多个订购者组织
multiple orderer organizations
我有两个组织要订购(类型= Raft)。其中一个有两个订购者,第二个有三个订购者,在 configtx.yaml 中有 Ordererorg1MSP 和 Ordererorg2MSP MSP。
我的 configtx.taml:
Organizations:
- &Ordererorg1
Name: Ordererorg1MSP
ID: Ordererorg1MSP
MSPDir: crypto-config/ordererOrganizations/org1.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg1MSP.admin')"
- &Orgorg1
Name: Orgorg1MSP
ID: Orgorg1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg1MSP.admin', 'Orgorg1MSP.peer', 'Orgorg1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Orgorg1MSP.admin', 'Orgorg1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Orgorg1MSP.admin')"
AnchorPeers:
- Host: peer1.org1.example.com
Port: 2050
- &Ordererorg2
Name: Ordererorg2MSP
ID: Ordererorg2MSP
MSPDir: crypto-config/ordererOrganizations/org2.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg2MSP.admin')"
- &Orgorg2
Name: Orgorg2MSP
ID: Orgorg2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg2MSP.admin', 'Orgorg2MSP.peer', 'Orgorg2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Orgorg2MSP.admin', 'Orgorg2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Orgorg2MSP.admin')"
AnchorPeers:
- Host: peer1.org2.example.com
Port: 2050
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
Addresses:
- peer1.org1.orderer.example.com:7050
- peer1.org2.orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
EtcdRaft:
Consenters:
- Host: peer1.org1.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
- Host: peer1.org2.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
Channel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Orgorg1
- *Orgorg2
Capabilities:
<<: *ApplicationCapabilities
OrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *Ordererorg1
- *Ordererorg2
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Ordererorg1
- <<: *Ordererorg2
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
当我想创建频道时,遇到错误并且 DEBUG 日志显示:
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7b9 0xc0007edbe0 gate 1588594370452563334 evaluation starts
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7ba 0xc0007edbe0 signed by 0 principal evaluation starts (used [false])
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7bb 0xc0007edbe0 principal evaluation fails
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7bc 0xc0007edbe0 gate 1588594370452563334 evaluation fails
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7bd Signature set did not satisfy policy /Channel/Orderer/Ordererorg2MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7be == Done Evaluating *cauthdsl.policy Policy /Channel/Orderer/Ordererorg2MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7bf == Evaluating *cauthdsl.policy Policy /Channel/Orderer/Ordererorg1MSP/Readers ==
2020-05-04 12:12:50.452 UTC [cauthdsl] deduplicate -> ERRO 7c0 Principal deserialization failure (MSP OrdererMSP is unknown) for identity 0
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7c1 0xc0007fe250 gate 1588594370452661614 evaluation starts
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7c2 0xc0007fe250 signed by 0 principal evaluation starts (used [false])
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7c3 0xc0007fe250 principal evaluation fails
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7c4 0xc0007fe250 gate 1588594370452661614 evaluation fails
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c5 Signature set did not satisfy policy /Channel/Orderer/Ordererorg1MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c6 == Done Evaluating *cauthdsl.policy Policy /Channel/Orderer/Ordererorg1MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] func1 -> DEBU 7c7 Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Ordererorg1MSP/Readers Ordererorg2MSP/Readers ]
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c8 Signature set did not satisfy policy /Channel/Orderer/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c9 == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Orderer/Readers
2020-05-04 12:12:50.452 UTC [policies] func1 -> DEBU 7ca Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Application/Readers Consortiums/Readers Orderer/Readers ]
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7cb Signature set did not satisfy policy /Channel/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7cc == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Readers
2020-05-04 12:12:50.452 UTC [orderer.common.msgprocessor] Apply -> DEBU 7cd SigFilter evaluation failed: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied, policyName: /Channel/Readers, ConsensusState: STATE_NORMAL
2020-05-04 12:12:50.452 UTC [common.deliver] deliverBlocks -> WARN 7ce [channel: greenwebgenesis] Client authorization revoked for deliver request from 10.0.1.36:33346: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied: permission denied
我猜在每个fabric网络中,我们在OrdererMSP的MSP下只能有一个排序组织。正确吗?
有人可以帮我解决这个问题吗?
错误:您已从联盟中删除订购者组织
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
错误更正:
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
- *Ordererorg1
- *Ordererorg2
如果您期望提及 peer 和 client,那么我已经更正了政策,那么颁发的证书类型也应该是 peer 和 clint,所以让它成为成员,您就可以开始了。
请找出更正后的 configtx.yaml
Organizations:
- &Ordererorg1
Name: Ordererorg1MSP
ID: Ordererorg1MSP
MSPDir: crypto-config/ordererOrganizations/org1.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg1MSP.admin')"
- &Orgorg1
Name: Orgorg1MSP
ID: Orgorg1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg1MSP.member'"
Writers:
Type: Signature
Rule: "OR('Orgorg1MSP.member'"
Admins:
Type: Signature
Rule: "OR('Orgorg1MSP.admin')"
AnchorPeers:
- Host: peer1.org1.example.com
Port: 2050
- &Ordererorg2
Name: Ordererorg2MSP
ID: Ordererorg2MSP
MSPDir: crypto-config/ordererOrganizations/org2.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg2MSP.admin')"
- &Orgorg2
Name: Orgorg2MSP
ID: Orgorg2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg2MSP.member'"
Writers:
Type: Signature
Rule: "OR('Orgorg2MSP.member'"
Admins:
Type: Signature
Rule: "OR('Orgorg2MSP.admin')"
AnchorPeers:
- Host: peer1.org2.example.com
Port: 2050
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
Addresses:
- peer1.org1.orderer.example.com:7050
- peer1.org2.orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
EtcdRaft:
Consenters:
- Host: peer1.org1.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
- Host: peer1.org2.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
Channel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Orgorg1
- *Orgorg2
Capabilities:
<<: *ApplicationCapabilities
OrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *Ordererorg1
- *Ordererorg2
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Ordererorg1
- <<: *Ordererorg2
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
- *Ordererorg1
- *Ordererorg2
我写了本书:如果你了解更多关于掌握 Hyperledger fabric 的知识,你可以从这里获得:
- https://leanpub.com/masteringhyperledgerfabric
- https://amzn.to/2Yyl1aS
在日志中您得到 Principal deserialization failure (MSP OrdererMSP is unknown) 但在 configtx.yaml 文件中,您没有使用 OrdererMSP 因此检查 docker 中 ORDERER_GENERAL_LOCALMSPID 的值] 文件。
我有两个组织要订购(类型= Raft)。其中一个有两个订购者,第二个有三个订购者,在 configtx.yaml 中有 Ordererorg1MSP 和 Ordererorg2MSP MSP。
我的 configtx.taml:
Organizations:
- &Ordererorg1
Name: Ordererorg1MSP
ID: Ordererorg1MSP
MSPDir: crypto-config/ordererOrganizations/org1.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg1MSP.admin')"
- &Orgorg1
Name: Orgorg1MSP
ID: Orgorg1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg1MSP.admin', 'Orgorg1MSP.peer', 'Orgorg1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Orgorg1MSP.admin', 'Orgorg1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Orgorg1MSP.admin')"
AnchorPeers:
- Host: peer1.org1.example.com
Port: 2050
- &Ordererorg2
Name: Ordererorg2MSP
ID: Ordererorg2MSP
MSPDir: crypto-config/ordererOrganizations/org2.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg2MSP.admin')"
- &Orgorg2
Name: Orgorg2MSP
ID: Orgorg2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg2MSP.admin', 'Orgorg2MSP.peer', 'Orgorg2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Orgorg2MSP.admin', 'Orgorg2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Orgorg2MSP.admin')"
AnchorPeers:
- Host: peer1.org2.example.com
Port: 2050
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
Addresses:
- peer1.org1.orderer.example.com:7050
- peer1.org2.orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
EtcdRaft:
Consenters:
- Host: peer1.org1.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
- Host: peer1.org2.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
Channel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Orgorg1
- *Orgorg2
Capabilities:
<<: *ApplicationCapabilities
OrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *Ordererorg1
- *Ordererorg2
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Ordererorg1
- <<: *Ordererorg2
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
当我想创建频道时,遇到错误并且 DEBUG 日志显示:
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7b9 0xc0007edbe0 gate 1588594370452563334 evaluation starts
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7ba 0xc0007edbe0 signed by 0 principal evaluation starts (used [false])
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7bb 0xc0007edbe0 principal evaluation fails
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7bc 0xc0007edbe0 gate 1588594370452563334 evaluation fails
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7bd Signature set did not satisfy policy /Channel/Orderer/Ordererorg2MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7be == Done Evaluating *cauthdsl.policy Policy /Channel/Orderer/Ordererorg2MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7bf == Evaluating *cauthdsl.policy Policy /Channel/Orderer/Ordererorg1MSP/Readers ==
2020-05-04 12:12:50.452 UTC [cauthdsl] deduplicate -> ERRO 7c0 Principal deserialization failure (MSP OrdererMSP is unknown) for identity 0
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7c1 0xc0007fe250 gate 1588594370452661614 evaluation starts
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7c2 0xc0007fe250 signed by 0 principal evaluation starts (used [false])
2020-05-04 12:12:50.452 UTC [cauthdsl] func2 -> DEBU 7c3 0xc0007fe250 principal evaluation fails
2020-05-04 12:12:50.452 UTC [cauthdsl] func1 -> DEBU 7c4 0xc0007fe250 gate 1588594370452661614 evaluation fails
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c5 Signature set did not satisfy policy /Channel/Orderer/Ordererorg1MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c6 == Done Evaluating *cauthdsl.policy Policy /Channel/Orderer/Ordererorg1MSP/Readers
2020-05-04 12:12:50.452 UTC [policies] func1 -> DEBU 7c7 Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Ordererorg1MSP/Readers Ordererorg2MSP/Readers ]
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c8 Signature set did not satisfy policy /Channel/Orderer/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7c9 == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Orderer/Readers
2020-05-04 12:12:50.452 UTC [policies] func1 -> DEBU 7ca Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ Application/Readers Consortiums/Readers Orderer/Readers ]
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7cb Signature set did not satisfy policy /Channel/Readers
2020-05-04 12:12:50.452 UTC [policies] Evaluate -> DEBU 7cc == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Readers
2020-05-04 12:12:50.452 UTC [orderer.common.msgprocessor] Apply -> DEBU 7cd SigFilter evaluation failed: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied, policyName: /Channel/Readers, ConsensusState: STATE_NORMAL
2020-05-04 12:12:50.452 UTC [common.deliver] deliverBlocks -> WARN 7ce [channel: greenwebgenesis] Client authorization revoked for deliver request from 10.0.1.36:33346: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Readers' sub-policies to be satisfied: permission denied
我猜在每个fabric网络中,我们在OrdererMSP的MSP下只能有一个排序组织。正确吗?
有人可以帮我解决这个问题吗?
错误:您已从联盟中删除订购者组织
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
错误更正:
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
- *Ordererorg1
- *Ordererorg2
如果您期望提及 peer 和 client,那么我已经更正了政策,那么颁发的证书类型也应该是 peer 和 clint,所以让它成为成员,您就可以开始了。
请找出更正后的 configtx.yaml
Organizations:
- &Ordererorg1
Name: Ordererorg1MSP
ID: Ordererorg1MSP
MSPDir: crypto-config/ordererOrganizations/org1.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg1MSP.admin')"
- &Orgorg1
Name: Orgorg1MSP
ID: Orgorg1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg1MSP.member'"
Writers:
Type: Signature
Rule: "OR('Orgorg1MSP.member'"
Admins:
Type: Signature
Rule: "OR('Orgorg1MSP.admin')"
AnchorPeers:
- Host: peer1.org1.example.com
Port: 2050
- &Ordererorg2
Name: Ordererorg2MSP
ID: Ordererorg2MSP
MSPDir: crypto-config/ordererOrganizations/org2.orderer.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Writers:
Type: Signature
Rule: "OR('Ordererorg2MSP.member')"
Admins:
Type: Signature
Rule: "OR('Ordererorg2MSP.admin')"
- &Orgorg2
Name: Orgorg2MSP
ID: Orgorg2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Orgorg2MSP.member'"
Writers:
Type: Signature
Rule: "OR('Orgorg2MSP.member'"
Admins:
Type: Signature
Rule: "OR('Orgorg2MSP.admin')"
AnchorPeers:
- Host: peer1.org2.example.com
Port: 2050
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application: &ApplicationDefaults
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Orderer: &OrdererDefaults
OrdererType: etcdraft
Addresses:
- peer1.org1.orderer.example.com:7050
- peer1.org2.orderer.example.com:7050
BatchTimeout: 2s
BatchSize:
MaxMessageCount: 10
AbsoluteMaxBytes: 99 MB
PreferredMaxBytes: 512 KB
EtcdRaft:
Consenters:
- Host: peer1.org1.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org1.orderer.example.com/orderers/peer1.org1.orderer.example.com/tls/server.crt
- Host: peer1.org2.orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/org2.orderer.example.com/orderers/peer1.org2.orderer.example.com/tls/server.crt
Organizations:
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
Channel: &ChannelDefaults
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Profiles:
Channel:
Consortium: SampleConsortium
<<: *ChannelDefaults
Application:
<<: *ApplicationDefaults
Organizations:
- *Orgorg1
- *Orgorg2
Capabilities:
<<: *ApplicationCapabilities
OrdererGenesis:
<<: *ChannelDefaults
Orderer:
<<: *OrdererDefaults
Organizations:
- *Ordererorg1
- *Ordererorg2
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *Ordererorg1
- <<: *Ordererorg2
Consortiums:
SampleConsortium:
Organizations:
- *Orgorg1
- *Orgorg2
- *Ordererorg1
- *Ordererorg2
我写了本书:如果你了解更多关于掌握 Hyperledger fabric 的知识,你可以从这里获得: - https://leanpub.com/masteringhyperledgerfabric - https://amzn.to/2Yyl1aS
在日志中您得到 Principal deserialization failure (MSP OrdererMSP is unknown) 但在 configtx.yaml 文件中,您没有使用 OrdererMSP 因此检查 docker 中 ORDERER_GENERAL_LOCALMSPID 的值] 文件。