I'm very much new to blockchain and hyperledger. I'm trying to setup my first network with 8 orgs containing 3 peers each and 7 orderers. Everything is working fine using docker-compose. I'm trying to replicate the same on kubernetes following this tutorial https://github.com/hyfen-nl/PIVT. All the stages of chaincode right from packaging till checking for commit readiness are giving a positive and desired response. However, committing the chaincode fails with
2022-06-20 12:35:38.641 UTC [chaincodeCmd] ClientWait -> INFO 0a0 txid [619d23f6fac89442c9f858749e6c2c809a7a1833373a634cd4cb56a2660bb84e] committed with status (ENDORSEMENT_POLICY_FAILURE) at peer0.ni.example.org:7051
2022-06-20 12:35:38.641 UTC [chaincodeCmd] ClientWait -> INFO 0a1 txid [619d23f6fac89442c9f858749e6c2c809a7a1833373a634cd4cb56a2660bb84e] committed with status (ENDORSEMENT_POLICY_FAILURE) at peer0.es.example.org:7051
2022-06-20 12:35:38.644 UTC [chaincodeCmd] ClientWait -> INFO 0a2 txid [619d23f6fac89442c9f858749e6c2c809a7a1833373a634cd4cb56a2660bb84e] committed with status (ENDORSEMENT_POLICY_FAILURE) at peer0.highereducation.example.org:7051
2022-06-20 12:35:38.644 UTC [chaincodeCmd] ClientWait -> INFO 0a3 txid [619d23f6fac89442c9f858749e6c2c809a7a1833373a634cd4cb56a2660bb84e] committed with status (ENDORSEMENT_POLICY_FAILURE) at peer0.schooleducation.example.org:7051
Error: transaction invalidated with status (ENDORSEMENT_POLICY_FAILURE)
The following is a part of configtx.yaml which I'm using and is the same file used while setting up using docker-compose except for minor changes like using different port numbers.
# Policies defines the set of policies at this level of the config tree
# For organization policies, their canonical path is usually
# /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Ni
Name: NiMSP
ID: NiMSP
MSPDir: crypto-config/peerOrganizations/ni.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('NiMSP.admin', 'NiMSP.peer', 'NiMSP.client')"
Writers:
Type: Signature
Rule: "OR('NiMSP.admin', 'NiMSP.client')"
Admins:
Type: Signature
Rule: "OR('NiMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('NiMSP.peer')"
AnchorPeers:
- Host: peer0.ni.example.org
Port: 7051
- &Schooleducation
Name: SchooleducationMSP
ID: SchooleducationMSP
MSPDir: crypto-config/peerOrganizations/schooleducation.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('SchooleducationMSP.admin', 'SchooleducationMSP.peer', 'SchooleducationMSP.client')"
Writers:
Type: Signature
Rule: "OR('SchooleducationMSP.admin', 'SchooleducationMSP.client')"
Admins:
Type: Signature
Rule: "OR('SchooleducationMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('SchooleducationMSP.peer')"
AnchorPeers:
- Host: peer0.schooleducation.example.org
Port: 7051
- &Highereducation
Name: HighereducationMSP
ID: HighereducationMSP
MSPDir: crypto-config/peerOrganizations/highereducation.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('HighereducationMSP.admin', 'HighereducationMSP.peer', 'HighereducationMSP.client')"
Writers:
Type: Signature
Rule: "OR('HighereducationMSP.admin', 'HighereducationMSP.client')"
Admins:
Type: Signature
Rule: "OR('HighereducationMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('HighereducationMSP.peer')"
AnchorPeers:
- Host: peer0.highereducation.example.org
Port: 7051
- &Es
Name: EsMSP
ID: EsMSP
MSPDir: crypto-config/peerOrganizations/esevai.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('EsMSP.admin', 'EsMSP.peer', 'EsMSP.client')"
Writers:
Type: Signature
Rule: "OR('EsMSP.admin', 'EsMSP.client')"
Admins:
Type: Signature
Rule: "OR('EsMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('EsMSP.peer')"
AnchorPeers:
- Host: peer0.es.example.org
Port: 7051
- &Igr
Name: IgrMSP
ID: IgrMSP
MSPDir: crypto-config/peerOrganizations/igr.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('IgrMSP.admin', 'IgrMSP.peer', 'IgrMSP.client')"
Writers:
Type: Signature
Rule: "OR('IgrMSP.admin', 'IgrMSP.client')"
Admins:
Type: Signature
Rule: "OR('IgrMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('IgrMSP.peer')"
AnchorPeers:
- Host: peer0.igr.example.org
Port: 7051
- &Forest
Name: ForestMSP
ID: ForestMSP
MSPDir: crypto-config/peerOrganizations/forest.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('ForestMSP.admin', 'ForestMSP.peer', 'ForestMSP.client')"
Writers:
Type: Signature
Rule: "OR('ForestMSP.admin', 'ForestMSP.client')"
Admins:
Type: Signature
Rule: "OR('ForestMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('ForestMSP.peer')"
AnchorPeers:
- Host: peer0.forest.example.org
Port: 7051
- &Handicrafts
Name: HandicraftsMSP
ID: HandicraftsMSP
MSPDir: crypto-config/peerOrganizations/handicrafts.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('HandicraftsMSP.admin', 'HandicraftsMSP.peer', 'HandicraftsMSP.client')"
Writers:
Type: Signature
Rule: "OR('HandicraftsMSP.admin', 'HandicraftsMSP.client')"
Admins:
Type: Signature
Rule: "OR('HandicraftsMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('HandicraftsMSP.peer')"
AnchorPeers:
- Host: peer0.handicrafts.example.org
Port: 7051
- &ITDepartment
Name: ITDepartmentMSP
ID: ITDepartmentMSP
MSPDir: crypto-config/peerOrganizations/itdepartment.example.org/msp
Policies:
Readers:
Type: Signature
Rule: "OR('ITDepartmentMSP.admin', 'ITDepartmentMSP.peer', 'ITDepartmentMSP.client')"
Writers:
Type: Signature
Rule: "OR('ITDepartmentMSP.admin', 'ITDepartmentMSP.client')"
Admins:
Type: Signature
Rule: "OR('ITDepartmentMSP.admin')"
Endorsement:
Type: Signature
Rule: "OR('ITDepartmentMSP.peer')"
AnchorPeers:
- Host: peer0.itdepartment.example.org
Port: 7051
# /Channel/Application/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Endorsement:
Type: ImplicitMeta
Rule: "MAJORITY Endorsement"
Capabilities:
<<: *ApplicationCapabilities
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Below is the output for check commit readiness command:
{
"approvals": {
"EsMSP": true,
"HighereducationMSP": true,
"NiMSP": true,
"SchooleducationMSP": true
}
}
Command for approving the chaincode:
peer lifecycle chaincode approveformyorg --tls --cafile /hl_config/orderer-tlsca/tlscacert.pem --channelID certificatechannel --name cc --version 1 --package-id cc_1:1234567.....4965 --sequence 1 --waitForEvent
Command for committing the chaincode:
peer lifecycle chaincode commit -o orderer1.example.org:7050 --channelID certificatechannel --name cc --version 1 --sequence 1 --tls --cafile /hl_config/orde
rer-tlsca/tlscacert.pem --peerAddresses peer0.ni.example.org:7051 --tlsRootCertFiles /etc/hyperledger/fabric/crypto-config/peerOrganizations/ni.tnega.org/peers/peer0.ni.
example.org/tls/ca.crt --peerAddresses peer0.schooleducation.example.org:7051 --tlsRootCertFiles /etc/hyperledger/fabric/crypto-config/peerOrganizations/schooleducation.example.org/peers/peer0.schooleducation.example.org/tls/ca.crt --peerAddresses peer0.highereducation.example.org:7051 --tlsRootCertFiles /etc/hyperledger/fabric/crypto-config/pe
erOrganizations/highereducation.example.org/peers/peer0.highereducation.example.org/tls/ca.crt --peerAddresses peer0.es.example.org:7051 --tlsRootCertFiles /etc/hyperledger/fabric/crypto-config/peerOrganizations/es.example.org/peers/peer0.es.example.org/tls/ca.crt
What I've tried:
I've tried running commit command passing one peer address of only one org at a time and received the same output.
I've tried running commit command passing one peer address of all the orgs that have approved the chaincode and have recieved the same output.
I tried executing the command from inside one of the peers.
Note:
-------
I'm making use of argo workflows along with helm templates and kubernetes to automate the chaincode process.
Any help is much appreciated. Thanks in advance!
