#hyperledger-fabric
#hyperledger-fabric
Вопрос:
Я запускаю сеть fabric на основе моментального снимка 2.0, заказчик отклоняет блоки с запрещенной ошибкой.
Есть идеи, что не так в конфигурации?
Organizations:
- amp;orderer
Name: orderer
ID: orderer
MSPDir: crypto-config/ordererOrganizations/example.com/msp
Policies:
Readers:
Type: Signature
Rule: OR('orderer.member')
Writers:
Type: Signature
Rule: OR('orderer.member')
Admins:
Type: Signature
Rule: OR('orderer.admin')
- amp;partya
Name: partya
ID: partya
MSPDir: crypto-config/peerOrganizations/partya.example.com/msp
Policies:
Readers:
Type: Signature
Rule: OR('partya.admin', 'partya.peer', 'partya.client')
Writers:
Type: Signature
Rule: OR('partya.admin', 'partya.client')
Admins:
Type: Signature
Rule: OR('partya.admin')
AnchorPeers:
- Host: partya
Port: 7051
- amp;partyb
Name: partyb
ID: partyb
MSPDir: crypto-config/peerOrganizations/partyb.example.com/msp
Policies:
Readers:
Type: Signature
Rule: OR('partyb.admin', 'partyb.peer', 'partyb.client')
Writers:
Type: Signature
Rule: OR('partyb.admin', 'partyb.client')
Admins:
Type: Signature
Rule: OR('partyb.admin')
AnchorPeers:
- Host: partyb
Port: 7051
- amp;partyc
Name: partyc
ID: partyc
MSPDir: crypto-config/peerOrganizations/partyc.example.com/msp
Policies:
Readers:
Type: Signature
Rule: OR('partyc.admin', 'partyc.peer', 'partyc.client')
Writers:
Type: Signature
Rule: OR('partyc.admin', 'partyc.client')
Admins:
Type: Signature
Rule: OR('partyc.admin')
AnchorPeers:
- Host: partyc
Port: 7051
Capabilities:
Channel: amp;ChannelCapabilities
V2_0: true
Orderer: amp;OrdererCapabilities
V1_1: true
Channel: amp;ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: ANY Readers
Writers:
Type: ImplicitMeta
Rule: ANY Writers
Admins:
Type: ImplicitMeta
Rule: MAJORITY Admins
Orderer: amp;OrdererDefaults
OrdererType: solo
Capabilities:
V1_1: true
Addresses:
- owneraorderer:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
Policies:
Readers:
Type: ImplicitMeta
Rule: ANY Readers
Writers:
Type: ImplicitMeta
Rule: ANY Writers
Admins:
Type: ImplicitMeta
Rule: MAJORITY Admins
BlockValidation:
Type: ImplicitMeta
Rule: ANY Writers
Organizations:
Application: amp;ApplicationDefaults
Capabilities:
V2_0: true
Policies:
Readers:
Type: ImplicitMeta
Rule: ANY Readers
Writers:
Type: ImplicitMeta
Rule: ANY Writers
Admins:
Type: ImplicitMeta
Rule: MAJORITY Admins
Organizations:
Profiles:
OwneraNetGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *orderer
Capabilities:
<<: *OrdererCapabilities
Consortiums:
SampleConsortium:
Organizations:
- *partya
- *partyb
- *partyc
OwneraChannel:
<<: *ChannelDefaults
Consortium: SampleConsortium
Application:
<<: *ApplicationDefaults
Organizations:
- *partya
- *partyb
- *partyc
При запуске сети я получаю следующую ошибку:
owneraorderer | 2019-04-03 08:18:51.595 UTC [common.deliver] deliverBlocks -> WARN 10242 [channel: identities] Client authorization revoked for deliver request from 172.18.0.2:46308: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied: permission denied
partyc | 2019-04-03 08:18:51.597 UTC [blocksProvider] DeliverBlocks -> ERRO 2a1 [identities] Got error amp;{FORBIDDEN}
Комментарии:
1. Привет, @ Yuval, ты решил это?
Ответ №1:
для меня это было решено путем создания файлов config.yaml, подобных примеру:
./crypto-config/peerOrganizations/org1.example.com/msp/config.yaml ./crypto-config/peerOrganizations/org1.example.com/peer1.org1.example.com/msp/config.yaml ./crypto-config/peerOrganizations/org1.example.com/peer0.org1.example.com/msp/config.yaml/crypto-config.org1.example.com/msp/config. peerOrganizations/org2.example.com/msp/config.yaml ./криптоконфигурация/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp/config.yaml ./криптоконфигурация/peerOrganizations/org2.example.com/peer1.org2.example.com/msp/config.yaml