toggle quoted messageShow quoted text
There should be no issue using k8s for Fabric gossip, and there should be no reason you need to expose anything other than port 443 externally. Expose your endpoints as subdomains on 443 and map those subdomains to appropriate ports internally. K8s has all the tools required to setup a network in this manner.
On Thu, Oct 31, 2019 at 11:55 AM Nye Liu <nye@...
I had this issue as well with k8s.
k8s is a disaster for p2p protocols, it is a very bad match.
Great for monolithic microservice stacks, not much else.
When get stuff running on
k8s and behind load balancer or proxy, you do not get chance
to use port 7051. As a matter of fact, on k8s in majority of
cases your port wont be 7051, that does not mean other ports
are not open. Just saying that we should not assume that it
will be always port 7051.
On Thursday, October 31, 2019, 9:33:59 AM EDT, Yacov
If you have trouble
opening ports between
companies, you shouldn't use a Blockchain at all,
since Blockchain is a
decentralized peer to peer protocol.
All peer to peer
through the same port (7051 by default), it's not like
you need to open
[Hyperledger Fabric] Major security hole in
Hyperledger Fabric - Private
Data is not private #fabric #fabric-questions
#dstorage #dstorage-fabric #fabric-chaincode #ssl
Hi Dave, Alexandre, Yacov, Ivan
I think private data’s p2p connection is
a real problem
(partially agree with Ivan).
In some commercial scenario, we need to open firewalls
for every company
connecting to each other, which is a disaster for
And that is not the end of story. When a
new company needs
to join the existing fabric network, it needs to
connect to each company.
Again, we need to open firewalls, not only for the one
newly joining, but
also for those already joined. Hard to explain to
everyone why a new company
joining leads to such a tremendous configuration
change. You don’t know
how terrible it is you get challenged by IT
departments of those companies
ONE BY ONE, and you have no solution.
Do you have solution for such issue?
Thank you all