Lab2 error: Cannot run peer because cannot init crypto, folder does not exist

Niklaskkkk

In the last part of Lab2 when I try to pull the genesis block for the current channel with this command: peer channel fetch oldest allarewelcome.block -c allarewelcome\ --orderer orderer.example.com:7050

I receive the following error: Cannot run peer because cannot init crypto, folder "/etc/hyperledger/msp/users/org1.example.com/mspAdmin@" does not exist

Obiously I did execute the command before, with export CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/users/Admin@​org1.example.com/msp
without any error message.

After searching I find that this could have something to do with setting wrong environment variable, however, no posts explain how I should do it (I am not experienced with setting PATHS).

I have ubuntu 18.04.

Appreaciate any help!

Niklaskkkk

Also, at this point in the Lab the Fabric-CA example is not running (it exited automatically right after network launch). The containers running are:

• peer0
• peer1
• orderer
• cli

hanesoliveira

Hi @Niklaskkkk!

First, particularly I try to avoid copying the commands from the PDF. That helps me memorize and avoid errors. In this case, always remember to avoid the backslash that comes when copying from the document, like the one after "allarewelcome".

In the docker-compose.yaml file we a directory of the machine being mapped into a directory in the Docker image. In this case we have inside the "volumes" section for peer1:

./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users

Copying from the PDF showed me that there is a break in the line and I don't know if that has been carried on your docker-compose.yaml file. Just a double check.

When using environment variables I always check if the values are there doing:

echo $CORE_PEER_MSPCONFIGPATH

That's more like a sanity check. Another good routine is listing (i.e: ls /etc/hyperledger...) the directory before creating the environment variable. That helps you avoid typos.

Regarding the CA, you can check what happened issuing the command:

docker container logs

But I really think this is related to an old key being referenced in the docker-compose.yaml. When generating the crypto material the CA's key was changed in your volume, but the yaml file has an static value. Change the *_sk value for the actual one in this part of docker-compose.yaml:

services:
ca.example.com:
environment:
FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/329dac791fb648e0121c8fc7e787287c3085a5f7200750a47a7a468c2a11f32d_sk

Let me know if it helps.

Niklaskkkk

Hi @hanesoliveira & thanks for your reply!

Seems you are correct in that I did a typo from the PDF-document. When I removed the "\" I was able to pull the genesis block & add peer1 to the allarewelcome-channel.

Regarding the CA container exit (which it still does) I get the following when running docker container logs:

:~/Desktop/fabric-samples$ docker logs --details 5f9c288c14a9
2019/07/02 08:59:50 [INFO] Created default configuration file at /etc/hyperledger/fabric-ca-server/fabric-ca-server-config.yaml
2019/07/02 08:59:50 [INFO] Starting server in home directory: /etc/hyperledger/fabric-ca-server
2019/07/02 08:59:50 [INFO] Server Version: 1.4.1
2019/07/02 08:59:50 [INFO] Server Levels: &{Identity:2 Affiliation:1 Certificate:1 Credential:1 RAInfo:1 Nonce:1}
Error: Failed to find private key for certificate in '/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem': Could not find matching private key for SKI: Failed getting key for SKI [[232 58 201 92 114 27 0 226 117 135 211 255 107 48 54 187 101 119 169 103 168 130 234 39 100 252 45 122 112 236 26 204]]: Key with SKI e83ac95c721b00e27587d3ff6b3036bb6577a967a882ea2764fc2d7a70ec1acc not found in /etc/hyperledger/fabric-ca-server/msp/keystore

I also have a couple of questions, sorry if they are too basic.

• When running echo $CORE_PEER_MSPCONFIGPATH (inside peer1 container) it returns the following:
  root@7882f245ea13:/opt/gopath/src/github.com/hyperledger/fabric# echo $CORE_PEER_MSPCONFIGPATH
  /etc/hyperledger/msp/users/Admin@org1.example.com/msp

This seems correct?

• When running: ~/Desktop/fabric-samples/startFiles$ ls /etc/hyperledger/msp/users/Admin@org1.example.com/msp
  It returns:
  ls: cannot open '/etc/hyperledger/msp/users/Admin@org1.example.com/msp': File or folder does not exist

indirajith

Yes, me too had the same problem from CA container. Now I have updated the key in the docker-compose file with the key in 'crypto-config/peerOrganizations/org1.example.com/ca/' in this location. I tried it as trial and error. If we have better grasp of MSP, this would be easily understood.

Niklaskkkk

@indirajith said:
Yes, me too had the same problem from CA container. Now I have updated the key in the docker-compose file with the key in 'crypto-config/peerOrganizations/org1.example.com/ca/' in this location. I tried it as trial and error. If we have better grasp of MSP, this would be easily understood.

Thanks, I also changed the key manually. Do one have to do this each time one start the network over again @hanesoliveira ?

Also, further on in Lab3 CouchDB I receive the following error when trying to start the network with a DB for each peer.

"~/Desktop/fabric-samples/startFiles$ docker-compose -f docker-compose.yml up -d ca.example.com orderer.example.com couchdbOrg1Peer0 peer0.org1.example.com couchdbOrg1Peer1 peer1.org1.example.com cli
WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string.
ERROR: The Compose file './docker-compose.yml' is invalid because:
Unsupported config option for services.couchdbOrg1Peer0: 'couchdbOrg1Peer1'"

Maybe there is an typo error in my YML file?

#

Copyright IBM Corp All Rights Reserved

#

SPDX-License-Identifier: Apache-2.0

#
version: '2'

networks:
basic:

services:

couchdbOrg1Peer0:
container_name: couchdbOrg1Peer0
image: hyperledger/fabric-couchdb
environment:
- COUCHDB_USER=peer0.Org1
- COUCHDB_PASSWORD=password
ports:
- 5984:5984
networks:
- basic

couchdbOrg1Peer1:
  container_name: couchdbOrg1Peer1
  image: hyperledger/fabric-couchdb
  environment:
    - COUCHDB_USER=peer1.Org1
    - COUCHDB_PASSWORD=password
  ports:
    - 6984:5984
  networks:
    - basic

peer1.org1.example.com:
container_name: peer1.org1.example.com
image: hyperledger/fabric-peer
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer1.org1.example.com
- CORE_LOGGING_PEER=info
- CORE_CHAINCODE_LOGGING=debug
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
- CORE_PEER_ADDRESS=peer1.org1.example.com:7051
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdbOrg1Peer1:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=peer1.Org1
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=password
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: peer node start
ports:
- 8051:7051
- 8053:7053
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/msp/peer
- ./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users
- ./config:/etc/hyperledger/configtx
depends_on:
- orderer.example.com
- couchdbOrg1Peer1
networks:
- basic

ca.example.com:
image: hyperledger/fabric-ca
environment:
- FABRIC_CA_HOME=/etc/hyperledger/fabric-ca-server
- FABRIC_CA_SERVER_CA_NAME=ca.example.com
- FABRIC_CA_SERVER_CA_CERTFILE=/etc/hyperledger/fabric-ca-server-config/ca.org1.example.com-cert.pem
- FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/e83ac95c721b00e27587d3ff6b3036bb6577a967a882ea2764fc2d7a70ec1acc_sk
ports:
- "7054:7054"
command: sh -c 'fabric-ca-server start -b admin:adminpw'
volumes:
- ./crypto-config/peerOrganizations/org1.example.com/ca/:/etc/hyperledger/fabric-ca-server-config
container_name: ca.example.com
networks:
- basic

orderer.example.com:
container_name: orderer.example.com
image: hyperledger/fabric-orderer
environment:
- FABRIC_LOGGING_SPEC=info
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_GENESISMETHOD=file
- ORDERER_GENERAL_GENESISFILE=/etc/hyperledger/configtx/genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/etc/hyperledger/msp/orderer/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/orderer
command: orderer
ports:
- 7050:7050
volumes:
- ./config/:/etc/hyperledger/configtx
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/:/etc/hyperledger/msp/orderer
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/:/etc/hyperledger/msp/peerOrg1
networks:
- basic

peer0.org1.example.com:
container_name: peer0.org1.example.com
image: hyperledger/fabric-peer
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.org1.example.com
- FABRIC_LOGGING_SPEC=info
- CORE_CHAINCODE_LOGGING_LEVEL=info
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_MSPCONFIGPATH=/etc/hyperledger/msp/peer/
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=startFiles_basic
- CORE_LEDGER_STATE_STATEDATABASE=CouchDB
- CORE_LEDGER_STATE_COUCHDBCONFIG_COUCHDBADDRESS=couchdbOrg1Peer0:5984
- CORE_LEDGER_STATE_COUCHDBCONFIG_USERNAME=peer0.Org1
- CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD=password
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: peer node start
# command: peer node start --peer-chaincodedev=true
ports:
- 7051:7051
- 7053:7053
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/msp/peer
- ./crypto-config/peerOrganizations/org1.example.com/users:/etc/hyperledger/msp/users
- ./config:/etc/hyperledger/configtx
depends_on:
- orderer.example.com
- couchdbOrg1Peer0
networks:
- basic

cli:
container_name: cli
image: hyperledger/fabric-tools
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_LOGGING_LEVEL=info
- CORE_PEER_ID=cli
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
- CORE_CHAINCODE_KEEPALIVE=10
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ./../chaincode/:/opt/gopath/src/github.com/
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
networks:
- basic
depends_on:
- orderer.example.com
- peer0.org1.example.com

kmyatt

**Thanks, I also changed the key manually. Do one have to do this each time one start the network over again @hanesoliveira ?
**

Going to jump in on this one @Niklaskkkk . The answer to your question above is no, the only time you need to readjust the values for crypto pathing is when it has been deleted, moved, or regenerated with a different key. Taking down and rebuilding the network should have no effect on the cryptographic assets on your local machine.

Also, further on in Lab3 CouchDB I receive the following error when trying to start the network with a DB for each peer.

This is an Issue with YAML, most likely your identation for the service definitions you've added are off. Fix that and it should work

indirajith

"WARNING: The COMPOSE_PROJECT_NAME variable is not set. Defaulting to a blank string." For this error you should change " CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=${COMPOSE_PROJECT_NAME}_basic" this one in docker-compose file to " CORE_VM_DOCKER_HOSTCONFIG_NETWORKMODE=startfiles_basic". This should work.

kmyatt

@indirajith
Yes, you are correct. You must have the old version of the original file. I believeThis update was committed to github 25 days ago. But All in all Im glad you figured it out anyway

Niklaskkkk

@kmyatt said:
**Thanks, I also changed the key manually. Do one have to do this each time one start the network over again @hanesoliveira ?
**

Going to jump in on this one @Niklaskkkk . The answer to your question above is no, the only time you need to readjust the values for crypto pathing is when it has been deleted, moved, or regenerated with a different key. Taking down and rebuilding the network should have no effect on the cryptographic assets on your local machine.

Also, further on in Lab3 CouchDB I receive the following error when trying to start the network with a DB for each peer.

This is an Issue with YAML, most likely your identation for the service definitions you've added are off. Fix that and it should work

I found the error, thanks @kmyatt
Just a small space difference...YAML