I'm currently setting up a custom Hyperledger Fabric network for a Hyperledger Composer project I'm working on.
The Composer files are already okay and runs perfectly using the out of the box dev fabric server provided, i.e. ./startFabric.sh. I have followed the tutorial on how to deploy an existing business network to a multi-org situation, using the given byfn.sh, and the network was successfully installed (composer network install ... successfully installs the .bna on the fabric network).
Now I tried to modify byfn.sh to support 3 (three) organizations, with only one peer for each org. The other files (crypto-config.yaml, configtx.yaml, scripts/script.sh, and the docker compose files) are also modified accordingly.
The e2e test in script/script.sh in fact runs successfully (until the "END" ASCII art appears), which lead me to think that the fabric network is set up successfully. The docker ps command also shows that the docker containers are running.
However, when I'm trying to execute composer network install on the setup fabric, it outputs the following:
$ composer network install -c PeerAdmin@example-org1 -a stockchainz.bna
✖ Installing business network. This may take a minute...
Error: Error trying install business network. Error: No valid responses from any peers.
Response from attempted peer comms was an error: Error: Failed to connect before the deadline
Command failed
Why does this error appear, even though the end-to-end test runs fine? My suspicion is that the connection.json file is somehow misconfigured, since the e2e runs perfectly fine (The "INSERT_..._CA_CERT" and "INSERT_ORG_NAME" is already replaced with the correct values)
After digging through the logs, I found out that the grpc cannot find the peer. Turns out it was a certificate issue, and that my suspicion was correct. Setting GRPC_VERBOSITY=DEBUG shows the logs when re-executing composer network install:
...
D0507 12:21:21.934229064 14853 security_handshaker.cc:127] Security handshake failed: {"created":"@1557231681.934207000","description":"Peer name localhost is not in peer certificate","file":"../deps/grpc/src/core/lib/security/security_connector/security_connector.cc","file_line":780}
...
The connection.json sets all of the peers' url as grpcs://localhost:<port>. Instead of having this:
...
"peer0.org1.example.com": {
"url": "grpcs://localhost:7051",
"tlsCACerts" : {
"pem": "INSERT_ORG1_CA_CERT"
}
},
...
I changed it to this:
...
"peer0.org1.example.com": {
"url": "grpcs://localhost:7051",
"grpcOptions": {
"ssl-target-name-override": "peer0.org1.example.com"
},
"tlsCACerts" : {
"pem": "INSERT_ORG1_CA_CERT"
}
},
...
After doing so, the business network archive is successfully installed:
$ composer network install --card PeerAdmin@example-org1 --archiveFile business-net.bna
⠋ Installing business network. This may take a minute...D0507 12:45:04.640298851 15321 dns_resolver.cc:331] Using native dns resolver
E0507 12:45:04.640363346 15321 trace.cc:57] Unknown trace var: 'transport_security'
⠸ Installing business network. This may take a minute...I0507 12:45:07.172482196 15321 subchannel.cc:605] New connected subchannel at 0x2c208d0 for subchannel 0x2b83880
I0507 12:45:07.173478121 15321 subchannel.cc:605] New connected subchannel at 0x2b10fa0 for subchannel 0x2b572f0
I0507 12:45:07.174495644 15321 subchannel.cc:605] New connected subchannel at 0x2c0b0e0 for subchannel 0x2b5bbe0
I0507 12:45:07.176448759 15321 subchannel.cc:605] New connected subchannel at 0x2bac9c0 for subchannel 0x2b17bc0
⠼ Installing business network. This may take a minute...I0507 12:45:07.205505423 15321 subchannel.cc:605] New connected subchannel at 0x2d6d400 for subchannel 0x2d65330
I0507 12:45:07.206441632 15321 subchannel.cc:605] New connected subchannel at 0x2c21970 for subchannel 0x2d69b80
⠧ Installing business network. This may take a minute...I0507 12:45:08.365612394 15321 subchannel.cc:605] New connected subchannel at 0x2c8efa0 for subchannel 0x2b37020
I0507 12:45:08.369911016 15321 subchannel.cc:605] New connected subchannel at 0x2bb2660 for subchannel 0x2c9d510
✔ Installing business network. This may take a minute...
Successfully installed business network business-net, version 0.1.0
Command succeeded