Welcome to the new Linux Foundation Forum!

Lab2 error: Cannot run peer because cannot init crypto, folder does not exist

In the last part of Lab2 when I try to pull the genesis block for the current channel with this command: peer channel fetch oldest allarewelcome.block -c allarewelcome\ --orderer orderer.example.com:7050

I receive the following error: Cannot run peer because cannot init crypto, folder "/etc/hyperledger/msp/users/org1.example.com/[email protected]" does not exist

Obiously I did execute the command before, with export CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/[email protected]​org1.example.com/msp
without any error message.

After searching I find that this could have something to do with setting wrong environment variable, however, no posts explain how I should do it (I am not experienced with setting PATHS).

I have ubuntu 18.04.

Appreaciate any help!

Comments

  • NiklaskkkkNiklaskkkk Posts: 36

    Also, at this point in the Lab the Fabric-CA example is not running (it exited automatically right after network launch). The containers running are:

    • peer0
    • peer1
    • orderer
    • cli
  • Hi @Niklaskkkk!

    First, particularly I try to avoid copying the commands from the PDF. That helps me memorize and avoid errors. In this case, always remember to avoid the backslash that comes when copying from the document, like the one after "allarewelcome".

    In the docker-compose.yaml file we a directory of the machine being mapped into a directory in the Docker image. In this case we have inside the "volumes" section for peer1:

    ./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users

    Copying from the PDF showed me that there is a break in the line and I don't know if that has been carried on your docker-compose.yaml file. Just a double check.

    When using environment variables I always check if the values are there doing:

    echo $CORE_PEER_MSPCONFIGPATH

    That's more like a sanity check. Another good routine is listing (i.e: ls /etc/hyperledger...) the directory before creating the environment variable. That helps you avoid typos.

    Regarding the CA, you can check what happened issuing the command:

    docker container logs

    But I really think this is related to an old key being referenced in the docker-compose.yaml. When generating the crypto material the CA's key was changed in your volume, but the yaml file has an static value. Change the *_sk value for the actual one in this part of docker-compose.yaml:

    services:
    ca.example.com:
    environment:
    FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/329dac791fb648e0121c8fc7e787287c3085a5f7200750a47a7a468c2a11f32d_sk

    Let me know if it helps.

  • NiklaskkkkNiklaskkkk Posts: 36

    Hi @hanesoliveira & thanks for your reply!

    Seems you are correct in that I did a typo from the PDF-document. When I removed the "\" I was able to pull the genesis block & add peer1 to the allarewelcome-channel.

    Regarding the CA container exit (which it still does) I get the following when running docker container logs:

    :~/Desktop/fabric-samples$ docker logs --details 5f9c288c14a9
    2019/07/02 08:59:50 [INFO] Created default configuration file at /etc/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml
    2019/07/02 08:59:50 [INFO] Starting server in home directory: /etc/hyperledger/fabric-ca-server
    2019/07/02 08:59:50 [INFO] Server Version: 1.4.1
    2019/07/02 08:59:50 [INFO] Server Levels: &{Identity:2 Affiliation:1 Certificate:1 Credential:1 RAInfo:1 Nonce:1}
    Error: Failed to find private key for certificate in '/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem': Could not find matching private key for SKI: Failed getting key for SKI [[232 58 201 92 114 27 0 226 117 135 211 255 107 48 54 187 101 119 169 103 168 130 234 39 100 252 45 122 112 236 26 204]]: Key with SKI e83ac95c721b00e27587d3ff6b3036bb6577a967a882ea2764fc2d7a70ec1acc not found in /etc/hyperledger/fabric-ca-server/msp/keystore

    I also have a couple of questions, sorry if they are too basic.

    • When running echo $CORE_PEER_MSPCONFIGPATH (inside peer1 container) it returns the following:
      [email protected]:/opt/gopath/src/github.com/hyperledger/fabric# echo $CORE_PEER_MSPCONFIGPATH
      /etc/hyperledger/msp/users/[email protected]/msp

    This seems correct?

    • When running: ~/Desktop/fabric-samples/startFiles$ ls /etc/hyperledger/msp/users/[email protected]/msp
      It returns:
      ls: cannot open '/etc/hyperledger/msp/users/[email protected]/msp': File or folder does not exist
  • indirajithindirajith Posts: 32

    Yes, me too had the same problem from CA container. Now I have updated the key in the docker-compose file with the key in 'crypto-config/peerOrganizations/org1.example.com/ca/' in this location. I tried it as trial and error. If we have better grasp of MSP, this would be easily understood.

  • NiklaskkkkNiklaskkkk Posts: 36

    @indirajith said:
    Yes, me too had the same problem from CA container. Now I have updated the key in the docker-compose file with the key in 'crypto-config/peerOrganizations/org1.example.com/ca/' in this location. I tried it as trial and error. If we have better grasp of MSP, this would be easily understood.

    Thanks, I also changed the key manually. Do one have to do this each time one start the network over again @hanesoliveira ?

    Also, further on in Lab3 CouchDB I receive the following error when trying to start the network with a DB for each peer.

    "~/Desktop/fabric-samples/startFiles$ docker-compose -f docker-compose.yml up -d ca.example.com orderer.example.com couchdbOrg1Peer0 peer0.org1.example.com couchdbOrg1Peer1 peer1.org1.example.com cli
    WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string.
    ERROR: The Compose file './docker-compose.yml' is invalid because:
    Unsupported config option for services.couchdbOrg1Peer0: 'couchdbOrg1Peer1'"

    Maybe there is an typo error in my YML file?

    #

    Copyright IBM Corp All Rights Reserved

    #

    SPDX-License-Identifier: Apache-2.0

    #
    version: '2'

    networks:
    basic:

    services:

    couchdbOrg1Peer0:
    container_name: couchdbOrg1Peer0
    image: hyperledger/fabric-couchdb
    environment:
    - COUCHDB_USER=peer0.Org1
    - COUCHDB_PASSWORD=password
    ports:
    - 5984:5984
    networks:
    - basic

    couchdbOrg1Peer1:
      container_name: couchdbOrg1Peer1
      image: hyperledger/fabric-couchdb
      environment:
        - COUCHDB_USER=peer1.Org1
        - COUCHDB_PASSWORD=password
      ports:
        - 6984:5984
      networks:
        - basic
    

    peer1.org1.example.com:
    container_name: peer1.org1.example.com
    image: hyperledger/fabric-peer
    environment:
    - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
    - CORE_PEER_ID=peer1.org1.example.com
    - CORE_LOGGING_PEER=info
    - CORE_CHAINCODE_LOGGING=debug
    - CORE_PEER_LOCALMSPID=Org1MSP
    - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
    - CORE_PEER_ADDRESS=peer1.org1.example.com:7051
    - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic
    - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
    - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdbOrg1Peer1:5984
    - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=peer1.Org1
    - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=password
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric
    command: peer node start
    ports:
    - 8051:7051
    - 8053:7053
    volumes:
    - /var/run/:/host/var/run/
    - ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/msp/peer
    - ./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users
    - ./config:/etc/hyperledger/configtx
    depends_on:
    - orderer.example.com
    - couchdbOrg1Peer1
    networks:
    - basic

    ca.example.com:
    image: hyperledger/fabric-ca
    environment:
    - FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
    - FABRIC_CA_SERVER_CA_NAME=ca.example.com
    - FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem
    - FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/e83ac95c721b00e27587d3ff6b3036bb6577a967a882ea2764fc2d7a70ec1acc_sk
    ports:
    - "7054:7054"
    command: sh -c 'fabric-ca-server start -b admin:adminpw'
    volumes:
    - ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
    container_name: ca.example.com
    networks:
    - basic

    orderer.example.com:
    container_name: orderer.example.com
    image: hyperledger/fabric-orderer
    environment:
    - FABRIC_LOGGING_SPEC=info
    - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
    - ORDERER_GENERAL_GENESISMETHOD=file
    - ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
    - ORDERER_GENERAL_LOCALMSPID=OrdererMSP
    - ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
    command: orderer
    ports:
    - 7050:7050
    volumes:
    - ./config/:/etc/hyperledger/configtx
    - ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/:/etc/hyperledger/msp/orderer
    - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/:/etc/hyperledger/msp/peerOrg1
    networks:
    - basic

    peer0.org1.example.com:
    container_name: peer0.org1.example.com
    image: hyperledger/fabric-peer
    environment:
    - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
    - CORE_PEER_ID=peer0.org1.example.com
    - FABRIC_LOGGING_SPEC=info
    - CORE_CHAINCODE_LOGGING_LEVEL=info
    - CORE_PEER_LOCALMSPID=Org1MSP
    - CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
    - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
    - CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=startFiles_basic
    - CORE_LEDGER_STATE_STATEDATABASE=CouchDB
    - CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdbOrg1Peer0:5984
    - CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=peer0.Org1
    - CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=password
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric
    command: peer node start
    # command: peer node start --peer-chaincodedev=true
    ports:
    - 7051:7051
    - 7053:7053
    volumes:
    - /var/run/:/host/var/run/
    - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/msp/peer
    - ./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users
    - ./config:/etc/hyperledger/configtx
    depends_on:
    - orderer.example.com
    - couchdbOrg1Peer0
    networks:
    - basic

    cli:
    container_name: cli
    image: hyperledger/fabric-tools
    tty: true
    environment:
    - GOPATH=/opt/gopath
    - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
    - CORE_LOGGING_LEVEL=info
    - CORE_PEER_ID=cli
    - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
    - CORE_PEER_LOCALMSPID=Org1MSP
    - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/[email protected]/msp
    - CORE_CHAINCODE_KEEPALIVE=10
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: /bin/bash
    volumes:
    - /var/run/:/host/var/run/
    - ./../chaincode/:/opt/gopath/src/github.com/
    - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
    networks:
    - basic
    depends_on:
    - orderer.example.com
    - peer0.org1.example.com

  • kmyattkmyatt Posts: 31

    **Thanks, I also changed the key manually. Do one have to do this each time one start the network over again @hanesoliveira ?
    **

    Going to jump in on this one @Niklaskkkk . The answer to your question above is no, the only time you need to readjust the values for crypto pathing is when it has been deleted, moved, or regenerated with a different key. Taking down and rebuilding the network should have no effect on the cryptographic assets on your local machine.

    Also, further on in Lab3 CouchDB I receive the following error when trying to start the network with a DB for each peer.

    This is an Issue with YAML, most likely your identation for the service definitions you've added are off. Fix that and it should work

  • indirajithindirajith Posts: 32

    "WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string." For this error you should change " CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic" this one in docker-compose file to " CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=startfiles_basic". This should work.

  • kmyattkmyatt Posts: 31
    edited July 2

    @indirajith
    Yes, you are correct. You must have the old version of the original file. I believeThis update was committed to github 25 days ago. But All in all Im glad you figured it out anyway :)

  • NiklaskkkkNiklaskkkk Posts: 36
    edited July 3

    @kmyatt said:
    **Thanks, I also changed the key manually. Do one have to do this each time one start the network over again @hanesoliveira ?
    **

    Going to jump in on this one @Niklaskkkk . The answer to your question above is no, the only time you need to readjust the values for crypto pathing is when it has been deleted, moved, or regenerated with a different key. Taking down and rebuilding the network should have no effect on the cryptographic assets on your local machine.

    Also, further on in Lab3 CouchDB I receive the following error when trying to start the network with a DB for each peer.

    This is an Issue with YAML, most likely your identation for the service definitions you've added are off. Fix that and it should work

    I found the error, thanks @kmyatt
    Just a small space difference...YAML :)

Sign In or Register to comment.