Date   

Documentation Workgroup: Agenda for Friday, 29 Mar

Anthony O'Dowd
 

Hi All,

We will hold the documentation workgroup on Friday, 29 Mar. We run the meeting twice during the day to make it easier for both Eastern and Western hemispheres.  See meeting times at the bottom of this note.  Please note that for the Western hemisphere, if you're joining from a European timezone, the call will be an hour earlier to accommodate our colleagues in the US who have moved to Daylight Savings. Next week we resume normal time zones!

We'll start this week's call with an update on V2.0 development status with Pam and Joe. Now that the Developing application context topic has been merged, (thanks again to reviewers), we won't be revisiting it for a while. Last week we had an excellent review on the new Advanced Commercial Paper sample, and we'll be incorporating lots of the feedback into the design of the sample program and documentation/tutorials.

We'll continue this week with Nik, who'll give us an update on the chaincode lifecycle topic.  It was a great session last time, so it will be interesting to see how this topic has developed.  Joe will continue the discussion, bring us up-to-date on the new orderer documentation, of which there are multiple subtopics. Again, this a significant new addition to V2, so thanks to Joe for this.

Pam has two areas to discuss this week.  Firstly, she'll cover the latest on policy --  a topic the workgroup to which the WG has had a healthy input. Secondly, Pam would like to have a discussion on diagrams within the documentation.  At the moment, we have a variety of diagram styles, all quite closely related, which might benefit from a little more coherence. Pam will lead a discussion on where we are right now, and how we might like to collectively evolve our approach to make diagrams a little more standardized.

If you'd like to contribute to these or another topic, please join the call -- there are now lots of people who are keen to help you contribute to the documentation!

The full agenda is available for you to read here : https://drive.google.com/open?id=1TUHW98XzFPfVevnY4Hi7PJXSlHNTR4_s
Feel free to post comments to the mailing list, so that we can include at the meeting. Or you can just come along, listen and discuss - you're always welcome!

Very best regards, Anthony.

Meeting Details
-------------
Please use the following link to attend the meeting:  https://zoom.us/j/6223336701

Zoom should work in the browser.  I will open the call 5 minutes early so that folks can test it out. I'll also monitor the RocketChat at https://chat.hyperledger.org/channel/fabric-release so that if anyone has issues, ping me there!

More Zoom connection options at the bottom of this note.

The meeting times are as follows:

Meeting 78A: Friday 29 Mar
                   1130 India Standard Time
                   1400 China Standard Time
                   1500 Japan Standard Time
                   1700 Australia Eastern Time
                   1400 Singapore Time
                   1000 Gulf Standard Time
                   0900 Moscow Standard Time
                   0600 Greenwich Mean Time
                   0700 Central European Time
   
Meeting 78B: Friday 29 Mar
              1000 Central Daylight Time
                   1100 Eastern Daylight Time
                   0800 Pacific Daylight Time
                   1200 Brasil Standard Time
                   1500 Greenwich Mean Time
                   1600 Central European Time
                   1700 Moscow Standard Time
 
More Zoom details
----------------

Join from PC, Mac, Linux, iOS or Android: https://zoom.us/j/6223336701



Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU


Re: #fabric-ca #fabric-ca

Vishal
 

Hi Nick,

Client certificates need not to be issued by fabric ca.
You can generate self signed CA + client certificate using open ssl.
Here is a nice explanation:

Below configuration ensure that the self signed CA cert & other certificates issued by this CA are trusted by the peer.
CORE_PEER_TLS_CLIENTROOTCAS_FILES =  Self signed CA certificate


On Thu 28 Mar, 2019, 4:34 PM Nick Frunza, <nfrunza@...> wrote:
Another question is, how to generate the client key, and cert., and both key, cert needs to be on fabric-ca server registered?  it is not clear, and what type of tools we can use to generate both.

nik

On Thu, Mar 28, 2019 at 8:33 AM Nick Frunza <nfrunza@...> wrote:
Thank for the prompt reply, we are trying to use a fabric samples that has mutual TLS enabled with HLExplorer as a client, but looks like fabric doesn't provide one, will have to modify the balance transfer client in order to use mutual TLS.

Another question is, how to generate the client key, and cert., and both key, cert needs to be on fabric-ca server registered?  it is not clear, and what type of tools we can use to generate both.

nik


On Thu, Mar 28, 2019 at 3:23 AM Vishal <vishal3152@...> wrote:
Hi Nick,

The error message clearly says that the server (peer) did not receive the correct client certificate.
I assume along with CORE_PEER_TLS_CLIENTAUTHREQUIRED = true, you have set below env variables correctly
  • CORE_PEER_TLS_CLIENTROOTCAS_FILES =  CA certificate
  • CORE_PEER_TLS_CLIENTCERT_FILE = client certificate
  • CORE_PEER_TLS_CLIENTKEY_FILE = client key
You may use the fabric-ca to generate these client certificates. If you wish to use Openssl to generate client certs, keep in mind RSA keys are not supported by fabric.

You have to assign these certificates to client instance as well. I prefer to do it this way. 

 
I would have used curl to verify 2way tls authentication configuration, if it was https.
curl -v --cacert ./ca.crt --key ./client.key --cert ./client.crt https://abc.com


Furthermore, you may check out this blog, could be of some help.

Kind regards
Vishal Yadav



On Thu, Mar 28, 2019 at 1:07 AM Nick Frunza <nfrunza@...> wrote:
Hello,

Are there any fabric samples with Mutual TLS enabled, aka. CORE_PEER_TLS_CLIENTAUTHREQUIRED=true ?
I enabled balance transfer with Mutual TLS, but it fails when running testAPI.sh with error:

2019-03-27T20:57:05.419Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7051
[2019-03-27 16:57:05.419] [ERROR] Query - Error: Failed to connect before the deadline URL:grpcs://localhost:7051
    at checkState (/home/mn/git/fabric-network/fabric-samples/balance-transfer/node_modules/grpc/src/client.js:720:16)
E0327 16:57:10.541722858    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.

E0327 16:57:10.541763890    7375 ssl_transport_security.cc:1227] Handshake failed with fatal error SSL_ERROR_SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate.
E0327 16:57:12.156285882    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.


thank you

Nik



--
Nik Frunza



--
Nik Frunza


Re: Fabric-ca TLS configuration #fabric-ca

Vishal
 

The only reason I can think of is ' the convenience'. It is bad practice though.
If CA private keys are comprised, then both the layer of security would collapse.

Regards,
Vishal

On Thu 28 Mar, 2019, 9:02 PM Jonathan C., <chevalier.jonathan@...> wrote:
Hi,

Is there any specific reason that most of the project use the same certificate for FABRIC_CA_SERVER_CA_CERTFILE & FABRIC_CA_SERVER_TLS_CERTFILE ? (same for private key)

Regards,

Jonathan.


Fabric-ca TLS configuration #fabric-ca

Jonathan C.
 

Hi,

Is there any specific reason that most of the project use the same certificate for FABRIC_CA_SERVER_CA_CERTFILE & FABRIC_CA_SERVER_TLS_CERTFILE ? (same for private key)

Regards,

Jonathan.


Re: #fabric-ca #fabric-ca

Nick Frunza
 

Another question is, how to generate the client key, and cert., and both key, cert needs to be on fabric-ca server registered?  it is not clear, and what type of tools we can use to generate both.

nik

On Thu, Mar 28, 2019 at 8:33 AM Nick Frunza <nfrunza@...> wrote:
Thank for the prompt reply, we are trying to use a fabric samples that has mutual TLS enabled with HLExplorer as a client, but looks like fabric doesn't provide one, will have to modify the balance transfer client in order to use mutual TLS.

Another question is, how to generate the client key, and cert., and both key, cert needs to be on fabric-ca server registered?  it is not clear, and what type of tools we can use to generate both.

nik


On Thu, Mar 28, 2019 at 3:23 AM Vishal <vishal3152@...> wrote:
Hi Nick,

The error message clearly says that the server (peer) did not receive the correct client certificate.
I assume along with CORE_PEER_TLS_CLIENTAUTHREQUIRED = true, you have set below env variables correctly
  • CORE_PEER_TLS_CLIENTROOTCAS_FILES =  CA certificate
  • CORE_PEER_TLS_CLIENTCERT_FILE = client certificate
  • CORE_PEER_TLS_CLIENTKEY_FILE = client key
You may use the fabric-ca to generate these client certificates. If you wish to use Openssl to generate client certs, keep in mind RSA keys are not supported by fabric.

You have to assign these certificates to client instance as well. I prefer to do it this way. 

 
I would have used curl to verify 2way tls authentication configuration, if it was https.
curl -v --cacert ./ca.crt --key ./client.key --cert ./client.crt https://abc.com


Furthermore, you may check out this blog, could be of some help.

Kind regards
Vishal Yadav



On Thu, Mar 28, 2019 at 1:07 AM Nick Frunza <nfrunza@...> wrote:
Hello,

Are there any fabric samples with Mutual TLS enabled, aka. CORE_PEER_TLS_CLIENTAUTHREQUIRED=true ?
I enabled balance transfer with Mutual TLS, but it fails when running testAPI.sh with error:

2019-03-27T20:57:05.419Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7051
[2019-03-27 16:57:05.419] [ERROR] Query - Error: Failed to connect before the deadline URL:grpcs://localhost:7051
    at checkState (/home/mn/git/fabric-network/fabric-samples/balance-transfer/node_modules/grpc/src/client.js:720:16)
E0327 16:57:10.541722858    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.

E0327 16:57:10.541763890    7375 ssl_transport_security.cc:1227] Handshake failed with fatal error SSL_ERROR_SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate.
E0327 16:57:12.156285882    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.


thank you

Nik



--
Nik Frunza



--
Nik Frunza


Re: #fabric-ca #fabric-ca

Nick Frunza
 

Thank for the prompt reply, we are trying to use a fabric samples that has mutual TLS enabled with HLExplorer as a client, but looks like fabric doesn't provide one, will have to modify the balance transfer client in order to use mutual TLS.

Another question is, how to generate the client key, and cert., and both key, cert needs to be on fabric-ca server registered?  it is not clear, and what type of tools we can use to generate both.

nik


On Thu, Mar 28, 2019 at 3:23 AM Vishal <vishal3152@...> wrote:
Hi Nick,

The error message clearly says that the server (peer) did not receive the correct client certificate.
I assume along with CORE_PEER_TLS_CLIENTAUTHREQUIRED = true, you have set below env variables correctly
  • CORE_PEER_TLS_CLIENTROOTCAS_FILES =  CA certificate
  • CORE_PEER_TLS_CLIENTCERT_FILE = client certificate
  • CORE_PEER_TLS_CLIENTKEY_FILE = client key
You may use the fabric-ca to generate these client certificates. If you wish to use Openssl to generate client certs, keep in mind RSA keys are not supported by fabric.

You have to assign these certificates to client instance as well. I prefer to do it this way. 

 
I would have used curl to verify 2way tls authentication configuration, if it was https.
curl -v --cacert ./ca.crt --key ./client.key --cert ./client.crt https://abc.com


Furthermore, you may check out this blog, could be of some help.

Kind regards
Vishal Yadav



On Thu, Mar 28, 2019 at 1:07 AM Nick Frunza <nfrunza@...> wrote:
Hello,

Are there any fabric samples with Mutual TLS enabled, aka. CORE_PEER_TLS_CLIENTAUTHREQUIRED=true ?
I enabled balance transfer with Mutual TLS, but it fails when running testAPI.sh with error:

2019-03-27T20:57:05.419Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7051
[2019-03-27 16:57:05.419] [ERROR] Query - Error: Failed to connect before the deadline URL:grpcs://localhost:7051
    at checkState (/home/mn/git/fabric-network/fabric-samples/balance-transfer/node_modules/grpc/src/client.js:720:16)
E0327 16:57:10.541722858    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.

E0327 16:57:10.541763890    7375 ssl_transport_security.cc:1227] Handshake failed with fatal error SSL_ERROR_SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate.
E0327 16:57:12.156285882    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.


thank you

Nik



--
Nik Frunza


Re: Error while Install the Fabric CA

Raj Shekhar Bhardwaj
 

Hi,

Please use below repo for better understanding as video reference is also present for it.
Youtube video link for reference- https://www.youtube.com/watch?v=ubrA3W1JMk0&t=1280s

Please let me know if you find any issues.

On Thu, Mar 28, 2019 at 2:57 PM <smitalchaudhari21@...> wrote:
Hello All,

I am new to hyperldger fabrics framework,
My details components are 
Kubernetes v1.11.0+d4cacc0 and OKD v3.11.0+d0c29df-98 (openshift web console)
helm versionClient: {SemVer:"v2.13.0"}Server: {SemVer:"v2.13.0"} with oc v1.5.1+7b451fc on windows 10,
Kubectl tool for fabrics configuration Client Version: {Major:"1", Minor:"11+", GoVersion:"go1.10.3", Compiler:"gc", Platform:"windows/amd64"}
Server Version: {Major:"1", Minor:"11+",GoVersion:"go1.10.3", Compiler:"gc", Platform:"linux/amd64"}
Currently I am using https://github.com/aidtechnology/lf-k8s-hlf-webinar steps for the hyperldger fabrics configuration.
When I Installed the Fabric CA chart (it automatically creates a postgresql database) with command "helm install stable/hlf-ca -n ca --namespace blockchain -f ./helm_values/ca_values.yaml"
 It display error as 
 1)ca-postgresql
 create Pod ca-postgresql-0 in StatefulSet ca-postgresql failed error: pods "ca-postgresql-0" is forbidden:
 unable to validate against any security context constraint: [fsGroup: Invalid value: []int64{1001}: 1001 is not an allowed group spec.initContainers[0].securityContext.securityContext.runAsUser:
 Invalid value: 0: must be in the ranges: [1001380000, 1001389999] spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 1001: must be in the ranges: [1001380000, 1001389999]]
 
 2)pod ca-hlf-ca
 0/1 nodes are available: 1 node(s) didn't match pod affinity rules, 1 node(s) didn't match pod affinity/anti-affinity.
 
Pods are in pending status.

Regards,
Smita


Re: Does Fabric really need BFT consensus? #fabric

Sergey Fedorov
 

Hi Xiang,

On 3/26/19 9:48 AM, Xiang Wang wrote:
The worst result of Byzantine behavior in non-BFT consensus (such as Kafka/Raft based consensus) seems to be similar to the result of DoS attack.
Apart from DoS, another concern could be that a Byzantine leader (primary) in CFT consensus could make different ordering nodes deliver different series of blocks. This inconsistency might open up possibility to do more harm than purely DoS attack, I guess.

Kind regards,
Sergey


Read and write private data in the same transaction #fabric #fabric-questions

florian.pautot
 

Hi all,
We are currently developing a chaincode where we need to write and read private data at the same time in the same transaction. 
We need to have P2P transactions between two orgs, and for that we defined a single channel with several collections. For now we have a collection between Org1 and Org2.

We have element A:
A = {
 A,
 B
}

and Element B:
B = {
X,
Y
}

The process is the following:
1 - Invoke to set Element A
2 - Before doing the PutPrivateData on A, we need to retrieve B.X to be able to set A.A. So we query B.
3 - After querying B we now can set A.A
4 - We do the PutPrivateData on A

Th problem is that, while doing the PutPrivateData on A, we get the following error: 
2019-03-27 18:35:29.334 UTC [shim] handlePutState -> ERRO 031 [103b05c6] Received ERROR. Payload: PUT_STATE failed: transaction ID: 103b05c644e025e82256d0ca89473b8f8d737bb7d0156710ff425799d644d1a8: txid [103b05c644e025e82256d0ca89473b8f8d737bb7d0156710ff425799d644d1a8]: Transaction has already performed queries on pvt data. Writes are not allowed
2019-03-27 18:35:29.335 UTC [CHAINCODE] Error -> ERRO 032 setA- Error putting history data : PUT_STATE failed: transaction ID: 103b05c644e025e82256d0ca89473b8f8d737bb7d0156710ff425799d644d1a8: txid [103b05c644e025e82256d0ca89473b8f8d737bb7d0156710ff425799d644d1a8]: Transaction has already performed queries on pvt data. Writes are not allowed

Did you guys ever encountered this problem ? And if yes how did you manage this ?
Is this the good way to manage p2p privacy with one channel and several collections ? Or should we do p2p channels with public data ? And in that case, doesn't it induce some privacy issues ?
Thank you for yourr help.
Kind regards,
Florian


Error while Install the Fabric CA

smitalchaudhari21@...
 

Hello All,

I am new to hyperldger fabrics framework,
My details components are 
Kubernetes v1.11.0+d4cacc0 and OKD v3.11.0+d0c29df-98 (openshift web console)
helm versionClient: {SemVer:"v2.13.0"}Server: {SemVer:"v2.13.0"} with oc v1.5.1+7b451fc on windows 10,
Kubectl tool for fabrics configuration Client Version: {Major:"1", Minor:"11+", GoVersion:"go1.10.3", Compiler:"gc", Platform:"windows/amd64"}
Server Version: {Major:"1", Minor:"11+",GoVersion:"go1.10.3", Compiler:"gc", Platform:"linux/amd64"}
Currently I am using https://github.com/aidtechnology/lf-k8s-hlf-webinar steps for the hyperldger fabrics configuration.
When I Installed the Fabric CA chart (it automatically creates a postgresql database) with command "helm install stable/hlf-ca -n ca --namespace blockchain -f ./helm_values/ca_values.yaml"
 It display error as 
 1)ca-postgresql
 create Pod ca-postgresql-0 in StatefulSet ca-postgresql failed error: pods "ca-postgresql-0" is forbidden:
 unable to validate against any security context constraint: [fsGroup: Invalid value: []int64{1001}: 1001 is not an allowed group spec.initContainers[0].securityContext.securityContext.runAsUser:
 Invalid value: 0: must be in the ranges: [1001380000, 1001389999] spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 1001: must be in the ranges: [1001380000, 1001389999]]
 
 2)pod ca-hlf-ca
 0/1 nodes are available: 1 node(s) didn't match pod affinity rules, 1 node(s) didn't match pod affinity/anti-affinity.
 
Pods are in pending status.

Regards,
Smita


Re: #fabric-ca #fabric-ca

Vishal
 

Hi Nick,

The error message clearly says that the server (peer) did not receive the correct client certificate.
I assume along with CORE_PEER_TLS_CLIENTAUTHREQUIRED = true, you have set below env variables correctly
  • CORE_PEER_TLS_CLIENTROOTCAS_FILES =  CA certificate
  • CORE_PEER_TLS_CLIENTCERT_FILE = client certificate
  • CORE_PEER_TLS_CLIENTKEY_FILE = client key
You may use the fabric-ca to generate these client certificates. If you wish to use Openssl to generate client certs, keep in mind RSA keys are not supported by fabric.

You have to assign these certificates to client instance as well. I prefer to do it this way. 

 
I would have used curl to verify 2way tls authentication configuration, if it was https.
curl -v --cacert ./ca.crt --key ./client.key --cert ./client.crt https://abc.com


Furthermore, you may check out this blog, could be of some help.

Kind regards
Vishal Yadav



On Thu, Mar 28, 2019 at 1:07 AM Nick Frunza <nfrunza@...> wrote:
Hello,

Are there any fabric samples with Mutual TLS enabled, aka. CORE_PEER_TLS_CLIENTAUTHREQUIRED=true ?
I enabled balance transfer with Mutual TLS, but it fails when running testAPI.sh with error:

2019-03-27T20:57:05.419Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7051
[2019-03-27 16:57:05.419] [ERROR] Query - Error: Failed to connect before the deadline URL:grpcs://localhost:7051
    at checkState (/home/mn/git/fabric-network/fabric-samples/balance-transfer/node_modules/grpc/src/client.js:720:16)
E0327 16:57:10.541722858    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.

E0327 16:57:10.541763890    7375 ssl_transport_security.cc:1227] Handshake failed with fatal error SSL_ERROR_SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate.
E0327 16:57:12.156285882    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.


thank you

Nik


Re: adding data to hyperledger fabric in Bulk

Mohammad Ghasletwala
 

Please understand this is immutable DLT. Each transaction or block is linked to each other.
In Fabric chaincode is Smart Contract.
There is no concept or possibility of bulk data loading. This is no RDBMS.
You have to send as many number of transactions if you intend to add previous data as well into ledger.
Otherwise it is just one transaction.
Also understand that you cannot have a temporary chaincode just to load data and then replace it by some other chaincode. You have to properly manage chaincode version.
Even historical data should go through proper endorsement and consensus.

Regards
Mohammad


[Interop]Weekly meeting reminder EDT 9:00am, UTC 3/28/19 13PM due to time change

Tong Li
 

Just a reminder that our weekly meeting is now at 9:00am on Thursday EDT. Which is UTC Thursday 13:00pm and Beijing time Thursday 9:00pm. Thanks.

Tong Li
IBM Open Technology


[Interop]Weekly meeting reminder EDT 9:00am, UTC 3/28/19 13PM

Tong Li
 

Just a reminder that our weekly meeting is now at 9:00am on Thursday EDT. Which is UTC Thursday 13:00pm and Beijing time Thursday 9:00pm. Thanks.

Tong Li
IBM Open Technology


#fabric-ca #fabric-ca

Nick Frunza
 

Hello,

Are there any fabric samples with Mutual TLS enabled, aka. CORE_PEER_TLS_CLIENTAUTHREQUIRED=true ?
I enabled balance transfer with Mutual TLS, but it fails when running testAPI.sh with error:

2019-03-27T20:57:05.419Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7051
[2019-03-27 16:57:05.419] [ERROR] Query - Error: Failed to connect before the deadline URL:grpcs://localhost:7051
    at checkState (/home/mn/git/fabric-network/fabric-samples/balance-transfer/node_modules/grpc/src/client.js:720:16)
E0327 16:57:10.541722858    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.

E0327 16:57:10.541763890    7375 ssl_transport_security.cc:1227] Handshake failed with fatal error SSL_ERROR_SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate.
E0327 16:57:12.156285882    7375 ssl_transport_security.cc:219] ssl_info_callback: error occured.


thank you

Nik


Re: adding data to hyperledger fabric in Bulk

Raj Bandhakavi <raj@...>
 

From what I understand, I need to give 1000 key value pairs as 1000 arguments to a single peer invoke command. 
And write a put state for each key value pair in the chainocode.  This is faster as there is only one database interaction.
Thank you for your suggestion


Re: adding data to hyperledger fabric in Bulk

David Enyeart
 

You could for example pass 1000 keys/values to the chaincode invoke and the chaincode does 1000 PutStates() in a single transaction. Repeat until done.
On the endorsing side, it doesn't actually update state database. On the validation/commit side, it will do a single bulk update in one database interaction. Therefore, this will be an efficient batching approach, but will still keep block sizes reasonable.


Dave Enyeart

"Raj Bandhakavi" ---03/27/2019 10:03:18 AM---[Edited Message Follows] Could you please elaborate? 

From: "Raj Bandhakavi" <raj@...>
To: fabric@...
Date: 03/27/2019 10:03 AM
Subject: Re: [Hyperledger Fabric] adding data to hyperledger fabric in Bulk
Sent by: fabric@...





[Edited Message Follows]

Could you please elaborate?
I am writing chaincode in Node JS and I know that put_state can input a key value pair.
How is it possible to add key value pair in bulk or in a single transaction?
Is there some other built function like put_state or am I missing something here?




Re: adding data to hyperledger fabric in Bulk

Raj Bandhakavi <raj@...>
 
Edited

Could you please elaborate? 
I am writing chaincode in Node JS and I know that put_state can input a key value pair. 
How is it possible to add key value pair in bulk or in a single transaction?
Is there some other built function like put_state  or am I missing something here?


ChaincodeInfo.id (ChaincodeDeploymentSpec.code_package) is generated by what? Chaincode fingerprint mismatch ERRO #fabric #fabric-questions

wanggang <wanggang-info@...>
 

Hi, all.


info:
hyperledger/fabric  1.2.1
os: redhat 7.4 & centos7

problem: add a new org, but the installed chaincode cannot be deployed ( chaincode fingerprint mismatch )

personal guess:

the actions of installing chaincode  are not the same day, thus chaincode unique id is different.






My hyperledger/fabric network has a new organization to add.

So, I use fabric-ca server to register and enroll the-new-org's msp for it's peers and clients.
Then,  update channel,  install a new version of chaincode and  update chaincode on one peer of original org.

BUT, on the new org's server, the info of the chaincode installed is different from the original org. AND got "Chaincode fingerprint mismatch ERRO"

I need help about ChaincodeInfo.id . ChaincodeInfo.id is different between the new org and the original.
But, I cannot find the code about how to generate ChaincodeDeploymentSpec.code_package (ChaincodeInfo.id ).

In query.proto, I know that:
// the chaincode unique id.
// computed as: H(
// H(name || version) ||
// H(CodePackage)
// )
And, in chaincode_support_test.go code_package is set by getTarGZ
tr.WriteHeader(&tar.Header{Name: name, Size: size, ModTime: startTime, AccessTime: startTime, ChangeTime: startTime})
 


BUT why  those are not the same in the two orgs' server? What environment can give effect to change the id?

here is the difference (I think):

  • chaincode name
  • chaincode version
  • chaincode path
  • chaincode code folder's owner & group (I tested this,  this can change chaincode unique id, but why??? )
  • I guess, that time of cc directory can change this id???



I will do the test that installing chaincode in the same time with the same mod_time of directory to check the id of cc will be the same or not in the next day.
So,  the detail of generating the id of chaincode is what?
AND why to do this limitation in fabric architecture design?


Re: Hyperledger node SDK example to query\invoke TLS enabled peer

Prasanth Sundaravelu
 

Hi Suhan,

You must only need to make changes in connection.json file if your peers are enables with TLS. (and Mutual TLS is not enabled - "clientAuthRequired = false").
You need to give path to tlsCACert or the cert itself in the connection.json file + you need to change the address protocol from "grpc / http"  to "grpcs / https". The "grpcOptions" field might also be required.
This link has details about defining the connection profile.
https://hyperledger-fabric.readthedocs.io/en/release-1.4/developapps/connectionprofile.html#structure

This link might also help, even though it is for Composer:
https://hyperledger.github.io/composer/v0.19/reference/connectionprofile


Hope this helps.