I am trying to setup the Hyperledger Fabric without docker on Oracle Linux 8.4
I am using fabric 2.2.3 from github releases.
https://github.com/hyperledger/fabric/releases/download/v2.2.3/hyperledger-fabric-linux-amd64-2.2.3.tar.gz
I am also trying to understand how it works by NOT using the fabric-ca.
So far I managed to create my own certificate hierarchy and chains purely using OpenSSL and those MSP directories ... With the certificate chains, I also managed to
However, I am keep getting problem on the chaincode.
I am trying to install Java chaincode using, both
peer lifecycle chaincode package, peer lifecycle chaincode install VS peer chaincode package, peer chaincode install ... without any luck
it keep prompting me with docker error message (see logs below)
How can I deploy my chaincode without docker ? I have tried starting the peer with --peer-chaincodedev ... but also without any luck
From the logs below, if using chaincode install (without lifecycle) it reported installed successfully, but failed on docker.
Hence, as my subject, is it possible to install and run chaincodes without docker ?
I have come so far to setup and configure by my own without docker, and now at the very last step it seems force me to use docker >__<
Logs from install chaincode using lifecycle chaincode install:
[user@hyperledgerfabric ~]# /appl/hyperledger-fabric/bin/peer lifecycle chaincode install /appl/chaincode/TestHLF-1.0.0.tar.gz --peerAddresses localhost:7051 -o localhost:7050
Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: Get "http://unix.sock/images/testhlf-1.0.0-da9445c8699c299812759f4072a8069875a786f4382b00591b87c1feab4c9599-721fab386a2ac9009bd0e40582127b7895df36b6a1d74dfb108713d1b4751cd5/json": dial unix /var/run/docker.sock: connect: no such file or directory
Logs from install chaincode using chaincode install (without lifecycle):
[user@hyperledgerfabric ~]# /appl/hyperledger-fabric/bin/peer chaincode install -l java -p /appl/chaincode/TestHLF -n TestHLF -v 1.0.0 --peerAddresses localhost:7051 -o localhost:7050
2021-09-01 17:45:02.804 +08 [chaincodeCmd] checkChaincodeCmdParams -> INFO 001 Using default escc
2021-09-01 17:45:02.804 +08 [chaincodeCmd] checkChaincodeCmdParams -> INFO 002 Using default vscc
Error: install failed with status: 500 - chaincode installed to peer but could not build chaincode: docker build failed: docker image inspection failed: Get "http://unix.sock/images/testhlf-1.0.0-0e6bfac3b09ead9a0bd3e887e68ea728650f7c9e87b335ec6f539517b834ba08/json": dial unix /var/run/docker.sock: connect: no such file or directory
[user@hyperledgerfabric ~]# /appl/hyperledger-fabric/bin/peer chaincode list -C orderer-channel --peerAddresses localhost:7051 --installed
Get installed chaincodes on peer:
Name: TestHLF, Version: 1.0.0, Path: /appl/chaincode/TestHLF, Id: c57c51536a53f01ee95324a2de8a564d9485ecf86c313c7baa9348cd8ec70d96
tried to use External Builder but seems that it still look for my docker in my peer.
In the metadata.json, the variable path, what it is for ?
[user@hyperledgerfabric TestHLF]# /appl/hyperledger-fabric/bin/peer lifecycle chaincode install --peerAddresses localhost:7051 /appl/chaincode-builder/TestHLF/TestHLF.tar.gz
Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: Get "http://unix.sock/images/testhlf-5cb99feb2a9be27749bfc0f05d93cddaf8b23a9023c3bbc217aebcb703082141-941a0fbcc36e8019c4cd118263ce7a6ba266432dc0a4d7e6b5a07554ba3d1923/json": dial unix /var/run/docker.sock: connect: no such file or directory
I have updated my core.yaml in my peer to point to the external builder.
[user@hyperledgerfabric TestHLF]# grep externalBuilder -A3 /appl/blockchain/_config/core.yaml
# externalBuilders: []
externalBuilders:
- path: /appl/chaincode-builder/TestHLF
name: testhlf-builder
Here are the content of the tar, and the contents of important files.
[user@hyperledgerfabric TestHLF]# tar -tvf /appl/chaincode-builder/TestHLF/TestHLF.tar.gz
-rw-r--r-- fabric/fabric 61 2021-09-02 10:29 metadata.json
-rw-r--r-- fabric/fabric 229 2021-09-02 10:29 code.tar.gz
[user@hyperledgerfabric TestHLF]# tar -tvf /appl/chaincode-builder/TestHLF/code.tar.gz
-rw-r--r-- fabric/fabric 150 2021-09-02 10:29 connection.json
[user@hyperledgerfabric TestHLF]# cat /appl/chaincode-builder/TestHLF/metadata.json
{
"path": "",
"type": "external",
"label": "TestHLF"
}
[user@hyperledgerfabric TestHLF]# cat /appl/chaincode-builder/TestHLF/connection.json
{
"address": "localhost:9999",
"dial_timeout": "10s",
"tls_required": "false",
"client_auth_required": "false"
}
[user@hyperledgerfabric TestHLF]# ls -l bin
total 12
-rwxr-xr-x. 1 fabric fabric 307 Sep 2 10:42 build
-rwxr-xr-x. 1 fabric fabric 243 Sep 2 10:29 detect
-rwxr-xr-x. 1 fabric fabric 219 Sep 2 10:42 release
Here are more details on the detect, build, and release executable.
From previous update, the executable are with permission 755.
Also the executable to test whether it works or not, I didn't do checking and just trying to output the value.
It seems to me it doesn't even invoke the executable.
[user@hyperledgerfabric bin]# cat build
#!/bin/bash
CHAINCODE_SOURCE_DIR=$1
CHAINCODE_METADATA_DIR=$2
BUILD_OUTPUT_DIR=$3
echo "CHAINCODE_SOURCE_DIR = $CHAINCODE_SOURCE_DIR"
echo "CHAINCODE_METADATA_DIR = $CHAINCODE_METADATA_DIR"
echo "BUILD_OUTPUT_DIR = $BUILD_OUTPUT_DIR"
touch /appl/chaincode-builder/TestHLF/touch02.txt
exit 0
[user@hyperledgerfabric bin]# cat detect
#!/bin/bash
CHAINCODE_SOURCE_DIR=$1
CHAINCODE_METADATA_DIR=$2
echo "CHAINCODE_SOURCE_DIR = $CHAINCODE_SOURCE_DIR"
echo "CHAINCODE_METADATA_DIR = $CHAINCODE_METADATA_DIR"
touch /appl/chaincode-builder/TestHLF/touch01.txt
exit 0
[user@hyperledgerfabric bin]# cat release
#!/bin/bash
BUILD_OUTPUT_DIR=$1
RELEASE_OUTPUT_DIR=$2
echo "BUILD_OUTPUT_DIR = $BUILD_OUTPUT_DIR"
echo "RELEASE_OUTPUT_DIR = $RELEASE_OUTPUT_DIR"
touch /appl/chaincode-builder/TestHLF/touch03.txt
exit 0
I turn on the debug mode by using FABRIC_LOGGING_SPEC=debug
Here are the debugging log, I dont see any on invoking my executables.
Debug log on peer:
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.254 +08 [lifecycle] InstallChaincode -> DEBU 49d received invocation of InstallChaincode for install package 1f8b08001c9130610003cb4d2d494c492c49d4cb2acecf63a00d300002331313106d68...
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.254 +08 [ccprovider] MetadataAsTarEntries -> DEBU 49e Created metadata tar
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.255 +08 [chaincode] handleMessage -> DEBU 49f [a0343dde] Fabric side handling ChaincodeMessage of type: COMPLETED in state ready
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.255 +08 [chaincode] Notify -> DEBU 4a0 [a0343dde] notifying Txid:a0343ddee86f669b143923992bd36e6b735b39de681dfb8f230c10af3f469410, channelID:
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.255 +08 [chaincode] Execute -> DEBU 4a1 Exit
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.255 +08 [endorser] callChaincode -> INFO 4a2 finished chaincode: _lifecycle duration: 1ms channel= txID=a0343dde
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.255 +08 [comm.grpc.server] 1 -> INFO 4a3 unary call completed grpc.service=protos.Endorser grpc.method=ProcessProposal grpc.peer_address=[::1]:35628 grpc.code=OK grpc.call_duration=1.805332ms
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.257 +08 [grpc] infof -> DEBU 4a4 transport: loopyWriter.run returning. connection error: desc = "transport is closing"
Sep 02 17:04:35 hyperledgerfabric peer[1588]: 2021-09-02 17:04:35.257 +08 [grpc] infof -> DEBU 4a5 transport: loopyWriter.run returning. connection error: desc = "transport is closing"
Debug log while invoking lifecycle chaincode install:
2021-09-02 17:04:35.245 +08 [msp] setupSigningIdentity -> DEBU 01a Signing identity expires at 2041-08-24 07:42:50 +0000 UTC
2021-09-02 17:04:35.246 +08 [msp] GetDefaultSigningIdentity -> DEBU 01b Obtaining default signing identity
2021-09-02 17:04:35.248 +08 [grpc] Infof -> DEBU 01c parsed scheme: ""
2021-09-02 17:04:35.248 +08 [grpc] Infof -> DEBU 01d scheme "" not registered, fallback to default scheme
2021-09-02 17:04:35.248 +08 [grpc] Infof -> DEBU 01e ccResolverWrapper: sending update to cc: {[{localhost:7051 <nil> 0 <nil>}] <nil> <nil>}
2021-09-02 17:04:35.249 +08 [grpc] Infof -> DEBU 01f ClientConn switching balancer to "pick_first"
2021-09-02 17:04:35.249 +08 [grpc] Infof -> DEBU 020 Channel switches to new LB policy "pick_first"
2021-09-02 17:04:35.249 +08 [grpc] Infof -> DEBU 021 Subchannel Connectivity change to CONNECTING
2021-09-02 17:04:35.249 +08 [grpc] Infof -> DEBU 022 Subchannel picks a new address "localhost:7051" to connect
2021-09-02 17:04:35.249 +08 [grpc] UpdateSubConnState -> DEBU 023 pickfirstBalancer: HandleSubConnStateChange: 0xc00040f7f0, {CONNECTING <nil>}
2021-09-02 17:04:35.249 +08 [grpc] Infof -> DEBU 024 Channel Connectivity change to CONNECTING
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 025 Subchannel Connectivity change to READY
2021-09-02 17:04:35.251 +08 [grpc] UpdateSubConnState -> DEBU 026 pickfirstBalancer: HandleSubConnStateChange: 0xc00040f7f0, {READY <nil>}
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 027 Channel Connectivity change to READY
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 028 parsed scheme: ""
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 029 scheme "" not registered, fallback to default scheme
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 02a ccResolverWrapper: sending update to cc: {[{localhost:7051 <nil> 0 <nil>}] <nil> <nil>}
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 02b ClientConn switching balancer to "pick_first"
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 02c Channel switches to new LB policy "pick_first"
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 02d Subchannel Connectivity change to CONNECTING
2021-09-02 17:04:35.251 +08 [grpc] Infof -> DEBU 02e Subchannel picks a new address "localhost:7051" to connect
2021-09-02 17:04:35.251 +08 [grpc] UpdateSubConnState -> DEBU 02f pickfirstBalancer: HandleSubConnStateChange: 0xc000283ec0, {CONNECTING <nil>}
2021-09-02 17:04:35.252 +08 [grpc] Infof -> DEBU 030 Channel Connectivity change to CONNECTING
2021-09-02 17:04:35.252 +08 [grpc] Infof -> DEBU 031 Subchannel Connectivity change to READY
2021-09-02 17:04:35.252 +08 [grpc] UpdateSubConnState -> DEBU 032 pickfirstBalancer: HandleSubConnStateChange: 0xc000283ec0, {READY <nil>}
2021-09-02 17:04:35.252 +08 [grpc] Infof -> DEBU 033 Channel Connectivity change to READY
2021-09-02 17:04:35.253 +08 [msp.identity] Sign -> DEBU 034 Sign: plaintext: 0ACB080A6108031A0B08A3A7C2890610...05A36014D00F00005318644000280000
2021-09-02 17:04:35.253 +08 [msp.identity] Sign -> DEBU 035 Sign: digest: 6C40B4067E4B357821801A1314B2D276BCD3E5B60AF86CDD11AC93776F0A0EBE
Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: Get "http://unix.sock/images/testhlf-d092ae78b2f02de3ae597e09cfe84543dc97a65588b2f78e2dd0260811963252-84293d54f47de427b969eef63391a9deca67ecff063052fda66e267832490491/json": dial unix /var/run/docker.sock: connect: no such file or directory
Your problem with docker seems to be that the peer does not find the Docker daemon socket where it expects to launch the chaincode container.
The docker daemon location inside the peer is configured through a environment variable:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
It is usually mapped from the file system the peer container is running in, through a volume:
- /var/run/:/host/var/run/
So, if your peer is running on a machine with an running docker daemon Unix socket, this should be easy to fix by finding the socket (and checking its permissions) and configuring your peers.
As an alternative, you can also configure a Docker TCP endpoint in CORE_VM_ENDPOINT, instead of an Unix socket.
If all this is not possible in your environment (if you work with some kind of restrictive environment), you can always enable External Builders and Launchers on your peers and deploy your chaincode suitably. This would be the specific response to your question title: YES, through External Builders and Launchers. But this is more complex than configuring the access to your docker daemon suitably.
All your CA considerations do not contribute to your question. But, in your production environment, you should use some kind of CA...