阿里云ubuntu16.04运行Fabric1.2 e2e_cli
参加阿里云天池区块链比赛,在kubernetes运行fabric,但是总是遇到读不到块的问题,后打算,直接在阿里云服务器上先启动fabric网络,example中first network成功启动,但是运行e2e_cli时,遇到了一大堆坑
不得不说,现在kubernetes和fabric都在快速变化,总是有各种问题,需要踩坑解决
愿,坑越来越少
Q1:阿里云CES服务器 WARNING: Connection pool is full, discarding connection: localhost
- A:这是在阿里云CES服务器上遇到的,不影响运行结果,尚不清楚原因
Q2:阿里云CES上运行e2e_cli,Ordering Service is not available
A:
- 对docker-compose file中orderer的文件挂在配置加上引号
- 注释阿里云服务器上/etc/resconv.conf中的option选项
- 对于所有的fabric容器,加上GODEBUG=netdns=go环境变量
ref:
Q3:org3查询出现Error: error endorsing query: rpc error
- A: fabric1.2 bug,在e2e_cli/configtx.yaml org3配置下,添加’Org3MSP.member’
- ref:
Q4:CRIT 06c Error creating configtx, Unexpected key Capabilities
orderer.example.com | 2018-09-11 12:25:00.079 UTC [orderer/multichain] newLedgerResources -> CRIT 06c Error creating configtx manager and handlers: Error deserializing key Capabilities for group /Channel: Unexpected key Capabilities orderer.example.com | panic: Error creating configtx manager and handlers: Error deserializing key Capabilities for group /Channel: Unexpected key Capabilities orderer.example.com | orderer.example.com | goroutine 1 [running]: orderer.example.com | panic(0xb31bc0, 0xc42000db00)
- A: 之前因为Orderer服务失败的问题,重新拉取1.0.0版本的镜像,但是代码还是1.2,将镜像换回1.2,按Q2、Q3即可成功启动fabric1.2网络
以下是在阿里云CES ubuntu16.04上运行fabric1.2 e2e_cli网络遇到的各种问题及解决办法,最终all good
Q.1:Ordering Service is not available
Error: failed to create deliver client: orderer client failed to connect to orderer.example.com:7050: failed to create new connection: context deadline exceeded !!!!!!!!!!!!!!! Ordering Service is not available, Please try again ... !!!!!!!!!!!!!!!!
查询运行的容器发现没有orderer容器,但orderer单独拿出来作为orderer-test.yaml,查找问题
- orderer-test.yaml
#orderer-test.yaml version: '2' services: orderer.example.com: extends: file: base/docker-compose-base.yaml service: orderer.example.com container_name: orderer.example.com
- 运行orderer,查看日志
root@liu:~/work/go/src/github.com/hyperledger/fabric/examples/e2e_cli# docker-compose -f order-test.yaml up ... orderer.example.com | 2018-09-11 13:14:07.238 UTC [orderer/common/server] initializeLocalMsp -> CRIT 008 Failed to initialize local MSP: could not load a valid signer certificate from directory /var/hyperledger/orderer/msp/signcerts: stat /var/hyperledger/orderer/msp/signcerts: no such file or directory orderer.example.com exited with code 1
Q.2:发现是因为genesis.block文件没有挂载上,查资料,解决方案是挂载目录加上引号
root@liu:~/work/go/src/github.com/hyperledger/fabric/examples/e2e_cli# vi base/docker-compose-base.yaml ... volumes: - "../channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block" - ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/msp:/var/hyperledger/orderer/msp - ../crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/:/var/hyperledger/orderer/tls
Q.3:再次运行orderer,查看日志,找不到签名证书的问题解决,但是出现了段信号错误,表现在runtime.cgocall
orderer.example.com | [signal SIGSEGV: segmentation violation code=0x1 addr=0x63 pc=0x7fa35c480259] orderer.example.com | orderer.example.com | runtime stack: orderer.example.com | runtime.throw(0xd89f2e, 0x2a) orderer.example.com | /opt/go/src/runtime/panic.go:619 +0x81 orderer.example.com | runtime.sigpanic() orderer.example.com | /opt/go/src/runtime/signal_unix.go:372 +0x28e orderer.example.com | orderer.example.com | goroutine 56 [syscall]: orderer.example.com | runtime.cgocall(0xa9bf80, 0xc4202715f8, 0x29) orderer.example.com | /opt/go/src/runtime/cgocall.go:128 +0x64 fp=0xc4202715b8 sp=0xc420271580 pc=0x402124 orderer.example.com | net._C2func_getaddrinfo(0xc420177d30, 0x0, 0xc4200a74d0, 0xc42000e040, 0x0, 0x0, 0x0) orderer.example.com
再次查找资料,发现这是因为阿里云新服务器域名解析配置/etc/resonv.conf多了一项,解决办法就是注释掉option这一项
#之前在配置coredns时遇到过这个文件,并注意到多了一项,没想到这竟是服务失败的一个原因 root@liu:~/work/go/src/github.com/hyperledger/fabric/examples/e2e_cli# vi /etc/resolv.conf ... nameserver 100.100.2.138 nameserver 100.100.2.136 #options timeout:2 attempts:3 rotate single-request-reopen
- 详细原因及解决办法参考:阿里云环境部署Hyperledger Fabric之SIGSEGV问题分析和解决经验分享
- 这样,在运行orderer,正常运行,并尝试链接kafka
Q.4:启动e2e_cli网络,orderer服务正常,但是又出现连接不上域名的问题,即出现了与行解析问题
ction error: desc = "transport: Error while dialing dial tcp: lookup peer0.org1.example.com on 127.0.0.11:53: no such host". Reconnecting... 2018-09-11 13:42:39.574 UTC [grpc] Printf -> DEBU 043 pickfirstBalancer: HandleSubConnStateChange: 0xc4205f9710, TRANSIENT_FAILURE Error: error getting endorser client for install: endorser client failed to connect to peer0.org1.example.com:7051: failed to create new connection: context deadline exceeded !!!!!!!!!!!!!!! Chaincode installation on peer peer0.org1 has Failed !!!!!!!!!!!!!!!! ================== ERROR !!! FAILED to execute End-2-End Scenario ==================
- 根据之前查找的资料,orderer异常是因为pure Go resolver解析方案不支持/etc/resconv.conf的option项,使fabric启动了cgo resolver解析方案,因cgo问题引起了段异常
但是注释掉该项,出现了 no such host问题,根据资料对所有的fabric(cli、ca、orderer、peer)容器环境变量加上 GODEBUG=netdns=go,强制使用pure go resolver解析dns
root@liu:~/work/go/src/github.com/hyperledger/fabric/examples/e2e_cli# vi base/docker-compose-base.yaml ... orderer.example.com: container_name: orderer.example.com image: hyperledger/fabric-orderer environment: - GODEBUG=netdns=go ... peer0.org1.example.com: container_name: peer0.org1.example.com extends: file: peer-base.yaml service: peer-base environment: - GODEBUG=netdns=go ... peer1.org1.example.com: container_name: peer1.org1.example.com extends: file: peer-base.yaml service: peer-base environment: - GODEBUG=netdns=go ... peer0.org2.example.com: container_name: peer0.org2.example.com extends: file: peer-base.yaml service: peer-base environment: - GODEBUG=netdns=go ... peer1.org2.example.com: container_name: peer1.org2.example.com extends: file: peer-base.yaml service: peer-base environment: - GODEBUG=netdns=go root@liu:~/work/go/src/github.com/hyperledger/fabric/examples/e2e_cli# vi docker-compose-cli.yaml ... cli: container_name: cli image: hyperledger/fabric-tools tty: true environment: - GODEBUG=netdns=go - GOPATH=/opt/gopath root@liu:~/work/go/src/github.com/hyperledger/fabric/examples/e2e_cli# vi docker-compose-e2e-template.yaml ... ca0: image: hyperledger/fabric-ca environment: - GODEBUG=netdns=go ... ca1: image: hyperledger/fabric-ca environment: - GODEBUG=netdns=go
启动网络./network_setup.sh up
2018-09-11 14:05:14.773 UTC [bccsp] GetDefault -> WARN 02d Before using BCCSP, please call InitFactories(). Falling back to bootBCCSP. 2018-09-11 14:05:14.773 UTC [msp] Sign -> DEBU 02e Idemix identity &{Org3MSP x: "\312\273\272\344u\344\270\3767\000\323\341H\016&\004\317Xj}\343\376rh\332X)qZ\335r\177" y: "\r\223SG\233\373\246\316\260\272\223\305\237\252\365\367\353T\244\323.\r3\353\373\177}\275S%\003\037" } is signing Error: error endorsing query: rpc error: code = Unknown desc = Failed evaluating policy on signed data during check policy on channel [mychannel] with policy [/Channel/Application/Writers]: [Failed to reach implicit threshold of 1 sub-policies, required 1 remaining] - proposal response: <nil> ===================== Query successful on peer1.org3 on channel 'mychannel' ===================== ===================== All GOOD, End-2-End execution completed ===================== _____ _ _ ____ _____ ____ _____ | ____| | \ | | | _ \ | ____| |___ \ | ____| | _| | | | | | | | _____ | _| __) | | _| | |___ | |\ | | |_| | |_____| | |___ / __/ | |___ |_____| |_| \_| |____/ |_____| |_____| |_____|
Q.5:网络启动了,但是出现了Error: error endorsing query: rpc error
Error: error endorsing query: rpc error: code = Unknown desc = Failed evaluating policy on signed data during check policy on channel [mychannel] with policy [/Channel/Application/Writers]: [Failed to reach implicit threshold of 1 sub-policies, required 1 remaining] - proposal response: <nil> ===================== Query successful on peer1.org3 on channel 'mychannel' =====================
这是fabric1.2的bug,新版本已经fix,解决办法是修改configtx.yaml,为org3添加成员信息签名信息
Org3MSP.member
- &Org3 # Name of the organization Name: Org3MSP # ID to load the MSP definition as ID: Org3MSP # Type of MSP - this org uses idemix for its MSP implementation MSPType: idemix MSPDir: crypto-config/idemix/idemix-config # Policies defines the set of policies at this level of the config tree # For organization policies, their canonical path is usually # /Channel/<Application|Orderer>/<OrgName>/<PolicyName> Policies: Readers: Type: Signature Rule: "OR('Org3MSP.admin', 'Org3MSP.peer', 'Org3MSP.client','Org3MSP.member')" Writers: Type: Signature Rule: "OR('Org3MSP.admin', 'Org3MSP.client','Org3MSP.member')" Admins: Type: Signature Rule: "OR('Org3MSP.admin')"
再次启动网络,查询正确
2018-09-11 12:51:09.444 UTC [msp] Sign -> DEBU 02e Idemix identity &{Org3MSP x: "\304]\266ds\225u\003\r\337\306\312\335Q\230\025\232C-\337\3123\021t\262\275\263\323Hx\206\004" y: "\\\023\3004\033;\314\340\216s\350\307C\257\204\317[\226Ls\013\365\335'\211\322P\221\300\361\336\224" } is signing 90 ===================== Query successful on peer1.org3 on channel 'mychannel' =====================
Ref