我已经试着建立一个Hyperledger Fabric网络好几天了。我使用的是Hyperledger的2.0.0版本,并且这一切都是在一台使用Docker的机器上运行的。经过艰难的进展,这是现在难住我的部分。我以为我已经解决了大部分问题。这是来自文档的"你的第一个网络"的变体。只更改了几个名称。有两个对等体和五个订购者。当我查看第一个订购者的日志时,我得到了以下内容,这并不好:
(See below for an example.)
作为参考,我的docker-compose-cli.yaml
的开头如下所示,因为显式添加订单似乎可以消除一些错误:
version: '2'
volumes:
orderer.diro.umontreal.ca:
orderer2.diro.umontreal.ca:
orderer3.diro.umontreal.ca:
orderer4.diro.umontreal.ca:
orderer5.diro.umontreal.ca:
peer0.med1.diro.umontreal.ca:
peer1.med1.diro.umontreal.ca:
peer0.med2.diro.umontreal.ca:
peer1.med2.diro.umontreal.ca:
networks:
byfn:
services:
orderer.diro.umontreal.ca:
extends:
file: base/docker-compose-base.yaml
service: orderer.diro.umontreal.ca
container_name: orderer.diro.umontreal.ca
networks:
- byfn
orderer2.diro.umontreal.ca:
extends:
file: base/docker-compose-base.yaml
service: orderer.diro.umontreal.ca
container_name: orderer2.diro.umontreal.ca
networks:
- byfn
orderer3.diro.umontreal.ca:
extends:
file: base/docker-compose-base.yaml
service: orderer.diro.umontreal.ca
container_name: orderer3.diro.umontreal.ca
networks:
- byfn
orderer4.diro.umontreal.ca:
extends:
file: base/docker-compose-base.yaml
service: orderer.diro.umontreal.ca
container_name: orderer4.diro.umontreal.ca
networks:
- byfn
orderer5.diro.umontreal.ca:
extends:
file: base/docker-compose-base.yaml
service: orderer.diro.umontreal.ca
container_name: orderer5.diro.umontreal.ca
networks:
- byfn
我的crypto-config.yaml
的开头如下所示:
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: diro.umontreal.ca
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
- Name: Orderer2
Domain: diro.umontreal.ca
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer2
- Name: Orderer3
Domain: diro.umontreal.ca
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer3
- Name: Orderer4
Domain: diro.umontreal.ca
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer4
- Name: Orderer5
Domain: diro.umontreal.ca
EnableNodeOUs: true
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer5
这是我的configx.yaml
的一部分:
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.diro.umontreal.ca
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer.diro.umontreal.ca/msp/tlscacerts/tlsca.diro.umontreal.ca-cert.pem
ServerTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer.diro.umontreal.ca/tls/server.crt
- Host: orderer2.diro.umontreal.ca
Port: 8050
ClientTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer2.diro.umontreal.ca/msp/tlscacerts/tlsca.diro.umontreal.ca-cert.pem
ServerTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer2.diro.umontreal.ca/tls/server.crt
- Host: orderer3.diro.umontreal.ca
Port: 9050
ClientTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer3.diro.umontreal.ca/msp/tlscacerts/tlsca.diro.umontreal.ca-cert.pem
ServerTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer3.diro.umontreal.ca/tls/server.crt
- Host: orderer4.diro.umontreal.ca
Port: 10050
ClientTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer4.diro.umontreal.ca/msp/tlscacerts/tlsca.diro.umontreal.ca-cert.pem
ServerTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer4.diro.umontreal.ca/tls/server.crt
- Host: orderer5.diro.umontreal.ca
Port: 11050
ClientTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer5.diro.umontreal.ca/msp/tlscacerts/tlsca.diro.umontreal.ca-cert.pem
ServerTLSCert: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer5.diro.umontreal.ca/tls/server.crt
Addresses:
- orderer.diro.umontreal.ca:7050
- orderer2.diro.umontreal.ca:8050
- orderer3.diro.umontreal.ca:9050
- orderer4.diro.umontreal.ca:10050
- orderer5.diro.umontreal.ca:11050
最初,所有的ClientTLSCert
和ServerTLSCert
都有相同的值,但是我改变了ClientTLSCert
的值,认为它们的参数是一个名为server.crt
的文件是没有意义的。
但是我的订单日志中仍然有错误。也许这是正常的,但是看起来不正常。出了什么问题?
编辑:
根据下面的注解,我将configtx.yaml
更改为:
Organizations:
# SampleOrg defines an MSP using the sampleconfig. It should never be used
# in production but may be used as a template for other definitions
- &OrdererOrg
# DefaultOrg defines the organization which is used in the sampleconfig
# of the fabric.git development environment
Name: OrdererOrg
# ID to load the MSP definition as
ID: OrdererMSP
# MSPDir is the filesystem path which contains the MSP configuration
MSPDir: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer.diro.umontreal.ca/msp/
MSPDir: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer2.diro.umontreal.ca/msp/
MSPDir: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer3.diro.umontreal.ca/msp/
MSPDir: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer4.diro.umontreal.ca/msp/
MSPDir: crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer5.diro.umontreal.ca/msp/
我让docker-compose-base.yaml
以如下形式开始:
version: '2'
services:
orderer.diro.umontreal.ca:
container_name: orderer.diro.umontreal.ca
extends:
file: peer-base.yaml
service: orderer-base
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer.diro.umontreal.ca/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer.diro.umontreal.ca/tls/:/var/hyperledger/orderer/tls
- ../crypto-config/ordererOrganizations/diro.umontreal.ca/tlsca:/var/hyperledger/orderer/tlsca
- orderer.diro.umontreal.ca:/var/hyperledger/production/orderer
ports:
- 7050:7050
orderer2.diro.umontreal.ca:
container_name: orderer2.diro.umontreal.ca
extends:
file: peer-base.yaml
service: orderer-base
volumes:
- ../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ../crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer2.diro.umontreal.ca/msp:/var/hyperledger/orderer/msp
- ../crypto-config/ordererOrganizations/diro.umontreal.ca/orderers/orderer2.diro.umontreal.ca/tls/:/var/hyperledger/orderer/tls
- ../crypto-config/ordererOrganizations/diro.umontreal.ca/tlsca:/var/hyperledger/orderer/tlsca
- orderer.diro.umontreal.ca:/var/hyperledger/production/orderer
ports:
- 8050:8050
继续这样,给每个订购者一个不同的端口和路径,这些是在docker-compose-cli.yaml
h中调用和扩展的订购者,但是当我检查第一个订购者的日志时,我得到:
Version: 2.0.0
Commit SHA: 0432c3e
Go version: go1.13.4
OS/Arch: linux/amd64
2020-03-11 19:11:39.757 UTC [orderer.common.server] Main -> INFO 020 Beginning to serve requests
2020-03-11 19:11:39.759 UTC [core.comm] ServerHandshake -> ERRO 021 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.5:57256
2020-03-11 19:11:39.759 UTC [core.comm] ServerHandshake -> ERRO 022 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.4:33190
2020-03-11 19:11:39.759 UTC [core.comm] ServerHandshake -> ERRO 023 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.2:54038
2020-03-11 19:11:39.966 UTC [orderer.consensus.etcdraft] apply -> INFO 024 Applied config change to add node 1, current nodes in channel: [1 2 3 4 5] channel=byfn-sys-channel node=1
2020-03-11 19:11:39.967 UTC [orderer.consensus.etcdraft] apply -> INFO 025 Applied config change to add node 2, current nodes in channel: [1 2 3 4 5] channel=byfn-sys-channel node=1
2020-03-11 19:11:39.967 UTC [orderer.consensus.etcdraft] apply -> INFO 026 Applied config change to add node 3, current nodes in channel: [1 2 3 4 5] channel=byfn-sys-channel node=1
2020-03-11 19:11:39.968 UTC [orderer.consensus.etcdraft] apply -> INFO 027 Applied config change to add node 4, current nodes in channel: [1 2 3 4 5] channel=byfn-sys-channel node=1
2020-03-11 19:11:39.968 UTC [orderer.consensus.etcdraft] apply -> INFO 028 Applied config change to add node 5, current nodes in channel: [1 2 3 4 5] channel=byfn-sys-channel node=1
2020-03-11 19:11:40.765 UTC [core.comm] ServerHandshake -> ERRO 029 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.2:54068
2020-03-11 19:11:41.115 UTC [core.comm] ServerHandshake -> ERRO 02a TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.3:55468
2020-03-11 19:11:42.278 UTC [core.comm] ServerHandshake -> ERRO 02b TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.2:54086
2020-03-11 19:11:44.408 UTC [core.comm] ServerHandshake -> ERRO 02c TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.5:57326
2020-03-11 19:11:44.630 UTC [core.comm] ServerHandshake -> ERRO 02d TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.2:54104
2020-03-11 19:11:47.384 UTC [core.comm] ServerHandshake -> ERRO 02e TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.4:33268
2020-03-11 19:11:47.758 UTC [orderer.consensus.etcdraft] Step -> INFO 02f 1 is starting a new election at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.758 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 030 1 became pre-candidate at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.758 UTC [orderer.consensus.etcdraft] poll -> INFO 031 1 received MsgPreVoteResp from 1 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.759 UTC [orderer.consensus.etcdraft] campaign -> INFO 032 1 [logterm: 1, index: 5] sent MsgPreVote request to 2 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.759 UTC [orderer.consensus.etcdraft] campaign -> INFO 033 1 [logterm: 1, index: 5] sent MsgPreVote request to 3 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.759 UTC [orderer.consensus.etcdraft] campaign -> INFO 034 1 [logterm: 1, index: 5] sent MsgPreVote request to 4 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.759 UTC [orderer.consensus.etcdraft] campaign -> INFO 035 1 [logterm: 1, index: 5] sent MsgPreVote request to 5 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:47.759 UTC [orderer.consensus.etcdraft] logSendFailure -> ERRO 036 Failed to send StepRequest to 2, because: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority (possibly because of \"x509: ECDSA verification failure\" while trying to verify candidate authority certificate \"tlsca.diro.umontreal.ca\")" channel=byfn-sys-channel node=1
2020-03-11 19:11:47.760 UTC [orderer.consensus.etcdraft] logSendFailure -> ERRO 037 Failed to send StepRequest to 3, because: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority (possibly because of \"x509: ECDSA verification failure\" while trying to verify candidate authority certificate \"tlsca.diro.umontreal.ca\")" channel=byfn-sys-channel node=1
2020-03-11 19:11:47.760 UTC [orderer.consensus.etcdraft] logSendFailure -> ERRO 038 Failed to send StepRequest to 4, because: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority (possibly because of \"x509: ECDSA verification failure\" while trying to verify candidate authority certificate \"tlsca.diro.umontreal.ca\")" channel=byfn-sys-channel node=1
2020-03-11 19:11:49.344 UTC [core.comm] ServerHandshake -> ERRO 039 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.2:54126
2020-03-11 19:11:50.057 UTC [core.comm] ServerHandshake -> ERRO 03a TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.5:57358
2020-03-11 19:11:51.337 UTC [core.comm] ServerHandshake -> ERRO 03b TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.3:55534
2020-03-11 19:11:55.758 UTC [orderer.consensus.etcdraft] Step -> INFO 03c 1 is starting a new election at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:55.758 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 03d 1 became pre-candidate at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:55.758 UTC [orderer.consensus.etcdraft] poll -> INFO 03e 1 received MsgPreVoteResp from 1 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:55.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 03f 1 [logterm: 1, index: 5] sent MsgPreVote request to 2 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:55.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 040 1 [logterm: 1, index: 5] sent MsgPreVote request to 3 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:55.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 041 1 [logterm: 1, index: 5] sent MsgPreVote request to 4 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:55.759 UTC [orderer.consensus.etcdraft] campaign -> INFO 042 1 [logterm: 1, index: 5] sent MsgPreVote request to 5 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:11:56.829 UTC [core.comm] ServerHandshake -> ERRO 043 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.2:54158
2020-03-11 19:11:57.314 UTC [core.comm] ServerHandshake -> ERRO 044 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.4:33314
2020-03-11 19:12:01.805 UTC [core.comm] ServerHandshake -> ERRO 045 TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=172.22.0.5:57392
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] Step -> INFO 046 1 is starting a new election at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 047 1 became pre-candidate at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] poll -> INFO 048 1 received MsgPreVoteResp from 1 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 049 1 [logterm: 1, index: 5] sent MsgPreVote request to 3 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 04a 1 [logterm: 1, index: 5] sent MsgPreVote request to 4 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 04b 1 [logterm: 1, index: 5] sent MsgPreVote request to 5 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.758 UTC [orderer.consensus.etcdraft] campaign -> INFO 04c 1 [logterm: 1, index: 5] sent MsgPreVote request to 2 at term 1 channel=byfn-sys-channel node=1
2020-03-11 19:12:03.759 UTC [orderer.consensus.etcdraft] logSendFailure -> ERRO 04d Failed to send StepRequest to 5, because: aborted channel=byfn-sys-channel node=1
是的,我确实修剪了 Docker 的容器和卷。
1条答案
按热度按时间f87krz0w1#
所以这个问题以一种非常令人惊讶的方式得到了解决。看起来这个问题是与docker有关的。我经常运行
docker container prune
和docker volume prune
,但是运行docker rmi -f $(docker images -q)
使一切都正常工作。我想它相当于docker images prunne
或类似的东西。我还没有尝试过。无论如何,在尝试之后,一切都正常工作,甚至在重新启动后继续工作。