时间戳

首页 > 解决方案 > 对等通道创建 - 仅评估失败 0 个策略得到满足 Hyperledger Fabric

hyperledger-fabric - 对等通道创建 - 仅评估失败 0 个策略得到满足 Hyperledger Fabric

问题描述

我正在运行 Hyperledger Fabric v1.2。我有一个 orderer、ca、kafka 和 peers 在不同的服务器上运行。生成证书并将其放置在服务器上各自的位置,然后我生成创世块和通道 tx 文件,然后启动排序节点和对等节点。

但是,当我使用以下命令创建通道时,我会在 orderer 日志的底部收到以下消息。 

./peer channel create -o orderer1.example.com:7050 -c mychannel -f /etc/hyperledger/fabric/channels/mychannel.tx

到目前为止,一切似乎都很好并且工作正常。

2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a5 0xc42000e740 identity 0 does not satisfy principal: the identity is a member of a different MSP (expected SampleOrg, got SampleOrgMSP)
2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a6 0xc42000e740 principal evaluation fails
2018-08-21 19:25:30.957 UTC [cauthdsl] func1 -> DEBU 1a7 0xc42000e740 gate 1534879530956937482 evaluation fails
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a8 Signature set did not satisfy policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a9 == Done Evaluating *cauthdsl.policy Policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] func1 -> DEBU 1aa Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ SampleOrg.Admins ]
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ab Signature set did not satisfy policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ac == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [orderer/common/broadcast] Handle -> WARN 1ad [channel: mychannel] Rejecting broadcast of config message from xxx.xxx.xxx.xxx:1234 because of error: error authorizing update: error validating DeltaSet: policy for [Group]  /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
2018-08-21 19:25:30.957 UTC [orderer/common/server] func1 -> DEBU 1ae Closing Broadcast stream
2018-08-21 19:25:30.959 UTC [grpc] Printf -> DEBU 1af transport: http2Server.HandleStreams failed to read frame: read tcp xxx.xxx.xxx.xxx:7050->xxx.xxx.xxx.xxx:1234: read: connection reset by peer
2018-08-21 19:25:30.959 UTC [common/deliver] Handle -> WARN 1b0 Error reading from xxx.xxx.xxx.xxx:1234: rpc error: code = Canceled desc = context canceled
2018-08-21 19:25:30.959 UTC [orderer/common/server] func1 -> DEBU 1b1 Closing Deliver stream

我认为这是在订购者的 configtx 文件中声明策略的方式,但我不确定。

configtx.yaml 中的部分

Organizations:
    - &SampleOrdererOrg
        Name: SampleOrdererOrg
        ID: SampleOrdererMSP
        MSPDir: /etc/hyperledger/orderer1/msp
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.admin')"


    - &SampleOrg
        Name: SampleOrg
        ID: SampleOrgMSP
        MSPDir: /etc/hyperledger/org/msp/
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrg.admin')"
        AnchorPeers:
            - Host: peer1.example.com
              Port: 7051
            - Host: peer2.example.com
              Port: 7051
            - Host: peer3.example.com
              Port: 7051



Profiles:
    SampleKafkaDev:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            OrdererType: kafka
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Consortiums:
            SampleConsortium:
                Organizations:
                    - <<: *SampleOrg
                      Policies:
                          <<: *SampleOrgPolicies
                          Admins:
                              Type: Signature
                              Rule: "OR('SampleOrg.member')"

    MyChannel:
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *SampleOrg

标签: hyperledger-fabrichyperledger

解决方案

据我记得,策略配置中的规则预计ID将提供,在您的示例name中使用。

只需尝试通过以下方式更新配置中的所有规则:

Policies:
   <<: *SampleOrgPolicies
   Admins:
       Type: Signature
       Rule: "OR('SampleOrgMSP.member')"

(使用SampleOrgMSP代替SampleOrgSampleOrdererMSP代替SampleOrdererOrg等)

更新

第2步:

“peer”从“core.yaml”加载配置,通常这个文件位于“/etc/hyperledger/fabric/”。在此文件中尝试查找属性“localMspId:SampleOrg”并将 SampleOrg 替换为您的 Orderer MSP Id

第 3 步:

频道只能创建一次。为了验证通道是否存在,我们可以尝试从对等点之一加入它:

  • 验证环境变量 CORE_PEER_ADDRESS 是否配置正确, export CORE_PEER_ADDRESS=peer0.org1.example.com:7051
  • peer channel join -b /opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block
  • 现在您可以检查对等点是否具有有关通道的信息peer channel getinfo -c mychannel

推荐阅读