HLF 1.2单个组织,订购者记录“身份是其他MSP的成员”

时间:2018-10-10 06:18:01

标签: hyperledger-fabric hyperledger

LS

我已经安装了HLF 1.2,并已经安装了织物样品。 使用基本文件,从头开始构建网络。

Fabric-peer,fabric-orderer,fabric-couchdb和fabric-ca的容器正在运行。

节选自 订购者日志-“ 0xc42000e108身份0不满足委托人:身份是其他MSP的成员(预期的OrdererMSP,获得了Org1MSP)”

configtx.yaml看起来像

` 组织:

# SampleOrg defines an MSP using the sampleconfig.  It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
    # DefaultOrg defines the organization which is used in the sampleconfig
    # of the fabric.git development environment
    Name: OrdererOrg

    # ID to load the MSP definition as
    ID: OrdererMSP

    # MSPDir is the filesystem path which contains the MSP configuration
    MSPDir: crypto-config/ordererOrganizations/example.com/msp

    Policies: &OrdererOrgPolicies
        Readers:
            Type: Signature
            Rule: "OR('OrdererMSP.member')"
            # If your MSP is configured with the new NodeOUs, you might
            # want to use a more specific rule like the following:
            # Rule: "OR('OrdererMSP.admin', 'OrdererMSP.peer', 'OrdererMSP.client')"
        Writers:
            Type: Signature
            Rule: "OR('OrdererMSP.member')"
            # If your MSP is configured with the new NodeOUs, you might
            # want to use a more specific rule like the following:
            # Rule: "OR('OrdererMSP.admin', 'OrdererMSP.client')"
        Admins:
            Type: Signature
            Rule: "OR('OrdererMSP.admin')"

- &Org1
    # DefaultOrg defines the organization which is used in the sampleconfig
    # of the fabric.git development environment
    Name: Org1MSP

    # ID to load the MSP definition as
    ID: Org1MSP

    # MSPDir is the filesystem path which contains the MSP configuration
    MSPDir: crypto-config/peerOrganizations/org1.example.com/msp

    # Policies defines the set of policies at this level of the config tree
    # For organization policies, their canonical path is usually
    #   /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
    Policies: &Org1Policies
        Readers:
            Type: Signature
            Rule: "OR('Org1MSP.member')"
            # If your MSP is configured with the new NodeOUs, you might
            # want to use a more specific rule like the following:
            # Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
        Writers:
            Type: Signature
            Rule: "OR('Org1MSP.member')"
            # If your MSP is configured with the new NodeOUs, you might
            # want to use a more specific rule like the following:
            # Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
        Admins:
            Type: Signature
            Rule: "OR('Org1MSP.admin')"

    AnchorPeers:
        # AnchorPeers defines the location of peers which can be used
        # for cross org gossip communication.  Note, this value is only
        # encoded in the genesis block in the Application section context
        - Host: peer0.org1.example.com
          Port: 7051

应用程序:&ApplicationDefaults     ACL:&ACLsDefault 

    lscc/ChaincodeExists: /Channel/Application/Readers

    lscc/GetDeploymentSpec: /Channel/Application/Readers

    lscc/GetChaincodeData: /Channel/Application/Readers

    lscc/GetInstantiatedChaincodes: /Channel/Application/Readers

    qscc/GetChainInfo: /Channel/Application/Readers

    qscc/GetBlockByNumber: /Channel/Application/Readers

    qscc/GetBlockByHash: /Channel/Application/Readers

    qscc/GetTransactionByID: /Channel/Application/Readers

    qscc/GetBlockByTxID: /Channel/Application/Readers

    cscc/GetConfigBlock: /Channel/Application/Readers

    cscc/GetConfigTree: /Channel/Application/Readers

    cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers

    peer/Propose: /Channel/Application/Writers

    peer/ChaincodeToChaincode: /Channel/Application/Readers

    event/Block: /Channel/Application/Readers

    event/FilteredBlock: /Channel/Application/Readers

# Organizations is the list of orgs which are defined as participants on
# the application side of the network
Organizations:

# Policies defines the set of policies at this level of the config tree
# For Application policies, their canonical path is
#   /Channel/Application/<PolicyName>
Policies: &ApplicationDefaultPolicies
    Readers:
        Type: ImplicitMeta
        Rule: "ANY Readers"
    Writers:
        Type: ImplicitMeta
        Rule: "ANY Writers"
    Admins:
        Type: ImplicitMeta
        Rule: "MAJORITY Admins"
    Org1MemberPolicy:
        Type: Signature
        Rule: "OR('Org1MSP.member')"

订购者:&OrdererDefaults 

# Orderer Type: The orderer implementation to start
# Available types are "solo" and "kafka"
OrdererType: solo

Addresses:
    - orderer.example.com:7050

# Batch Timeout: The amount of time to wait before creating a batch
BatchTimeout: 2s

# Batch Size: Controls the number of messages batched into a block
BatchSize:

    # Max Message Count: The maximum number of messages to permit in a batch
    MaxMessageCount: 10

    # Absolute Max Bytes: The absolute maximum number of bytes allowed for
    # the serialized messages in a batch.
    AbsoluteMaxBytes: 99 MB

    # Preferred Max Bytes: The preferred maximum number of bytes allowed for
    # the serialized messages in a batch. A message larger than the preferred
    # max bytes will result in a batch larger than preferred max bytes.
    PreferredMaxBytes: 512 KB

Kafka:
    # Brokers: A list of Kafka brokers to which the orderer connects
    # NOTE: Use IP:port notation
    Brokers:
        - 127.0.0.1:9092

# Organizations is the list of orgs which are defined as participants on
# the orderer side of the network
Organizations:

# Policies defines the set of policies at this level of the config tree
# For Orderer policies, their canonical path is
#   /Channel/Orderer/<PolicyName>
Policies:
    Readers:
        Type: ImplicitMeta
        Rule: "ANY Readers"
    Writers:
        Type: ImplicitMeta
        Rule: "ANY Writers"
    Admins:
        Type: ImplicitMeta
        Rule: "MAJORITY Admins"

    # BlockValidation specifies what signatures must be included in the block
    # from the orderer for the peer to validate it.
    BlockValidation:
        Type: ImplicitMeta
        Rule: "ANY Writers"

频道:&ChannelDefaults     #策略在配置树的此级别定义策略集     #对于渠道策略,其规范路径为     #/频道/     政策:         #谁可以调用“传递” API         读者:             类型:ImplicitMeta             规则:“任何读者”         #谁可以调用“广播” API         作家:             类型:ImplicitMeta             规则:“任何作家”         #默认情况下,谁可以在此配置级别修改元素         管理员:             类型:ImplicitMeta             规则:“多数管理员”

个人资料:

OneOrgOrdererGenesis:
    <<: *ChannelDefaults
    Orderer:
        <<: *OrdererDefaults
        Organizations:
            - <<: *OrdererOrg
              Policies:
                  <<: *OrdererOrgPolicies
                  Admins:
                      Type: Signature
                      Rule: "OR('OrdererMSP.member')"
    Consortiums:
        SampleConsortium:
            Organizations:
                - <<: *Org1
                  Policies:
                      <<: *Org1Policies
                      Admins:
                            Type: Signature
                            Rule: "OR('Org1MSP.member')"

OneOrgChannel:
    Consortium: SampleConsortium
    Application:
        <<: *ApplicationDefaults
        Organizations:
            - *Org1

`

Docker日志

2018-10-09 10:02:12.830 UTC [cauthdsl] func2 -> DEBU 0b9 0xc42000e108 identity 0 does not satisfy principal: the identity is a member of a different MSP (expected OrdererMSP, got Org1MSP) 2018-10-09 10:02:12.830 UTC [cauthdsl] func2 -> DEBU 0ba 0xc42000e108 principal evaluation fails 2018-10-09 10:02:12.830 UTC [cauthdsl] func1 -> DEBU 0bb 0xc42000e108 gate 1539079332829377323 evaluation fails 2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0bc Signature set did not satisfy policy /Channel/Orderer/OrdererOrg/Writers 2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0bd == Done Evaluating *cauthdsl.policy Policy /Channel/Orderer/OrdererOrg/Writers 2018-10-09 10:02:12.831 UTC [policies] func1 -> DEBU 0be Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ OrdererOrg.Writers ] 2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0bf Signature set did not satisfy policy /Channel/Orderer/Writers 2018-10-09 10:02:12.831 UTC [policies] Evaluate -> DEBU 0c0 == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Orderer/Writers 2018-10-09 10:02:12.831 UTC [policies] func1 -> DEBU 0c1 Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Orderer.Writers Consortiums.Writers ] 2018-10-09 10:02:12.832 UTC [policies] Evaluate -> DEBU 0c2 Signature set did not satisfy policy /Channel/Writers 2018-10-09 10:02:12.832 UTC [policies] Evaluate -> DEBU 0c3 == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Writers 2018-10-09 10:02:12.833 UTC [orderer/common/broadcast] Handle -> WARN 0c4 [channel: ppchannel] Rejecting broadcast of config message from 172.26.0.5:54388 because of error: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied 2018-10-09 10:02:12.833 UTC [orderer/common/server] func1 -> DEBU 0c5 Closing Broadcast stream 2018-10-09 10:02:12.837 UTC [common/deliver] Handle -> WARN 0c6 Error reading from 172.26.0.5:54386: rpc error: code = Canceled desc = context canceled 2018-10-09 10:02:12.839 UTC [orderer/common/server] func1 -> DEBU 0c7 Closing Deliver stream

./ startfabric.sh错误并显示以下消息

# Create the channel docker exec -e "CORE_PEER_LOCALMSPID=Org1MSP" -e "CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin@org1.example.com/msp" peer0.org1.example.com peer channel create -o orderer.example.com:7050 -c ppchannel -f /etc/hyperledger/configtx/channel.tx 2018-10-09 10:02:12.812 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized Error: got unexpected status: FORBIDDEN -- Failed to reach implicit threshold of 1 sub-policies, required 1 remaining: permission denied

感谢您的时间和投入。

谢谢

0 个答案:

没有答案
相关问题
最新问题