LS,
Я установил HLF 1.2 и установил образцы тканей.Используя базовые файлы, начал строить сеть с нуля.
Контейнеры для Fabric-peer, Fabric-Orderer, Fabric-Couchdb и Fabric-CA работают.
Выдержка из журналов Orderer - "0xc42000e108 идентификатор 0 не удовлетворяет принципалу: идентификатор является членом другого MSP (ожидаемый OrdererMSP, получил Org1MSP) "
configtx.yaml выглядит как
` Организации:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/example.com/msp
Policies: &OrdererOrgPolicies
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('OrdererMSP.admin', 'OrdererMSP.peer', 'OrdererMSP.client')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('OrdererMSP.admin', 'OrdererMSP.client')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: Org1MSP
# ID to load the MSP definition as
ID: Org1MSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies: &Org1Policies
Readers:
Type: Signature
Rule: "OR('Org1MSP.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
AnchorPeers:
# AnchorPeers defines the location of peers which can be used
# for cross org gossip communication. Note, this value is only
# encoded in the genesis block in the Application section context
- Host: peer0.org1.example.com
Port: 7051
Application: & ApplicationDefaults ACL: & ACLsDefault
lscc/ChaincodeExists: /Channel/Application/Readers
lscc/GetDeploymentSpec: /Channel/Application/Readers
lscc/GetChaincodeData: /Channel/Application/Readers
lscc/GetInstantiatedChaincodes: /Channel/Application/Readers
qscc/GetChainInfo: /Channel/Application/Readers
qscc/GetBlockByNumber: /Channel/Application/Readers
qscc/GetBlockByHash: /Channel/Application/Readers
qscc/GetTransactionByID: /Channel/Application/Readers
qscc/GetBlockByTxID: /Channel/Application/Readers
cscc/GetConfigBlock: /Channel/Application/Readers
cscc/GetConfigTree: /Channel/Application/Readers
cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers
peer/Propose: /Channel/Application/Writers
peer/ChaincodeToChaincode: /Channel/Application/Readers
event/Block: /Channel/Application/Readers
event/FilteredBlock: /Channel/Application/Readers
# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
# /Channel/Application/<PolicyName>
Policies: &ApplicationDefaultPolicies
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Org1MemberPolicy:
Type: Signature
Rule: "OR('Org1MSP.member')"
Orderer: & OrdererDefaults
# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo
Addresses:
- orderer.example.com:7050
# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s
# Batch Size: Controls the number of messages batched into a block
BatchSize:
# Max Message Count: The maximum number of messages to permit in a batch
MaxMessageCount: 10
# Absolute Max Bytes: The absolute maximum number of bytes allowed for
# the serialized messages in a batch.
AbsoluteMaxBytes: 99 MB
# Preferred Max Bytes: The preferred maximum number of bytes allowed for
# the serialized messages in a batch. A message larger than the preferred
# max bytes will result in a batch larger than preferred max bytes.
PreferredMaxBytes: 512 KB
Kafka:
# Brokers: A list of Kafka brokers to which the orderer connects
# NOTE: Use IP:port notation
Brokers:
- 127.0.0.1:9092
# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:
# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
# /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# BlockValidation specifies what signatures must be included in the block
# from the orderer for the peer to validate it.
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: & ChannelDefaults # Policies определяет набор политик на этом уровне дерева конфигурации # ДляКанальные политики, их канонический путь: # / Channel / Policies: # Кто может вызывать API-интерфейсы «Доставить»: Тип: ImplicitMeta Rule: «ЛЮБЫЕ Читатели» # Кто может вызывать Авторы API «Broadcast»: Тип: Правило ImplicitMeta: »ЛЮБЫЕ Авторы "# По умолчанию, кто может изменять элементы на этом уровне конфигурации. Администраторы: Тип: ImplicitMeta Правило:" Администраторы MAJORITY "
Профильs:
OneOrgOrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- <<: *OrdererOrg
Policies:
<<: *OrdererOrgPolicies
Admins:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Consortiums:
SampleConsortium:
Organizations:
- <<: *Org1
Policies:
<<: *Org1Policies
Admins:
Type: Signature
Rule: "OR('Org1MSP.member')"
OneOrgChannel:
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *Org1
`
Docker Logs
2018-10-09 10:02:12.830 UTC [cauthdsl] func2 -> DEBU 0b9 0xc42000e108 identity 0 does not satisfy principal: the identity is a member of a different MSP (expected OrdererMSP, got Org1MSP)
2018-10-09 10:02:12.830 UTC [cauthdsl] func2 -> DEBU 0ba 0xc42000e108 principal evaluation fails
2018-10-09 10:02:12.830 UTC [cauthdsl] func1 -> DEBU 0bb 0xc42000e108 gate 1539079332829377323 evaluation fails
2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0bc Signature set did not satisfy policy /Channel/Orderer/OrdererOrg/Writers
2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0bd == Done Evaluating *cauthdsl.policy Policy /Channel/Orderer/OrdererOrg/Writers
2018-10-09 10:02:12.831 UTC [policies] func1 -> DEBU 0be Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ OrdererOrg.Writers ]
2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0bf Signature set did not satisfy policy /Channel/Orderer/Writers
2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0c0 == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Orderer/Writers
2018-10-09 10:02:12.831 UTC [policies] func1 -> DEBU 0c1 Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Orderer.Writers Consortiums.Writers ]
2018-10-09 10:02:12.832 UTC [policies] Evaluate -> DEBU 0c2 Signature set did not satisfy policy /Channel/Writers
2018-10-09 10:02:12.832 UTC [policies] Evaluate -> DEBU 0c3 == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Writers
2018-10-09 10:02:12.833 UTC [orderer/common/broadcast] Handle -> WARN 0c4 [channel: ppchannel] Rejecting broadcast of config message from 172.26.0.5:54388 because of error: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied
2018-10-09 10:02:12.833 UTC [orderer/common/server] func1 -> DEBU 0c5 Closing Broadcast stream
2018-10-09 10:02:12.837 UTC [common/deliver] Handle -> WARN 0c6 Error reading from 172.26.0.5:54386: rpc error: code = Canceled desc = context canceled
2018-10-09 10:02:12.839 UTC [orderer/common/server] func1 -> DEBU 0c7 Closing Deliver stream
. / startfabric.sh со следующим сообщением
# Create the channel
docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin@org1.example.com/msp" peer0.org1.example.com peer channel create -o orderer.example.com:7050 -c ppchannel -f /etc/hyperledger/configtx/channel.tx
2018-10-09 10:02:12.812 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied
Цените ваше время и вклад.
Спасибо