我正在使用Hyperledger Fabric网络部署在带有2个VirtualBox Ubuntu映像的docker群上。网络功能全面,所有对等点都加入了通道并更新了锚点对等点。我正在关注Composer多主机教程:https://hyperledger.github.io/composer/latest/tutorials/deploy-to-fabric-multi-org
网络设置:
Host1:订购者,Peer1.Org1,Peer2.Org1,CLI
主机2:Peer1.Org2,Peer2.Org2
connectionProfileManager.json 是我用于Manager组织的连接json。
{
"name": "example-network",
"x-type": "hlfv1",
"version": "1.0.0",
"channels": {
"mychannel": {
"orderers": [
"orderer.example.com"
],
"peers": {
"peer0.manager.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
},
"peer1.manager.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
},
"peer0.sponsor.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
},
"peer1.sponsor.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
}
}
}
},
"organizations": {
"Manager": {
"mspid": "ManagerMSP",
"peers": [
"peer0.manager.example.com",
"peer1.manager.example.com"
],
"certificateAuthorities": [
"ca.manager.example.com"
]
},
"Sponsor": {
"mspid": "SponsorMSP",
"peers": [
"peer0.sponsor.example.com",
"peer1.sponsor.example.com"
],
"certificateAuthorities": [
"ca.sponsor.example.com"
]
}
},
"orderers": {
"orderer.example.com": {
"url": "grpcs://localhost:7050",
"grpcOptions": {
"ssl-target-name-override": "orderer.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORDERER_CA_CERT"
}
}
},
"peers": {
"peer0.manager.example.com": {
"url": "grpcs://localhost:7051",
"eventUrl": "grpcs://localhost:7053",
"grpcOptions": {
"ssl-target-name-override": "peer0.manager.example.com"
},
"tlsCACerts": {
"pem": "INSERT_MANAGER_CA_CERT"
}
},
"peer1.manager.example.com": {
"url": "grpcs://localhost:8051",
"eventUrl": "grpcs://localhost:8053",
"grpcOptions": {
"ssl-target-name-override": "peer1.manager.example.com"
},
"tlsCACerts": {
"pem": "INSERT_MANAGER_CA_CERT"
}
},
"peer0.sponsor.example.com": {
"url": "grpcs://10.0.2.5:9051",
"eventUrl": "grpcs://10.0.2.5:9053",
"grpcOptions": {
"ssl-target-name-override": "peer0.sponsor.example.com"
},
"tlsCACerts": {
"pem": "INSERT_SPONSOR_CA_CERT"
}
},
"peer1.sponsor.example.com": {
"url": "grpcs://10.0.2.5:10051",
"eventUrl": "grpcs://10.0.2.5:10053",
"grpcOptions": {
"ssl-target-name-override": "peer1.sponsor.example.com"
},
"tlsCACerts": {
"pem": "INSERT_SPONSOR_CA_CERT"
}
}
},
"certificateAuthorities": {
"ca.manager.example.com": {
"url": "https://localhost:7054",
"caName": "ca-manager",
"httpOptions": {
"verify": false
}
},
"ca.sponsor.example.com": {
"url": "https://10.0.2.5:8054",
"caName": "ca-sponsor",
"httpOptions": {
"verify": false
}
}
}
}
connectionProfileSponsor.json 是我用于发起人组织的连接json。
{
"name": "example-network",
"x-type": "hlfv1",
"version": "1.0.0",
"channels": {
"mychannel": {
"orderers": [
"orderer.example.com"
],
"peers": {
"peer0.manager.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
},
"peer1.manager.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
},
"peer0.sponsor.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
},
"peer1.sponsor.example.com": {
"endorsingPeer": true,
"chaincodeQuery": true,
"ledgerQuery": true,
"eventSource": true
}
}
}
},
"organizations": {
"Manager": {
"mspid": "ManagerMSP",
"peers": [
"peer0.manager.example.com",
"peer1.manager.example.com"
],
"certificateAuthorities": [
"ca.manager.example.com"
]
},
"Sponsor": {
"mspid": "SponsorMSP",
"peers": [
"peer0.sponsor.example.com",
"peer1.sponsor.example.com"
],
"certificateAuthorities": [
"ca.sponsor.example.com"
]
}
},
"orderers": {
"orderer.example.com": {
"url": "grpcs://10.0.2.4:7050",
"grpcOptions": {
"ssl-target-name-override": "orderer.example.com"
},
"tlsCACerts": {
"pem": "INSERT_ORDERER_CA_CERT"
}
}
},
"peers": {
"peer0.manager.example.com": {
"url": "grpcs://10.0.2.4:7051",
"eventUrl": "grpcs://10.0.2.4:7053",
"grpcOptions": {
"ssl-target-name-override": "peer0.manager.example.com"
},
"tlsCACerts": {
"pem": "INSERT_MANAGER_CA_CERT"
}
},
"peer1.manager.example.com": {
"url": "grpcs://10.0.2.4:8051",
"eventUrl": "grpcs://10.0.2.4:8053",
"grpcOptions": {
"ssl-target-name-override": "peer1.manager.example.com"
},
"tlsCACerts": {
"pem": "INSERT_MANAGER_CA_CERT"
}
},
"peer0.sponsor.example.com": {
"url": "grpcs://localhost:9051",
"eventUrl": "grpcs://localhost:9053",
"grpcOptions": {
"ssl-target-name-override": "peer0.sponsor.example.com"
},
"tlsCACerts": {
"pem": "INSERT_SPONSOR_CA_CERT"
}
},
"peer1.sponsor.example.com": {
"url": "grpcs://localhost:10051",
"eventUrl": "grpcs://localhost:10053",
"grpcOptions": {
"ssl-target-name-override": "peer1.sponsor.example.com"
},
"tlsCACerts": {
"pem": "INSERT_SPONSOR_CA_CERT"
}
}
},
"certificateAuthorities": {
"ca.manager.example.com": {
"url": "https://10.0.2.4:7054",
"caName": "ca-manager",
"httpOptions": {
"verify": false
}
},
"ca.sponsor.example.com": {
"url": "https://localhost:8054",
"caName": "ca-sponsor",
"httpOptions": {
"verify": false
}
}
}
}
在Manager组织/主机上安装.bna的脚本:
cat << "EOF"
"
EOF
echo "Removing existing cards if any"
rm -fr $HOME/.composer
echo "Creating temporary directories"
mkdir -p /tmp/composer/manager
mkdir -p /tmp/composer/sponsor
echo "Pasting certificates in tmp/composer/..."
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/peerOrganizations/manager.example.com/peers/peer0.manager.example.com/tls/ca.crt > /tmp/composer/manager/ca-manager.txt
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/ca.crt > /tmp/composer/sponsor/ca-sponsor.txt
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt > /tmp/composer/ca-orderer.txt
echo "Creating the connection profile file"
cp connectionProfile.json /tmp/composer/example-network.json
echo "Adding the certificates in connection profile"
replacementManager="/tmp/composer/manager/ca-manager.txt"
replacementSponsor="/tmp/composer/sponsor/ca-sponsor.txt"
replacementOrderer="/tmp/composer/ca-orderer.txt"
file="/tmp/composer/example-network.json"
manager="/tmp/composer/proaManager.json"
sponsor="/tmp/composer/proaSponsor.json"
final="/tmp/composer/proaFinal.json"
partFinal="/tmp/composer/partFinal.json"
sed -i 's/\\n/±/g' $replacementManager
sed -i 's/\\n/±/g' $replacementSponsor
sed -i 's/\\n/±/g' $replacementOrderer
sed -e "s@INSERT_MANAGER_CA_CERT@$(cat $replacementManager)@g" $file > $manager
sed -e "s@INSERT_SPONSOR_CA_CERT@$(cat $replacementSponsor)@g" $manager > $sponsor
sed -e "s@INSERT_ORDERER_CA_CERT@$(cat $replacementOrderer)@g" $sponsor > $partFinal
sed $"s/\±/\\\n/g" $partFinal > $final
echo "Creating connection profile for manager"
cp /tmp/composer/proaFinal.json /tmp/composer/manager/proaManager.json
ex -sc '4i|"client": {
"organization": "Manager",
"connection": {
"timeout": {
"peer": {
"endorser": "300",
"eventHub": "300",
"eventReg": "300"
},
"orderer": "300"
}
}
},' -cx /tmp/composer/manager/proaManager.json
echo "Creating connection profile for sponsor"
cp /tmp/composer/proaFinal.json /tmp/composer/sponsor/proaSponsor.json
ex -sc '4i|"client": {
"organization": "Sponsor",
"connection": {
"timeout": {
"peer": {
"endorser": "300",
"eventHub": "300",
"eventReg": "300"
},
"orderer": "300"
}
}
},' -cx /tmp/composer/sponsor/proaSponsor.json
#-------------------
#-- MANAGER
#-------------------
echo "Getting the certificates for administrator of manager"
export MANAGER=crypto-config/peerOrganizations/manager.example.com/users/Admin@manager.example.com/msp
cp -p $MANAGER/signcerts/A*.pem /tmp/composer/manager
cp -p $MANAGER/keystore/*_sk /tmp/composer/manager
echo "Creating card for manager"
composer card create -p /tmp/composer/manager/proaManager.json -u PeerAdmin -c /tmp/composer/manager/Admin@manager.example.com-cert.pem -k /tmp/composer/manager/*_sk -r PeerAdmin -r ChannelAdmin -f PeerAdmin@proaManager.card
echo "Importing card for manager"
composer card import -f PeerAdmin@proaManager.card --card PeerAdmin@proaManager
composer network install --card PeerAdmin@proaManager --archiveFile example-network@0.0.1.bna
cp endorsement-policy.json /tmp/composer/endorsement-policy.json
echo "Retrieving business network administrator certificates for Manager"
composer identity request -c PeerAdmin@proaManager -u admin -s adminpw -d andreim
#-------------------
#-- START NETWORK
#-------------------
echo "Starting the business network"
composer network start -c PeerAdmin@proaManager -n example-network -V 0.0.1 -o endorsementPolicyFile=/tmp/composer/endorsement-policy.json -A andreim -C andreim/admin-pub.pem
echo "Creating a business network card to access the business network as Manager"
composer card create -p /tmp/composer/manager/proaManager.json -u andreim -n example-network -c andreim/admin-pub.pem -k andreim/admin-priv.pem
composer card import -f andreim@example-network.card
composer network ping -c andreim@example-network
在赞助者组织/主持人上安装.bna的脚本:
cat << "EOF"
"
EOF
echo "Removing existing cards if any"
rm -fr $HOME/.composer
echo "Creating temporary directories"
mkdir -p /tmp/composer/manager
mkdir -p /tmp/composer/sponsor
echo "Pasting certificates in tmp/composer/..."
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/peerOrganizations/manager.example.com/peers/peer0.manager.example.com/tls/ca.crt > /tmp/composer/manager/ca-manager.txt
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/peerOrganizations/sponsor.example.com/peers/peer0.sponsor.example.com/tls/ca.crt > /tmp/composer/sponsor/ca-sponsor.txt
awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/ca.crt > /tmp/composer/ca-orderer.txt
echo "Creating the connection profile file"
cp connectionProfile.json /tmp/composer/example-network.json
echo "Adding the certificates in connection profile"
replacementManager="/tmp/composer/manager/ca-manager.txt"
replacementSponsor="/tmp/composer/sponsor/ca-sponsor.txt"
replacementOrderer="/tmp/composer/ca-orderer.txt"
file="/tmp/composer/example-network.json"
manager="/tmp/composer/proaManager.json"
sponsor="/tmp/composer/proaSponsor.json"
final="/tmp/composer/proaFinal.json"
partFinal="/tmp/composer/partFinal.json"
sed -i 's/\\n/±/g' $replacementManager
sed -i 's/\\n/±/g' $replacementSponsor
sed -i 's/\\n/±/g' $replacementOrderer
sed -e "s@INSERT_MANAGER_CA_CERT@$(cat $replacementManager)@g" $file > $manager
sed -e "s@INSERT_SPONSOR_CA_CERT@$(cat $replacementSponsor)@g" $manager > $sponsor
sed -e "s@INSERT_ORDERER_CA_CERT@$(cat $replacementOrderer)@g" $sponsor > $partFinal
sed $"s/\±/\\\n/g" $partFinal > $final
echo "Creating connection profile for manager"
cp /tmp/composer/proaFinal.json /tmp/composer/manager/proaManager.json
ex -sc '4i|"client": {
"organization": "Manager",
"connection": {
"timeout": {
"peer": {
"endorser": "300",
"eventHub": "300",
"eventReg": "300"
},
"orderer": "300"
}
}
},' -cx /tmp/composer/manager/proaManager.json
echo "Creating connection profile for sponsor"
cp /tmp/composer/proaFinal.json /tmp/composer/sponsor/proaSponsor.json
ex -sc '4i|"client": {
"organization": "Sponsor",
"connection": {
"timeout": {
"peer": {
"endorser": "300",
"eventHub": "300",
"eventReg": "300"
},
"orderer": "300"
}
}
},' -cx /tmp/composer/sponsor/proaSponsor.json
#-------------------
#-- SPONSOR
#-------------------
echo "Getting the certificates for administrator of sponsor"
export SPONSOR=crypto-config/peerOrganizations/sponsor.example.com/users/Admin@sponsor.example.com/msp
cp -p $SPONSOR/signcerts/A*.pem /tmp/composer/sponsor
cp -p $SPONSOR/keystore/*_sk /tmp/composer/sponsor
echo "Creating card for sponsor"
composer card create -p /tmp/composer/sponsor/proaSponsor.json -u PeerAdmin -c /tmp/composer/sponsor/Admin@sponsor.example.com-cert.pem -k /tmp/composer/sponsor/*_sk -r PeerAdmin -r ChannelAdmin -f PeerAdmin@proaSponsor.card
echo "Importing card for Sponsor"
composer card import -f PeerAdmin@proaSponsor.card --card PeerAdmin@proaSponsor
composer network install --card PeerAdmin@proaSponsor --archiveFile example-network@0.0.1.bna
cp endorsement-policy.json /tmp/composer/endorsement-policy.json
echo "Retrieving business network administrator certificates for Sponsor"
composer identity request -c PeerAdmin@proaSponsor -u admin -s adminpw -d andreis
#-------------------
#-------------------
echo "Creating a business network card to access the business network as Sponsor"
composer card create -p /tmp/composer/sponsor/proaSponsor.json -u andreis -n example-network -c andreis/admin-pub.pem -k andreis/admin-priv.pem
composer card import -f andreis@example-network.card
composer network ping -c andreis@example-network
在对连接配置文件的结构进行较小的更新之后,在两台主机上安装.bna都可以正常工作,并且我能够从主机1启动网络。
仅当我提交网络ping命令时遇到的新问题。这就是我收到的主机1的信息:
Error: Error trying invoke business network. Error: Peer localhost:7051 has rejected transaction '92a332f3c48fa4f1f3e1b858d9f21cf49d191205f1e5da7c3a4724e193ed8974' with code ENDORSEMENT_POLICY_FAILURE
这是当我在主机2上ping时
Error: Error trying to ping. Error: transaction returned with failure: Error: The current identity, with the name 'admin' and the identifier 'ca847f358ae8007968e02b194ed034fe82d55595ec2f7961a570de0c89fdd481', has not been registered
更新:
在主机1上,创建了两个新容器dev-peer1.manager ...和dev-peer0.manager ...,但是在主机2上,仅出现了一个新容器dev-peer0.sponsor ...
更新2
这是我更新锚点对等点后来自peer0.manager的信息:
2018-10-03 07:25:56.656 UTC [gossip/gossip] learnAnchorPeers -> INFO 035 Anchor peer with same endpoint, skipping connecting to myself
2018-10-03 07:25:56.656 UTC [gossip/service] updateEndpoints -> WARN 036 Failed to update ordering service endpoints, due to Channel with mychannel id was not found
2018-10-03 07:25:56.668 UTC [kvledger] CommitWithPvtData -> INFO 037 Channel [mychannel]: Committed block [1] with 1 transaction(s)
2018-10-03 07:25:56.689 UTC [gossip/gossip] learnAnchorPeers -> INFO 038 Anchor peer with same endpoint, skipping connecting to myself
2018-10-03 07:25:56.689 UTC [gossip/service] updateEndpoints -> WARN 039 Failed to update ordering service endpoints, due to Channel with mychannel id was not found
2018-10-03 07:25:56.709 UTC [kvledger] CommitWithPvtData -> INFO 03a Channel [mychannel]: Committed block [2] with 1 transaction(s)
2018-10-03 07:25:58.731 UTC [gossip/comm] func1 -> WARN 03b peer0.sponsor.example.com:7051, PKIid:[243 157 143 36 230 129 13 112 17 86 197 255 202 84 128 217 169 218 84 171 24 5 85 85 183 248 81 52 115 118 126 40] isn't responsive: EOF
2018-10-03 07:25:58.731 UTC [gossip/discovery] expireDeadMembers -> WARN 03c Entering [[243 157 143 36 230 129 13 112 17 86 197 255 202 84 128 217 169 218 84 171 24 5 85 85 183 248 81 52 115 118 126 40]]
2018-10-03 07:25:58.731 UTC [gossip/discovery] expireDeadMembers -> WARN 03d Closing connection to Endpoint: peer0.sponsor.example.com:7051, InternalEndpoint: , PKI-ID: [243 157 143 36 230 129 13 112 17 86 197 255 202 84 128 217 169 218 84 171 24 5 85 85 183 248 81 52 115 118 126 40], Metadata: []
2018-10-03 07:25:58.731 UTC [gossip/discovery] expireDeadMembers -> WARN 03e Exiting
2018-10-03 07:25:58.761 UTC [gossip/discovery] resurrectMember -> INFO 03f Entering, AliveMessage: GossipMessage: tag:EMPTY alive_msg:<membership:<endpoint:"peer0.sponsor.example.com:7051" pki_id:"\363\235\217$\346\201\rp\021V\305\377\312T\200\331\251\332T\253\030\005UU\267\370Q4sv~(" > timestamp:<inc_num:1538551519456217249 seq_num:41 > > , Envelope: 83 bytes, Signature: 70 bytes t: {1538551519456217249 41}
2018-10-03 07:25:58.761 UTC [gossip/discovery] resurrectMember -> INFO 040 Exiting
我应该担心警告吗?如果我将大理石链代码安装到对等节点,则一切正常……我可以查询所有具有正确结果的对等节点。
答案 0 :(得分:0)
如果要在两台具有相同版本(同一.bna文件)的单独主机上,必须安装,创建和导入 BND 不,那是行不通的。并在其中一台主机中启动 BND
我注意到的另一件事是,我找不到在第二台主机上安装BND的脚本。就像您将所有内容都安装在主机1中一样。
#-------------------
#-- SPONSOR
#-------------------
echo "Getting the certificates for administrator of sponsor"
export SPONSOR=crypto-config/peerOrganizations/sponsor.example.com/users/Admin@sponsor.example.com/msp
cp -p $SPONSOR/signcerts/A*.pem /tmp/composer/sponsor
cp -p $SPONSOR/keystore/*_sk /tmp/composer/sponsor
echo "Creating card for sponsor"
composer card create -p /tmp/composer/sponsor/exampleSponsor.json -u PeerAdmin -c /tmp/composer/sponsor/Admin@sponsor.example.com-cert.pem -k /tmp/composer/sponsor/*_sk -r PeerAdmin -r ChannelAdmin -f PeerAdmin@exampleSponsor.card
echo "Importing card for Sponsor"
composer card import -f PeerAdmin@exampleSponsor.card --card PeerAdmin@exampleSponsor
composer network install --card PeerAdmin@exampleSponsor --archiveFile example-network@0.0.1.bna
cp endorsement-policy.json /tmp/composer/endorsement-policy.json
echo "Retrieving business network administrator certificates for Sponsor"
composer identity request -c PeerAdmin@exampleSponsor -u admin -s adminpw -d andreis
此部分必须在您的主机2中执行。
您必须遵循的步骤。
(总是假设赞助者将在主持人2中)
请随时询问您是否有疑问,并对我的英语生锈:)