1

I exec into the docker container for the peer and try the CLI commands for peer chaincode and peer lifecycle but they fail. I understand this is a --cafile issue but I tried a few combinations and nothing worked. This is the fabcar example with 2.0, without any changes. Does anyone have any ideas about this?

Here is the example -

/opt/gopath/src/github.com/hyperledger/fabric/peer # peer lifecycle chaincode queryinstalled Error: query failed with status: 500 - Failed to authorize invocation due to failed ACL check: Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [The identity is not an admin under this MSP [Org2MSP]: The identity does not contain OU [ADMIN], MSP: [Org2MSP]]

/opt/gopath/src/github.com/hyperledger/fabric/peer # peer chaincode list --installed Error: bad response: 500 - access denied for [getinstalledchaincodes]: Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [The identity is not an admin under this MSP [Org2MSP]: The identity does not contain OU [ADMIN], MSP: [Org2MSP]]

And env -

CORE_PEER_GOSSIP_ORGLEADER=false HOSTNAME=6bc772022b6b CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD= CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:9051 SHLVL=1 HOME=/root CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:9052 CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdb1:5984 CORE_PEER_PROFILE_ENABLED=true CORE_PEER_ID=peer0.org2.example.com CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:9052 CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=net_test FABRIC_LOGGING_SPEC=INFO CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:9051 TERM=xterm CORE_PEER_GOSSIP_USELEADERELECTION=true FABRIC_CFG_PATH=/etc/hyperledger/fabric PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME= CORE_PEER_LOCALMSPID=Org2MSP CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock CORE_LEDGER_STATE_STATEDATABASE=CouchDB CORE_PEER_LISTENADDRESS=0.0.0.0:9051 PWD=/opt/gopath/src/github.com/hyperledger/fabric/peer CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt CORE_PEER_TLS_ENABLED=true CORE_PEER_ADDRESS=peer0.org2.example.com:9051 /opt/gopath/src/github.com/hyperledger/fabric/peer #

Trevor Lee Oakley
  • 272
  • 1
  • 4
  • 13

2 Answers2

0

Set the CORE_PEER_MSPCONFIGPATH path in your peer docker container to the admin's msp directory. The default path to admin's msp directory is /etc/hyperledger/msp/users/Admin@org1.example.com/msp.

Set the path using the below command if /etc/hyperledger/msp/users/Admin@org1.example.com/msp is the path of admin's msp directory.

export CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin@org1.example.com/msp

Kartik Chauhan
  • 2,779
  • 5
  • 28
  • 39
  • I solved finally using env vars and then commands outside of the docker containers, using localhost as the ports map to the containers. – Trevor Lee Oakley Aug 01 '20 at 07:39
  • Please add the environment variable in the comments so that it could help others who face this issue. If it's the same which I configured in my answer then consider it as the accepted answer. – Kartik Chauhan Aug 01 '20 at 07:56
  • Yes I can do that when I have this finalised. I have the original problem solved and now I have new issues related to committing. So my basic idea was to solve the problem entirely and then post a solution. – Trevor Lee Oakley Aug 01 '20 at 07:58
  • Sure, but post the solution for the problem in the current post. As it will maintain the brevity of the post. – Kartik Chauhan Aug 01 '20 at 08:00
  • The env vars are very complex for this, I can post the basics here when finalised. There is another post anyway about the commit. – Trevor Lee Oakley Aug 01 '20 at 08:04
  • Are these the flags that you added https://hyperledger-fabric.readthedocs.io/en/release-2.2/test_network.html#interacting-with-the-network? In case of "yes", add only the flags in your answer which resulted in resolving the issue and not the whole group. – Kartik Chauhan Aug 01 '20 at 08:09
  • No 2.0. It is all about setting environment variables. There is no value posting a solution which solves one problem and not others. – Trevor Lee Oakley Aug 01 '20 at 08:13
  • I saw this had a -1 vote anyway, so I guess no one wants the answer anyway. – Trevor Lee Oakley Aug 01 '20 at 17:50
0

The answer needs to use env vars to solve the problem. The question was voted negative so I will not post the answer details as no one needs them.

Trevor Lee Oakley
  • 272
  • 1
  • 4
  • 13