Question

我正在运行Hyperledger Fabric v1.2。我有一个订购者，ca，kafka和在不同服务器上运行的同级。生成证书并将其放置在服务器上的相应位置，然后生成创世记录块和通道tx文件，然后启动订购者和对等方。

但是，当我使用以下命令创建频道时，在订购日志的底部会显示以下消息。

./peer channel create -o orderer1.example.com:7050 -c mychannel -f /etc/hyperledger/fabric/channels/mychannel.tx

到目前为止，一切似乎还可以，并且可以正常工作。

2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a5 0xc42000e740 identity 0 does not satisfy principal: the identity is a member of a different MSP (expected SampleOrg, got SampleOrgMSP)
2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a6 0xc42000e740 principal evaluation fails
2018-08-21 19:25:30.957 UTC [cauthdsl] func1 -> DEBU 1a7 0xc42000e740 gate 1534879530956937482 evaluation fails
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a8 Signature set did not satisfy policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a9 == Done Evaluating *cauthdsl.policy Policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] func1 -> DEBU 1aa Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ SampleOrg.Admins ]
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ab Signature set did not satisfy policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ac == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [orderer/common/broadcast] Handle -> WARN 1ad [channel: mychannel] Rejecting broadcast of config message from xxx.xxx.xxx.xxx:1234 because of error: error authorizing update: error validating DeltaSet: policy for [Group]  /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
2018-08-21 19:25:30.957 UTC [orderer/common/server] func1 -> DEBU 1ae Closing Broadcast stream
2018-08-21 19:25:30.959 UTC [grpc] Printf -> DEBU 1af transport: http2Server.HandleStreams failed to read frame: read tcp xxx.xxx.xxx.xxx:7050->xxx.xxx.xxx.xxx:1234: read: connection reset by peer
2018-08-21 19:25:30.959 UTC [common/deliver] Handle -> WARN 1b0 Error reading from xxx.xxx.xxx.xxx:1234: rpc error: code = Canceled desc = context canceled
2018-08-21 19:25:30.959 UTC [orderer/common/server] func1 -> DEBU 1b1 Closing Deliver stream

我认为这是在订购者的configtx文件中声明策略的一种方式，但是我不确定。

configtx.yaml中的部分

Organizations:
    - &SampleOrdererOrg
        Name: SampleOrdererOrg
        ID: SampleOrdererMSP
        MSPDir: /etc/hyperledger/orderer1/msp
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.admin')"


    - &SampleOrg
        Name: SampleOrg
        ID: SampleOrgMSP
        MSPDir: /etc/hyperledger/org/msp/
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrg.admin')"
        AnchorPeers:
            - Host: peer1.example.com
              Port: 7051
            - Host: peer2.example.com
              Port: 7051
            - Host: peer3.example.com
              Port: 7051



Profiles:
    SampleKafkaDev:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            OrdererType: kafka
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Consortiums:
            SampleConsortium:
                Organizations:
                    - <<: *SampleOrg
                      Policies:
                          <<: *SampleOrgPolicies
                          Admins:
                              Type: Signature
                              Rule: "OR('SampleOrg.member')"

    MyChannel:
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *SampleOrg

Answer 1

As far as I remember, the Rule in policy configuration expects that ID will be provided, in your example the name is used.

Just try to update all rules in your configuration in the following way :

Policies:
   <<: *SampleOrgPolicies
   Admins:
       Type: Signature
       Rule: "OR('SampleOrgMSP.member')"

(use SampleOrgMSP instead of SampleOrg, SampleOrdererMSP instead of SampleOrdererOrg, etc)

Updated:

Step 2:

"peer" loads configuration from "core.yaml", usually this file is located here "/etc/hyperledger/fabric/". In this file try to find property "localMspId: SampleOrg" and replace SampleOrg with your Orderer MSP Id

Step 3:

Channel can be created only once. In order to verify that channel exists we can try to join it from one of peers:

verify that environment variable CORE_PEER_ADDRESS is configured correcly, export CORE_PEER_ADDRESS=peer0.org1.example.com:7051
peer channel join -b /opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block
now you can check that peer has information about channel peer channel getinfo -c mychannel

Answer 2

除了@Sergey Balashevich建议的修复程序外，似乎创世块的创建给我带来了问题。我使用以下命令生成它：./configtxgen -profile MyChannel -channelID mychannel -outputCreateChannelTx configtx/channel.tx。这导致创建了一个频道，并阻止了我完成对等频道创建命令。

对等渠道创建-评估失败，仅满足0个策略Hyperledger Fabric

2 个答案: