Date   

Re: Discovery service throwing in fetching endorsement policy is Chaincode's endorsement policy is updated. #fabric

Yacov
 

what is the endorsement policy ? how is it constructed? any logs from the peer?



From:        abhimanyushekhawat17.as@...
To:        fabric@...
Date:        08/18/2020 08:08 PM
Subject:        [EXTERNAL] [Hyperledger Fabric] Discovery service throwing in fetching endorsement policy is Chaincode's endorsement policy is updated. #fabric
Sent by:        fabric@...




Hello,
I am using discovery service to fetch Endorsement policy and everything works fine until I update the endorsement policy of the chaincode.
Whenever I try to fetch the endorsement policy after I update Chaincode's endorsement policy I am getting  
server returned: failed constructing descriptor for chaincodes:<name:"fabcar" >
Am I doing something wrong or is there some bug.
Thanks
Regards
Abhimanyu




Discovery service throwing in fetching endorsement policy is Chaincode's endorsement policy is updated. #fabric

abhimanyushekhawat17.as@...
 

Hello,
I am using discovery service to fetch Endorsement policy and everything works fine until I update the endorsement policy of the chaincode.
Whenever I try to fetch the endorsement policy after I update Chaincode's endorsement policy I am getting 
server returned: failed constructing descriptor for chaincodes:<name:"fabcar" >
Am I doing something wrong or is there some bug.
Thanks 
Regards 
Abhimanyu


Re: Why should organization not be both orderer and peer?

Si Chen <sichen@...>
 

Thanks everybody for your feedback on this!  We'll discuss this in our group as well.
-----
Si Chen
Open Source Strategies, Inc.

Join our Hyperledger Open Source Carbon Neutral Certification Working Group



On Mon, Aug 17, 2020 at 11:25 AM Jason Yellick <jyellick@...> wrote:
Yes, the BlockValidation policy is the key element to protect.  And, we should probably change the default away from 'ANY Writers' to something more specific -- but any such changes create pains for existing users so need to be weighed carefully.

As the SO post mentions, it's possible to do things securely, it's just trickier, especially given some of the legacy concerns.  If you are using node OUs, the whole thing becomes much easier to accomplish safely, but, operationally dealing with having two copies of the same MSP definition can be a bit tricky.  You'll have to do updates keeping them completely in sync.

I'd still suggest sticking to separate organizations, even if they share the same CA.  You can use a common CA but distinguish MSP definition by setting an OU for that MSP which must be satisfied.  This is similar to, but different from NodeOUs.  Where NodeOUs differentiate the role of an identity based on the OU, setting OUs for the MSP overall will require for any identity to be valid, the certificate must contain some OU authorized by the MSP.  This can be especially useful when an organization wishes to use public CA infrastructure which might even be shared across organizations.

Thanks,
~Jason
 
----- Original message -----
From: "Bram Dufour" <bram.dufour8@...>
Sent by: fabric@...
To: fabric@...
Cc:
Subject: [EXTERNAL] Re: [Hyperledger Fabric] Why should organization not be both orderer and peer?
Date: Mon, Aug 17, 2020 12:40 PM
 

Thanks a lot Jason, I hadn't thought about those attacks yet.

But isn't it possible for the organizations with orderer to use the OU roles, set the following policies and just run orderer and peers within the same organization? Isn't this possible or do you still see some vulnerabilities with this approach?

Policies: &OrgPolicies
            Orderer:
                Type: Signature
                Rule: "OR('org.orderer')"
```


And then also set the BlockValidation policy like this:

```BlockValidation:
            Type: ImplicitMeta
            Rule: "ANY Orderer"

 

Thanks a lot in advance, it is a very interesting and important topic.

 


Re: Querying Current Block hash for particular block

Eric Vaughn
 

Hi jiajun898,

One thought I have,  make sure you are installing ‘asn1.js’ and not ‘asn1’.  I actually just made that mistake myself when I went to npm to look up the package.

Eric


Eric Vaughn
Co-Founder, BlocLedger

On Aug 18, 2020, at 8:18 AM, Tong Li <litong01@...> wrote:

try to use minifabric to setup a fabric network in less than 4 minutes, see this link, https://github.com/litong01/minifabric/blob/master/README.md

Then simply do this to inspect each block and see block hash.

minifab blockquery -b <newest or a block number>

this way, you can see every block and its containing txs.

Tong Li
IBM Open Technology

<graycol.gif>"jiajun898" ---08/18/2020 03:08:58 AM---Hi Eric, Tried the above snippet you've provided but got an error Error notifying listener message=a

From:  "jiajun898" <jiajun85@...>
To:  fabric@...
Date:  08/18/2020 03:08 AM
Subject:  [EXTERNAL] Re: [Hyperledger Fabric] Querying Current Block hash for particular block
Sent by:  fabric@...





Hi Eric,

Tried the above snippet you've provided but got an error Error notifying listener message=asn.define is not a function"...". Any help will be greatly appreciated. 





Re: Querying Current Block hash for particular block

Tong Li
 

try to use minifabric to setup a fabric network in less than 4 minutes, see this link, https://github.com/litong01/minifabric/blob/master/README.md

Then simply do this to inspect each block and see block hash.

minifab blockquery -b <newest or a block number>

this way, you can see every block and its containing txs.

Tong Li
IBM Open Technology

"jiajun898" ---08/18/2020 03:08:58 AM---Hi Eric, Tried the above snippet you've provided but got an error Error notifying listener message=a

From: "jiajun898" <jiajun85@...>
To: fabric@...
Date: 08/18/2020 03:08 AM
Subject: [EXTERNAL] Re: [Hyperledger Fabric] Querying Current Block hash for particular block
Sent by: fabric@...





Hi Eric,

Tried the above snippet you've provided but got an error Error notifying listener message=asn.define is not a function"...". Any help will be greatly appreciated.




Re: Querying Current Block hash for particular block

jiajun898 <jiajun85@...>
 

Hi Eric,

Tried the above snippet you've provided but got an error Error notifying listener message=asn.define is not a function"...". Any help will be greatly appreciated.


Next Hyperledger Fabric Application Developer Community call -- this Thursday 20th Aug @ 3pm UTC time: 4pm UK, 11am ET, 8am PT

Paul O'Mahoney <mahoney@...>
 

dear Fabric Application Developer,


the next  Fabric Application Developer community call is: Thursday 20th Aug - 3pm UTC,  4pm UK time (+1), 11am ET (-5 hrs), 8am PT (-8 hrs)  - other time zones here.   It lasts approx 30-60 mins FYI.

The agenda will be posted here -> https://wiki.hyperledger.org/display/fabric/Agendas%3A+Fabric+Application+Developer+Community+Call+Meetings  

This community call is held bi-weekly via Zoom webconference and is aimed at :

- helping the worldwide Hyperledger Fabric Application Developer community grow (eg. developing applications, smart contracts, client apps using the SDKs, tutorials/demos etc -  eg using NodeJS/TypeScript, Java, Go etc etc) 
- helping app developers understand / hear more about exciting new things in Fabric, eg. features upcoming or work in progress - ie things that appeal to the developer
- foster more interest, best practices etc in developing applications (eg developing solutions, use cases) with Hyperledger Fabric. 
- opportunity to ask questions of the Fabric team eg. you may have feedback/questions on your experiences developing solutions with Fabric
- to share stuff you've done with the community, eg sample code / sample use cases that others may be interested in

If you wish to share content on a call, just let me know via email direct or DM me on Rocketchat (ID: mahoney1) and I'll put an item on the agenda. Provide the following:
- the topic (state whether its presentation, or demo etc)
- the full name of the presenter, and 
- approx length of your pitch in minutes


The Zoom webconference ID is https://zoom.us/my/hyperledger.community   

More information can be found on the community page -> https://wiki.hyperledger.org/display/fabric/Fabric+Application+Developer+Community+Calls

You can get calendar invites (eg iCal) here

many thanks for your time - feel free to forward this email if you think it is of interest to a colleague.

Robert Thatcher
Community Lead - Hyperledger Fabric Developer Community
RocketChat:  rthatcher

robert.thatcher@...





Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU


Re: Why should organization not be both orderer and peer?

Jason Yellick <jyellick@...>
 

Yes, the BlockValidation policy is the key element to protect.  And, we should probably change the default away from 'ANY Writers' to something more specific -- but any such changes create pains for existing users so need to be weighed carefully.

As the SO post mentions, it's possible to do things securely, it's just trickier, especially given some of the legacy concerns.  If you are using node OUs, the whole thing becomes much easier to accomplish safely, but, operationally dealing with having two copies of the same MSP definition can be a bit tricky.  You'll have to do updates keeping them completely in sync.

I'd still suggest sticking to separate organizations, even if they share the same CA.  You can use a common CA but distinguish MSP definition by setting an OU for that MSP which must be satisfied.  This is similar to, but different from NodeOUs.  Where NodeOUs differentiate the role of an identity based on the OU, setting OUs for the MSP overall will require for any identity to be valid, the certificate must contain some OU authorized by the MSP.  This can be especially useful when an organization wishes to use public CA infrastructure which might even be shared across organizations.

Thanks,
~Jason
 

----- Original message -----
From: "Bram Dufour" <bram.dufour8@...>
Sent by: fabric@...
To: fabric@...
Cc:
Subject: [EXTERNAL] Re: [Hyperledger Fabric] Why should organization not be both orderer and peer?
Date: Mon, Aug 17, 2020 12:40 PM
 

Thanks a lot Jason, I hadn't thought about those attacks yet.

But isn't it possible for the organizations with orderer to use the OU roles, set the following policies and just run orderer and peers within the same organization? Isn't this possible or do you still see some vulnerabilities with this approach?

Policies: &OrgPolicies
            Orderer:
                Type: Signature
                Rule: "OR('org.orderer')"
```


And then also set the BlockValidation policy like this:

```BlockValidation:
            Type: ImplicitMeta
            Rule: "ANY Orderer"

 

Thanks a lot in advance, it is a very interesting and important topic.

 


error(go command not found when i used make release and make docker commands)

farnaghi39@...
 

go is installed but when using make release and make docker commands i see this error:


Re: Error Help :Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint

Yacov
 

You are using the same certificate for two different peers and it is forbidden



From:        "Mayank Agrawal" <agrawalmayank017@...>
To:        fabric@...
Date:        08/17/2020 08:00 PM
Subject:        [EXTERNAL] [Hyperledger Fabric] Error Help :Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint
Sent by:        fabric@...




Hi guys please help me out with an issue ,
I am tring to start the network ,I am getting error like inside the peer container logs  :
Duiing the initial after docker peer up commands.

Fabric version 1.4.6
Orderer type : Solo
Ubuntu 16.04
All continer running in same machine.

For peer0.org1 :

2020-08-17 15:56:04.463 UTC [gossip.discovery] isSentByMe -> ERRO 030 Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer1.org1.immume.com:9051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764311752754 seq_num:3 > identity:"\n\007Org1MSP\022\222\006-----BEGIN CERTIFICATE-----\nMIICFjCCAb2gAwIBAgIRAPDqHnWySZgDOI7lNmhhhgIwCgYIKoZIzj0EAwIwcTEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGDAWBgNVBAoTD29yZzEuaW1tdW1lLmNvbTEbMBkGA1UEAxMSY2Eu\nb3JnMS5pbW11bWUuY29tMB4XDTIwMDcyNzE3NTYwMFoXDTMwMDcyNTE3NTYwMFow\nWjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xHjAcBgNVBAMMFUFkbWluQG9yZzEuaW1tdW1lLmNvbTBZMBMG\nByqGSM49AgEGCCqGSM49AwEHA0IABMswACwlBVisnlcLTTbPyfdJdh4l1qUwnfLi\n2xZUJ/NhljeHcedRXB3DZPHarVjD7VKJP+eOMwgO5nYjWAEKT/2jTTBLMA4GA1Ud\nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIKJ3rJGwTHIGvyd3\n30zq8mq3oQBS2k1EElVL+Bv5dTfvMAoGCCqGSM49BAMCA0cAMEQCIHeqQHLqIysm\nj7MtBGQ5yJ+0uUIK/NbY1huRNL3VygdlAiB5xgHrgAjyQQxmKZ3rNMeUav6ZUdl6\nsCDX2ufB39N+Mw==\n-----END CERTIFICATE-----\n" >

2020-08-17 15:56:34.450 UTC [gossip.discovery] isSentByMe -> ERRO 031 Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer1.org1.immume.com:9051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764311752754 seq_num:16 > >

FOr peer1.org1
2020-08-17 15:56:04.389 UTC [fsblkstorage] LoadPreResetHeight -> INFO 025 Loading Pre-reset heights
2020-08-17 15:56:04.389 UTC [fsblkstorage] preRestHtFiles -> INFO 026 Dir [/var/hyperledger/production/ledgersData/chains/chains] missing... exiting
2020-08-17 15:56:04.389 UTC [fsblkstorage] LoadPreResetHeight -> INFO 027 Pre-reset heights loaded
2020-08-17 15:56:04.440 UTC [comm.grpc.server] 1 -> INFO 028 unary call completed grpc.service=gossip.Gossip grpc.method=Ping grpc.request_deadline=2020-08-17T15:56:06.402Z grpc.peer_address=172.18.0.3:38096grpc.peer_subject="CN=peer0.org1.immume.com,L=San Francisco,ST=California,C=US" grpc.code=OK grpc.call_duration=111.817µs
2020-08-17 15:56:04.448 UTC [comm.grpc.server] 1 -> INFO 029 streaming call completed grpc.service=gossip.Gossip grpc.method=GossipStream grpc.request_deadline=2020-08-17T15:56:14.442Z grpc.peer_address=172.18.0.3:38096grpc.peer_subject="CN=peer0.org1.immume.com,L=San Francisco,ST=California,C=US" error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.call_duration=5.492037ms
2020-08-17 15:56:04.466 UTC [gossip.discovery] isSentByMe -> ERRO 02a Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer0.org1.immume.com:7051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764288919590 seq_num:4 > identity:"\n\007Org1MSP\022\222\006-----BEGIN CERTIFICATE-----\nMIICFjCCAb2gAwIBAgIRAPDqHnWySZgDOI7lNmhhhgIwCgYIKoZIzj0EAwIwcTEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGDAWBgNVBAoTD29yZzEuaW1tdW1lLmNvbTEbMBkGA1UEAxMSY2Eu\nb3JnMS5pbW11bWUuY29tMB4XDTIwMDcyNzE3NTYwMFoXDTMwMDcyNTE3NTYwMFow\nWjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xHjAcBgNVBAMMFUFkbWluQG9yZzEuaW1tdW1lLmNvbTBZMBMG\nByqGSM49AgEGCCqGSM49AwEHA0IABMswACwlBVisnlcLTTbPyfdJdh4l1qUwnfLi\n2xZUJ/NhljeHcedRXB3DZPHarVjD7VKJP+eOMwgO5nYjWAEKT/2jTTBLMA4GA1Ud\nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIKJ3rJGwTHIGvyd3\n30zq8mq3oQBS2k1EElVL+Bv5dTfvMAoGCCqGSM49BAMCA0cAMEQCIHeqQHLqIysm\nj7MtBGQ5yJ+0uUIK/NbY1huRNL3VygdlAiB5xgHrgAjyQQxmKZ3rNMeUav6ZUdl6\nsCDX2ufB39N+Mw==\n-----END CERTIFICATE-----\n" >
2020-08-17 15:56:34.448 UTC [gossip.discovery] isSentByMe -> ERRO 02b Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer0.org1.immume.com:7051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764288919590 seq_num:3 > identity:"\n\007Org1MSP\022\222\006-----BEGIN CERTIFICATE-----\nMIICFjCCAb2gAwIBAgIRAPDqHnWySZgDOI7lNmhhhgIwCgYIKoZIzj0EAwIwcTEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGDAWBgNVBAoTD29yZzEuaW1tdW1lLmNvbTEbMBkGA1UEAxMSY2Eu\nb3JnMS5pbW11bWUuY29tMB4XDTIwMDcyNzE3NTYwMFoXDTMwMDcyNTE3NTYwMFow\nWjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xHjAcBgNVBAMMFUFkbWluQG9yZzEuaW1tdW1lLmNvbTBZMBMG\nByqGSM49AgEGCCqGSM49AwEHA0IABMswACwlBVisnlcLTTbPyfdJdh4l1qUwnfLi\n2xZUJ/NhljeHcedRXB3DZPHarVjD7VKJP+eOMwgO5nYjWAEKT/2jTTBLMA4GA1Ud\nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIKJ3rJGwTHIGvyd3\n30zq8mq3oQBS2k1EElVL+Bv5dTfvMAoGCCqGSM49BAMCA0cAMEQCIHeqQHLqIysm\nj7MtBGQ5yJ+0uUIK/NbY1huRNL3VygdlAiB5xgHrgAjyQQxmKZ3rNMeUav6ZUdl6\nsCDX2ufB39N+Mw==\n-----END CERTIFICATE-----\n" >

I am unable to identify the erorr , please help me out.The same kind of error in both the peer0.org2 & peer1.org2 is found.


Yaml for peer0.org1
version: '2'

networks:
  polarbear:

services:
  peer0.org1.immume.com:
    hostname: peer0.org1.immume.com
    image: hyperledger/fabric-peer:1.4.6
    container_name: peer0.org1.immume.com
    dns_search: .
    # extends:
    #   file: docker-compose-couch-org1.yaml
    #   service: couchdb1
    environment:
      - PEER_HOST=peer0.org1.immume.com
      - PEER_NAME=peer0.org1.immume.com
      - CORE_PEER_ID=peer0.org1.immume.com
      - CORE_PEER_LOCALMSPID=Org1MSP
 #    - CORE_PEER_GOSSIP_ENDPOINT=org1-Mypeer.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.immume.com:9051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:7051
      - CORE_PEER_ADDRESS=peer0.org1.immume.com:7051
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7053
      - CORE_PEER_CHAINCODEADDRESS=peer0.org1.immume.com:7053
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      # - COMPOSE_PROJECT_NAME=polarbear
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=hyperledgerscrach2_polarbear
      - CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.immume.com:7051
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      # The following setting skips the gossip handshake since we are
      # are not doing mutual TLS
      # - CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/crypto/peer/msp
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/crypto/peer/tls/server.key
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/crypto/peer/tls/server.crt
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/crypto/peer/tls/ca.crt
      # -- About Couch --
      - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
      - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1:5984
      # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
      # provide the credentials for ledger to connect to CouchDB.  The username and password must
      # match the username and password set for the associated CouchDB.
      - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=root
      - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=root
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/admin/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    ports:
      - 7051:7051
      - 7053:7053 #host(system public_access):container_port
    volumes:
        - /var/run/:/host/var/run/
        #Backup of the peer ledger
      #  -  ./Backup/peer0Org1:/var/hyperledger/production/
             # Update the path of our chaincode to map with docker
        - ./chaincode/:/opt/gopath/src/github.com/chaincode
             # Update the path for our --cafile in channel create with orderer msp tlscacertpemfile to map with docker
        - ./crypto-config/ordererOrganizations/orderer.immume.com/orderers/orderer.orderer.immume.com/msp/tlscacerts/:/etc/hyperledger/orderer/msp/tlsca
              # Update the path of our admin msp to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/users/Admin@.../msp/:/etc/hyperledger/admin/msp
              # Update the path of our location to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/peers/peer0.org1.immume.com/:/etc/hyperledger/crypto/peer
    networks:
      - polarbear

  couchdb1:
      container_name: couchdb1
      image: hyperledger/fabric-couchdb:0.4.18
      # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password
      # for CouchDB.  This will prevent CouchDB from operating in an "Admin Party" mode.
      environment:
        - COUCHDB_USER=root
        - COUCHDB_PASSWORD=root
      # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service,
      # for sella map it to utilize Fauxton User Interface in dev environments.
      ports:
        - "5984:5984"
      networks:
      - polarbear

yaml for peer1.org1.yaml

version: '2'

networks:
  polarbear:

services:
  peer1.org1.immume.com:
    hostname: peer1.org1.immume.com
    image: hyperledger/fabric-peer:1.4.6
    container_name: peer1.org1.immume.com
    dns_search: .
    # extends:
    #   file: docker-compose-couch-org1.yaml
    #   service: couchdb1
    environment:
      - PEER_HOST=peer1.org1.immume.com
      - PEER_NAME=peer1.org1.immume.com
      - CORE_PEER_ID=peer1.org1.immume.com
      - CORE_PEER_LOCALMSPID=Org1MSP
 #    - CORE_PEER_GOSSIP_ENDPOINT=org1-Mypeer.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.immume.com:7051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:9051
      - CORE_PEER_ADDRESS=peer1.org1.immume.com:9051
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:9053
      - CORE_PEER_CHAINCODEADDRESS=peer1.org1.immume.com:9053
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      # - COMPOSE_PROJECT_NAME=polarbear
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=hyperledgerscrach2_polarbear
      - CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.immume.com:9051
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      # The following setting skips the gossip handshake since we are
      # are not doing mutual TLS
      # - CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/crypto/peer/msp
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/crypto/peer/tls/server.key
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/crypto/peer/tls/server.crt
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/crypto/peer/tls/ca.crt
      # -- About Couch --
      - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
      - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1:5984
      # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
      # provide the credentials for ledger to connect to CouchDB.  The username and password must
      # match the username and password set for the associated CouchDB.
      - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=root
      - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=root
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/admin/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    ports:
      - 9051:9051
      - 9053:9053 #host(system public_access):container_port
    volumes:
        - /var/run/:/host/var/run/
        #Backup of the peer ledger
       # -  ./Backup/peer1Org1:/var/hyperledger/production/
             # Update the path of our chaincode to map with docker
        - ./chaincode/:/opt/gopath/src/github.com/chaincode
             # Update the path for our --cafile in channel create with orderer msp tlscacertpemfile to map with docker
        - ./crypto-config/ordererOrganizations/orderer.immume.com/orderers/orderer.orderer.immume.com/msp/tlscacerts/:/etc/hyperledger/orderer/msp/tlsca
              # Update the path of our admin msp to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/users/Admin@.../msp/:/etc/hyperledger/admin/msp
              # Update the path of our location to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/peers/peer1.org1.immume.com/:/etc/hyperledger/crypto/peer
    networks:
      - polarbear

  couchdb1:
      container_name: couchdb1
      image: hyperledger/fabric-couchdb:0.4.18
      # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password
      # for CouchDB.  This will prevent CouchDB from operating in an "Admin Party" mode.
      environment:
        - COUCHDB_USER=root
        - COUCHDB_PASSWORD=root
      # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service,
      # for sella map it to utilize Fauxton User Interface in dev environments.
      ports:
        - "5984:5984"
      networks:
      - polarbear


There are no error in orderer(solo),ca-org1,ca-org2 logs.




Error Help :Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint

Mayank Agrawal
 

Hi guys please help me out with an issue ,
I am tring to start the network ,I am getting error like inside the peer container logs  :
Duiing the initial after docker peer up commands.

Fabric version 1.4.6
Orderer type : Solo
Ubuntu 16.04
All continer running in same machine.

For peer0.org1 :

2020-08-17 15:56:04.463 UTC [gossip.discovery] isSentByMe -> ERRO 030 Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer1.org1.immume.com:9051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764311752754 seq_num:3 > identity:"\n\007Org1MSP\022\222\006-----BEGIN CERTIFICATE-----\nMIICFjCCAb2gAwIBAgIRAPDqHnWySZgDOI7lNmhhhgIwCgYIKoZIzj0EAwIwcTEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGDAWBgNVBAoTD29yZzEuaW1tdW1lLmNvbTEbMBkGA1UEAxMSY2Eu\nb3JnMS5pbW11bWUuY29tMB4XDTIwMDcyNzE3NTYwMFoXDTMwMDcyNTE3NTYwMFow\nWjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xHjAcBgNVBAMMFUFkbWluQG9yZzEuaW1tdW1lLmNvbTBZMBMG\nByqGSM49AgEGCCqGSM49AwEHA0IABMswACwlBVisnlcLTTbPyfdJdh4l1qUwnfLi\n2xZUJ/NhljeHcedRXB3DZPHarVjD7VKJP+eOMwgO5nYjWAEKT/2jTTBLMA4GA1Ud\nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIKJ3rJGwTHIGvyd3\n30zq8mq3oQBS2k1EElVL+Bv5dTfvMAoGCCqGSM49BAMCA0cAMEQCIHeqQHLqIysm\nj7MtBGQ5yJ+0uUIK/NbY1huRNL3VygdlAiB5xgHrgAjyQQxmKZ3rNMeUav6ZUdl6\nsCDX2ufB39N+Mw==\n-----END CERTIFICATE-----\n" >

2020-08-17 15:56:34.450 UTC [gossip.discovery] isSentByMe -> ERRO 031 Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer1.org1.immume.com:9051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764311752754 seq_num:16 > >

FOr peer1.org1
2020-08-17 15:56:04.389 UTC [fsblkstorage] LoadPreResetHeight -> INFO 025 Loading Pre-reset heights
2020-08-17 15:56:04.389 UTC [fsblkstorage] preRestHtFiles -> INFO 026 Dir [/var/hyperledger/production/ledgersData/chains/chains] missing... exiting
2020-08-17 15:56:04.389 UTC [fsblkstorage] LoadPreResetHeight -> INFO 027 Pre-reset heights loaded
2020-08-17 15:56:04.440 UTC [comm.grpc.server] 1 -> INFO 028 unary call completed grpc.service=gossip.Gossip grpc.method=Ping grpc.request_deadline=2020-08-17T15:56:06.402Z grpc.peer_address=172.18.0.3:38096 grpc.peer_subject="CN=peer0.org1.immume.com,L=San Francisco,ST=California,C=US" grpc.code=OK grpc.call_duration=111.817µs
2020-08-17 15:56:04.448 UTC [comm.grpc.server] 1 -> INFO 029 streaming call completed grpc.service=gossip.Gossip grpc.method=GossipStream grpc.request_deadline=2020-08-17T15:56:14.442Z grpc.peer_address=172.18.0.3:38096 grpc.peer_subject="CN=peer0.org1.immume.com,L=San Francisco,ST=California,C=US" error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.call_duration=5.492037ms
2020-08-17 15:56:04.466 UTC [gossip.discovery] isSentByMe -> ERRO 02a Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer0.org1.immume.com:7051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764288919590 seq_num:4 > identity:"\n\007Org1MSP\022\222\006-----BEGIN CERTIFICATE-----\nMIICFjCCAb2gAwIBAgIRAPDqHnWySZgDOI7lNmhhhgIwCgYIKoZIzj0EAwIwcTEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGDAWBgNVBAoTD29yZzEuaW1tdW1lLmNvbTEbMBkGA1UEAxMSY2Eu\nb3JnMS5pbW11bWUuY29tMB4XDTIwMDcyNzE3NTYwMFoXDTMwMDcyNTE3NTYwMFow\nWjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xHjAcBgNVBAMMFUFkbWluQG9yZzEuaW1tdW1lLmNvbTBZMBMG\nByqGSM49AgEGCCqGSM49AwEHA0IABMswACwlBVisnlcLTTbPyfdJdh4l1qUwnfLi\n2xZUJ/NhljeHcedRXB3DZPHarVjD7VKJP+eOMwgO5nYjWAEKT/2jTTBLMA4GA1Ud\nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIKJ3rJGwTHIGvyd3\n30zq8mq3oQBS2k1EElVL+Bv5dTfvMAoGCCqGSM49BAMCA0cAMEQCIHeqQHLqIysm\nj7MtBGQ5yJ+0uUIK/NbY1huRNL3VygdlAiB5xgHrgAjyQQxmKZ3rNMeUav6ZUdl6\nsCDX2ufB39N+Mw==\n-----END CERTIFICATE-----\n" >
2020-08-17 15:56:34.448 UTC [gossip.discovery] isSentByMe -> ERRO 02b Bad configuration detected: Received AliveMessage from a peer with the same PKI-ID as myself: tag:EMPTY alive_msg:<membership:<endpoint:"peer0.org1.immume.com:7051" pki_id:"\226^w\266i\272\255\266\310|x7\236\376C6A\263\355a\356|\326.\367b .DpD\001" > timestamp:<inc_num:1597679764288919590 seq_num:3 > identity:"\n\007Org1MSP\022\222\006-----BEGIN CERTIFICATE-----\nMIICFjCCAb2gAwIBAgIRAPDqHnWySZgDOI7lNmhhhgIwCgYIKoZIzj0EAwIwcTEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGDAWBgNVBAoTD29yZzEuaW1tdW1lLmNvbTEbMBkGA1UEAxMSY2Eu\nb3JnMS5pbW11bWUuY29tMB4XDTIwMDcyNzE3NTYwMFoXDTMwMDcyNTE3NTYwMFow\nWjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xHjAcBgNVBAMMFUFkbWluQG9yZzEuaW1tdW1lLmNvbTBZMBMG\nByqGSM49AgEGCCqGSM49AwEHA0IABMswACwlBVisnlcLTTbPyfdJdh4l1qUwnfLi\n2xZUJ/NhljeHcedRXB3DZPHarVjD7VKJP+eOMwgO5nYjWAEKT/2jTTBLMA4GA1Ud\nDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIKJ3rJGwTHIGvyd3\n30zq8mq3oQBS2k1EElVL+Bv5dTfvMAoGCCqGSM49BAMCA0cAMEQCIHeqQHLqIysm\nj7MtBGQ5yJ+0uUIK/NbY1huRNL3VygdlAiB5xgHrgAjyQQxmKZ3rNMeUav6ZUdl6\nsCDX2ufB39N+Mw==\n-----END CERTIFICATE-----\n" >

I am unable to identify the erorr , please help me out.The same kind of error in both the peer0.org2 & peer1.org2 is found.


Yaml for peer0.org1
version: '2'

networks:
  polarbear:

services:
  peer0.org1.immume.com:
    hostname: peer0.org1.immume.com
    image: hyperledger/fabric-peer:1.4.6
    container_name: peer0.org1.immume.com
    dns_search: .
    # extends:
    #   file: docker-compose-couch-org1.yaml
    #   service: couchdb1
    environment:
      - PEER_HOST=peer0.org1.immume.com
      - PEER_NAME=peer0.org1.immume.com
      - CORE_PEER_ID=peer0.org1.immume.com
      - CORE_PEER_LOCALMSPID=Org1MSP
 #    - CORE_PEER_GOSSIP_ENDPOINT=org1-Mypeer.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.immume.com:9051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:7051
      - CORE_PEER_ADDRESS=peer0.org1.immume.com:7051
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7053
      - CORE_PEER_CHAINCODEADDRESS=peer0.org1.immume.com:7053
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      # - COMPOSE_PROJECT_NAME=polarbear
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=hyperledgerscrach2_polarbear
      - CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.immume.com:7051
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      # The following setting skips the gossip handshake since we are
      # are not doing mutual TLS
      # - CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/crypto/peer/msp
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/crypto/peer/tls/server.key
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/crypto/peer/tls/server.crt
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/crypto/peer/tls/ca.crt
      # -- About Couch --
      - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
      - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1:5984
      # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
      # provide the credentials for ledger to connect to CouchDB.  The username and password must
      # match the username and password set for the associated CouchDB.
      - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=root
      - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=root
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/admin/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    ports:
      - 7051:7051
      - 7053:7053 #host(system public_access):container_port
    volumes:
        - /var/run/:/host/var/run/
        #Backup of the peer ledger
      #  -  ./Backup/peer0Org1:/var/hyperledger/production/
             # Update the path of our chaincode to map with docker
        - ./chaincode/:/opt/gopath/src/github.com/chaincode
             # Update the path for our --cafile in channel create with orderer msp tlscacertpemfile to map with docker
        - ./crypto-config/ordererOrganizations/orderer.immume.com/orderers/orderer.orderer.immume.com/msp/tlscacerts/:/etc/hyperledger/orderer/msp/tlsca
              # Update the path of our admin msp to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/users/Admin@.../msp/:/etc/hyperledger/admin/msp
              # Update the path of our location to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/peers/peer0.org1.immume.com/:/etc/hyperledger/crypto/peer
    networks:
      - polarbear

  couchdb1:
      container_name: couchdb1
      image: hyperledger/fabric-couchdb:0.4.18
      # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password
      # for CouchDB.  This will prevent CouchDB from operating in an "Admin Party" mode.
      environment:
        - COUCHDB_USER=root
        - COUCHDB_PASSWORD=root
      # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service,
      # for sella map it to utilize Fauxton User Interface in dev environments.
      ports:
        - "5984:5984"
      networks:
      - polarbear

yaml for peer1.org1.yaml

version: '2'

networks:
  polarbear:

services:
  peer1.org1.immume.com:
    hostname: peer1.org1.immume.com
    image: hyperledger/fabric-peer:1.4.6
    container_name: peer1.org1.immume.com
    dns_search: .
    # extends:
    #   file: docker-compose-couch-org1.yaml
    #   service: couchdb1
    environment:
      - PEER_HOST=peer1.org1.immume.com
      - PEER_NAME=peer1.org1.immume.com
      - CORE_PEER_ID=peer1.org1.immume.com
      - CORE_PEER_LOCALMSPID=Org1MSP
 #    - CORE_PEER_GOSSIP_ENDPOINT=org1-Mypeer.com:7051
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.immume.com:7051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:9051
      - CORE_PEER_ADDRESS=peer1.org1.immume.com:9051
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:9053
      - CORE_PEER_CHAINCODEADDRESS=peer1.org1.immume.com:9053
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      # the following setting starts chaincode containers on the same
      # bridge network as the peers
      # https://docs.docker.com/compose/networking/
      # - COMPOSE_PROJECT_NAME=polarbear
      - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=hyperledgerscrach2_polarbear
      - CORE_LOGGING_LEVEL=DEBUG
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.immume.com:9051
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      # The following setting skips the gossip handshake since we are
      # are not doing mutual TLS
      # - CORE_PEER_GOSSIP_SKIPHANDSHAKE=true
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/crypto/peer/msp
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/crypto/peer/tls/server.key
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/crypto/peer/tls/server.crt
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/crypto/peer/tls/ca.crt
      # -- About Couch --
      - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
      - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1:5984
      # The CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME and CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD
      # provide the credentials for ledger to connect to CouchDB.  The username and password must
      # match the username and password set for the associated CouchDB.
      - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=root
      - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=root
      - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/admin/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    ports:
      - 9051:9051
      - 9053:9053 #host(system public_access):container_port
    volumes:
        - /var/run/:/host/var/run/
        #Backup of the peer ledger
       # -  ./Backup/peer1Org1:/var/hyperledger/production/
             # Update the path of our chaincode to map with docker
        - ./chaincode/:/opt/gopath/src/github.com/chaincode
             # Update the path for our --cafile in channel create with orderer msp tlscacertpemfile to map with docker
        - ./crypto-config/ordererOrganizations/orderer.immume.com/orderers/orderer.orderer.immume.com/msp/tlscacerts/:/etc/hyperledger/orderer/msp/tlsca
              # Update the path of our admin msp to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/users/Admin@.../msp/:/etc/hyperledger/admin/msp
              # Update the path of our location to map with docker
        - ./crypto-config/peerOrganizations/org1.immume.com/peers/peer1.org1.immume.com/:/etc/hyperledger/crypto/peer
    networks:
      - polarbear

  couchdb1:
      container_name: couchdb1
      image: hyperledger/fabric-couchdb:0.4.18
      # Populate the COUCHDB_USER and COUCHDB_PASSWORD to set an admin user and password
      # for CouchDB.  This will prevent CouchDB from operating in an "Admin Party" mode.
      environment:
        - COUCHDB_USER=root
        - COUCHDB_PASSWORD=root
      # Comment/Uncomment the port mapping if you want to hide/expose the CouchDB service,
      # for sella map it to utilize Fauxton User Interface in dev environments.
      ports:
        - "5984:5984"
      networks:
      - polarbear


There are no error in orderer(solo),ca-org1,ca-org2 logs.


Re: Why should organization not be both orderer and peer?

Bram Dufour <bram.dufour8@...>
 

Thanks a lot Jason, I hadn't thought about those attacks yet.

But isn't it possible for the organizations with orderer to use the OU roles, set the following policies and just run orderer and peers within the same organization? Isn't this possible or do you still see some vulnerabilities with this approach?

Policies: &OrgPolicies
            Orderer:
                Type: Signature
                Rule: "OR('org.orderer')"

```


And then also set the BlockValidation policy like this:

```
BlockValidation: Type: ImplicitMeta Rule: "ANY Orderer"

 

Thanks a lot in advance, it is a very interesting and important topic.


Re: Removed Databases, can't reset #fabric #couchdb

mario.schwaiger@...
 

"docker volume ls"
Yes, I have tried that. The CouchDB volumes were removed properly.
But even if not, when the Docker containers are removed and re-created - somehow it should be populated (again) if I do the same steps?

Does goleveldb have some kind of service to access the data?


Re: Why should organization not be both orderer and peer?

Jason Yellick <jyellick@...>
 

----- Original message -----
From: "Pam Andrejko" <pama@...>
Sent by: fabric@...
To: fabric@...
Cc:
Subject: [EXTERNAL] Re: [Hyperledger Fabric] Why should organization not be both orderer and peer?
Date: Mon, Aug 17, 2020 7:40 AM
 
See the topic on How many CAs are required in the CA documentation.

Because this is a distributed ledger, the ordering service should not be part of the same organization as the peers, so you will need separate organizations (and therefore CAs) for your peer organizations and ordering service organization. When multiple organizations contribute nodes to an ordering service, each ordering node would have its own organization CA. All of this separation is crucial for distributed management of the ordering service and channels and defeats the ability of a bad actor to disrupt the network.

Pam
 


Re: Why should organization not be both orderer and peer?

Pam Andrejko
 

See the topic on How many CAs are required in the CA documentation.

Because this is a distributed ledger, the ordering service should not be part of the same organization as the peers, so you will need separate organizations (and therefore CAs) for your peer organizations and ordering service organization. When multiple organizations contribute nodes to an ordering service, each ordering node would have its own organization CA. All of this separation is crucial for distributed management of the ordering service and channels and defeats the ability of a bad actor to disrupt the network.

Pam


Re: Why should organization not be both orderer and peer?

Bram Dufour <bram.dufour8@...>
 

Hi Si Chen, I think it was only the case for the Kafka orderer in earlier versions, in which only one org could run the Kafka ordering service.
 
With the raft orderer implementation, you can have a cross-organizational orderer cluster and so different orgs can have an orderer and be an application channel organization at the same time without problems.
With raft, for latency the orderer cluster shouldn't be that big though, so you can let some organizations that have the technical and financial capacity run their orderer (like miners in Bitcoin) and have other organizations only run peers (like full nodes in Bitcoin).
But like this, organizations can have orderers and application peers without problems, so I think it would be good to check the ordering service with raft and the newer Fabric versions v2.2, because the link you sent is still from v1.4 I see...
 


Why should organization not be both orderer and peer?

Si Chen <sichen@...>
 

Hello,

I saw in 

Question: | Can I have an organization act both in an ordering and application role?

Answer: Although this is possible, it is a highly discouraged configuration. ...


Would someone please explain a little more why that is?


Thank you.


--
-----
Si Chen
Open Source Strategies, Inc.

Join our Hyperledger Open Source Carbon Neutral Certification Working Group


#minifab #miniFabric #hyperledger-fabric #network #Centos #minifabric #hyperledger-fabric #network #centos #minifab

zilich@...
 

If you try to install miniFabric to centos,
you will see that cant work under published condition, i.e. Docker version  (18.03 or newer)...

 

 


Re: The return value in Fabric gateway java SDK submitTransaction method

Mark Lewis
 

If the transaction has been committed (i.e. the submit() call returns successfully) then it has satisfied the endorsement policy. If the endorsement policy wasn't satisfied then the transaction would be unsuccessful.

Regardless, if all you want to do is inspect a previously committed transaction then you do have several options using the fabric-gateway-java API, two of which I think you already understand:
  1. Look through block events received from peers for the required transaction event. This can be done realtime (in which case you would want to attach your listener before submitting the transaction), or you can replay previous blocks. Your listener will receive one block event for each block, and these will be received in block order.
  2. Use a commit listener to listen in realtime only for a specific transaction event from all specified peers. You will receive at most one transaction event from each peer.
  3. Use Network.evaluateTransaction() to retrieve a specific transaction directly from the Query system chaincode (qscc) GetTransactionByID transaction function. Just be aware that the response payload will be a serialized protobuf that you will need to deserialize. Compiled protobufs are in the org.hyperledger.fabric.protos package within the fabric-sdk-java JAR. The source repository for those protobuf definitions is https://github.com/hyperledger/fabric-protos.

Be aware that, while you can access the parent transaction for a given contract event, a contract event listener will only be invoked if:
  1. The transaction function emitted a chaincode event.
  2. The transaction committed successfully.

There is no guarantee on whether event delivery to different listeners is serial or parallel. The only guarantee is that each block (or contract) listener will receive events in block order and without duplication. From memory, the current implementation does deliver events to all realtime listeners sequentially, but the order of invocation of those realtime listeners is non-deterministic. Since this in an implementation detail, you shouldn't rely on this behaviour remaining the same across releases.


looking for sponsor for hyperledger labs blockchain-carbon-accounting project

Si Chen <sichen@...>
 

Hello everybody,

I'm from the Climate Accounting and Neutrality Working Group, and we'd like to ask for a sponsor to open a repository in hyperledger-lab.

This repository will be used for developing code for CO2 emissions accounting, to support emissions trading and other applications related to climate change.

I've written a proposal for this project.  If you'd like to learn more, please take a look at our ideas for the architecture and the initial project.

If any of the maintainers of the Fabric project could sponsor us, please let me know.  

Also we're looking for experienced advisors to our project, so if you could help us, please let me know too!

Thank you.

-----
Si Chen
Open Source Strategies, Inc.

Join our Hyperledger Open Source Carbon Neutral Certification Working Group

2701 - 2720 of 11526