0

TL;DR What is the correct method for creating a channel in HF? I've tried 4 different approaches, each ending in failure.

Troubleshooting of errors is welcome in the comments, but in this post, what I'd like to ask is what is the correct approach/method/setup to create a channel in Hyperledger Fabric?

Edit Note My original post was asking multiple questions. I've updated this post to focus on the first question and put my second question focusing on troubleshooting a specific approach here.

Approach => Result

  1. Run channel create on host (no local core.yaml) => core config not found
  2. Run channel create in Docker container => no fabric binaries (could not execute)
  3. Run channel create on host (with local core.yaml) => failed to connect to orderer
  4. Run channel create on host (with linked core.yaml) => failed to start container

Background: I'm building a customized HF network (using the Test Network as a reference). I've setup the CAs, generated the MSPs, started the nodes (1 Peer, 1 Orderer), generated the Orderer genesis block (and then restarted the Orderer node).

I'm using Docker swarm, but so far, I'm only focusing on the first host (which is running the above 4 containers: 2 nodes and respective CAs).

Here's more detail on each approach I've tried:

1. Run channel create from host with no local core.yaml file.
After packaging a channel Tx, I try to create a channel using the following command:

peer channel create -o $host:1050 -c $CHANNEL_NAME --ordererTLSHostnameOverride $ORG -f ./channel-artifacts/${CHANNEL_NAME}.tx --outputBlock ./channel-artifacts/${CHANNEL_NAME}.block --tls --cafile $ORDERER_CA

I get the following error:

020-09-15 16:37:06.186 MST [main] InitCmd -> ERRO 001 Fatal error when initializing core config : Could not find config file. Please make sure that FABRIC_CFG_PATH is set to a path which contains core.yaml

The FABRIC_CFG_PATH is set (by default) to /etc/hyperledger/fabric inside the Peer Docker container (and that path contains an auto-generated core.yaml file), however, I'm guessing that since the channel create command is run on the host, not the docker container, this is why the core config is not found? (However, according to this post, I shouldn't need a local core.yaml file?)

2. Try running channel create commands from inside Docker container (with existing, auto-generated core.yaml file).
I exec'd into the Peer Docker container and ran my create Channel Tx and Create Channel commands directly from the docker container. However, this fails because the docker container does not have the fabric binaries loaded. (I tried doing a read-only bind mount of my fabric-samples/bin to a directory in the docker container's /bin path, but ran into problems and didn't explore it further.)

3. Create local core.yaml file, set FABRIC_CFG_PATH=$PWD and run channel create commands locally.
Resulting error:

Error: failed to create deliver client for orderer: orderer client failed to connect to oem.scm.cloudns.asia:1050: failed to create new connection: context deadline exceeded

This seems to be because the host:port mapping only has significance inside the docker network, NOT on the host machine. (I can successfully ping the host:port and :port from inside my docker Peer container.)

Update: container log for the orderer shows this error:

2020-09-16 19:14:52.165 UTC [core.comm] ServerHandshake -> ERRO 53e TLS handshake failed with error remote error: tls: bad certificate server=Orderer remoteaddress=10.0.0.3:54110

For a similar problem, Gari Singh said that the TLS server certificate SANS was missing the correct address. I tried adding 10.0.0.3 to my docker-compose file for the CA and restarting, but still got the same error.

4. Same as #3, execept time bind mount the local directory containing core.yaml to the Peer Docker container, and try to start channel from host.
When I tried this approach, I ran into problems because the msp path in the core.yaml file either points to the path on my host, or the corresponding docker container internal msp path. If I point to the Docker internal msp path, then the Channel start command fails (since the command is run from the host). If I point to the Host msp path, the Peer Docker container fails to start because it can't find the path from inside the container.

Based on everything I've tried, I want to know what is the "correct" approach/method/setup for creating a channel in Hyperledger Fabric?

jabberwocky
  • 115
  • 1
  • 11

2 Answers2

0

Did you try executing first of all the starting of the network following the guide you mentioned above?

I think that the error is related to a change on the configuration and execution of the steps for starting up a network. Did you created the genesis-block correctly (line 85 of you docker-compose file? Did you verify the logs? The error seems to be related to a missconfiguration of the FABRIC_CFG_PATH when you create the material for you network.

Urko
  • 1,479
  • 1
  • 14
  • 20
  • Hi Urko, thank you for your comment. The Test Network is very well automated, so I have no issues executing it. I constructed my network by building each piece individually (First starting the CAs, enrolling members, then starting nodes, building the genesis block, etc.) I have it working up until the Channel Creation Step. "Did you verify the logs" - Are you referring to something specific? Naturally, I'm referencing the logs to find errors (such as the ones I listed in my post). Regarding incorrect FABRIC_CFG_PATH, which approach (#1-4) are you referring to? – jabberwocky Sep 18 '20 at 11:37
  • I understand that you do not get the same issue with each approach, sure? Coud you share also your configtx.yaml file definition? – Urko Sep 18 '20 at 15:19
  • I think I need to edit my original post: I realized that I'm really asking two different questions 1) Which method is the correct way to create & join a channel and 2) How do I fix the specific errors to do it successfully. I'm going to try to edit this point to only ask Question #1 and then make a new, separate post for #2. (I'll post a link here to my second question (and post the configtx.yaml file there.) – jabberwocky Sep 18 '20 at 18:52
  • I just posted the second question focused on the current specific issue and troubleshooting here: https://stackoverflow.com/questions/63962180/how-to-correctly-setup-hyperledger-fabric-channel-policy-failure-to-satisfy-po – jabberwocky Sep 18 '20 at 20:07
0

I think the answer that I may have been looking for is to use the Fabric CLI (Docker Hyperledger/fabric-tools image).
This approach seems to solve all of the issues I was having with approaches #1-4:

  • The fabric-tools image gives access to fabric binaries
  • The internal paths referenced in the configtx.yaml and core.yaml files are accessible (since the CLI is mounted as a Docker container), and
  • the CLI can natively access the host:port of other nodes (since it is part of the same Docker network)

(Note: Now that I am using the CLI, I am getting a different error, although I believe it is related to my configtx Policy, not to the method of creating the channel.)

Since I've seen some setups that do not use the CLI, I assume that this is not the only correct answer. If anyone else has another solution, I am eager to learn more.

jabberwocky
  • 115
  • 1
  • 11