我认为Fabric正在尝试发现对等体和订购者,只要它们意识到它们确实存在,但与计算机IP地址不匹配。是否有办法为启用TLS的通信指定计算机IP覆盖?
这是完整日志
2020-04-25T02:52:32.615Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Committer- name: orderer.xxxx.com:7050, url:grpcs://orderer.xxxx.com:7050
2020-04-25T02:52:32.616Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server orderer.xxxx.com:7050 url:grpcs://orderer.xxxx.com:7050 timeout:3000
2020-04-25T02:52:32.616Z - error: [DiscoveryService]: _buildOrderer[evm] - Unable to connect to the discovered orderer orderer.xxxx.com:7050 due to Error: Failed to connect before the deadline on Committer- name: orderer.xxxx.com:7050, url:grpcs://orderer.xxxx.com:7050
2020-04-25T02:52:35.624Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer0.org1.xxxx.com:7051, url:grpcs://peer0.org1.xxxx.com:7051
2020-04-25T02:52:35.624Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer0.org1.xxxx.com:7051 url:grpcs://peer0.org1.xxxx.com:7051 timeout:3000
2020-04-25T02:52:35.624Z - error: [DiscoveryService]: _buildPeer[evm] - Unable to connect to the discovered peer peer0.org1.xxxx.com:7051 due to Error: Failed to connect before the deadline on Endorser- name: peer0.org1.xxxx.com:7051, url:grpcs://peer0.org1.xxxx.com:7051
2020-04-25T02:52:38.626Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer1.org1.xxxx.com:8051, url:grpcs://peer1.org1.xxxx.com:8051
2020-04-25T02:52:38.627Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer1.org1.xxxx.com:8051 url:grpcs://peer1.org1.xxxx.com:8051 timeout:3000
2020-04-25T02:52:38.627Z - error: [DiscoveryService]: _buildPeer[evm] - Unable to connect to the discovered peer peer1.org1.xxxx.com:8051 due to Error: Failed to connect before the deadline on Endorser- name: peer1.org1.xxxx.com:8051, url:grpcs://peer1.org1.xxxx.com:8051
2020-04-25T02:52:41.630Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer0.org2.xxxx.com:9051, url:grpcs://peer0.org2.xxxx.com:9051
2020-04-25T02:52:41.630Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer0.org2.xxxx.com:9051 url:grpcs://peer0.org2.xxxx.com:9051 timeout:3000
2020-04-25T02:52:41.630Z - error: [DiscoveryService]: _buildPeer[evm] - Unable to connect to the discovered peer peer0.org2.xxxx.com:9051 due to Error: Failed to connect before the deadline on Endorser- name: peer0.org2.xxxx.com:9051, url:grpcs://peer0.org2.xxxx.com:9051
2020-04-25T02:52:44.631Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer1.org2.xxxx.com:10051, url:grpcs://peer1.org2.xxxx.com:10051
2020-04-25T02:52:44.631Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer1.org2.xxxx.com:10051 url:grpcs://peer1.org2.xxxx.com:10051 timeout:3000
2020-04-25T02:52:44.631Z - error: [DiscoveryService]: _buildPeer[evm] - Unable to connect to the discovered peer peer1.org2.xxxx.com:10051 due to Error: Failed to connect before the deadline on Endorser- name: peer1.org2.xxxx.com:10051, url:grpcs://peer1.org2.xxxx.com:10051
2020-04-25T02:52:44.647Z - error: [SingleQueryHandler]: evaluate: message=Query failed. Errors: [], stack=FabricError: Query failed. Errors: []
at SingleQueryHandler.evaluate (/home/ubuntu/application-layer/node_modules/fabric-network/lib/impl/query/singlequeryhandler.js:45:23)
at Transaction.evaluate (/home/ubuntu/application-layer/node_modules/fabric-network/lib/transaction.js:287:49)
at Contract.evaluateTransaction (/home/ubuntu/application-layer/node_modules/fabric-network/lib/contract.js:115:45)
at main (/home/ubuntu/application-layer/query.js:52:39)
at processTicksAndRejections (internal/process/task_queues.js:97:5), name=FabricError
Failed to evaluate transaction: FabricError: Query failed. Errors: []
这是我用来连接的:
/*
* SPDX-License-Identifier: Apache-2.0
*/
'use strict';
const { Gateway, Wallets } = require('fabric-network');
const path = require('path');
const fs = require('fs');
async function main() {
try {
// load the network configuration
const ccpPath = path.resolve(__dirname, '..', 'first-network', 'connection-org1.json');
const ccp = JSON.parse(fs.readFileSync(ccpPath, 'utf8'));
// Create a new file system based wallet for managing identities.
const walletPath = path.join(process.cwd(), 'wallet');
const wallet = await Wallets.newFileSystemWallet(walletPath);
console.log(`Wallet path: ${walletPath}`);
// Check to see if we've already enrolled the user.
const identity = await wallet.get('appUser');
if (!identity) {
console.log('An identity for the user "appUser" does not exist in the wallet');
console.log('Run the registerUser.js application before retrying');
return;
}
// Create a new gateway for connecting to our peer node.
const gateway = new Gateway();
await gateway.connect(ccp, { wallet: wallet, identity: 'appUser', discovery: { enabled: true, asLocalhost: false } });
// Get the network (channel) our contract is deployed to.
const network = await gateway.getNetwork('evm');
// Get the contract from the network.
const contract = network.getContract('evmxxx');
// Evaluate the specified transaction.
const result = await contract.submitTransaction('getEVMAddress');
console.log(`Transaction has been evaluated, result is: ${result.toString()}`);
} catch (error) {
console.error(`Failed to evaluate transaction: ${error}`);
process.exit(1);
}
}
main();
这是connection-org1.json文件的内容
{
"name": "first-network-org1",
"version": "1.0.0",
"client": {
"organization": "Org1",
"connection": {
"timeout": {
"peer": {
"endorser": "300"
}
}
}
},
"organizations": {
"Org1": {
"mspid": "Org1MSP",
"peers": [
"peer0.org1.xxxx.com",
"peer1.org1.xxxx.com"
],
"certificateAuthorities": [
"ca.org1.xxxx.com"
]
}
},
"peers": {
"peer0.org1.xxxx.com": {
"url": "grpcs://xxx.xx.xx.x:7051",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----xxxx-----END CERTIFICATE-----\n"
},
"grpcOptions": {
"ssl-target-name-override": "peer0.org1.xxxx.com",
"hostnameOverride": "peer0.org1.xxxx.com",
"grpc.keepalive_timeout_ms":80000,
"grpc-max-send-message-length": -1,
"grpc.keepalive_time_ms": 600000,
"grpc.http2.min_time_between_pings_ms": 120000,
"grpc.http2.max_pings_without_data": 0,
"grpc.keepalive_permit_without_calls": 1
}
},
"peer1.org1.xxxx.com": {
"url": "grpcs://xxx.xx.xx.x:8051",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----xxxx-----END CERTIFICATE-----\n"
},
"grpcOptions": {
"ssl-target-name-override": "peer1.org1.xxxx.com",
"hostnameOverride": "peer1.org1.xxxx.com",
"grpc.keepalive_timeout_ms":80000,
"grpc-max-send-message-length": -1,
"grpc.keepalive_time_ms": 600000,
"grpc.http2.min_time_between_pings_ms": 120000,
"grpc.http2.max_pings_without_data": 0,
"grpc.keepalive_permit_without_calls": 1
}
}
},
"certificateAuthorities": {
"ca.org1.xxxx.com": {
"url": "https://xxx.xx.xx.x:7054",
"caName": "ca-org1",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----xxxx-----END CERTIFICATE-----\n"
},
"httpOptions": {
"verify": false
}
}
}
}
我无法使它连接,但是,它确实在同一个Fabric计算机中工作,使用localhost而不是提供的示例ip地址作为grpcs url,并将发现选项asLocalHost设置为true。
先谢谢你。
编辑
加密配置yaml如下所示:
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
SANS:
- "xxx.xx.x.x"
- Hostname: orderer2
SANS:
- "xxx.xx.x.x"
- Hostname: orderer3
SANS:
- "xxx.xx.x.x"
- Hostname: orderer4
SANS:
- "xxx.xx.x.x"
- Hostname: orderer5
SANS:
- "xxx.xx.x.x"
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: Org1.example.com
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 2
SANS:
- "xxx.xx.x.x"
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 1
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: Org2
Domain: Org2.example.com
EnableNodeOUs: true
Template:
Count: 2
SANS:
- "xxx.xx.x.x"
Users:
Count: 1
所有与SANS相关的字段使用相同的IP。
3条答案
按热度按时间mrwjdhj31#
我在我的项目中也遇到了这个错误。我在我的
connection_config.json
中错误地放入了pem
(我放入了文件的路径而不是实际的键,LoL...)正确输入
pem
后,它工作正常。所以,可能要仔细检查tlsCaCerts
的pem
属性,确保它们正确且格式正确。希望这会有所帮助。祝你好运!!!2wnc66cl2#
要解决此问题,请在/etc/hosts中指定DNS解析
pw136qt23#
出现此错误时检查4分
1.是否为目标服务器上的服务正确打开了入站。
IPv4 --〉7050/传输控制协议、7051/传输控制协议、8051/传输控制协议、9051/传输控制协议、10051/传输控制协议
1.如果从其他计算机连接,请启用发现服务并将asLocalHost更改为false。
1.就像@Badr Bellaj所说的,在源服务器(ubuntu)中添加所有的目标服务主机名
sudo vi /etc/主机
在hosts文件中添加以下内容,
1.如@jsonph所示,仔细检查连接文件为服务名称,pem文件/路径,ip设置为列出的服务。