
____ _____ _ ____ _____
/ ___| |_ _| / \ | _ \ |_ _|
\___ \ | | / _ \ | |_) | | |
___) | | | / ___ \ | _ < | |
|____/ |_| /_/ \_\ |_| \_\ |_|
Channel name : mychannel
Creating channel...
+ peer channel create -o orderer.techracers.com:7050 -c mychannel -f ./channel-artifacts/channel.tx --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/ordererOrganizations/techracers.com/orderers/orderer.techracers.com/msp/tlscacerts/tlsca.techracers.com-cert.pem
+ res=1
+ set +x
Error: failed to create deliver client: orderer client failed to connect to orderer.techracers.com:7050: failed to create new connection: context deadline exceeded
!!!!!!!!!!!!!!! Channel creation failed !!!!!!!!!!!!!!!!
========= ERROR !!! FAILED to execute End-2-End Scenario ===========
ERROR !!!! Test failed
Docker container "orderer.techracers.com" is Exited, that causes the connection failer.
I checked docker cantainer log.
initializeLocalMsp -> CRIT 002 Failed to initialize local MSP: could not load a valid signer certificate from directory /var/hyperledger/orderer/msp/signcerts: stat /var/hyperledger/orderer/msp/signcerts: no such file or directory
How can I up the container "orderer.techracers.com" ?

It looks like the real error is further up:
./buildERC20TokenNetwork.sh: line 46: /Users/ogasawara/hyperledger-fabric/ERC20-Token-On-Hyperledger/network/../bin/configtxlator: cannot execute binary file
So either you do not have the binaries installed or they are not where they are expected.
(I would guess that the error you are seeing with the orderer is because the config hasn't been properly set up beforehand.)
Fabric 1.2.1 is quite dated now, you might be better starting off with Fabric 1.4 and working with the samples that come with Fabric and the standard documentation.

Chaincode for Developers Cli error terminal 3

I am trying to deploy chaincode using the chain code for developers tutorial "http://hyperledger-fabric.readthedocs.io/en/latest/chaincode4ade.html". I was able to complete the steps till Terminal 2 but get an Error in the command "docker exec -it cli bash" for Terminal 3.
Output for Terminal 1:
[]Received message REGISTER from shim
peer | 2017-08-22 23:29:26.025 UTC [chaincode] HandleMessage -> DEBU 1a9 []Fabric side Handling ChaincodeMessage of type: REGISTER in state created
peer | 2017-08-22 23:29:26.025 UTC [chaincode] beforeRegisterEvent -> DEBU 1aa Received REGISTER in state created
peer | 2017-08-22 23:29:26.025 UTC [chaincode] registerHandler -> DEBU 1ab registered handler complete for chaincode mycc:0
peer | 2017-08-22 23:29:26.025 UTC [chaincode] beforeRegisterEvent -> DEBU 1ac Got REGISTER for chaincodeID = name:"mycc:0" , sending back REGISTERED
peer | 2017-08-22 23:29:26.025 UTC [chaincode] notifyDuringStartup -> DEBU 1ad nothing to notify (dev mode ?)
peer | 2017-08-22 23:29:26.025 UTC [chaincode] notifyDuringStartup -> DEBU 1ae sending READY
peer | 2017-08-22 23:29:26.025 UTC [chaincode] processStream -> DEBU 1af []Move state message READY
peer | 2017-08-22 23:29:26.025 UTC [chaincode] HandleMessage -> DEBU 1b0 []Fabric side Handling ChaincodeMessage of type: READY in state established
peer | 2017-08-22 23:29:26.026 UTC [chaincode] enterReadyState -> DEBU 1b1 []Entered state ready
peer | 2017-08-22 23:29:26.026 UTC [chaincode] notify -> DEBU 1b2 notifier Txid: does not exist
peer | 2017-08-22 23:29:26.026 UTC [chaincode] processStream -> DEBU 1b3 []sending state message READY
Output for Terminal 2:
CORE_PEER_ADDRESS=peer:7051 CORE_CHAINCODE_ID_NAME=mycc:0 ./sacc
2017-08-22 23:29:26.020 UTC [shim] SetupChaincodeLogging -> INFO 001 Chaincode log level not provided; defaulting to: INFO
2017-08-22 23:29:26.020 UTC [shim] SetupChaincodeLogging -> INFO 002 Chaincode (build level: ) starting up ...
Output for Terminal 3:
docker exec -it cli bash
Error response from daemon: Container 37efeab8d4930060c9de46d3bab9ab1ab034781be26b4a5176b80b54d6c1180b is not running
I couldn't find any resolution for this. Can anyone help me? I am using MacOS X.
I uncommented the line "command: /bin/bash -c './script.sh'" in the yaml file.
Output for docker ps after terminal 1:
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
befcf58f4b59 hyperledger/fabric-ccenv "/bin/bash -c 'sle..." 21 seconds ago Up 20 seconds chaincode
3129dac3e13b hyperledger/fabric-peer "peer node start -..." 21 seconds ago Up 20 seconds 0.0.0.0:7051->7051/tcp, 0.0.0.0:7053->7053/tcp peer
56a92979e7cb hyperledger/fabric-orderer "orderer" 22 seconds ago Up 21 seconds 0.0.0.0:7050->7050/tcp orderer
Output for docker ps after terminal 2:
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
befcf58f4b59 hyperledger/fabric-ccenv "/bin/bash -c 'sle..." 2 minutes ago Up 2 minutes chaincode
3129dac3e13b hyperledger/fabric-peer "peer node start -..." 2 minutes ago Up 2 minutes 0.0.0.0:7051->7051/tcp, 0.0.0.0:7053->7053/tcp peer
56a92979e7cb hyperledger/fabric-orderer "orderer" 2 minutes ago Up 2 minutes 0.0.0.0:7050->7050/tcp orderer
Cli Error while running .yaml file:
Returning dummy reject all policy because Admins could not be found in /Application/Admins
orderer | 2017-08-23 23:09:50.644 UTC [policies] GetPolicy -> DEBU 154 Returning policy Readers for evaluation
orderer | 2017-08-23 23:09:50.644 UTC [policies] GetPolicy -> DEBU 155 Returning dummy reject all policy because Readers could not be found in /Application/Readers
orderer | 2017-08-23 23:09:50.644 UTC [policies] GetPolicy -> DEBU 156 Returning policy Writers for evaluation
orderer | 2017-08-23 23:09:50.645 UTC [policies] GetPolicy -> DEBU 157 Returning dummy reject all policy because Writers could not be found in /Application/Writers
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 158 Adding to config map: [Groups] /Channel
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 159 Adding to config map: [Groups] /Channel/Application
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 15a Adding to config map: [Groups] /Channel/Application/SampleOrg
cli | Error: Got unexpected status: BAD_REQUEST
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 15b Adding to config map: [Values] /Channel/Consortium
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 15c Adding to config map: [Groups] /Channel
cli | Usage:
cli | peer channel create [flags]
cli |
cli | Flags:
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 15d Adding to config map: [Groups] /Channel/Application
cli | -c, --channelID string In case of a newChain command, the channel ID to create.
orderer | 2017-08-23 23:09:50.645 UTC [common/configtx] addToMap -> DEBU 15e Adding to config map: [Groups] /Channel/Application/SampleOrg
cli | -f, --file string Configuration transaction file generated by a tool such as configtxgen for submitting to orderer
orderer | 2017-08-23 23:09:50.646 UTC [common/configtx] addToMap -> DEBU 15f Adding to config map: [Policy] /Channel/Application/Admins
cli | -t, --timeout int Channel creation timeout (default 5)
cli |
cli | Global Flags:
cli | --cafile string Path to file containing PEM-encoded trusted certificate(s) for the ordering endpoint
cli | --logging-level string Default logging level and overrides, see core.yaml for full syntax
cli | -o, --orderer string Ordering service endpoint
orderer | 2017-08-23 23:09:50.646 UTC [common/configtx] addToMap -> DEBU 160 Adding to config map: [Policy] /Channel/Application/Writers
cli | --test.coverprofile string Done (default "coverage.cov")
cli | --tls Use TLS when communicating with the orderer endpoint
cli | -v, --version Display current version of fabric peer server
cli |
orderer | 2017-08-23 23:09:50.646 UTC [common/configtx] addToMap -> DEBU 161 Adding to config map: [Policy] /Channel/Application/Readers
orderer | 2017-08-23 23:09:50.646 UTC [common/configtx] addToMap -> DEBU 162 Adding to config map: [Values] /Channel/Consortium
orderer | 2017-08-23 23:09:50.646 UTC [orderer/common/broadcast] Handle -> WARN 163 Rejecting CONFIG_UPDATE because: Error authorizing update: Error validating DeltaSet: invalid mod_policy for element [Policy] /Channel/Application/Writers: mod_policy not set
orderer | 2017-08-23 23:09:50.646 UTC [orderer/main] func1 -> DEBU 164 Closing Broadcast stream
orderer | 2017-08-23 23:09:50.648 UTC [orderer/common/deliver] Handle -> WARN 165 Error reading from stream: rpc error: code = Canceled desc = context canceled
orderer | 2017-08-23 23:09:50.649 UTC [orderer/main] func1 -> DEBU 166 Closing Deliver stream

I was able to solve this by commenting out the line "command: /bin/bash -c './script.sh'" in the "fabric-samples/chaincode-docker-devmode/docker-compose-simple.yaml" file.

I'd read how this https://jira.hyperledger.org/browse/FAB-5309 resolves, looks like the problem is with the chaincode-docker-devmode's artifacts
p.s. just update the fabric to 1.0.2 and pull the new fabric-samples repo, start the new containers, voila!
best
nas

Unable to Register Chaincode & Successfully Start Blockchain Network

I am following hyperledger fabric tutorial, and am having trouble registering my chaincode and possibly starting the docker image:
https://www.ibm.com/developerworks/library/j-chaincode-for-java-developers/
The following is the error I am getting when I try to register my chaincode:
$ ./Example
Hello world! starting [Ljava.lang.String;#5fd0d5ae
May 10, 2017 9:40:34 PM example.Example main
INFO: starting
May 10, 2017 9:40:34 PM io.grpc.internal.TransportSet$1 call
INFO: Created transport io.grpc.netty.NettyClientTransport#7269e694(/127.0.0.1:7051) for /127.0.0.1:7051
May 10, 2017 9:40:36 PM io.grpc.internal.TransportSet$TransportListener transportShutdown
INFO: Transport io.grpc.netty.NettyClientTransport#7269e694(/127.0.0.1:7051) for /127.0.0.1:7051 is being shutdown
May 10, 2017 9:40:36 PM io.grpc.internal.TransportSet$TransportListener transportTerminated
INFO: Transport io.grpc.netty.NettyClientTransport#7269e694(/127.0.0.1:7051) for /127.0.0.1:7051 is terminated
May 10, 2017 9:40:36 PM org.hyperledger.java.shim.ChaincodeBase$1 onError
SEVERE: Unable to connect to peer server: UNAVAILABLE
My blockchain network via docker is up and running, but the last log message is different than the expected log message (It says Connected to: [], which I assume is a null):
05:47:30.205 [peer] chatWithSomePeers -> DEBU 02f Starting up the first peer of a new network
05:47:30.205 [nodeCmd] serve -> INFO 030 Starting peer with ID=name:"vp0" , network ID=dev, address=172.17.0.3:7051, rootnodes=, validator=true
05:47:30.206 [consensus/statetransfer] verifyAndRecoverBlockchain -> DEBU 031 Validating existing blockchain, highest validated block is 0, valid through 0
05:47:30.206 [consensus/statetransfer] blockThread -> INFO 032 Validated blockchain to the genesis block
05:47:30.206 [consensus/handler] 1 -> DEBU 033 Starting up message thread for consenter
05:47:30.207 [peer] ensureConnected -> DEBU 034 Starting Peer reconnect service (touch service), with period = 6s
05:47:30.207 [rest] StartOpenchainRESTServer -> INFO 035 Initializing the REST service on 0.0.0.0:7050, TLS is disabled.
05:47:36.209 [peer] ensureConnected -> DEBU 036 Touch service indicates no dropped connections
05:47:36.209 [peer] ensureConnected -> DEBU 037 Connected to: []
05:47:36.209 [peer] ensureConnected -> DEBU 038 Discovery knows about: []
When I check for containers that are running docker shows me both of them are up, see below:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7dec77752d52 hyperledger/fabric-peer "sh -c 'sleep 5; peer" 20 minutes ago Up 20 minutes 0.0.0.0:7050-7051->7050-7051/tcp, 0.0.0.0:7053->7053/tcp blockchain_vp0_1
ac91e9bc1b0e hyperledger/fabric-membersrvc "membersrvc" 24 hours ago Up 20 minutes 0.0.0.0:7054->7054/tcp blockchain_membersrvc_1
The following git command was used:
git clone https://github.com/hyperledger/fabric.git -b v0.6
I copied and pasted the exact values for the docker-compose.yml, see below:
membersrvc:
image: hyperledger/fabric-membersrvc
ports:
- "7054:7054"
command: membersrvc
vp0:
image: hyperledger/fabric-peer
ports:
- "7050:7050"
- "7051:7051"
- "7053:7053"
environment:
- CORE_PEER_ADDRESSAUTODETECT=true
- CORE_VM_ENDPOINT=unix:///var/run/docker.sock
- CORE_LOGGING_LEVEL=DEBUG
- CORE_PEER_ID=vp0
- CORE_PEER_PKI_ECA_PADDR=membersrvc:7054
- CORE_PEER_PKI_TCA_PADDR=membersrvc:7054
- CORE_PEER_PKI_TLSCA_PADDR=membersrvc:7054
- CORE_SECURITY_ENABLED=false
- CORE_SECURITY_ENROLLID=test_vp0
- CORE_SECURITY_ENROLLSECRET=MwYpmSRjupbT
links:
- membersrvc
command: sh -c "sleep 5; peer node start --peer-chaincodedev"
Is there something I am missing here? Any help is appreciated, thank you.

Seems you are working on Windows environment and did everything right except not defined any port forwarding into Oracle VM virtual box. you will have to configure
Oracle VM VirtualBox Manager - > Setting - > Network -> Advance - > port forwarding -- and define as per attached image, run and enjoy.... enter image description here
Happy Coding!

Transaction not found on remote peer

I'm trying to setup simple blockchain network with Hyperledger fabric v1.0 on 2 instances.
My scenario
Instance A: Orderer and Peer0
Instance B: Peer1
I basically followed the "Use the native binaries" section of "Getting Started" page.
What I tried is I started 1 orderer and 1 peer on instanceA.
I installed, instantiated, invoked and made a query the example chaincode.
Then I started 1 peer on instanceB.
I could let peer1 on instanceB join my channel from instanceA. I could install the chaincode on peer1 from instanceA.
But I could not execute query peer1 from instanceA.
I can see at least chaincode installed on instanceB.
Error message is:
Error: Error endorsing query: rpc error: code = 2 desc = failed to obtain cds for mycc - transaction not found mycc/mychannel1
Below are commands I tried...
[InstanceA terminal1] 1. generate orderer.block
$ configtxgen -profile SampleSingleMSPSolo -outputBlock orderer.block
[InstanceA terminal2] 2. start orderer
$ CORE_PEER_LOCALMSPID=DEFAULT CORE_LOGGING_LEVEL=DEBUG ORDERER_GENERAL_LISTENADDRESS=0.0.0.0 ORDERER_GENERAL_GENESISMETHOD=file ORDERER_GENERAL_GENESISFILE=./orderer.block
2017-04-08 23:38:41.562 UTC [orderer/multichain] NewManagerImpl -> INFO 001 Starting with system channel testchainid and orderer type solo
2017-04-08 23:38:41.562 UTC [orderer/main] NewServer -> INFO 002 Starting orderer
2017-04-08 23:38:41.562 UTC [orderer/main] main -> INFO 003 Beginning to serve requests
2017-04-08 23:39:39.881 UTC [orderer/multichain] newChain -> INFO 004 Created and starting new chain mychannel1
[InstanceA terminal1] 3. generate channel.tx
$ configtxgen -profile SampleSingleMSPSolo -outputCreateChannelTx channel.tx -channelID mychannel1
[InstanceA terminal3] 4. start peer0
$ CORE_PEER_GOSSIP_EXTERNALENDPOINT=127.0.0.1:7051 CORE_LOGGING_LEVEL=DEBUG CORE_PEER_LOCALMSPID=DEFAULT peer node start --peer-defaultchain=false
[InstanceA terminal1] 5. Create Channel
$ CORE_PEER_LOCALMSPID=DEFAULT peer channel create -o 127.0.0.1:7050 -c mychannel1 -f channel.tx
[InstanceA terminal1] 6. Join peer0 to mychannel1
$ CORE_PEER_LOCALMSPID=DEFAULT peer channel join -b mychannel1.block
Peer joined the channel!
2017-04-08 23:39:54.463 UTC [main] main -> INFO 001 Exiting.....
[InstanceA terminal1] 7. Install a chaincode
$ CORE_PEER_LOCALMSPID=DEFAULT peer chaincode install -o 127.0.0.1:7050 -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
ncode/go/chaincode_example02
2017-04-08 23:40:05.744 UTC [golang-platform] writeGopathSrc -> INFO 001 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:40:05.744 UTC [container] WriteFolderToTarPackage -> INFO 002 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:40:36.242 UTC [main] main -> INFO 003 Exiting.....
[InstanceA terminal1] 7. Instantiate the chaincode
$ CORE_PEER_ADDRESS=127.0.0.1:7051 CORE_PEER_LOCALMSPID=DEFAULT peer chaincode instantiate -o 127.0.0.1:7050 -C mychannel1 -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 -c '{"Args":["init","a", "100", "b","200"]}'
1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02 -c '{"Args":["init","a", "100", "b","200"]}'
2017-04-08 23:40:39.892 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2017-04-08 23:40:39.893 UTC [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
2017-04-08 23:40:42.194 UTC [main] main -> INFO 003 Exiting.....
[InstanceA terminal1] 8. Invoke and query a command
$ CORE_PEER_ADDRESS=127.0.0.1:7051 peer chaincode invoke -o 127.0.0.1:7050 -C mychannel1 -n mycc -c '{"Args":["invoke","a","b","10"]}'
$ CORE_PEER_ADDRESS=127.0.0.1:7051 peer chaincode query -o 127.0.0.1:7050 -C mychannel1 -n mycc -c '{"Args":["query","a"]}'
Query Result: 90
2017-04-08 23:40:51.664 UTC [main] main -> INFO 001 Exiting.....
[InstanceB terminal1] 9. Create peer1 on instanceB
$ CORE_PEER_MSPCONFIGPATH=/home/kouohhashi/work/src/github.com/hyperledger/fabric/msp/sampleconfig CORE_PEER_GOSSIP_EXTERNALENDPOINT=instanceB:7051 CORE_LOGGING_LEVEL=DEBUG CORE_PEER_LOCALMSPID=DEFAULT peer node start --peer-defaultchain=false
[InstanceA terminal1] 10. Join peer1 on instance B to mychannel1 from instanceA
$ CORE_PEER_LOCALMSPID=DEFAULT CORE_PEER_ADDRESS=instanceB:7051 peer channel join -b mychannel1.block
Peer joined the channel!
2017-04-08 23:42:14.799 UTC [main] main -> INFO 001 Exiting.....
[InstanceA terminal1] 11. Install chaincode on peer1 on instanceB from instance A
$ CORE_PEER_LOCALMSPID=DEFAULT CORE_PEER_ADDRESS=instanceB:7051 peer chaincode install -o 127.0.0.1:7050 -n mycc -v 1.0 -p github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02
2017-04-08 23:42:23.166 UTC [golang-platform] writeGopathSrc -> INFO 001 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:42:23.166 UTC [container] WriteFolderToTarPackage -> INFO 002 rootDirectory = /home/kouohhashi/work/src
2017-04-08 23:42:39.191 UTC [main] main -> INFO 003 Exiting.....
[InstanceA terminal1] 12. Query peer1 from instanceA
$ CORE_PEER_ADDRESS=instanceB:7051 peer chaincode query -o 127.0.0.1:7050 -C mychannel1 -n mycc -c '{"Args":["query","a"]}'
I got errors like below. But I can see at least mycc chaincode on
instnceB and peer join command was completed successfully.
Error: Error endorsing query: rpc error: code = 2 desc = failed to obtain cds for mycc - transaction not found mycc/mychannel1
I'm using 2 ubuntu16.04 instances and not using docker or vagrant at all. I compiled binaries by make native.
Peer1 on instanceB may not connect orderer on instanceA because I saw the error log on peer1.
2017-04-08 23:42:14.903 UTC [deliveryClient] NewDeliverService -> ERRO 286 Cannot dial to 0.0.0.0:7050, because of grpc: timed out when dialing
Looks like peer1 tried to connect 0.0.0.0 instead of instanceA.
By the way I changed the Name of Organizations to DEFAULT from SampleOrg because I got errors like below otherwise.
2017-04-08 05:17:57.919 UTC [gossip/service] configUpdated -> ERRO 25e Tried joining channel mychannel1 but our org( DEFAULT ), isn't among the orgs of the channel: [SampleOrg] , aborting.
I think this may be because peer1 on instanceB was not linked to orderder on instanceA or transaction made by peer0 was not completed and reflected on instanceB. But I have no idea how to dig in...
Please give me help.
Thanks.

I finally solved my problem.
I turned out to be simple.
The solution was changing addresses of the orderer from 127.0.0.1:7050 to (IP Address of InstanceA):7050
common/configtx/tool/configtx.yaml
Orderer: &OrdererDefaults
# Orderer Type: The orderer implementation to start.
# Available types are "solo" and "kafka".
OrdererType: solo
Addresses:
# - 127.0.0.1:7050
- <IP Address of InstanceA>:7050
By doing this, Peer1 on instanceB start connecting orderer on instanceA.
It looks like "CORE_PEER_COMMITTER_LEDGER_ORDERER environmental parameter" and "-o option" were not used anymore or overwritten by configtx.yaml.