对等通道创建 - 评估失败，只有 0 个策略得到满足 Hyperledger Fabric

Question

我是运行 Hyperledger Fabric v1.2。我在不同的服务器上有一个 orderer、ca、kafka 和 peers 运行。生成证书并将其放置在服务器上各自的位置，然后生成创世块和通道 tx 文件，然后启动排序节点和节点。

但是，当我使用以下命令创建通道时，我在订购者日志的底部收到了以下消息。

./peer channel create -o orderer1.example.com:7050 -c mychannel -f /etc/hyperledger/fabric/channels/mychannel.tx

到目前为止，一切似乎都没有问题，工作正常。

2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a5 0xc42000e740 identity 0 does not satisfy principal: the identity is a member of a different MSP (expected SampleOrg, got SampleOrgMSP)
2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a6 0xc42000e740 principal evaluation fails
2018-08-21 19:25:30.957 UTC [cauthdsl] func1 -> DEBU 1a7 0xc42000e740 gate 1534879530956937482 evaluation fails
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a8 Signature set did not satisfy policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a9 == Done Evaluating *cauthdsl.policy Policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] func1 -> DEBU 1aa Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ SampleOrg.Admins ]
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ab Signature set did not satisfy policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ac == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [orderer/common/broadcast] Handle -> WARN 1ad [channel: mychannel] Rejecting broadcast of config message from xxx.xxx.xxx.xxx:1234 because of error: error authorizing update: error validating DeltaSet: policy for [Group]  /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
2018-08-21 19:25:30.957 UTC [orderer/common/server] func1 -> DEBU 1ae Closing Broadcast stream
2018-08-21 19:25:30.959 UTC [grpc] Printf -> DEBU 1af transport: http2Server.HandleStreams failed to read frame: read tcp xxx.xxx.xxx.xxx:7050->xxx.xxx.xxx.xxx:1234: read: connection reset by peer
2018-08-21 19:25:30.959 UTC [common/deliver] Handle -> WARN 1b0 Error reading from xxx.xxx.xxx.xxx:1234: rpc error: code = Canceled desc = context canceled
2018-08-21 19:25:30.959 UTC [orderer/common/server] func1 -> DEBU 1b1 Closing Deliver stream

我认为这是在订购者的 configtx 文件中声明策略的方式，但我不确定。

configtx.yaml 中的部分

Organizations:
    - &SampleOrdererOrg
        Name: SampleOrdererOrg
        ID: SampleOrdererMSP
        MSPDir: /etc/hyperledger/orderer1/msp
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.admin')"


    - &SampleOrg
        Name: SampleOrg
        ID: SampleOrgMSP
        MSPDir: /etc/hyperledger/org/msp/
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrg.admin')"
        AnchorPeers:
            - Host: peer1.example.com
              Port: 7051
            - Host: peer2.example.com
              Port: 7051
            - Host: peer3.example.com
              Port: 7051



Profiles:
    SampleKafkaDev:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            OrdererType: kafka
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Consortiums:
            SampleConsortium:
                Organizations:
                    - <<: *SampleOrg
                      Policies:
                          <<: *SampleOrgPolicies
                          Admins:
                              Type: Signature
                              Rule: "OR('SampleOrg.member')"

    MyChannel:
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *SampleOrg

Answer 1

据我所知，策略配置中的规则期望提供 ID，在您的示例中使用了 name。

只需尝试按以下方式更新配置中的所有规则：

Policies:
   <<: *SampleOrgPolicies
   Admins:
       Type: Signature
       Rule: "OR('SampleOrgMSP.member')"

（使用 SampleOrgMSP 代替 SampleOrg，SampleOrdererMSP 代替 SampleOrdererOrg，等等）

已更新:

第 2 步：

"peer" 从 "core.yaml" 加载配置，通常此文件位于此处“/etc/hyperledger/fabric/”。在此文件中尝试查找属性 "localMspId: SampleOrg" 并将 SampleOrg 替换为您的订购者 MSP Id

第 3 步：

频道只能创建一次。为了验证通道是否存在，我们可以尝试从其中一个节点加入它：

验证环境变量 CORE_PEER_ADDRESS 配置正确，export CORE_PEER_ADDRESS=peer0.org1.example.com:7051
peer channel join -b /opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block
现在您可以检查 peer 是否有关于通道的信息 peer channel getinfo -c mychannel

Answer 2

除了@Sergey Balashevich 推荐的修复之外，似乎创世块的创建给我带来了问题。我使用以下命令生成它：./configtxgen -profile MyChannel -channelID mychannel -outputCreateChannelTx configtx/channel.tx。这导致创建了一个通道并阻止我完成对等通道创建命令。

对等通道创建 - 评估失败，只有 0 个策略得到满足 Hyperledger Fabric

peer channel create - evaluation failed only 0 policies were satisfied Hyperledger Fabric

hyperledger

hyperledger-fabric