0 sub-policies were satisfied, but this policy requires 1 of the ‘Admins‘

最新推荐文章于 2023-09-18 17:03:37 发布
最新推荐文章于 2023-09-18 17:03:37 发布
阅读量8.5k 收藏 3
点赞数 2
分类专栏: 区块链 文章标签: fabric 区块链 联盟链
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/zengraoli/article/details/118407802
版权

文章目录

前情提要

今天在使用peer来创建通道的时候,报了如下的错误

2021-07-02 10:27:43.446 CST [common.deliver] Handle -> WARN 01a Error reading from 192.168.81.134:46572: rpc error: code = Canceled desc = context canceled
2021-07-02 10:27:43.447 CST [comm.grpc.server] 1 -> INFO 01b streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=192.168.81.134:46572 error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.call_duration=6.21135ms
2021-07-02 10:27:45.623 CST [cauthdsl] deduplicate -> ERRO 01c Principal deserialization failure (MSP OrdererMSP is unknown) for identity 0
2021-07-02 10:27:45.623 CST [orderer.common.broadcast] ProcessMessage -> WARN 01d [channel: mychannel] Rejecting broadcast of config message from 192.168.81.134:46578 because of error: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied: permission denied
2021-07-02 10:27:45.623 CST [comm.grpc.server] 1 -> INFO 01e streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Broadcast grpc.peer_address=192.168.81.134:46578 grpc.code=OK grpc.call_duration=2.682517ms

问题分析

对百度和google进行一番搜查:(0 sub-policies were satisfied, but this policy requires 1 of the ‘Admins’ sub-policies to be)

网上说有如下几个办法,都不是对的,至少对于我不是正确的:

  • 1、解决方案: configtx.yaml Capabilities段落不正确,参考官方版本;实际上,我觉得这个加不加都无所谓,最后成功的configtx.json我也没写这个段
  • 2、原因通过configtxgen命令生成创世区块时使用的通道名与创建通道时使用的通道名一样;我在创建创世块.block文件的时候并未带上-channelID name,使用的命令为…/bin/configtxgen -profile configtx.json -profile TwoOrgsOrdererGenesis -outputBlock ./genesis.block;默认会自动选择testchild的

正确应该排查的原因有如下三个

  • 1、配置文件中orderer的LocalMSPID是否一致,比如我用的是OrdererMSP,但在configtx.json中写的却是OrderersMSP(也是这个没有定义成模板导致的问题)
  • 2、一个就是我生成genesis.block的时候,并未指定配置文件;错误的时候使用: …/bin/configtxgen -profile TwoOrgsOrdererGenesis -outputBlock ./genesis.block -channelID mychannel;正确的应该为:…/bin/configtxgen -profile configtx.json -profile TwoOrgsOrdererGenesis -outputBlock ./genesis.block
  • 3、检查一下configtx.json文件,因为我是web后端自己生成的configtx.json,这个configtx.json用的是配置文件的形式,在异步调用的时候有些参数是@4打头的,自己没处理好异步,模板还没被替换过来,就被用来生成genesis.block了,当然会报错

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-HoH4DcP9-1625194395625)(B6FD26D5EF694CFFB009B661744AB487)]

最后吐槽一下orderer的日志,咋什么都报:

ERRO 01c Principal deserialization failure (MSP OrdererMSP is unknown) for identity 0
2021-07-02 10:27:45.623 CST [orderer.common.broadcast] ProcessMessage -> WARN 01d [channel: mychannel] Rejecting broadcast of config message from 192.168.81.134:46578 because of error: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be satisfied: permission denied

上面的问题也报的这个提示,当一个节点没有权限的时候也提示的这个。

最后贴一下我最终生成的configtx.json

{
	"Organizations": [
		{
			"Name": "OrderersMSP",
			"ID": "OrderersMSP",
			"MSPDir": "./crypto-config/ordererOrganizations/zeng.com/msp",
			"Policies": {
				"Readers": {
					"Type": "Signature",
					"Rule": "OR('OrderersMSP.member')"
				},
				"Writers": {
					"Type": "Signature",
					"Rule": "OR('OrderersMSP.member')"
				},
				"Admins": {
					"Type": "Signature",
					"Rule": "OR('OrderersMSP.admin')"
				}
			}
		},
		{
			"Name": "Org1MSP",
			"ID": "Org1MSP",
			"MSPDir": "./crypto-config/peerOrganizations/org1.zeng.com/msp",
			"Policies": {
				"Readers": {
					"Type": "Signature",
					"Rule": "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
				},
				"Writers": {
					"Type": "Signature",
					"Rule": "OR('Org1MSP.admin', 'Org1MSP.client')"
				},
				"Admins": {
					"Type": "Signature",
					"Rule": "OR('Org1MSP.admin')"
				}
			},
			"AnchorPeers": []
		},
		{
			"Name": "Org2MSP",
			"ID": "Org2MSP",
			"MSPDir": "./crypto-config/peerOrganizations/org2.zeng.com/msp",
			"Policies": {
				"Readers": {
					"Type": "Signature",
					"Rule": "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
				},
				"Writers": {
					"Type": "Signature",
					"Rule": "OR('Org2MSP.admin', 'Org2MSP.client')"
				},
				"Admins": {
					"Type": "Signature",
					"Rule": "OR('Org2MSP.admin')"
				}
			},
			"AnchorPeers": []
		}
	],
	"Orderer": {
		"OrdererType": "solo",
		"Addresses": [
			"orderer.zeng.com:7050"
		],
		"BatchTimeout": "2s",
		"BatchSize": {
			"MaxMessageCount": 10,
			"AbsoluteMaxBytes": "99 MB",
			"PreferredMaxBytes": "512 KB"
		},
		"Organizations": null,
		"Policies": {
			"Readers": {
				"Type": "ImplicitMeta",
				"Rule": "ANY Readers"
			},
			"Writers": {
				"Type": "ImplicitMeta",
				"Rule": "ANY Writers"
			},
			"Admins": {
				"Type": "ImplicitMeta",
				"Rule": "MAJORITY Admins"
			},
			"BlockValidation": {
				"Type": "ImplicitMeta",
				"Rule": "ANY Writers"
			}
		}
	},
	"Application": {
		"Organizations": null
	},
	"Profiles": {
		"TwoOrgsOrdererGenesis": {
			"Orderer": {
				"OrdererType": "solo",
				"Addresses": [
					"orderer.zeng.com:7050"
				],
				"BatchTimeout": "2s",
				"BatchSize": {
					"MaxMessageCount": 10,
					"AbsoluteMaxBytes": "99 MB",
					"PreferredMaxBytes": "512 KB"
				},
				"Organizations": {
					"Name": "OrderersMSP",
					"ID": "OrderersMSP",
					"MSPDir": "./crypto-config/ordererOrganizations/zeng.com/msp",
					"Policies": {
						"Readers": {
							"Type": "Signature",
							"Rule": "OR('OrderersMSP.member')"
						},
						"Writers": {
							"Type": "Signature",
							"Rule": "OR('OrderersMSP.member')"
						},
						"Admins": {
							"Type": "Signature",
							"Rule": "OR('OrderersMSP.admin')"
						}
					}
				},
				"Policies": {
					"Readers": {
						"Type": "ImplicitMeta",
						"Rule": "ANY Readers"
					},
					"Writers": {
						"Type": "ImplicitMeta",
						"Rule": "ANY Writers"
					},
					"Admins": {
						"Type": "ImplicitMeta",
						"Rule": "MAJORITY Admins"
					},
					"BlockValidation": {
						"Type": "ImplicitMeta",
						"Rule": "ANY Writers"
					}
				}
			},
			"Consortiums": {
				"SampleConsortium": {
					"Organizations": [
						{
							"Name": "Org1MSP",
							"ID": "Org1MSP",
							"MSPDir": "./crypto-config/peerOrganizations/org1.zeng.com/msp",
							"AnchorPeers": []
						},
						{
							"Name": "Org2MSP",
							"ID": "Org2MSP",
							"MSPDir": "./crypto-config/peerOrganizations/org2.zeng.com/msp",
							"AnchorPeers": []
						}
					]
				}
			}
		},
		"TwoOrgsChannel": {
			"Consortium": "SampleConsortium",
			"Application": {
				"Organizations": [
					{
						"Name": "Org1MSP",
						"ID": "Org1MSP",
						"MSPDir": "./crypto-config/peerOrganizations/org1.zeng.com/msp",
						"AnchorPeers": []
					},
					{
						"Name": "Org2MSP",
						"ID": "Org2MSP",
						"MSPDir": "./crypto-config/peerOrganizations/org2.zeng.com/msp",
						"AnchorPeers": []
					}
				]
			}
		}
	}
}

参考链接

每天看一遍,防止恋爱&&堕落
关注
  • 2
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 2
    评论
专栏目录
成功解决0 sub-policies were satisfied, but this policy requires 1 of the ‘Writers‘ sub-policies to be sa
GniLAY1022的博客
01-07 4515
Fabric网络中创建通道时报错: Error: got unexpected status: FORBIDDEN -- config update for existing channel did not pass initial checks: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Writers' sub-policies to be
创建peer的错误:Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
01-20
Policy for [Groups] /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining 错误原因: The most common reasons are: The identit
fabric-implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1
weixin_43160918的博客
09-14 469
发现还是无法解决问题。最后把另一个示例项目也尝试fabric-go-sdk。最后问题出现在docker网络。由于我的docker中还跑着minikube以及一个nodeexporter。把这连个docker全部关了,清空docker network以及docker volume prune。把所有的错误可能性都查了,且把所有的config文件也检查了。也按照了docker volume prune的方法尝试仍然出现问题。如果仍然出现问题可以参照这位老哥写的。查看一下哪个配置有误。
记录Hyperledger Fabric Docker部署方式下的问题
最新发布
zuguoyitong的博客
09-18 383
Fabric 网络部署过程中,问题“requires 1 of the 'Admins' sub policies to be satisfied”的分析与解决
fabric first-network 默认配置文件 无ca 无couchdb 启动tls
weixin_41303815的博客
07-22 350
1 docker-compose-cli.yaml配置文件 无ca cli节点默认开启tls服务 # Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # version: '2' volumes: orderer.example.com: peer0.org1.example.com: peer1.org1.example.com: peer0.org2.example.c
fabric故障汇总与解决方案
小树苗
01-09 7645
问题1:阿里云服务器bug不兼容fabric 阿里云的服务器启动会报错如下: Error: error getting endorser client for channel: endorser client failed to connect to peer0.org1.example.com:7051: failed to create new connection: connection...
Impact of external optical feedback on the beat notes of dual-polarization fiber lasers
02-07
The external optical feedback can effectively suppress the phase noise of the beat notes of dual-frequency fiber lasers, provided some requirements are satisfied. The polarization of the optical ...
Stretching the spectra of Kerr frequency combs with self-adaptive boundary silicon waveguides
01-26
A recurring problem is the limited bandwidth in which the nonlinear phase matching condition is satisfied, due to the dispersion of the waveguide. This limitation is particularly stringent in high-...
Клиент-сервер_1_
10-02
标题 "Клиент-сервер_1_" 暗示我们正在讨论的是客户端-服务器架构的基础知识。在计算机网络中,这种架构模式是极其普遍的,它定义了两种类型的程序如何通过网络进行交互:客户端(用户界面)和服务器端...
A study on the effective approach to illumination-invariant face recognition based on a single image
02-10
In this paper, the methods for single image-based face recognition under varying lighting are reviewed. Meanwhile, some representative methods as well as their combinations are evaluated by ...
hyperledger composer 测试 (附录)1.问题
Rcvisual的博客
10-08 1460
1.问题:E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable) E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?  原因:同时有两个apt在...
使用chaincode dev mode调试智能合约
区块链之路
06-24 2340
本文使用fabric 1.4版本,记录的是使用chaincode dev mode调试智能合约遇到的问题
Fabric手动创建通道之坑
abc_a1b2c3的博客
08-04 5678
作为一个有强迫症的代码狗来说,有时候强迫症真的是很浪费时间的一件事,这也算是一种无奈了。Fabric网络的手动配置过程主要分为三步: 利用cryptogen和configtxgen工具生成配置文件 利用Docker-Compose启动容器,利用Docker创建通道、把节点加入通道 链码操作,链码的状态有这几种:Install → Instantiate → invocable → Upgrade...
如何解决 VSCC error: stateBasedValidator.Validate failed, err validation of endorsement policy for chaincode _lifecycle in tx 5:0 failed: implicit policy evaluation failed - 1 sub-policies were satisfied, but this policy requires 2 of the 'Endorsement' sub-policies to be satisfied
07-10
VSCC error: stateBasedValidator.Validate failed, err validation of endorsement policy for chaincode _lifecycle in tx 5:0 failed: implicit policy evaluation failed - 1 sub-policies were satisfied, but this policy requires 2 of the 'Endorsement' sub-policies to be satisfied 是一个与链码背书策略相关的错误。在这种情况下,验证器无法通过背书策略的验证。 要解决这个问题,您可以尝试以下步骤: 1. 确保您的链码背书策略正确配置并满足要求。检查您的策略定义中是否设置了正确的背书条件,并确保满足所需的2个'Endorsement'子策略。 2. 检查您的事务中是否包含了正确的背书签名。确保事务中的背书签名满足所需的2个'Endorsement'子策略。您可以使用Hyperledger Fabric提供的工具来验证事务的背书签名。 3. 检查您的网络配置是否正确。确保所有参与者节点都正确配置了相同的背书策略,并且都能够正确执行和验证事务。 4. 如果以上步骤都没有解决问题,您可以尝试重新安装和实例化链码。有时,链码安装和实例化过程中可能会出现一些问题,导致背书策略验证失败。 如果您仍然无法解决这个问题,我建议您向更专业的区块链开发社区或Hyperledger Fabric的官方论坛寻求帮助,以获取更详细的指导和支持。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值