|
Re: Chaincode commit not going through 2.0.0
Nicholas Leonardi
Hey Brett, Yup, I JUST noticed that and it worked. But it shouldn't be like this because if there's 15 orgs in the network, majority is 8, I'd need to get all their TLS ca.crt for that? Def a scalability problem. The endorsement should be automatically sent to the other peer through the orderers and handled there. I understand it's a permissioned network and the participants are known but it shouldn't have to have to deal with another tls cert Also, invoking the chaincode creates the container but it times out every time.
Em segunda-feira, 7 de setembro de 2020 14:36:06 BRT, Brett T Logan <brett.t.logan@...> escreveu:
As Dave noted in the post you linked, your majority requirement means the 'commit' must be performed by both orgs, you are only sending the commit transactions to a single org Nicholas Leonardi via lists.hyperledger.org --- [EXTERNAL] Re: [Hyperledger Fabric] Chaincode commit not going through 2.0.0 ---
Hey Chris, thanks for the insight. I understood and followed the process you told me but here's what's happening. 1. I have org1 deployed running on machine 1 with chaincode installed version 1.0 and sequence 1. Chaincode invoke and query are working perfectly. 2. I deploy org2 and add orderer and peer to the channel (successfully). 3. I package the chaincode on org1 and send it to org2 peer lifecycle chaincode package chaincode.tar.gz --path /etc/hyperledger/chaincode --lang node --label ccv1 4. I installed the newly packaged chaincode on both peers (org1.peer and org2.peer) there's only 1 peer per org Successfully installs and shows up when I queryinstalled 5. I approved on both organizations with version 1.0(didn't change) but changed the sequence to 2 --name chaincode --version 1.0 --sequence 2 6. I checked the commit readiness peer lifecycle chaincode checkcommitreadiness --channelID channel --name chaincode --version 1.0 --sequence 2 Version: 1.0, Sequence: 2, Endorsement Plugin: escc, Validation Plugin: vscc, Approvals: [Org1MSP: true, Org2MSP: true] 7. When I tried to commit sequence 2, I get the endorsement policy failure peer lifecycle chaincode commit -o orderer1.org1.org:7050 --channelID channel --name chaincode --version 1.0 --sequence 2 I looked over the documentation but couldn't find anything wrong. I also tried approving org2 with version 1.0 and sequence 1. It approves but when I try to commit it gives the error that it needs to be sequence 2. I double checked the block config and all seems well. The peer spits out this error: 1 sub-policies were satisfied, but this policy requires 2 of the 'Endorsement' sub-policies to be satisfied The endorsement subpolicy is set to MAJORITY Admins and both admins do approve. I have attached the block config json. I don't know what to do anymore Any futher help would be greatly appreciated. Hi Nick, You appeared to have committed prior to approving for both orgs. I have made this same mistake. Do in this order (also documented in the tutorial): 1) Package chaincode 2) Install chaincode on all peers 3) Query installed to get packageID 4) Approve for org1 5) Approve for org2 6) Check commit readiness 7) Commit chaincode (You can commmit chaincode for both orgs at the same time if commit readiness check show true for both org1 and org2 by using the —peerAddresses flag) Hope this helps, Chris
On Sep 6, 2020, at 8:59 AM, Nicholas Leonardi via lists.hyperledger.org <nlzanutim=yahoo.com@...> wrote:
|
||||||||
|
|
||||||||
|
Re: Chaincode commit not going through 2.0.0
Brett T Logan <brett.t.logan@...>
As Dave noted in the post you linked, your majority requirement means the 'commit' must be performed by both orgs, you are only sending the commit transactions to a single org
toggle quoted messageShow quoted text
Nicholas Leonardi via lists.hyperledger.org --- [EXTERNAL] Re: [Hyperledger Fabric] Chaincode commit not going through 2.0.0 ---
Hey Chris, thanks for the insight. I understood and followed the process you told me but here's what's happening. 1. I have org1 deployed running on machine 1 with chaincode installed version 1.0 and sequence 1. Chaincode invoke and query are working perfectly. 2. I deploy org2 and add orderer and peer to the channel (successfully). 3. I package the chaincode on org1 and send it to org2 peer lifecycle chaincode package chaincode.tar.gz --path /etc/hyperledger/chaincode --lang node --label ccv1 4. I installed the newly packaged chaincode on both peers (org1.peer and org2.peer) there's only 1 peer per org Successfully installs and shows up when I queryinstalled 5. I approved on both organizations with version 1.0(didn't change) but changed the sequence to 2 --name chaincode --version 1.0 --sequence 2 6. I checked the commit readiness peer lifecycle chaincode checkcommitreadiness --channelID channel --name chaincode --version 1.0 --sequence 2 Version: 1.0, Sequence: 2, Endorsement Plugin: escc, Validation Plugin: vscc, Approvals: [Org1MSP: true, Org2MSP: true] 7. When I tried to commit sequence 2, I get the endorsement policy failure peer lifecycle chaincode commit -o orderer1.org1.org:7050 --channelID channel --name chaincode --version 1.0 --sequence 2 I looked over the documentation but couldn't find anything wrong. I also tried approving org2 with version 1.0 and sequence 1. It approves but when I try to commit it gives the error that it needs to be sequence 2. I double checked the block config and all seems well. The peer spits out this error: 1 sub-policies were satisfied, but this policy requires 2 of the 'Endorsement' sub-policies to be satisfied The endorsement subpolicy is set to MAJORITY Admins and both admins do approve. I have attached the block config json. I don't know what to do anymore Any futher help would be greatly appreciated. Hi Nick, You appeared to have committed prior to approving for both orgs. I have made this same mistake. Do in this order (also documented in the tutorial): 1) Package chaincode 2) Install chaincode on all peers 3) Query installed to get packageID 4) Approve for org1 5) Approve for org2 6) Check commit readiness 7) Commit chaincode (You can commmit chaincode for both orgs at the same time if commit readiness check show true for both org1 and org2 by using the —peerAddresses flag) Hope this helps, Chris
On Sep 6, 2020, at 8:59 AM, Nicholas Leonardi via lists.hyperledger.org <nlzanutim=yahoo.com@...> wrote:
|
||||||||
|
|
||||||||
|
Re: Chaincode commit not going through 2.0.0
Nicholas Leonardi
Hey Chris, thanks for the insight. I understood and followed the process you told me but here's what's happening. 1. I have org1 deployed running on machine 1 with chaincode installed version 1.0 and sequence 1. Chaincode invoke and query are working perfectly. 2. I deploy org2 and add orderer and peer to the channel (successfully). 3. I package the chaincode on org1 and send it to org2 peer lifecycle chaincode package chaincode.tar.gz --path /etc/hyperledger/chaincode --lang node --label ccv1 4. I installed the newly packaged chaincode on both peers (org1.peer and org2.peer) there's only 1 peer per org Successfully installs and shows up when I queryinstalled 5. I approved on both organizations with version 1.0(didn't change) but changed the sequence to 2 --name chaincode --version 1.0 --sequence 2 6. I checked the commit readiness peer lifecycle chaincode checkcommitreadiness --channelID channel --name chaincode --version 1.0 --sequence 2 Version: 1.0, Sequence: 2, Endorsement Plugin: escc, Validation Plugin: vscc, Approvals: [Org1MSP: true, Org2MSP: true] 7. When I tried to commit sequence 2, I get the endorsement policy failure peer lifecycle chaincode commit -o orderer1.org1.org:7050 --channelID channel --name chaincode --version 1.0 --sequence 2 I looked over the documentation but couldn't find anything wrong. I also tried approving org2 with version 1.0 and sequence 1. It approves but when I try to commit it gives the error that it needs to be sequence 2. I double checked the block config and all seems well. The peer spits out this error: 1 sub-policies were satisfied, but this policy requires 2 of the 'Endorsement' sub-policies to be satisfied The endorsement subpolicy is set to MAJORITY Admins and both admins do approve. I have attached the block config json. I don't know what to do anymore Any futher help would be greatly appreciated. Hi Nick, You appeared to have committed prior to approving for both orgs. I have made this same mistake. Do in this order (also documented in the tutorial): 1) Package chaincode 2) Install chaincode on all peers 3) Query installed to get packageID 4) Approve for org1 5) Approve for org2 6) Check commit readiness 7) Commit chaincode (You can commmit chaincode for both orgs at the same time if commit readiness check show true for both org1 and org2 by using the —peerAddresses flag) Hope this helps, Chris
On Sep 6, 2020, at 8:59 AM, Nicholas Leonardi via lists.hyperledger.org <nlzanutim=yahoo.com@...> wrote:
|
||||||||
|
|
||||||||
|
chaincode instantiation failed
#fabric-chaincode
kokolaki@...
|
||||||||
|
|
||||||||
|
Re: Chaincode commit not going through 2.0.0
Chris Gabriel <alaskadd@...>
Hi Nick,
toggle quoted messageShow quoted text
You appeared to have committed prior to approving for both orgs. I have made this same mistake. Do in this order (also documented in the tutorial): 1) Package chaincode 2) Install chaincode on all peers 3) Query installed to get packageID 4) Approve for org1 5) Approve for org2 6) Check commit readiness 7) Commit chaincode (You can commmit chaincode for both orgs at the same time if commit readiness check show true for both org1 and org2 by using the —peerAddresses flag) Hope this helps, Chris
On Sep 6, 2020, at 8:59 AM, Nicholas Leonardi via lists.hyperledger.org <nlzanutim=yahoo.com@...> wrote:
|
||||||||
|
|
||||||||
|
Chaincode commit not going through 2.0.0
Nicholas Leonardi
Hey guys, I have two organizations on two different machines, each org has 1 peer. I'm able to add both peers to the channel, bring in a fourth orderer for org 2. Everything works except when I try to commit the chaincode for the org2. I generate the package from org 1 (chaincode installed and committed) and send it to org2. I can install it on peer2 and approve for org with a new sequence. I also approve for org1 with the new sequence but when I try to commit, I get an endorsement failure policy. Version 2.0.0 I found this but to no avail the chaincode gets committed by either orgs. The commit readiness is true for both when I check that. Anyone have any other ideas besides from that topic? Thanks in advance. Nick
|
||||||||
|
|
||||||||
|
Re: Build fabric on raspberry pi
#fabric
kokolaki@...
Yes I have that binutils package:
ubuntu@ubuntu:~$ sudo apt-get install binutils Reading package lists... Done Building dependency tree Reading state information... Done binutils is already the newest version (2.30-21ubuntu1~18.04.4). binutils set to manually installed. 0 upgraded, 0 newly installed, 0 to remove and 13 not upgraded. ubuntu@ubuntu:~$ ls My configurations are: ubuntu@ubuntu:~/fabric/fabric2$ whereis ld ld: /usr/bin/ld /usr/bin/ld.bfd /usr/bin/ld.gold /usr/share/man/man1/ld.1.gz my go path variables in .profile bash file are: export PATH=$PATH:/usr/local/go/bin export GOPATH=$HOME/go export PATH=$PATH:$GOPATH/bin
|
||||||||
|
|
||||||||
|
Re: Build fabric on raspberry pi
#fabric
Brian Behlendorf <bbehlendorf@...>
Looks like if gcc can't find ld,
there's a common developer package or two you're missing. My guess
is you're on Ubuntu or something Debian-ish, do you have the
binutils package installed?
Brian
On 9/4/20 6:03 AM,
kokolaki@... wrote:
I am trying to install fabric version 2.2.0 in raspperry pi. I cloned fabric repository and checkout to appropriate tag. I use last version of golang go1.15.1 linux/arm64
-- Brian Behlendorf Executive Director, Hyperledger bbehlendorf@... Twitter: @brianbehlendorf
|
||||||||
|
|
||||||||
|
Hyperledger Fabric Documentation Workgroup call - Western hemisphere - Fri, 09/04/2020
#cal-notice
fabric@lists.hyperledger.org Calendar <noreply@...>
Hyperledger Fabric Documentation Workgroup call - Western hemisphere When: Where: Organizer: Description:
|
||||||||
|
|
||||||||
|
Hyperledger Fabric Documentation Workgroup call - Western hemisphere - Fri, 09/04/2020 4:00pm-5:00pm
#cal-reminder
fabric@lists.hyperledger.org Calendar <fabric@...>
Reminder: Hyperledger Fabric Documentation Workgroup call - Western hemisphere When: Friday, 4 September 2020, 4:00pm to 5:00pm, (GMT+01:00) Europe/London Where:https://zoom.us/my/hyperledger.community.backup Organizer: Anthony O'Dowd a_o-dowd@... +441962816761 Description: https://zoom.us/my/hyperledger.community.backup
|
||||||||
|
|
||||||||
|
Build fabric on raspberry pi
#fabric
kokolaki@...
I am trying to install fabric version 2.2.0 in raspperry pi. I cloned fabric repository and checkout to appropriate tag. I use last version of golang go1.15.1 linux/arm64
when I run "make" to generate, I have the following error: # github.com/hyperledger/fabric/cmd/peer /usr/local/go/pkg/tool/linux_arm64/link: running gcc failed: exit status 1 collect2: fatal error: cannot find 'ld' compilation terminated. make: *** [Makefile:209: build/bin/peer] Error 2 Removing intermediate container d41a9d6e8573 The command '/bin/sh -c make peer GO_TAGS=${GO_TAGS}' returned a non-zero code: 2 Makefile:224: recipe for target 'build/images/peer/.dummy-arm64-2.2.0-snapshot-5ea85bc54' failed make: *** [build/images/peer/.dummy-arm64-2.2.0-snapshot-5ea85bc54] Error 2 Any help? Thnak you.
|
||||||||
|
|
||||||||
|
Hyperledger Fabric Documentation Workgroup call - Eastern hemisphere - Fri, 09/04/2020
#cal-notice
fabric@lists.hyperledger.org Calendar <noreply@...>
Hyperledger Fabric Documentation Workgroup call - Eastern hemisphere When: Where: Organizer: Description:
|
||||||||
|
|
||||||||
|
how to create and manage credentials for an app based on fabric?
Hello everybody, Could we get your advice on how to create and manage credentials for an app which interacts with a Hyperledger fabric ledger? This is all from our last Climate Accounting WG call: We're planning to have a REST interface interact with the ledger. Then a user-facing app would connect to the REST interface. So should we have 1. a REST api which creates credential (security key) from a certificate authority which the app is allowed to interact with 2. the REST api return the security key to the client app 3. the client app stores the security key for the user 4. the client app allows the user to call ledger chain code using the stored security key? Thank you for your advice. ----- Si Chen Open Source Strategies, Inc. Join our Hyperledger Open Source Carbon Accounting & Certification Working Group - Video
|
||||||||
|
|
||||||||
|
Documentation Workgroup: Agenda for Friday, 04 Sep
Anthony O'Dowd <a_o-dowd@...>
Hi All,
We will hold the documentation workgroup East hemisphere and Western hemisphere calls as usual this Friday. Please attend, you are very welcome! You can read about last week's calls at https://wiki.hyperledger.org/display/fabric/2020+08+28+DWG+Agenda You'll see significant minutes for both the Eastern and Western hemisphere calls, and recordings for both sessions. You can catch up with the full recordings and other sessions: https://wiki.hyperledger.org/display/fabric/Recordings Our Eastern and Western hemisphere calls are very well attended at the moment -- thanks to all for your contributions and collaboration. On our Eastern hemisphere call this week we will be reviewing:
Our Western hemisphere call will be equally busy:
See https://wiki.hyperledger.org/display/fabric/2020+09+04+DWG+Agenda for this week's agenda for the eastern and western hemisphere calls. Please feel free to contribute using the wiki, including helping to build next week's agenda: https://wiki.hyperledger.org/display/fabric/2020+09+11+DWG+Agenda Thanks! Pam, Joe, Anthony Meeting Details ------------- Please use the following link to attend the meeting: https://zoom.us/j/6223336701 The meeting times are as follows: https://wiki.hyperledger.org/display/fabric/Documentation+Working+Group Meeting 144A: Friday 04 Sep 1130 India Standard Time 1400 China Standard Time 1500 Japan Standard Time 1700 Australia Eastern Time 1400 Singapore Time 1100 Gulf Standard Time 1000 Moscow Standard Time 0700 Greenwich Mean Time 0800 Central European Time Meeting 144B: Friday 04 Sep 1100 Central Daylight Time 1200 Eastern Daylight Time 0900 Pacific Daylight Time 1400 Brasil Time (BRT) 1600 Greenwich Mean Time 1700 Central European Time 1800 Moscow Standard Time Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
|
||||||||
|
|
||||||||
|
Updated Event: Fabric SDK Python Meeting
#cal-invite
fabric@lists.hyperledger.org Calendar <fabric@...>
Fabric SDK Python Meeting When: Where: Organizer: Fabric SDK Python Team Description:
|
||||||||
|
|
||||||||
|
Updated Event: Hyperledger Fabric Documentation Workgroup call - Eastern hemisphere
#cal-invite
fabric@lists.hyperledger.org Calendar <fabric@...>
Hyperledger Fabric Documentation Workgroup call - Eastern hemisphere When: Where: Organizer: Anthony O'Dowd a_o-dowd@... +441962816761 Description:
|
||||||||
|
|
||||||||
|
Updated Event: Hyperledger Fabric Documentation Workgroup call - Western hemisphere
#cal-invite
fabric@lists.hyperledger.org Calendar <fabric@...>
Hyperledger Fabric Documentation Workgroup call - Western hemisphere When: Where: Organizer: Anthony O'Dowd a_o-dowd@... +441962816761 Description:
|
||||||||
|
|
||||||||
|
Re: Adding extended key usages in node enrollment certificates
#fabric-questions
#fabric
Gari Singh <garis@...>
Adding usages does not limit the usages; it increases the potential usages. Of course usages are only relevant for consumers which honor usages.
----------------------------------------- Gari Singh Distinguished Engineer, CTO - IBM Blockchain IBM Middleware 550 King St Littleton, MA 01460 Cell: 978-846-7499 garis@... ----------------------------------------- -----fabric@... wrote: ----- To: fabric@... From: chintanr97@... Sent by: fabric@... Date: 09/03/2020 09:43AM Subject: [EXTERNAL] Re: [Hyperledger Fabric] Adding extended key usages in node enrollment certificates #fabric #fabric-questions My aim of adding additional extended key usages is to limit the usage of certificate/key for any other purposes. I just wanted to identify if it will affect or disturb the functioning of nodes if I add any valid ECC extended key usages.
|
||||||||
|
|
||||||||
|
Re: Adding extended key usages in node enrollment certificates
#fabric-questions
#fabric
chintanr97@...
My aim of adding additional extended key usages is to limit the usage of certificate/key for any other purposes. I just wanted to identify if it will affect or disturb the functioning of nodes if I add any valid ECC extended key usages.
|
||||||||
|
|
||||||||
|
Re: Adding extended key usages in node enrollment certificates
#fabric-questions
#fabric
Gari Singh <garis@...>
Why do you want to add additional (extended) key usages to the enrollment certificates?
They currently contain the minimum set for their intended purpose: digital signatures. And we intentionally do not add the TLS-related usages as we want to maintain a separate of duties in terms of signing and TLS. Adding additional usages should not affect anything, but it's advisable not do so. That being said, you can modify the default profile ( https://github.com/hyperledger/fabric-ca/blob/v1.4.8/cmd/fabric-ca-server/config.go#L303 ) or create a new profile with additional attributes. You can find the list of usages here: https://github.com/cloudflare/cfssl/blob/v1.4.1/doc/cmd/cfssl.txt#L86-L114 ----------------------------------------- Gari Singh Distinguished Engineer, CTO - IBM Blockchain IBM Middleware 550 King St Littleton, MA 01460 Cell: 978-846-7499 garis@... ----------------------------------------- -----fabric@... wrote: ----- To: fabric@... From: chintanr97@... Sent by: fabric@... Date: 09/03/2020 01:09AM Subject: [EXTERNAL] [Hyperledger Fabric] Adding extended key usages in node enrollment certificates #fabric #fabric-questions Hi Team, I was trying to identify the extended key usages in X.509 enrollment certificates: https://tools.ietf.org/html/rfc5280#section-4.2.1.12 I need to add some extended key usages in the enrollment certificate - but I want to know what would be the correct set of the extended key usages that we can actually put up in the node enrollment certificates with respect to HLF world? I understand that Server Auth and Client Auth are mainly for TLS/SSL node certificates. The ones other than that: codeSigning, emailProtection, timeStamping, OCSPSigning - what would be correct subset of these to put up in HLF node certificates? Will adding those break the node communication or affect the HLF network in any way?
|
||||||||
|
|