tkuhrt (Fri, 01 Nov 2019 15:50:57 GMT):
https://github.com/hyperledger-labs/blockchain-automation-framework

tkuhrt (Fri, 01 Nov 2019 15:50:57 GMT):
Discussion on the Blockchain Automation Framework

rpocase (Tue, 12 Nov 2019 15:29:19 GMT):
Has joined the channel.

rpocase (Tue, 12 Nov 2019 15:29:20 GMT):
This seems really interesting. Is there any one using this in production workloads yet? The project is extremely early, but seems like it has been in development longer than the commit history suggest

JHamilton (Tue, 12 Nov 2019 17:54:31 GMT):
hello @rpocase thanks for reaching out and congrats on nabbing first post! 😎

JHamilton (Tue, 12 Nov 2019 17:54:31 GMT):
hello @rpocase thanks for your interest to reach out and congrats on nabbing first post! 😎

JHamilton (Tue, 12 Nov 2019 17:56:02 GMT):
you are right that this was in development with Accenture for some time before getting clearance to contribute to HLF OSS

JHamilton (Tue, 12 Nov 2019 17:56:02 GMT):
you are right that this was in development with Accenture for some time before getting clearance to contribute to Hyperledger Labs

JHamilton (Tue, 12 Nov 2019 17:56:55 GMT):
we don't yet have a production credential but we hope to have one to share in the near future (couple potentials and race to see who gets there first)

JHamilton (Tue, 12 Nov 2019 17:58:27 GMT):
we welcome community use and feedback on how to improve the SW, so don't hesitate to reach out further

rpocase (Wed, 13 Nov 2019 16:10:21 GMT):
Would you mind sharing some details on your CA strategy? The best I can tell, all crypto material is generated on the fly at deployment time using self signed certs (if it doesn't already exist). The main piece I'm missing is how you are dealing with tlsca (if at all). I've seen mixed suggestions on organizations sharing a root tlsca vs maintaining their own and just curious how BAF is approaching this.

mwklein (Wed, 13 Nov 2019 20:55:49 GMT):
This partially depends on the platform as Fabric, Corda, and Indy all have different methods for generating their keys/certs. In general, our scripts will create the keys/certs on your behalf for the connivence of deploying dev/test environments. In production environments, we expect organizations will be generating their keys/certs according to their own security policies, and often times, from their existing CA infrastructure. The automation framework requires the generated keys/certs be placed in the appropriate Hashicorp Vault instance where each organization is expected to have their own Vault under their own control.

rpocase (Thu, 14 Nov 2019 13:42:48 GMT):
Thanks! This was specifically in regards to fabric. I assume the tls CA is under a specific key/pair in vault? This would provide a pretty straightforward way to separate enrollment ca and tls ca

rpocase (Thu, 14 Nov 2019 13:44:13 GMT):
For some context, I've been using https://github.com/APGGroeiFabriek/PIVT as a baseline for a development environment, but this model doesn't work in any true consortium. It uses cryptogen as the basis for consortium (though you could technically do some hacky things to plop in your msp) and deploys all organizations to a single k8s cluster

mwklein (Thu, 14 Nov 2019 14:14:02 GMT):
Ah yes, quite familiar with your project. You must know Hakan. We are not opinionated on the CA hierarchy used to issue certs. What matters are valid certificates stored in these paths: https://blockchain-automation-framework.readthedocs.io/en/latest/architectureref/certificates_path_list_fabric.html

rpocase (Thu, 14 Nov 2019 14:16:27 GMT):
I'm actually not affiliated with the APGGroeiFabriek/PIVT project in any way other than being a recent contributor on issues. I've been using it as a migration path from docker-compose to k8s for our dev tooling.

rpocase (Thu, 14 Nov 2019 14:24:41 GMT):
It looks like peers+users still need to be registered+enrolled out of band and then MSP information stored in vault. My initial concern was this feels like a lot of overhead on the ops side, but if increasing the peer/user count is relatively infrequent and there is sufficient tooling (e.g. ansible helpers or otherwise) then that becomes less daunting. There just isn't a lot of good material for HLF at scale yet

maniankara (Sat, 23 Nov 2019 22:29:15 GMT):
Has joined the channel.

maniankara (Sat, 23 Nov 2019 22:29:15 GMT):
Hello awesome guys ! I got to know about this from @mwklein from another channel. I am interested and would like to get started. But looks like I do not see any of `help-wanted` or `good-first-issue` from the current issues list. Can you guys suggest any to start with?

JHamilton (Sun, 24 Nov 2019 20:14:39 GMT):
thanks for stopping by @maniankara and offering to help! we will be taking a pass through the back log to label these types of issues and will be sure to let you know soon!!

jona-sc (Mon, 25 Nov 2019 04:28:52 GMT):
Has joined the channel.

maniankara (Mon, 25 Nov 2019 08:25:56 GMT):
@JHamilton Are you guys having some bi-weekly meetings etc? I can try to join.

JHamilton (Mon, 25 Nov 2019 13:29:55 GMT):
That would be really great @maniankara ! We are just starting to try out opening our processes and would welcome your participation if the timing works out! Next session: https://lists.hyperledger.org/g/labs/viewevent?repeatid=21083&eventid=629687&calstart=2019-12-09

maniankara (Mon, 25 Nov 2019 14:31:16 GMT):
@JHamilton Ah, just missed the todays one. The timings seems to be good for my time zone (UTC+2)

JHamilton (Tue, 26 Nov 2019 02:19:23 GMT):
Yes, sorry today was our first attempt with an unannounced dry run and we will be publicizing the next iteration more visibly. Hope to "see" you in future sessions!

sownak (Tue, 26 Nov 2019 17:18:48 GMT):
Has joined the channel.

maniankara (Thu, 28 Nov 2019 22:25:25 GMT):
@JHamilton I started to look at: https://github.com/hyperledger-labs/blockchain-automation-framework/issues/44 might need some pointers to start setting up a dev env.

sownak (Fri, 29 Nov 2019 14:02:16 GMT):
hello, you can use minikube by providing cloud_provider as minikube. But for this the Vault has to be local as well i.e. vault and minikube should be able to talk to each other.

tgehrke (Mon, 02 Dec 2019 21:07:18 GMT):
Has joined the channel.

Henni (Wed, 04 Dec 2019 15:25:18 GMT):
Has joined the channel.

knagware9 (Wed, 04 Dec 2019 17:29:50 GMT):
Has joined the channel.

maniankara (Wed, 04 Dec 2019 21:54:40 GMT):
huh, my mac's minikube is completely borked. I got a working k8s with hyperkit but looks like I am unable to install something (e.g. python) there (`/bin/toolbox` is an option, but default user does not get it etc.). With virtual box `6.0.14` and minikube `1.5.2` I am having a `host only network` problem. VMware fusion is not an option for me. How have you guys got around with this? Sorry to ask support for env setup in this channel. @sownak

maniankara (Wed, 04 Dec 2019 21:54:40 GMT):
huh, my mac's minikube is completely borked. I got a working k8s with hyperkit but looks like I am unable to install something (e.g. python) there (`/bin/toolbox` is an option, but default user does not get it etc.) with ansible. With virtual box `6.0.14` and minikube `1.5.2` I am having a `host only network` problem. VMware fusion is not an option for me. How have you guys got around with this? Sorry to ask support for env setup in this channel. @sownak ^^

JHamilton (Thu, 05 Dec 2019 02:55:05 GMT):
hello @maniankara no worries about the question and thanks for continuing to push! we have a team member working on a mac minikube guide and will share it ASAP. will also check to see if they encountered this particular issue (he was actually just dealing with python & ansible install / config issues Tuesday.

JHamilton (Thu, 05 Dec 2019 03:32:13 GMT):
he is saying he used minikube directly on mac w/o virtualbox. I'm not a mac user so not familiar on how that works (my last exposure to MK on Win def required VB)

sownak (Thu, 05 Dec 2019 09:15:43 GMT):
I guess the python, ansible etc needs to be installed on your mac and not on the minikube machine. The minikube VM works only as the node for the kubernetes cluster.

maniankara (Thu, 05 Dec 2019 09:54:01 GMT):
@sownak Yes I figured that out today morning too :smiley:

maniankara (Thu, 05 Dec 2019 09:54:01 GMT):
@sownak Yes I figured that out today morning too :smiley: Thanks !

JHamilton (Fri, 06 Dec 2019 18:02:46 GMT):
dear all, due to a scheduling conflict w/ key maintainers, we will need to conduct the Monday sprint planning session 3 hours later. the public calendar has been updated.

JHamilton (Fri, 06 Dec 2019 18:16:14 GMT):
@maniankara FYI since you had mentioned previously interest to join. now 2:30 GMT

maniankara (Sat, 07 Dec 2019 08:25:18 GMT):
@JHamilton Thanks for the notice. 16:30 local time for me is a bit hard, but I will try.

JHamilton (Sun, 08 Dec 2019 19:45:20 GMT):
sorry to hear that, we should revert back to the earlier time in the future, just had a one off scheduling conflict this iteration

trinayanbhatt (Mon, 09 Dec 2019 06:37:59 GMT):
Has joined the channel.

maniankara (Mon, 09 Dec 2019 21:04:01 GMT):
@sownak The article I mentioned is here: https://upcloud.com/community/tutorials/hyperledger-fabric-systemd/. `cryptogen` is used to generate certs.

ravinayag (Tue, 10 Dec 2019 06:42:51 GMT):
Has joined the channel.

sownak (Tue, 10 Dec 2019 09:52:22 GMT):
Thanks for this. It is a great article. We have moved on from using cryptogen because cryptogen is a dev tool as it generates all orgs certificates on a single machine.

ravinayag (Tue, 10 Dec 2019 11:00:02 GMT):
Hello, Im new to the community, and trying to setup Dev environment. What is the recommendation to setup the prerequisites for VM ?

sownak (Tue, 10 Dec 2019 12:03:08 GMT):
hello @ravinayag you can set up a minikube cluster. For dev environment, we used a M5 large machine, but thats for multiple users.

ravinayag (Tue, 10 Dec 2019 12:10:41 GMT):
Thanks, @sownak , will DM you for details.

maniankara (Wed, 11 Dec 2019 05:31:21 GMT):
@sownak Now I had time to look into some of the playbooks. Some questions: 1. Looks like there is a separate host anyway needed to run shell commands (`vault auth list` etc. ). If you too were running `vault` in localhost, then how was that connected to EKS cluster? 2. Is it for security reasons `vault`is not run inside the k8s cluster?

ravinayag (Wed, 11 Dec 2019 06:51:40 GMT):
Hello core team, Looks, all the readme.md links are broken for some reason. (linuxbasekit & Corda's* ) from the readthedocs.io [https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#docker]

ravinayag (Wed, 11 Dec 2019 06:51:40 GMT):
Hi , Im stuck here at the final step to upload the image[ sudo docker push adopblockchaincloud0502.azurecr.io/blockchain-linuxkit:latest] referring page https://github.com/hyperledger-labs/blockchain-automation-framework/tree/master/platforms/r3-corda/images/linuxkit-base/Readme.md

ravinayag (Wed, 11 Dec 2019 07:25:35 GMT):

Clipboard - December 11, 2019 12:55 PM

sownak (Wed, 11 Dec 2019 09:27:44 GMT):
You should be using your own docker repo. That is a sample command only. Let me know if it is not clear in the readme.

sownak (Wed, 11 Dec 2019 09:29:27 GMT):
1. Yes, there is a need for an ansible controller which is your own machine if using Mac, or you need another VM if using Windows. This is the developer/operator machine from where all ansible playbooks will be run.

sownak (Wed, 11 Dec 2019 09:31:03 GMT):
2. Yes, vault is a separate instance for security reasons. Though for dev purposes you can run the vault on EKS. In our environments, we ran vault server on local for minikube, and on EC2 for EKS cluster.

ravinayag (Wed, 11 Dec 2019 11:09:32 GMT):
Probably, This Note can be update with more precisely : "NOTE: Please change the docker image name according to your registry *and have your own dockerhub repo for push* "

trinayanbhatt (Thu, 12 Dec 2019 13:10:38 GMT):
I want to setup prodcution level hyperledger fabric solution using kubernetes and is more inclined towards GCE. Is AWS more suited for this or is it good to go with GCE?

JHamilton (Thu, 12 Dec 2019 17:09:11 GMT):
thanks for reaching out @trinayanbhatt ! Right now AWS is working "out of box", but with some simple changes it should work just find with GCE. Should only require creating a GCP storage class template and updating network.yml.

JHamilton (Thu, 12 Dec 2019 17:09:53 GMT):
would you be willing to create a pull request for this change? we can support you in working through it

tkuhrt (Thu, 12 Dec 2019 19:27:23 GMT):
@trinayanbhatt : I used an early version of the blockchain automation framework for deploying to GCP. You can look [here](https://kubernetes.io/docs/concepts/storage/storage-classes/#parameters) for differences between AWS and GCP when it comes to storage classes

tkuhrt (Thu, 12 Dec 2019 19:29:14 GMT):
> encrypted: denotes whether the EBS volume should be encrypted or not. Valid values are "true" or "false". A string is expected here, i.e. "true", not true. This is an option in AWS that does not exist in GCP.

tkuhrt (Thu, 12 Dec 2019 19:36:16 GMT):
Example: ``` *********** aws-storage-class.tpl kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: {{ sc_name }} provisioner: kubernetes.io/aws-ebs parameters: type: gp2 encrypted: "true" *********** google-storage-class.tpl kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: {{ sc_name }} provisioner: kubernetes.io/gce-pd parameters: type: pd-standard ```

easeev (Mon, 16 Dec 2019 12:18:51 GMT):
Has joined the channel.

sownak (Mon, 16 Dec 2019 15:47:42 GMT):
This is updated in the develop branch with the latest pull request.

ravinayag (Tue, 17 Dec 2019 16:40:32 GMT):
:clap:

ravinayag (Tue, 17 Dec 2019 16:40:32 GMT):
Hello

Pri-vats (Wed, 18 Dec 2019 16:48:32 GMT):
Has joined the channel.

ravinayag (Thu, 02 Jan 2020 13:14:38 GMT):
Hello, Im stuck over here, : Unseal Hashicorp Vault. following the below link. https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#docker

ravinayag (Thu, 02 Jan 2020 13:16:20 GMT):
any reference to run the vault configuration file.

ravinayag (Thu, 02 Jan 2020 13:16:20 GMT):
any reference to run the vault configuration file.?

ravinayag (Thu, 02 Jan 2020 13:19:33 GMT):
i get confused , as there are 3 ports used in examples from Vault configuration. (8500, 8200, & 8125), which port i should change to 9000.?

ravinayag (Thu, 02 Jan 2020 13:21:46 GMT):
Also i thinking do i need to create /etc/vault/config.hcl as per the example instructions ? _ start a server with a configuration file: $ vault server -config=/etc/vault/config.hcl_

sownak (Thu, 02 Jan 2020 15:51:48 GMT):
Only port 8200 should be changed to 9000, or you can continue using port 8200

sownak (Thu, 02 Jan 2020 15:53:15 GMT):
yes, for minikube you can use--------- backend "inmem" { } ui = true listener "tcp" { address = "0.0.0.0:8200" tls_disable = 1 } disable_mlock = true ---------

sownak (Thu, 02 Jan 2020 15:53:15 GMT):
yes, for minikube you can use following--------- backend "inmem" { } ui = true listener "tcp" { address = "0.0.0.0:8200" tls_disable = 1 } disable_mlock = true ---------

sownak (Thu, 02 Jan 2020 15:53:15 GMT):
yes, for minikube you can use following. Please note that using inmem backed will delete the keys if you restart vault service --------- backend "inmem" { } ui = true listener "tcp" { address = "0.0.0.0:8200" tls_disable = 1 } disable_mlock = true ---------

sownak (Thu, 02 Jan 2020 15:53:15 GMT):
yes, for minikube you can use following. Please note that using inmem backend will delete the keys if you restart vault service --------- backend "inmem" { } ui = true listener "tcp" { address = "0.0.0.0:8200" tls_disable = 1 } disable_mlock = true ---------

ravinayag (Fri, 03 Jan 2020 08:55:05 GMT):
okay, Do we need other ports ?

sownak (Fri, 03 Jan 2020 09:18:31 GMT):
nope, thats the only port that is needed for Vault where the vault service is running

maniankara (Fri, 03 Jan 2020 10:44:18 GMT):
Hello guys, I had to take a break from this projects due to mainline work :smiley: Now I have some time to spend on.

maniankara (Fri, 03 Jan 2020 10:46:09 GMT):
@ravinayag I see you are also trying hard to get BAF running out of minikube. Same here. We can exchange things here too. Most likely I am lagging behind you :smiley:

ravinayag (Fri, 03 Jan 2020 12:32:47 GMT):
@maniankara No wonders , if not struggle here. we can tune the doc with our experience..

ravinayag (Fri, 03 Jan 2020 12:39:16 GMT):
im still at same page.. bcz there are some disconnects with the information available.

JHamilton (Fri, 03 Jan 2020 18:58:39 GMT):
no worries @maniankara and welcome back :smile: please keep posting your issues here and we will work through to a solution!(as well as updated docs for future contributors 😎)

adityasingh177 (Sat, 04 Jan 2020 05:46:58 GMT):
Has joined the channel.

JHamilton (Mon, 06 Jan 2020 01:17:03 GMT):
greetings all! unfortunately due to unavailability of key contributors, we will need to move our open planning session from Mon 6th 11:30 am GMT to Tues 7th 11:30 am GMT. thanks in advance for your understanding

tkuhrt (Mon, 06 Jan 2020 18:23:01 GMT):
Does BAF support the [operations service in Hyperledger Fabric](https://hyperledger-fabric.readthedocs.io/en/release-1.4/operations_service.html) yet?

sownak (Tue, 07 Jan 2020 09:40:48 GMT):
Not yet @tkuhrt

suvajit-sarkar (Fri, 17 Jan 2020 05:57:43 GMT):
Has joined the channel.

adityasingh177 (Fri, 17 Jan 2020 17:38:16 GMT):
Hello Everyone , Does BAF also includes automation of BIF Validators etc

JHamilton (Fri, 17 Jan 2020 17:52:34 GMT):
BAF automates some of the platforms used by BIF but there is not a master package that combines them

adityasingh177 (Fri, 17 Jan 2020 17:52:58 GMT):
ok

indirajith (Mon, 20 Jan 2020 11:47:03 GMT):
Has joined the channel.

HLFPOC (Wed, 22 Jan 2020 09:07:09 GMT):
Has joined the channel.

dineshthemacho1 (Wed, 29 Jan 2020 16:57:23 GMT):
Has joined the channel.

palra (Fri, 31 Jan 2020 10:40:15 GMT):
Has joined the channel.

palra (Fri, 31 Jan 2020 10:41:00 GMT):
Hi there! I just discovered your project. Didn't had a chance to test for now, but is it production ready? Any feedbacks on that?

sownak (Fri, 31 Jan 2020 14:28:26 GMT):
The architecture is production ready, we do not have any client production implementation yet though.

palra (Fri, 31 Jan 2020 14:44:44 GMT):
Ok cool. I'll review that then. I'm working in the energy industry and I'm trying to setup a HLF network for production. I might come back here for questions and remarks :)

sownak (Fri, 31 Jan 2020 14:46:26 GMT):
This framework provides production-ready HLF network, so yes, you may significantly reduce your design/architecture time if you use this framework :)

saanvijay (Mon, 03 Feb 2020 11:19:36 GMT):
Has joined the channel.

sukalpomitra (Thu, 13 Feb 2020 08:42:07 GMT):
Has joined the channel.

sukalpomitra (Thu, 13 Feb 2020 08:42:08 GMT):
Hi I would like to know how I can create a multi cluster network setup using the automation framework

sukalpomitra (Thu, 13 Feb 2020 08:42:08 GMT):
Hi , can someone please explain, how I can create a multi cluster network setup using the automation framework

mwklein (Thu, 13 Feb 2020 12:35:51 GMT):
The goal was to provide some fairly complete documentation on this subject. Is there something that is not well explained in our Getting Started guide? https://blockchain-automation-framework.readthedocs.io/en/latest/gettingstarted.html

sukalpomitra (Thu, 13 Feb 2020 12:42:39 GMT):
I went to the above mentioned url and went to https://blockchain-automation-framework.readthedocs.io/en/latest/operations/fabric_networkyaml.html

sukalpomitra (Thu, 13 Feb 2020 12:43:17 GMT):
i kind of understand how I can deploy a single k8s cluster, but I dont understand how to do the multi cluster setup

sukalpomitra (Thu, 13 Feb 2020 12:44:21 GMT):
so say I have one org with 2 peers in one cluster and 2 peers in another cluster. orderer1 maybe is in cluster 1 with orderer2 in cluster 2

mwklein (Thu, 13 Feb 2020 12:59:18 GMT):
The BAF code does not deploy k8s clusters, it installs and configures DLT networks on top of existing k8s clusters. Independent of BAF, you will need to create the total number of k8s and Vault instance that meeting your network design. You specify each k8s cluster to deploy each "organization" in your network.yaml configuration (you can deploy more than one organization per k8s cluster.

mwklein (Thu, 13 Feb 2020 12:59:18 GMT):
The BAF code does not deploy k8s clusters, it installs and configures DLT networks on top of existing k8s clusters. Independent of BAF, you will need to create the total number of k8s and Vault instances that meet your network design. You specify each k8s cluster to deploy each "organization" in your network.yaml configuration (you can deploy more than one organization per k8s cluster.

sukalpomitra (Thu, 13 Feb 2020 13:15:01 GMT):
ok. thanks for the guide. Let me study the network.yaml.

sukalpomitra (Fri, 14 Feb 2020 15:09:44 GMT):
Hi All

sukalpomitra (Fri, 14 Feb 2020 15:09:47 GMT):
One doubt

sukalpomitra (Fri, 14 Feb 2020 15:10:18 GMT):
Actually before we came to know about BAF we tried to set up manually Last time, we used Nginx Ingress instead of HaProxy Unfortunately we weren't able to achieve this with the nginx ingress. Somehow the grpc connection was not established correctly. As GRPC goes over http2, we had to go over port 443 of nginx ingress because it only allows http over port 80, not http2. We used letsencrypt certs and the https authentication was valid, however than the connection to the k8s services didn't work properly. if we use BAF and use HAProxy Ingress, do you think we will be successful this time

sownak (Fri, 14 Feb 2020 15:13:40 GMT):
BAF use HAProxy, and uses ssl-passthrough. The Fabric network is tls enabled by default.

sownak (Fri, 14 Feb 2020 15:13:40 GMT):
BAF uses HAProxy, and uses ssl-passthrough. The Fabric network is tls enabled by default.

sownak (Fri, 14 Feb 2020 15:15:02 GMT):
You can check the Ingress objects created for HAProxy.

sukalpomitra (Fri, 14 Feb 2020 15:16:29 GMT):
thx @sownak, I will look into it

rpocase (Tue, 18 Feb 2020 14:31:52 GMT):
Out of curiosity, have y'all thought about an operator based approach instead of directly executing ansible playbooks? I have been playing with istio+kiali lately and noticed kiali's operator is effectively an ansible wrapper to deploy/configure various kiali resources. Having higher level CRDs could make BAF easier to adopt/transition between different frameworks, while still being able to leverage all the playbooks that have been developed.

rpocase (Tue, 18 Feb 2020 14:31:52 GMT):
Out of curiosity, have y'all thought about a kubernetes operator based approach instead of directly executing ansible playbooks? I have been playing with istio+kiali lately and noticed kiali's operator is effectively an ansible wrapper to deploy/configure various kiali resources. Having higher level CRDs could make BAF easier to adopt/transition between different frameworks, while still being able to leverage all the playbooks that have been developed.

sownak (Tue, 18 Feb 2020 15:57:21 GMT):
We are using the helmoperator provided by Weaveworks flux. The Ansible playbooks are for creating the helmrelease files, which are checked-in the/a git repo and flux creates the Helmreleases on the connected Kubernetes cluster.

mwklein (Tue, 18 Feb 2020 20:42:56 GMT):
As @sownak references, the ansible playbooks are not for deployment, but for orchestrating across multiple k8s clusters. A k8s operator would not solve for this challenge.

sownak (Wed, 19 Feb 2020 05:19:37 GMT):
New developer pre-req guide is live https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html

JHamilton (Wed, 19 Feb 2020 06:08:43 GMT):
@maniankara @ravinayag @adityasingh177 if you have tried BAF locally before and encountered issues perhaps this is a chance to try again. certainly feedback continues to be welcome!

ajayjadhav (Wed, 19 Feb 2020 08:14:42 GMT):
Has joined the channel.

SigmaS 1 (Wed, 19 Feb 2020 08:56:10 GMT):
Has joined the channel.

adityasingh177 (Wed, 19 Feb 2020 17:59:20 GMT):
Thanks @JHamilton

adityasingh177 (Wed, 19 Feb 2020 17:59:20 GMT):
Thanks @JHamilton , will check out

dexhunter (Mon, 24 Feb 2020 09:09:42 GMT):
Has joined the channel.

Shubham-koli (Wed, 26 Feb 2020 13:12:50 GMT):
Has joined the channel.

cmonkeydo (Fri, 28 Feb 2020 20:53:49 GMT):
Has joined the channel.

cmonkeydo (Sat, 29 Feb 2020 02:13:33 GMT):
As far as feedback...there should be a place where you mention that vault should be run as root...apparently sudo doesn't suffice unless it's on the main PATH variable.

JHamilton (Sat, 29 Feb 2020 19:17:50 GMT):
thanks for the feedback @cmonkeydo ! just let us know if you would like to submit a PR for this, otherwise we will pick it up @suvajit-sarkar

cmonkeydo (Mon, 02 Mar 2020 17:03:56 GMT):
I am going through the documentation on baf...there is a lot here! Any how things seem to have changed around on the documentation for the configuration section. https://blockchain-automation-framework.readthedocs.io/en/latest/developer/fabric-ansible.html# from what I can tell now the different verb (create/delete etc) are the parent of the individual operation. This I believe is a good change. I would love to help change these to make it better, however I am still getting my feet wet. I really haven't even gotten this to work properly using the default sample network. So it might take a little to get fullly up to make a pull request for such things

tengc (Mon, 02 Mar 2020 19:18:31 GMT):
Has joined the channel.

JHamilton (Tue, 03 Mar 2020 03:11:34 GMT):
Yes, completely understood! Just wanted to leave the door open to contribution, but we are happy to fix as well. Thanks for your interest and time!

cmonkeydo (Tue, 03 Mar 2020 17:29:14 GMT):
I would actually join the user group as well...however your stuff is at 3:30am my time...so that's not going to work :)

cmonkeydo (Tue, 03 Mar 2020 20:17:25 GMT):
Hey all, Based upon the reading I have done BAF has moved (from what I can tell) from ambassador to HAProxy for communication between clusters. Can you discuss the issues/resolutions that you have encountered with ambassador?

tengc (Wed, 04 Mar 2020 03:15:12 GMT):
Hello everyone, I've been trying to setup BAF on a local machine, but have encountered a block. The site.yaml playbook fails when its checking for the presence of ca-server pods. Up until this point, there were no issues and the create/ca-server task does generate the helm value file for the ca in that organization. However, the Fabric CA image fails to instantiate at all. Any suggestions on places to look to resolve this?

mwklein (Wed, 04 Mar 2020 05:11:48 GMT):
You need the Fabric images available on the docker registry configured in your network.yaml.

tengc (Wed, 04 Mar 2020 14:44:54 GMT):
Thanks for the response, I have established the registry with the images and configured the network file to use it. This might be silly, but the flux pods are supposed to access it to deploy the images? I haven't seen any attempts to access the local registry in the log files of the flux pod.

tengc (Wed, 04 Mar 2020 16:22:43 GMT):
Digging a little into the flux helm pod, I found out that there were some issues with the deployment file that helm was attempting to use. It was having issues with the appVersion.

sownak (Wed, 04 Mar 2020 19:44:50 GMT):
It may have been because of the sample github link in gitops section of the config file. I have now put a network-minikube.yaml for Fabric, please have a look at that.

sownak (Wed, 04 Mar 2020 19:47:11 GMT):
Move from Ambassador to HAProxy is only applicable for Fabric. This was because Ambassador did/does not have support for SSL-passthorugh. We needed ssl-passthrough because our Fabric network is running on TLS=true and without passthrough the identity of the peer node was getting lost when it sent the messages.

JasSingh (Fri, 06 Mar 2020 15:56:18 GMT):
Has joined the channel.

tengc (Fri, 06 Mar 2020 17:29:33 GMT):
Thanks for the tip, the minikube file did help with fixing a couple of incorrectly defined variables in my network file. I've managed to get to channel creation. At this point, the configmaps for the job are not being created and the helm operator is giving warnings that the release for the channel may not belong to helmrelease.

sownak (Fri, 06 Mar 2020 17:30:57 GMT):
that may be because you have old helm releases from previous installations.

sownak (Fri, 06 Mar 2020 17:31:16 GMT):
you can force delete by deleting the namespaces or using helm delete

tengc (Fri, 06 Mar 2020 18:03:32 GMT):
The helm release for channel creation is deployed, but the status mentions that its missing the configmaps

sownak (Fri, 06 Mar 2020 20:36:18 GMT):
please paste the error message.

manuvarghese (Fri, 06 Mar 2020 21:10:40 GMT):
Has joined the channel.

tengc (Fri, 06 Mar 2020 21:12:31 GMT):
I've managed resolve that, it appeared to be an issue with my kubernetes installation. I'm now waiting for Kafka to finish booting.

tengc (Fri, 06 Mar 2020 21:15:06 GMT):
Is there an option to set orderer consensus to solo?

sownak (Fri, 06 Mar 2020 21:15:50 GMT):
no, we had a story to do it, but now solo is deprecated. So we will do single node RAFT, when we RAFT, for dev env.

tengc (Fri, 06 Mar 2020 21:20:00 GMT):
I see, so that means Kafka is the only option for now

tengc (Fri, 06 Mar 2020 21:31:46 GMT):
I think now I need to resolve the networking for the pods

jugma (Fri, 06 Mar 2020 23:16:23 GMT):
Has joined the channel.

ajayjadhav (Sun, 08 Mar 2020 10:56:02 GMT):
Has left the channel.

tengc (Mon, 09 Mar 2020 15:08:56 GMT):
As I'm looking through the flux logs, I'm noticing that it has some name resolution issues when it comes to syncing with a local bitbucket repo. It can't resolve it properly sometimes and works other times. The rate of either is sort of random. I have the bitbucket behind a proxy server to have a resolvable name for usage. Could that be an issue?

sownak (Mon, 09 Mar 2020 15:58:23 GMT):
Yes, that may be the case. In that case you may have to update the code which creates flux_known_hosts file. Also check https://github.com/fluxcd/flux/issues/989

tengc (Tue, 10 Mar 2020 20:42:56 GMT):
I have a similar issue on the install-chaincode container, except in reverse. It cannot resolve host raw.githubusercontent.com, but it can resolve the name for the bitbucket repository.

sownak (Wed, 11 Mar 2020 09:59:59 GMT):
That looks like an issue with your kubernetes cluster. Can you paste the error logs?

tengc (Wed, 11 Mar 2020 15:36:33 GMT):

supplychain_cc_installation_error.txt

tengc (Wed, 11 Mar 2020 15:36:42 GMT):

supplychain_cc_error.txt

sownak (Wed, 11 Mar 2020 16:03:09 GMT):
"[34m2020-03-10 20:32:11.046 UTC [chaincodeCmd] install -> INFO 102[0m Installed remotely response:" The chaincode seems to have installed correctly. Can you paste your "chaincode" section from network.yaml without the git passwords?

tengc (Wed, 11 Mar 2020 16:06:28 GMT):
name: "supplychain" version: "1" maindirectory: "cmd" repository: url: "bitbucket.zt/scm/con/blockchain-automation-framework.git" branch: master path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" arguments: '\"init\",\"\"' endorsements: ""

tengc (Wed, 11 Mar 2020 16:06:49 GMT):
The chaincode seems to be installed

tengc (Wed, 11 Mar 2020 16:07:52 GMT):
In the second file, the instantiation fails since dependencies are not installed

tengc (Wed, 11 Mar 2020 16:09:51 GMT):
I'm pretty sure this is due to the fact that it this command "curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh" in the installation container

sownak (Wed, 11 Mar 2020 16:10:40 GMT):
yes https://raw.githubusercontent.com/golang/dep/master/install.sh was not found, maybe your kubernetes pods are not allowed access to raw.githubusercontent.com ?

sownak (Wed, 11 Mar 2020 16:11:22 GMT):
try logging into the ca_tools pod and check if you can run "curl https://raw.githubusercontent.com/golang/dep/master/install.sh"

tengc (Wed, 11 Mar 2020 16:13:55 GMT):
Yes, it can do so

sownak (Wed, 11 Mar 2020 16:46:18 GMT):
ok, then sorry, I don't seem to get this why that particular job is not able to get the file from raw.githubusercontent.com

tengc (Wed, 11 Mar 2020 17:44:41 GMT):
I discovered the cause of both this issue and the flux one I brought up. The cause of both of these is the time taken for DNS resolution. It is currently inconsistent for my pods. This error has been appears to only occur on this job because the job continues and completes even if curl fails. If the git clone fails, the entire process stops and is restarted, which occurs in other pods.

tengc (Wed, 11 Mar 2020 17:47:03 GMT):
So the initial assumption that this was an issue with kubernetes cluster is correct. @sownak Thanks for helping me verify the root cause.

tengc (Mon, 16 Mar 2020 16:18:45 GMT):
Has anyone tested using External DNS w/ BAF on a bare metal setup yet?

sownak (Tue, 17 Mar 2020 10:50:49 GMT):
From BAF Team, we have not tested external DNS on Bare metal. We have tested on unmanaged Kubernetes hosted on AWS EC2 machines.

tengc (Tue, 17 Mar 2020 13:58:11 GMT):
I see, are there any plans to develop a bare metal compatible version of BAF in the future?

tengc (Tue, 17 Mar 2020 13:59:18 GMT):
A silly question, but why are all the ports for the external endpoint set to 8443?

tengc (Tue, 17 Mar 2020 14:01:36 GMT):
Nevermind, I found the value files.

sownak (Tue, 17 Mar 2020 14:03:16 GMT):
Only if there is any more client interest, we will add this to the Roadmap.

tengc (Wed, 18 Mar 2020 00:28:10 GMT):
Is the gossippeeraddress supposed to be used as the peer address for creating the value files for chaincode installation/instantiation?

jagpreet (Wed, 18 Mar 2020 09:48:27 GMT):
Has joined the channel.

jagpreet (Wed, 18 Mar 2020 10:27:25 GMT):
Yes, gossip peer address is used as the peer address as we can see that it is used as CORE_PEER_ADDRESS in the install_chaincode chart. CORE_PEER_ADDRESS specifies on which peer the chaincode needs to be installed. You can also use peer.namespace:port (peer0.carrier-net:7051) as install chaincode runs in the same cluster as that of the peer

tengc (Wed, 18 Mar 2020 13:25:14 GMT):
This may be more of a general K8s question, but how do you deal with TLS? I've been getting x509 issues with missing IP SANS when the peers are attempting to communicate on the channel.

tengc (Wed, 18 Mar 2020 13:26:36 GMT):
But isn't the gossippeeraddress the gossip bootstrap address for an organization? When performing installation with multiple peer nodes in an organization, it will create multiple install jobs for the same peer node.

tengc (Thu, 19 Mar 2020 03:16:45 GMT):
Looking into some possible causes. In order for my peer pods to init properly (alpine-utils cannot connect to the vault otherwise), I needed to add 'hostNetwork: true' and 'dnsPolicy: ClusterFirstWithHostNet' to the template. This adjusts the address of the peer pod to the address of the node. Could this cause issues with the certificates?

sownak (Thu, 19 Mar 2020 09:29:59 GMT):
Are you trying to use a TLS enabled Vault?

sownak (Thu, 19 Mar 2020 12:26:17 GMT):
Correct. This is a bug then. gossippeeraddress should only be treated as bootstrap address. Chaincode install/upgrade/instantiate should not use this.

tengc (Thu, 19 Mar 2020 13:40:29 GMT):
No, the Vault is not using TLS.

gokulalex (Fri, 20 Mar 2020 05:29:54 GMT):
Has joined the channel.

sownak (Fri, 20 Mar 2020 10:38:09 GMT):
We used SSL-passthrough, so as the Fabric network is TLS enabled, we are not encrypting it again. Your changes may have caused issues with this. What exactly the error you are getting?

tengc (Fri, 20 Mar 2020 17:28:30 GMT):
For now I've removed those modifications to get as close to default as possible. I'm getting errors for invoking transactions. I get this error when I do not add the '--tls' flag to the invoke call, I get this error on the orderer container: 2020-03-20 17:16:35.820 UTC [core.comm] ServerHandshake -> ERRO 034 TLS handshake failed with error tls: first record does not look like a TLS handshake server=Orderer remoteaddress=169.87.178.141:54580 When I do add the flag, I get this error on the peer side: Error: error getting broadcast client: failed to load config for OrdererClient: unable to load orderer.tls.rootcert.file: open : no such file or directory

tengc (Fri, 20 Mar 2020 17:37:37 GMT):
This seems to imply that some of the orderer crypto files are needed.

sownak (Fri, 20 Mar 2020 17:39:18 GMT):
the peers will need the orderer ca.cert

sownak (Fri, 20 Mar 2020 17:40:04 GMT):
It should have been stored in the Vault when deploying the network

tengc (Fri, 20 Mar 2020 18:59:57 GMT):
I'm assuming this should be retrieved in the init container? The orderer ca.crt is present in the vault under the peer Organizations, but it doesn't appear in the actual peer container.

tengc (Fri, 20 Mar 2020 19:10:42 GMT):
I think I get the discrepancy. I've been trying to run the commands directly off of the peer containers rather than something like the cli container.

sownak (Mon, 23 Mar 2020 11:28:29 GMT):
ah yes, the peer container itself does not have all the certs. You will need a cli container to check everything.

sownak (Tue, 24 Mar 2020 16:07:37 GMT):
@jagpreet Please create a corresponding issue in our issue list.

himanshulalarya (Thu, 26 Mar 2020 10:36:17 GMT):
Has joined the channel.

sownak (Thu, 26 Mar 2020 11:07:36 GMT):
@jagpreet @himanshulalarya Please create a bug for this.

suvajit-sarkar (Mon, 30 Mar 2020 10:14:02 GMT):
A bug has been created based on this https://github.com/hyperledger-labs/blockchain-automation-framework/issues/495

sownak (Thu, 02 Apr 2020 12:00:54 GMT):
9:00am [Hyperledger Labs] Blockchain Automation Framework Community Enablement Workshop #blockchain-automation-framework When Wed, April 8, 9am – 12pm Where https://zoom.us/my/hyperledger.community.3 (map) Description Interested to utilize and/or contribute to Blockchain Automation Framework, but intimidated by the pre-requisites? Please join this workshop where BAF maintainers will walk through the setup from install through to Corda deployment for local work via Minikube. Please reach us on RC if you’d like to discuss! https://chat.hyperledger.org/channel/blockchain-automation-framework

sownak (Thu, 02 Apr 2020 12:00:54 GMT):
[Hyperledger Labs] Blockchain Automation Framework Community Enablement Workshop #blockchain-automation-framework When Wed, April 8, 9am – 12pm Where https://zoom.us/my/hyperledger.community.3 (map) Description Interested to utilize and/or contribute to Blockchain Automation Framework, but intimidated by the pre-requisites? Please join this workshop where BAF maintainers will walk through the setup from install through to Corda deployment for local work via Minikube. Please reach us on RC if you’d like to discuss! https://chat.hyperledger.org/channel/blockchain-automation-framework

sownak (Thu, 02 Apr 2020 12:00:54 GMT):
[Hyperledger Labs] Blockchain Automation Framework Community Enablement Workshop #blockchain-automation-framework When Wed, April 8, 9am – 12pm GMT Where https://zoom.us/my/hyperledger.community.3 (map) Description Interested to utilize and/or contribute to Blockchain Automation Framework, but intimidated by the pre-requisites? Please join this workshop where BAF maintainers will walk through the setup from install through to Corda deployment for local work via Minikube. Please reach us on RC if you’d like to discuss! https://chat.hyperledger.org/channel/blockchain-automation-framework

thhkmgl (Sat, 04 Apr 2020 11:26:18 GMT):
Has joined the channel.

tengc (Mon, 06 Apr 2020 22:26:00 GMT):
Like before, this may be more of a general Fabric issue, but has anyone encountered this when trying to add an organization: Orderer Log: Principal deserialization failure (MSP manufacturerMSP is unknown) for identity error applying config update to existing channel 'allchannel': error authorizing update: error validating DeltaSet: invalid mod_policy for element [Group] /Channel/Application/manufacturerMSP: mod_policy not set

cavellt (Tue, 07 Apr 2020 00:33:10 GMT):
Has joined the channel.

jagpreet (Tue, 07 Apr 2020 11:33:26 GMT):

dev_prerequisites_setup.txt

jagpreet (Tue, 07 Apr 2020 11:37:36 GMT):
We generally see this when the network is not reset correctly, most probably due some remaining storage resources from previous deployments. Please try resetting the network via the reset-network.yaml playbook and try deploying it again.

sownak (Tue, 07 Apr 2020 14:46:29 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=dJNSEFi2w97HgopAa)
dev_prerequisites_setup.txt

sownak (Tue, 07 Apr 2020 14:46:37 GMT):
This is latest

sownak (Tue, 07 Apr 2020 14:47:52 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=dJNSEFi2w97HgopAa)
dev_prerequisites_setup.txt

sownak (Wed, 08 Apr 2020 09:01:53 GMT):

dev_prerequisites_setup.txt

prashjj (Wed, 08 Apr 2020 09:28:23 GMT):
Has joined the channel.

peterderooij (Wed, 08 Apr 2020 09:28:30 GMT):
Has joined the channel.

msarthak (Wed, 08 Apr 2020 09:35:42 GMT):
Has joined the channel.

ahsan.saleem.01 (Wed, 08 Apr 2020 10:19:30 GMT):
Has joined the channel.

lijiachuan (Wed, 08 Apr 2020 12:22:14 GMT):
Has joined the channel.

lijiachuan (Wed, 08 Apr 2020 12:22:16 GMT):
Hi @sownak, when I run "minikube start --vm-driver=virtualbox", below errors are shown, could you please suggest what shall I do? Thanks. `$ minikube start --vm-driver=virtualbox * minikube v1.8.2 on Microsoft Windows 10 Enterprise 10.0.18362 Build 18362 * Using the virtualbox driver based on user configuration * Creating virtualbox VM (CPUs=2, Memory=6000MB, Disk=10000MB) ... * Found network options: - NO_PROXY=192.168.99.100 - no_proxy=192.168.99.100 ! VM is unable to access k8s.gcr.io, you may need to configure a proxy or set --image-repository E0408 20:16:22.157584 6708 cache.go:63] save image to file "k8s.gcr.io/kube-apiserver:v1.15.4" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-apiserver_v1.15.4" failed: nil image for k8s.gcr.io/kube-apiserver:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout E0408 20:16:22.173232 6708 cache.go:63] save image to file "k8s.gcr.io/etcd:3.3.10" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\etcd_3.3.10" failed: nil image for k8s.gcr.io/etcd:3.3.10: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout E0408 20:16:22.182969 6708 cache.go:63] save image to file "k8s.gcr.io/kube-proxy:v1.15.4" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-proxy_v1.15.4" failed: nil image for k8s.gcr.io/kube-proxy:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout E0408 20:16:22.205426 6708 cache.go:63] save image to file "gcr.io/k8s-minikube/storage-provisioner:v1.8.1" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\gcr.io\\k8s-minikube\\storage-provisioner_v1.8.1" failed: nil image for gcr.io/k8s-minikube/storage-provisioner:v1.8.1: Get https://gcr.io/v2/: net/http: TLS handshake timeout E0408 20:16:22.205426 6708 cache.go:118] Error caching images: Caching images for kubeadm: caching images: caching image "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-apiserver_v1.15.4": nil image for k8s.gcr.io/kube-apiserver:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout E0408 20:18:11.327701 6708 cache.go:63] save image to file "k8s.gcr.io/kube-proxy:v1.15.4" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-proxy_v1.15.4" failed: nil image for k8s.gcr.io/kube-proxy:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout E0408 20:18:11.346386 6708 cache.go:63] save image to file "k8s.gcr.io/etcd:3.3.10" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\etcd_3.3.10" failed: nil image for k8s.gcr.io/etcd:3.3.10: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout E0408 20:18:11.352219 6708 cache.go:63] save image to file "gcr.io/k8s-minikube/storage-provisioner:v1.8.1" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\gcr.io\\k8s-minikube\\storage-provisioner_v1.8.1" failed: nil image for gcr.io/k8s-minikube/storage-provisioner:v1.8.1: Get https://gcr.io/v2/: net/http: TLS handshake timeout E0408 20:18:11.363957 6708 cache.go:63] save image to file "k8s.gcr.io/kube-apiserver:v1.15.4" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-apiserver_v1.15.4" failed: nil image for k8s.gcr.io/kube-apiserver:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout * X Failed to cache images: Caching images for kubeadm: caching images: caching image "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-proxy_v1.15.4": nil image for k8s.gcr.io/kube-proxy:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout * * minikube is exiting due to an error. If the above message is not useful, open an issue: - https://github.com/kubernetes/minikube/issues/new/choose`

lijiachuan (Wed, 08 Apr 2020 12:23:45 GMT):
hi @sownak , when I run "minikube start --vm-driver=virtualbox", below error is returned, could you please suggest what shall I do for this? $ minikube start --vm-driver=virtualbox * minikube v1.8.2 on Microsoft Windows 10 Enterprise 10.0.18362 Build 18362 * Using the virtualbox driver based on user configuration * Creating virtualbox VM (CPUs=2, Memory=6000MB, Disk=10000MB) ... * Found network options: - NO_PROXY=192.168.99.100 - no_proxy=192.168.99.100 ! VM is unable to access k8s.gcr.io, you may need to configure a proxy or set --image-repository E0408 20:16:22.157584 6708 cache.go:63] save image to file "k8s.gcr.io/kube-apiserver:v1.15.4" -> "C:\\Users\\jiachuan.li\\.minikube\\cache\\images\\k8s.gcr.io\\kube-apiserver_v1.15.4" failed: nil image for k8s.gcr.io/kube-apiserver:v1.15.4: Get https://k8s.gcr.io/v2/: net/http: TLS handshake timeout

sownak (Wed, 08 Apr 2020 12:26:26 GMT):
Seems your VirtualBox does not have internet connectivity. Open network adapters -> Virtual Box host only adapter -> IPv4 Settings -> Change DNS Server to 8.8.8.8

cavellt (Thu, 09 Apr 2020 21:06:58 GMT):
Hello, I've been having a weird issue with generating a configtx.yaml file. When I have two orderers, the resulting address shown in the orderer section of the configtx.yaml becomes: -orderer1.supplychain-net:7050 -orderer2.supplychain-net:7050 For some reason, both addresses end up in one line.

deepakkumardbd (Fri, 10 Apr 2020 04:50:12 GMT):
Has joined the channel.

deepakkumardbd (Fri, 10 Apr 2020 04:50:13 GMT):
We will look into it and get back to you.

jagpreet (Fri, 10 Apr 2020 06:15:43 GMT):
The issue was identified and had been fixed. Please take a pull of the latest code. To sync your master branch with the master branch of BAF perform the following steps git checkout master git remote -v git remote add upstream https://github.com/hyperledger-labs/blockchain-automation-framework.git git fetch upstream master git merge upstream/master git push

jagpreet (Fri, 10 Apr 2020 06:16:29 GMT):
@cavellt The issue was identified and had been fixed. Please take a pull of the latest code. To sync your master branch with the master branch of BAF perform the following steps git checkout master git remote -v git remote add upstream https://github.com/hyperledger-labs/blockchain-automation-framework.git git fetch upstream master git merge upstream/master git push

shivsial (Fri, 10 Apr 2020 10:58:04 GMT):
Has joined the channel.

cavellt (Mon, 13 Apr 2020 18:31:54 GMT):
Sorry for the late response, that seems to have resolved the issue

cavellt (Mon, 13 Apr 2020 18:53:18 GMT):
I've been trying to setup the Supplychain example application. I've gotten the UI up, but I noticed this error in the console log: GET https://carrierapi.local.com/api/v1/container net::ERR_NAME_NOT_RESOLVED

jagpreet (Tue, 14 Apr 2020 06:36:34 GMT):
We will get back to you, on this.

japidei (Tue, 14 Apr 2020 11:22:33 GMT):
Has joined the channel.

sownak (Tue, 14 Apr 2020 17:27:51 GMT):
@cavellt the supplychain application is not configured for use with minikube. You have to change all the kubernetes service type to nodeport and then access the application using the

cavellt (Sun, 03 May 2020 14:13:23 GMT):
After adding a new organization using the playbook, I've been getting the transaction commit errors when attempting to invoke transactions on the new organization. 2020-05-03 14:06:47.454 UTC [committer.txvalidator] validateTx -> ERRO 449 VSCCValidateTx for transaction txId = f085b35ac952c2862ce90e81aba8a6e9499468f44c4beb0e802c796099063c46 returned error: VSCC error: endorsement policy failure, err: signature set did not satisfy policy 2020-05-03 14:06:47.454 UTC [vscc] Validate -> WARN 44a Endorsement policy failure for transaction txid=5bdb5875323600efb60783d47873742bf268f944242412efacce0c1ba9a09cf4, err: signature set did not satisfy policy I've left the endorsement field in the chaincode section as empty quotes, so I'm not sure what policy its referring to.

suvajit-sarkar (Mon, 04 May 2020 04:28:42 GMT):
@cavellt we are currently debugging the issue, will get back to you.

suvajit-sarkar (Mon, 04 May 2020 04:39:04 GMT):
Hi, @cavellt what version of Fabric are you running ?

MaBak (Mon, 04 May 2020 07:52:49 GMT):
Has joined the channel.

cavellt (Mon, 04 May 2020 13:27:17 GMT):
1.4

jagpreet (Tue, 05 May 2020 08:45:54 GMT):
We also captured the same issue and so we are working on releasing a fix as soon as possible.

cavellt (Tue, 05 May 2020 13:26:56 GMT):
Thats great to hear

cavellt (Tue, 05 May 2020 13:33:10 GMT):
Do you happen to have an idea of what's causing this to occur?

suvajit-sarkar (Wed, 06 May 2020 09:22:55 GMT):
@cavellt you can take the latest pull from develop we have fixed the issue https://github.com/hyperledger-labs/blockchain-automation-framework/issues/657

suvajit-sarkar (Wed, 06 May 2020 09:27:40 GMT):
the issue was due to policies in configtx not there for Fabric versions lower than 2.0

cavellt (Wed, 06 May 2020 20:37:17 GMT):
Unfortunately, that does not seem to fix my issue. Updating the configtx to that causes an additional issue to show up during the process of updating the channel configuration block. The orderer outputs: Principal deserialization failure (MSP storeMSP is unknown) for identity 0

spartucus (Fri, 08 May 2020 07:13:12 GMT):
Has joined the channel.

cavellt (Fri, 08 May 2020 15:59:50 GMT):
Looking at the channel config block, I noticed that only the new organization has the policy Endorsement despite the organizations having that policy configured for all orgs in the configtx.yaml.

suvajit-sarkar (Mon, 11 May 2020 03:31:53 GMT):
Mostly the issue could be in the configurations of the channels section in your network.yaml (configuration) file. It would really helpful for us to debug, if you could share it.

jagpreet (Mon, 11 May 2020 14:21:08 GMT):
BAF currently supports Hyperledger Fabric version 1.4.0, 1.4.4 & 2.0 and raft consensus is supported for 1.4.4 only. Are you mentioning 1.4.4 with raft consensus in network.yaml?

cavellt (Tue, 12 May 2020 04:49:52 GMT):
Apologies for the late response. I am using Fabric 1.4.4 w/ Raft consensus. I uploaded the configtx.yaml file for the add org call to this link: https://pastebin.com/zZF9EWNM

jagpreet (Tue, 12 May 2020 04:57:16 GMT):
The configtx.yaml seems fine. (the raw data pasted in the URL, not the formatted one) We will check this and get back to you as soon as possible.

jagpreet (Tue, 12 May 2020 04:57:16 GMT):
The configtx.yaml seems fine. We will check this and get back to you as soon as possible.

cavellt (Tue, 12 May 2020 14:01:25 GMT):
Thanks

spartucus (Thu, 14 May 2020 10:35:14 GMT):
Hi, does BAF has UI for operator end?

sownak (Thu, 14 May 2020 11:20:47 GMT):
Not right now. A BAF Operator persona is expected to know basics of yaml and the particular blockchain platform concepts.

sownak (Thu, 14 May 2020 13:26:26 GMT):
@cavellt We have re-tested the complete network with 1.4.4 and RAFT and we did not get any such errors. Are you resetting the network before re-run? I did get the identity error but that goes after the storeMSP joins the channel. logs: ` 2020-05-14 12:27:40.088 UTC [cceventmgmt] HandleChaincodeDeploy -> INFO 0ca Channel [allchannel]: Chaincode [Name=supplychain, Version=1, Hash=[]byte{0x61, 0xc6, 0x37, 0xf2, 0x1f, 0x2, 0x55, 0x93, 0x25, 0xb4, 0xc8, 0x7e, 0xf1, 0xa0, 0x23, 0xb9, 0x33, 0x3, 0xee, 0xa9, 0xc4, 0xba, 0x92, 0xcf, 0x23, 0x91, 0x91, 0x0, 0x19, 0x90, 0x1, 0xf2}] is not installed hence no need to create chaincode artifacts for endorsement 2020-05-14 12:27:40.151 UTC [kvledger] CommitWithPvtData -> INFO 0cb [allchannel] Committed block [4] with 1 transaction(s) in 98ms (state_validation=46ms block_and_pvtdata_commit=8ms state_commit=42ms) commitHash=[43a0a91ecf936505f5b3b8f1b91a8a8823d0bfbef82f47f2fe3b1655ee8385c1] 2020-05-14 12:27:40.151 UTC [gossip.gossip] UpdateLedgerHeight -> WARN 0cc No such channel [97 108 108 99 104 97 110 110 101 108] 2020-05-14 12:27:40.151 UTC [gossip.privdata] StoreBlock -> INFO 0cd [allchannel] Received block [5] from buffer 2020-05-14 12:27:40.154 UTC [cauthdsl] deduplicate -> ERRO 0ce Principal deserialization failure (MSP storeMSP is unknown) for identity 2 2020-05-14 12:27:40.154 UTC [cauthdsl] deduplicate -> ERRO 0cf Principal deserialization failure (MSP storeMSP is unknown) for identity 2 2020-05-14 12:27:40.160 UTC [gossip.gossip] JoinChan -> INFO 0d0 Joining gossip network of channel allchannel with 4 organizations 2020-05-14 12:27:40.160 UTC [gossip.gossip] learnAnchorPeers -> INFO 0d1 Learning about the configured anchor peers of storeMSP for channel allchannel : [{peer0.store-net}]

cavellt (Thu, 14 May 2020 13:36:40 GMT):
I see, if available could you tell me the invoke command you run after the addition of the organization?

sownak (Thu, 14 May 2020 13:40:26 GMT):
we did get the same errors, but the all subsequent transactions were successful 2020-05-14 12:39:27.826 UTC [gossip.privdata] StoreBlock -> INFO 10c [allchannel] Received block [6] from buffer 2020-05-14 12:39:27.830 UTC [vscc] Validate -> ERRO 10d VSCC error: stateBasedValidator.Validate failed, err validation of endorsement policy for chaincode supplychain in tx 6:0 failed: signature set did not satisfy policy 2020-05-14 12:39:27.831 UTC [committer.txvalidator] validateTx -> ERRO 10e VSCCValidateTx for transaction txId = b65d3216645363dc30761b5c7fd10cbaff6acb0b258f7336cdee9ba8cc4c1afd returned error: validation of endorsement policy for chaincode supplychain in tx 6:0 failed: signature set did not satisfy policy 2020-05-14 12:39:27.831 UTC [committer.txvalidator] Validate -> INFO 10f [allchannel] Validated block [6] in 4ms 2020-05-14 12:39:27.831 UTC [valimpl] preprocessProtoBlock -> WARN 110 Channel [allchannel]: Block [6] Transaction index [0] TxId [b65d3216645363dc30761b5c7fd10cbaff6acb0b258f7336cdee9ba8cc4c1afd] marked as invalid by committer. Reason code [ENDORSEMENT_POLICY_FAILURE] 2020-05-14 12:39:27.878 UTC [kvledger] CommitWithPvtData -> INFO 111 [allchannel] Committed block [6] with 1 transaction(s) in 46ms (state_validation=0ms block_and_pvtdata_commit=10ms state_commit=34ms) commitHash=[db7281b8ab1d205cc0fca80b7a1e46794c889669d9ddf05095d03e1c89f5552f] 2020-05-14 12:45:38.281 UTC [core.comm] ServerHandshake -> ERRO 112 TLS handshake failed with error read tcp 10.1.3.156:7051->10.1.3.20:50824: read: connection reset by peer server=PeerServer remoteaddress=10.1.3.20:50824 2020-05-14 12:45:38.281 UTC [grpc] handleRawConn -> DEBU 113 grpc: Server.Serve failed to complete security handshake from "10.1.3.20:50824": read tcp 10.1.3.156:7051->10.1.3.20:50824: read: connection reset by peer 2020-05-14 12:51:04.499 UTC [gossip.privdata] StoreBlock -> INFO 114 [allchannel] Received block [7] from buffer 2020-05-14 12:51:04.500 UTC [committer.txvalidator] Validate -> INFO 115 [allchannel] Validated block [7] in 1ms 2020-05-14 12:51:04.558 UTC [kvledger] CommitWithPvtData -> INFO 116 [allchannel] Committed block [7] with 1 transaction(s) in 57ms (state_validation=17ms block_and_pvtdata_commit=9ms state_commit=26ms) commitHash=[08374412a8d3ca558ff9c38996a935c397ac5d25529bd96bbed2adbcac4193f2]

sownak (Thu, 14 May 2020 13:41:12 GMT):
we run the invokechaincode chart.

sownak (Thu, 14 May 2020 13:41:57 GMT):
echo "peer chaincode invoke -o ${ORDERER_URL} --tls ${CORE_PEER_TLS_ENABLED} --cafile ${ORDERER_CA} -C ${CHANNEL_NAME} -n ${CHAINCODE_NAME} -c $qARGS" >> ./invokeChaincode.sh chmod 755 ./invokeChaincode.sh sh ./invokeChaincode.sh

cavellt (Thu, 14 May 2020 13:47:21 GMT):
For qARGS, are you using \"init\",\"\" or something else

sownak (Thu, 14 May 2020 13:49:26 GMT):
the value in network.yaml is arguments: '\"init\",\"\"'

cavellt (Thu, 14 May 2020 13:58:03 GMT):
Have you tested it using other functions that can be invoked besides init?

sownak (Thu, 14 May 2020 13:58:42 GMT):
not in invoke. Then we run the functions as per the API

cavellt (Thu, 14 May 2020 14:00:11 GMT):
I see and that works.

cavellt (Sun, 17 May 2020 18:34:35 GMT):
Could you try sending transactions from one of the pods rather than through the API?

Pri-vats (Tue, 19 May 2020 11:03:27 GMT):
@spartucus , let us know if you are looking for any kind of assistance in automated network deployment, we do not have a UI support but we can help you with configuring the network.yaml

mwklein (Tue, 19 May 2020 12:59:58 GMT):
The UI for BAF is Git

suvajit-sarkar (Wed, 20 May 2020 08:36:05 GMT):
sure will try that out, and let you know

suvajit-sarkar (Wed, 20 May 2020 12:26:29 GMT):
Hi @cavellt just to get the understanding clear , you want us to add a new organisation and try sending transactions from the pods rather than using api right?

cavellt (Wed, 20 May 2020 13:37:45 GMT):
Yes and just to be sure the transactions should be sent from the new organization.

himanshulalarya (Tue, 26 May 2020 07:06:00 GMT):
Hi, The issue is created. (https://github.com/hyperledger-labs/blockchain-automation-framework/issues/699) . We are currently testing it.

himanshulalarya (Tue, 02 Jun 2020 06:38:35 GMT):
Chaincode invoke using the new organization cli. functions tested: init and create container Here are the queries For init: peer chaincode invoke -o orderer3.hf.dev.aws.blockchaincloudpoc-develop.com:8443 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt -C allchannel -n supplychain -c '{"Args":["init",""]}' for create container peer chaincode invoke -o orderer3.hf.dev.aws.blockchaincloudpoc-develop.com:8443 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt -C allchannel -n supplychain -c '{"Args":["createContainer","{"misc":{"name":"Medicine Container"},"trackingID":"613254c0-5395-4069-971b-fff77dc9c73d","counterparties":["CN=Admin@mh-net,OU=client+OU=mh,O=Mh,L=San Francisco,C=US"]}"]}'

sownak (Tue, 02 Jun 2020 08:24:35 GMT):
Thanks @himanshulalarya . @cavellt note that we run the transactions from a separate CLI pod and not from the peer pod. The peer pod will not have appropriate certificates to initiate transactions in the chain.

lyn.cunlong.liu (Thu, 04 Jun 2020 02:13:22 GMT):
Has joined the channel.

lyn.cunlong.liu (Thu, 04 Jun 2020 02:13:23 GMT):
is there anyone know this issue:

lyn.cunlong.liu (Thu, 04 Jun 2020 02:14:15 GMT):

lyn.cunlong.liu - Thu Jun 04 2020 10:13:55 GMT+0800 (China Standard Time).txt

jagpreet (Thu, 04 Jun 2020 06:39:40 GMT):
You need to install openshift $ pip install openshift

jagpreet (Thu, 04 Jun 2020 06:39:40 GMT):
You need to install openshift pip install openshift

suvajit-sarkar (Thu, 04 Jun 2020 09:05:00 GMT):
@lyn.cunlong.liu you can use our docker image to build the development environment https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/Dockerfile and follow the documentation :kiss_mm:

lyn.cunlong.liu (Fri, 05 Jun 2020 02:34:00 GMT):
yeah, the current error disappears after I installed openshift, but got a new error, could you please give me a call from teams?

lyn.cunlong.liu (Fri, 05 Jun 2020 02:34:00 GMT):
yeah, the current error disappears after I installed openshift, but got a new error, could you please give me a call from teams? below is the error message:

lyn.cunlong.liu (Fri, 05 Jun 2020 02:52:54 GMT):
task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/flux/tasks/main.yaml:30 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl create secret generic git-auth-local --from-file=identity=/home/blockchain-automation-framework/build/gitops --namespace default\nKUBECONFIG=/home/blockchain-automation-framework/build/config kubectl apply -f /home/blockchain-automation-framework/platforms/shared/configuration/../../../platforms/shared/charts/flux-helm-release-crd.yaml --context=\"minikube\"\nKUBECONFIG=/home/blockchain-automation-framework/build/config helm upgrade --install --set rbac.create=true --set helmOperator.create=true --set git.timeout=200s --set git.pollInterval=2m --set git.url='ssh://git@github.com/lyn-liu210/blockchain-automation-framework.git' --set git.secretName=git-auth-local --set git.branch=local --set git.label='sync-local' --set git.path=\"platforms/hyperledger-fabric/releases/dev\" --set-file ssh.known_hosts=flux_known_hosts --set registry.insecureHosts=\"index.docker.io/hyperledgerlabs\" --namespace default flux-local --version \"0.15.0\" fluxcd/flux --kube-context=\"minikube\"\n", "delta": "0:00:00.513661", "end": "2020-06-05 02:51:19.052571", "msg": "non-zero return code", "rc": 1, "start": "2020-06-05 02:51:18.538910", "stderr": "Error from server (AlreadyExists): secrets \"git-auth-local\" already exists\nError: could not find a ready tiller pod", "stderr_lines": ["Error from server (AlreadyExists): secrets \"git-auth-local\" already exists", "Error: could not find a ready tiller pod"], "stdout": "customresourcedefinition.apiextensions.k8s.io/helmreleases.flux.weave.works unchanged", "stdout_lines": ["customresourcedefinition.apiextensions.k8s.io/helmreleases.flux.weave.works unchanged"]}

himanshulalarya (Fri, 05 Jun 2020 06:55:26 GMT):
Hi, You need to run the reset-network.yaml for resetting all the network and deleting all the previous build files

lyn.cunlong.liu (Mon, 08 Jun 2020 02:31:46 GMT):
do you mean the file in platforms/hyplerledger-fabric/configuration/reset-network.yaml? if so would you mind send me the command to run it?

lyn.cunlong.liu (Mon, 08 Jun 2020 05:44:19 GMT):
I tried to run the command "docker-compose -f reset-network.yaml up -d",got an error below:ERROR: Top level object in './reset-network.yaml' needs to be an object not ''.

suvajit-sarkar (Mon, 08 Jun 2020 05:58:17 GMT):
there are multiple ways to reset the network - 1. If you have your ansible controller setup up using the dockerfile provided by BAF and have all prerequisite done properly, you can simply run the reset.sh provided in the root of repository. 2. Using ansible command - ansible-playbook -vv /home/blockchain-automation-framework/platforms/shared/configuration/site.yaml -e "@/home/blockchain-automation-framework/build/network.yaml" -e "reset='true'" 3. Each platform has a reset playbook under platforms//configuration run it using ansible-playbook command

suvajit-sarkar (Mon, 08 Jun 2020 06:01:57 GMT):
@lyn.cunlong.liu can you kindly tell us which DLT platform are you trying to set up ? and is it locally on minikube or using any cloud managed k8s?

suvajit-sarkar (Mon, 08 Jun 2020 06:04:35 GMT):
if you are trying to setup it up locally on minikube, i would suggest you to go through the detailed process given in the docs - https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html

suvajit-sarkar (Mon, 08 Jun 2020 06:04:35 GMT):
if you are trying to setup it up locally on minikube, i would suggest you to go through the detailed steps given in the docs - https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html

lyn.cunlong.liu (Mon, 08 Jun 2020 07:37:45 GMT):
I do trying to set up it locally and follow the instruction in the link you posted. the DLT platform it hyperledger fabric

sownak (Mon, 08 Jun 2020 12:28:42 GMT):
BAF 0.5.0.0 is ready https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.5.0.0 Main features include support for Fabric 2.0.0 with both RAFT and kafka consensus, R3 Corda 4.4 and Indy-Aries SampleApp implementation.

TravellerAddict (Tue, 09 Jun 2020 16:27:42 GMT):
Has joined the channel.

TravellerAddict (Tue, 09 Jun 2020 16:27:42 GMT):
@sownak Hi, I am installing the BAF for the first time, and I am having trouble with the pre-requisites (specifically the setting of the Docker environment variable. Could you suggest what I could be doing different? (Details below). Please let me know if there is any information I can provide (or reference to re-read). Thanks! $ eval $('docker-machine.exe' env) Error: No machine name(s) specified and no "default" machine exists

TravellerAddict (Tue, 09 Jun 2020 16:27:42 GMT):
@sownak Hi, I am installing the BAF for the first time, and I am having trouble with the pre-requisites (specifically the setting of the Docker environment variable). Could you suggest what I could be doing different? (Details below). Please let me know if there is any information I can provide (or reference to re-read). Thanks! $ eval $('docker-machine.exe' env) Error: No machine name(s) specified and no "default" machine exists

TravellerAddict (Tue, 09 Jun 2020 16:54:21 GMT):
I am assuming the error is because of a poor Docker install (as I previously had the Docker Desktop installed). I've removed the Docker Desktop and I'm reinstalling the Docker Toolbox.

TravellerAddict (Tue, 09 Jun 2020 23:04:39 GMT):
Hi All, I am setting up the BAF on windows, and the windows script doesn't seem to be working. Is there a chance that recent changes broke the script? I tried the manual install route but it didn't seem to work, I couldn't get the default docker-machine working correctly. Note I still have a local copy of the cloned repository, but I've pulled in recent changes to my cloned version. Can anyone suggest a way to get it working? All suggestions appreciated. The script generated the following errors (after confirming my git credentials and repository location): Syncing the develop branch with BAF develop branch. error: cannot stat 'examples/supplychain-app/corda/cordApps_springBoot/cordapp-contracts-states/src/main/kotlin/com/supplychain/bcc/contractstates/ContainerState.kt': Filename too long error: cannot stat 'examples/supplychain-app/corda/cordApps_springBoot/cordapp-contracts-states/src/main/kotlin/com/supplychain/bcc/contractstates/TrackableState.kt': Filename too long error: The following untracked working tree files would be overwritten by checkout: .circleci/config.yml .github/ISSUE_TEMPLATE/bug_report.md ... error: The following untracked working tree files would be removed by checkout: examples/identity-app/images/agents/run Please move or remove them before you switch branches. Aborting merge: upstream/develop - not something we can merge Errors while merging. Please fix them then do a git push and re-run the script

TravellerAddict (Tue, 09 Jun 2020 23:04:39 GMT):
Hi All, I am setting up the BAF on windows, and the windows script doesn't seem to be working. Is there a chance that recent changes broke the script? I tried the manual install route but it didn't seem to work, I couldn't get the default docker-machine working correctly. Note I still have a local copy of the cloned repository, but I've pulled in recent changes to my cloned version. Can anyone suggest a way to get it working? All suggestions appreciated. The script generated the following errors (after confirming my git credentials and repository location): Syncing the develop branch with BAF develop branch. error: cannot stat 'examples/supplychain-app/corda/cordApps_springBoot/cordapp-contracts-states/src/main/kotlin/com/supplychain/bcc/contractstates/ContainerState.kt': Filename too long error: cannot stat 'examples/supplychain-app/corda/cordApps_springBoot/cordapp-contracts-states/src/main/kotlin/com/supplychain/bcc/contractstates/TrackableState.kt': Filename too long error: The following untracked working tree files would be overwritten by checkout: .circleci/config.yml .github/ISSUE_TEMPLATE/bug_report.md ... (100 files listed) error: The following untracked working tree files would be removed by checkout: examples/identity-app/images/agents/run Please move or remove them before you switch branches. Aborting merge: upstream/develop - not something we can merge Errors while merging. Please fix them then do a git push and re-run the script

lakshyakumar (Wed, 10 Jun 2020 04:00:56 GMT):
Has joined the channel.

lakshyakumar (Wed, 10 Jun 2020 04:00:57 GMT):
Hi TravellerAddict, As per the screenshot you shared, it shows that the issue is with merging code. So you can take a re-fork and a fresh clone from your BAF repository only if you haven't made any changes to the baf code, otherwise you have to resolve conflicts between the code of your forked baf repository and your local code followed by a git push. Make sure that the code on your machine and in your BAF repository is on the same commit before running the network.

lakshyakumar (Wed, 10 Jun 2020 04:01:47 GMT):
Hi TravellerAddict, As per the screenshot you shared, it shows that the issue is with merging code. So you can take a re-fork and a fresh clone from your BAF repository only if you haven't made any changes to the baf code, otherwise you have to resolve conflicts between the code of your forked baf repository and your local code followed by a git push. Make sure that the code on your machine and in your BAF repository is on the same commit before running the network.

sownak (Wed, 10 Jun 2020 09:04:24 GMT):
you may also want to check this https://stackoverflow.com/questions/22575662/filename-too-long-in-git-for-windows

pkirkinezis (Wed, 10 Jun 2020 11:46:34 GMT):
Has joined the channel.

tommyjay (Wed, 10 Jun 2020 18:12:27 GMT):
Has joined the channel.

Pri-vats (Thu, 11 Jun 2020 08:45:37 GMT):
Blockchain Automation Framework team will be having the PI 5 demo today from 3.00-4.00 pm GMT, where we will we taking you through the new features on BAF as per our newest release 0.5 and also demoing on 2 of them . Please feel free to join on : https://zoom.us/my/hyperledger.community.3 Our demo is on : 1. Addition of new node in the Quorum network 2. Quorum Expressapi and Supplychain ref. app integration

sillysachin (Thu, 11 Jun 2020 11:11:12 GMT):
Has joined the channel.

sillysachin (Thu, 11 Jun 2020 11:11:12 GMT):
Will the demo cover fabric 2.0 support ?

sillysachin (Thu, 11 Jun 2020 12:09:06 GMT):
I am trying to run the instructions https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

sillysachin (Thu, 11 Jun 2020 12:09:18 GMT):
TASK [check/helm_component : Wait for Pod helm in kube-system] ********************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:56 FAILED - RETRYING: Wait for Pod helm in kube-system (50 retries left).

sillysachin (Thu, 11 Jun 2020 12:35:52 GMT):
Frustratingly unsure which file or what the error is about.

sillysachin (Thu, 11 Jun 2020 12:41:48 GMT):
Does this work on ubuntu or mac box?

sillysachin (Thu, 11 Jun 2020 13:27:11 GMT):

baf-error.PNG

sillysachin (Thu, 11 Jun 2020 13:27:45 GMT):
What is time required to complete a run ? This failed after more than 30 minutes .

sownak (Thu, 11 Jun 2020 14:05:40 GMT):
That will depend on your kubernetes cluster's capacity. If that task is failing, you may want to increate the number of retries to 50. and check why the pod is failing.

sownak (Thu, 11 Jun 2020 14:06:20 GMT):
Check https://blockchain-automation-framework.readthedocs.io/en/latest/commandsref.html for common commands if you are new to Kubernetes.

sownak (Thu, 11 Jun 2020 14:08:30 GMT):
Today's demo is for Quorum only. previous demos can be found here https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework

sillysachin (Thu, 11 Jun 2020 14:14:39 GMT):
Thanks

sillysachin (Thu, 11 Jun 2020 14:15:04 GMT):
i did quick grep to search for fabric 2.0 across the repo - `grep -nHR "version: 2." .`

sillysachin (Thu, 11 Jun 2020 14:15:14 GMT):
Could not find any fabric 2.0 reference

sownak (Thu, 11 Jun 2020 14:39:35 GMT):
The readthedocs has been updated to include 2.0.0 reference. https://blockchain-automation-framework.readthedocs.io/en/latest/operations/fabric_networkyaml.html

sillysachin (Thu, 11 Jun 2020 15:06:38 GMT):
Yes. The readthedocs has it , but since chaincode deployment lifecycle changes in 2.x i wanted to start with a example reference to learn from

sownak (Thu, 11 Jun 2020 16:25:27 GMT):
The chaincode lifecycle changes have not been implemented in BAF because it is application/usecase specific.

sownak (Thu, 11 Jun 2020 16:25:27 GMT):
The chaincode lifecycle changes for Fabric 2.0.0 have not been implemented in BAF because it is application/usecase specific.

sownak (Thu, 11 Jun 2020 16:25:27 GMT):
The chaincode lifecycle changes for Fabric 2.0.0 have not yet been implemented in BAF because it is application/usecase specific and we do not have enough manpower. Why not give it a try on our existing code and contribute back?

sillysachin (Fri, 12 Jun 2020 15:25:24 GMT):
How much would it cost to run Fulcurm on a cloud platform? Is BAF to be paid use if deployed in Cloud/AWS/Gcloud etc ?

sillysachin (Fri, 12 Jun 2020 15:26:09 GMT):
I am querying if there is license fee ?

sownak (Fri, 12 Jun 2020 15:28:58 GMT):
Nope, BAF is completely free, no license. We would just ask for a client credential and feedback/contributions to help progress our roadmap. The client credential can have anonymous client, though the industry would help, but again that is not mandatory.

sownak (Fri, 12 Jun 2020 15:28:58 GMT):
Nope, BAF is completely free, no license fee. It is offered under Apache2 license terms. We would just ask for a client credential and feedback/contributions to help progress our roadmap. The client credential can have anonymous client, though the industry would help, but again that is not mandatory.

sillysachin (Fri, 12 Jun 2020 17:47:34 GMT):
I am trying to start... will give it ago over the weekend to figure out where to start poking

sillysachin (Sat, 13 Jun 2020 15:31:27 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/operations/setting_dlt.html

sillysachin (Sat, 13 Jun 2020 15:33:07 GMT):
The links are broken for "Guidance Here" across steps 2 ,3 , 4 and 6

cavellt (Sat, 13 Jun 2020 22:42:31 GMT):
Apologies for reviving an old thread. I was recently performing a test network utilizing minikube w/ the 0.5.0 release. During that test, I encountered the same issue regarding the transaction validation after the new organization was added. This was done tested with both the 2.0 and 1.4.4 Fabric images. After the failed transaction validation, I also tried the chaincode upgrade command in case the default policy did not register the new organization. The job created from that command did not complete.

cavellt (Sun, 14 Jun 2020 17:11:29 GMT):
Is it possible to set up a meeting to discuss this?

sillysachin (Sun, 14 Jun 2020 18:11:18 GMT):
i cam across a few logs like this

sillysachin (Sun, 14 Jun 2020 18:11:19 GMT):
TASK [../../shared/configuration/roles/check/helm_component : Wait for Pod peer0 in carrier-net] ************************************ task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:37 skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"}

sillysachin (Sun, 14 Jun 2020 18:11:48 GMT):
How to find the cause for Skipping?

deepakkumardbd (Mon, 15 Jun 2020 04:43:31 GMT):
In order to find out the reason for skipping, go to the role that is mentioned in the TASK and use the debug module to find out the values of the variable and based on the value certain task are skipped. In the shared folder we have checks for k8s resources to see if it already exists so based on the specific resource check only that task is called rest skipped. You can refer the documentation for more details.

sillysachin (Mon, 15 Jun 2020 05:02:10 GMT):
"use the debug module" - did not come across guideline on how to use debug module. Apologies - i am still unclear what / how to debug module. Any link in documentation . I have gone through all the pages of the doc and not familiar with it

deepakkumardbd (Mon, 15 Jun 2020 05:16:44 GMT):
So debug module is an ansible module. find more here https://docs.ansible.com/ansible/latest/modules/debug_module.html also please find the link to the readme of the role. https://github.com/hyperledger-labs/blockchain-automation-framework/tree/master/platforms/shared/configuration/roles/check/helm_component

deepakkumardbd (Mon, 15 Jun 2020 05:20:47 GMT):
we have created the bug you can track it here, https://github.com/hyperledger-labs/blockchain-automation-framework/issues/773

sillysachin (Mon, 15 Jun 2020 07:51:24 GMT):
Thanks

sownak (Mon, 15 Jun 2020 09:04:44 GMT):
@cavellt BAF is designed to work on a Cloud Kubernetes cluster and may not work as expected for minikube. Minikube deployment is only for developers who do not have a real Kubernetes cluster to provide a feel of the automation. Running a permanent network and making transactions is not recommended on minikube as we do not support it. If you have the same problems when running it on a cloud Kubernetes cluster, then we will be happy to support.

sillysachin (Mon, 15 Jun 2020 09:14:59 GMT):
https://github.com/appbootup/blockchain-automation-framework/commits/local

sillysachin (Mon, 15 Jun 2020 09:15:48 GMT):
Assuming the docker run for minikube sample fails - https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

sillysachin (Mon, 15 Jun 2020 09:16:46 GMT):
How to recover , restart? At some point after 2-3 days i am unsure what is the error. Which steps are causing issues?

sillysachin (Mon, 15 Jun 2020 09:16:58 GMT):
Or every run i have to restart by "Forking" ?

sillysachin (Mon, 15 Jun 2020 09:18:42 GMT):
Should the minikube be run with repo master or v0.5.0.0 tag

sillysachin (Mon, 15 Jun 2020 09:19:01 GMT):
I have failed with master repo since Friday

sownak (Mon, 15 Jun 2020 09:21:39 GMT):
No, you do not have to start from the "Forking" step. If it is failing multiple times, you can run it from within the baf-build container's bash prompt. ` docker run ... hyperledgerlabs/baf-build bash`, then just ./run.sh. At which step is it failing?

sillysachin (Mon, 15 Jun 2020 09:21:57 GMT):
TASK [Checking for the supplychain-net-role-tokenreview-binding] ******************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/namespace_vaultauth/tasks/main.yaml:90 TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding supplychain-net-role-tokenreview-binding is created] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:7 skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:17 FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (20 retries left).

sillysachin (Mon, 15 Jun 2020 09:22:39 GMT):
:sweat:

sillysachin (Mon, 15 Jun 2020 09:22:45 GMT):
https://github.com/appbootup/blockchain-automation-framework/commits/local

sillysachin (Mon, 15 Jun 2020 09:22:54 GMT):
i can see the git push has happened

sillysachin (Mon, 15 Jun 2020 09:23:13 GMT):
After that the ansible task keeps waiting and fails that check

sownak (Mon, 15 Jun 2020 09:25:27 GMT):
Can you reply on the thread? It seems your "flux" is not working. Please check the logs of "flux" pods. I noticed in your repo that the gitops and gitops.pub is checked in (i.e. they are in baf root directory). Did you ensure that the network.yaml has the correct path to the gitops file? If not, that may be the problem.

sownak (Mon, 15 Jun 2020 09:29:19 GMT):
In our guidance/steps, all generated and sensitive files should be in the build directory (that way they do not get checked in) and the paths in network.yaml is based on that. If you are using different paths, then you must update the network.yaml accordingly.

sillysachin (Mon, 15 Jun 2020 09:30:00 GMT):
ts=2020-06-15T09:27:05.49294097Z caller=loop.go:101 component=sync-loop err="git repo not ready: git clone --mirror: fatal: Could not read from remote repository., full output:\n Cloning into bare repository '/tmp/flux-gitclone842153897'...\nERROR: Repository not found.\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n" ts=2020-06-15T09:28:19.058175168Z caller=images.go:17 component=sync-loop msg="polling for new images f

sillysachin (Mon, 15 Jun 2020 09:32:25 GMT):
➜ blockchain-automation-framework git:(local) cd build ➜ build git:(local) pwd /home/subex/project/blockchain-automation-framework/build ➜ build git:(local) ls ca.crt client.crt client.key config gitops network.yaml ➜ build git:(local)

sillysachin (Mon, 15 Jun 2020 09:33:55 GMT):
1. Since git commit is happening i am assuming the access token is working

sownak (Mon, 15 Jun 2020 09:35:02 GMT):
No, that means Flux does not have access to your Github repository. Either 1) The private key (gitops path) is wrong in network.yaml 2) You have not added the corresponding public key with proper access to your github account.

sillysachin (Mon, 15 Jun 2020 09:36:38 GMT):
private_key: "/home/blockchain-automation-framework/build/gitops"

sownak (Mon, 15 Jun 2020 09:36:52 GMT):
Add the public key contents from gitops.pub (starts with ssh-rsa) as an Access Key (with read-write permissions) in your Github repository by following this guide. https://help.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account

sownak (Mon, 15 Jun 2020 09:38:01 GMT):
the key is also printed in your flux logs. if in doubt, use the public key from the flux logs.

sownak (Mon, 15 Jun 2020 09:43:38 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=PrwTE3HhMzNMfT65S) Ansible uses access token, but Flux uses private-public key to access your git

sillysachin (Mon, 15 Jun 2020 09:44:49 GMT):
is gitops a path into build directory into where i copy the gitops

sillysachin (Mon, 15 Jun 2020 09:44:53 GMT):
cp ~/.ssh/gitops build/

sillysachin (Mon, 15 Jun 2020 09:44:56 GMT):
?

sillysachin (Mon, 15 Jun 2020 09:45:20 GMT):
Step 5 in pre-req

sillysachin (Mon, 15 Jun 2020 09:46:00 GMT):
in network.yaml i am not pointing to this as there is no mentioned of editing this gitops path in documentation

sownak (Mon, 15 Jun 2020 09:46:27 GMT):
gitops is the file which you have copied in /build directory, which is fine as you showed by "ls"

sillysachin (Mon, 15 Jun 2020 09:46:43 GMT):
Yes

sillysachin (Mon, 15 Jun 2020 09:46:48 GMT):
in network.yaml file

sillysachin (Mon, 15 Jun 2020 09:47:06 GMT):
private_key: "/home/blockchain-automation-framework/build/gitops"

sownak (Mon, 15 Jun 2020 09:47:21 GMT):
that path is correct here.

sownak (Mon, 15 Jun 2020 09:48:18 GMT):
Check https://github.com/settings/keys if you have added the correct public key there

sillysachin (Mon, 15 Jun 2020 10:24:19 GMT):
https://blockchain-automation-framework.readthedocs.io/en/develop/developer/dev_prereq.html

sillysachin (Mon, 15 Jun 2020 10:24:36 GMT):
Step 3 - is this to be executed everytime repo is forked

sillysachin (Mon, 15 Jun 2020 10:25:25 GMT):
I find the document hard to follow as i am no sure which command needs to be "executed" only once, which ones can be run without errors multiple times

sillysachin (Mon, 15 Jun 2020 10:25:45 GMT):
i have tried forking/deleting the repo multiple times to follow the document

sownak (Mon, 15 Jun 2020 10:26:02 GMT):
every thing can be run multiple times without errors

sillysachin (Mon, 15 Jun 2020 10:26:03 GMT):
the commands spread over 3-5 pages leads me into circles

sillysachin (Mon, 15 Jun 2020 10:27:46 GMT):
https://blockchain-automation-framework.readthedocs.io/en/develop/developer/dev_prereq.html

sillysachin (Mon, 15 Jun 2020 10:28:08 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

sillysachin (Mon, 15 Jun 2020 10:28:52 GMT):
i have run this 10 times and failed around git now so many times - i am not sure what else is left to try

sillysachin (Mon, 15 Jun 2020 10:30:10 GMT):
localhost : ok=87 changed=23 unreachable=0 failed=1 skipped=131 rescued=0 ignored=0

sownak (Mon, 15 Jun 2020 10:35:07 GMT):
1. https://blockchain-automation-framework.readthedocs.io/en/develop/developer/dev_prereq.html is to be run only once as it sets up your environment. 2. https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html can be run multiple times But if you do not fix the errors, running it multiple times is not going to fix it. The public ssh key should be added to your github account. Have you dont it?

sillysachin (Mon, 15 Jun 2020 10:36:09 GMT):
Yes

sillysachin (Mon, 15 Jun 2020 10:37:21 GMT):
Can attach image .

sillysachin (Mon, 15 Jun 2020 10:37:31 GMT):
Key is already in use

sillysachin (Mon, 15 Jun 2020 10:37:37 GMT):
When i try to add it over again

sownak (Mon, 15 Jun 2020 10:37:56 GMT):
then most likely ssh is blocked in your org network. Try doing a git clone using the ssh url. like "git clone git@github.com:appbootup/blockchain-automation-framework.git"

sillysachin (Mon, 15 Jun 2020 10:38:11 GMT):
Tested that - git clone worked

sownak (Mon, 15 Jun 2020 10:39:02 GMT):
can you paste the key from your flux logs?

sillysachin (Mon, 15 Jun 2020 10:39:03 GMT):

SSH and GPG keys error.png

sillysachin (Mon, 15 Jun 2020 10:39:41 GMT):
Running kubectl logs flux-local-7f8d5979d6-tx66z

sillysachin (Mon, 15 Jun 2020 10:39:47 GMT):
does not show any keys

sillysachin (Mon, 15 Jun 2020 10:43:00 GMT):
lost that thread

sillysachin (Mon, 15 Jun 2020 10:43:09 GMT):
cant see any printed keys in logs

sillysachin (Mon, 15 Jun 2020 10:43:23 GMT):
or not familiar with kubectl logs

sownak (Mon, 15 Jun 2020 10:44:13 GMT):
do "kubectl get secrets" and see if a secret called "git-auth-local" there?

sillysachin (Mon, 15 Jun 2020 10:44:39 GMT):
NAME TYPE DATA AGE default-token-f8fjv kubernetes.io/service-account-token 3 16h flux-local-token-wl42p kubernetes.io/service-account-token 3 16h git-auth-local Opaque 1 16h

sillysachin (Mon, 15 Jun 2020 10:44:56 GMT):
it is there

sownak (Mon, 15 Jun 2020 10:45:32 GMT):
you can use grep to search for "ssh-rsa" in the flux logs

sownak (Mon, 15 Jun 2020 10:46:22 GMT):
kubectl logs flux-demo-corda-85969645b7-xdblc | grep "ssh-rsa"

sillysachin (Mon, 15 Jun 2020 10:48:12 GMT):
the entry for above command does not match cat ~/.ssh/gitops.pub

sownak (Mon, 15 Jun 2020 10:51:37 GMT):
yes, that is the problem then. add that ssh-rsa to your gitaccount as ssh-key

sownak (Mon, 15 Jun 2020 10:51:51 GMT):
this is because you have changed the gitops key file

sownak (Mon, 15 Jun 2020 10:52:10 GMT):
so: the pre-reqs need to be run once, and not multiple times

sownak (Mon, 15 Jun 2020 10:54:23 GMT):
or you can run ./reset.sh from the baf-build container and then run ./run.sh

sillysachin (Mon, 15 Jun 2020 11:04:26 GMT):
is this after building local baf-build

sillysachin (Mon, 15 Jun 2020 11:04:29 GMT):
docker build . -t hyperledgerlabs/baf-build

sownak (Mon, 15 Jun 2020 11:06:39 GMT):
you dont have to build baf-build image every time, it is available on docker-hub

sillysachin (Mon, 15 Jun 2020 11:07:48 GMT):
docker run -it -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build reset

sillysachin (Mon, 15 Jun 2020 11:07:58 GMT):
Will the above be sufficient ?

sownak (Mon, 15 Jun 2020 11:08:17 GMT):
docker run -it -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build ./reset.sh

sillysachin (Mon, 15 Jun 2020 11:10:01 GMT):
Will removing non fabric platforms folders make this faster process ?

sownak (Mon, 15 Jun 2020 11:10:20 GMT):
nope, it does not impact.

sillysachin (Mon, 15 Jun 2020 11:14:24 GMT):
Is there a option to show how many tasks are left once ./runs.sh is started

sillysachin (Mon, 15 Jun 2020 11:16:05 GMT):
reset and run did not change the flux pods ssh-rsa

sownak (Mon, 15 Jun 2020 11:18:45 GMT):
then I would suggest you to do "minikube delete" and recreate minikube

sillysachin (Mon, 15 Jun 2020 12:26:00 GMT):
i have restarted from minikube delete , its around 55 minutes to complete full run

sillysachin (Mon, 15 Jun 2020 12:26:16 GMT):
PLAY RECAP ************************************************************************************************************************** localhost : ok=593 changed=262 unreachable=0 failed=0 skipped=448 rescued=0 ignored=22

sownak (Mon, 15 Jun 2020 12:26:59 GMT):
yes. You are also deploying the chaincodes, so it is more time than just the network.

sillysachin (Mon, 15 Jun 2020 15:49:01 GMT):
If we wish to change folder , repo name and naming conventions - what is the safe way ?

sownak (Mon, 15 Jun 2020 17:01:06 GMT):
repo name can be updated any time, and ensure that "blockchain-automation-framework" is replaced in any code that you run with the new repo name. (It will only impact minikube install steps). There is no safe way to replace any folder or names, you will have to find and replace all references manually. Please note, BAF is not designed to work with minikube, it needs a proper kubernetes cluster to work correctly.

sillysachin (Tue, 16 Jun 2020 05:50:21 GMT):
without minikube - the cost of exploring goes up by 10x , entry barrier will become too complex

sownak (Tue, 16 Jun 2020 08:31:24 GMT):
that is correct; minikube is only for learning and should not be used for Production/Pilot environments.

sillysachin (Tue, 16 Jun 2020 08:35:02 GMT):
i would request a few more pre-checks be added to input variables used in the setup - example from my mistakes are build folder entries - a missed ssh-rsa or typo in vault secret - the discovery of them half way through 1hr run in cluster is a miserable learning experience

sillysachin (Tue, 16 Jun 2020 08:35:55 GMT):
bumbling along now to build a docker image and use it with custom folder - unsure what that will bite me around

sownak (Tue, 16 Jun 2020 08:36:51 GMT):
You can always contribute those changes, it will be highly appreciated.

sillysachin (Tue, 16 Jun 2020 08:37:58 GMT):
too much of starting mistakes to be sure of contributing... maybe as i learn more i can have necessary skills to solve it

sillysachin (Tue, 16 Jun 2020 08:44:15 GMT):
Query - the docker image building using docker build . -t /baf-build - it is around 1 GB in size

sillysachin (Tue, 16 Jun 2020 08:46:39 GMT):
I am presuming once a "production" ready docker image is built , it is given to each of the participating org with instruction to run it with "build" folder in the location with right "ca", "gitops" , k8s config and network.yaml entries

sownak (Tue, 16 Jun 2020 08:51:54 GMT):
baf-build is a packaged build/deploy environment which gives an easy way to deploy BAF as this acts as the ansible-controller. Though baf-build can be used for production env as well, but it is recommended to have a VM ansible-controller or integrate with Devops tools as for production you will need to store/analyse the logs and failures.

sownak (Tue, 16 Jun 2020 08:54:02 GMT):
Yes, each org can use the baf-build image to run their own nodes; they will only need the custom files.

sillysachin (Tue, 16 Jun 2020 08:57:49 GMT):
Thanks

sillysachin (Tue, 16 Jun 2020 09:00:21 GMT):
Query - if i want to add a simpler example than supply-chain to learn this better - copying test-network (fabric-samples) into examples folder and then replicating / poking files from supply-chain and network.yaml would be required ( i am assuming no other folder needs to be touched )

sownak (Tue, 16 Jun 2020 09:02:28 GMT):
yes. The platforms/* code deploys the network. The application relates files like chaincode and API are in examples/*

sownak (Tue, 16 Jun 2020 09:02:28 GMT):
yes. The platforms/.. code deploys the network. The application related files like chaincode and API are in examples/..

sillysachin (Tue, 16 Jun 2020 09:17:09 GMT):
Query - if there is crash in between a hour long deployment - if i run the docker run.sh again - will it pick up from where it "crashed" or again from the start . I could not gather from the last few days of runs if it is prudent to reset.sh and run.sh everytime or start over from minikube delete or just run.sh

sillysachin (Tue, 16 Jun 2020 09:25:04 GMT):
especially steps around crypto generation

sillysachin (Tue, 16 Jun 2020 09:25:07 GMT):
Pausing for 360 seconds (ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) [pause] Sleeping... so that the client certificates are valid:

sownak (Tue, 16 Jun 2020 09:28:53 GMT):
In that case it is better to execute run.sh from within the docker container. Reset is only needed if you want to delete the complete deployment.

sillysachin (Tue, 16 Jun 2020 09:46:59 GMT):
TASK [create/crypto/orderer : Generate crypto material for organization orderers] *************************************************** task path: /home/ocb/platforms/hyperledger-fabric/configuration/roles/create/crypto/orderer/tasks/orderer.yaml:112 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "export CA_TOOL_CLI=$(KUBECONFIG=/home/ocb/build/config kubectl get po -n supplychain-net | grep \"ca-tools\"

sillysachin (Tue, 16 Jun 2020 09:47:54 GMT):
"OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused \"no such file or directory\": unknown"]

sillysachin (Tue, 16 Jun 2020 11:05:25 GMT):
https://blockchain-automation-framework.readthedocs.io/en/develop/operations/fabric_networkyaml.html

sillysachin (Tue, 16 Jun 2020 11:05:39 GMT):
Broken links for NOTE: Please follow these instructions

jagpreet (Tue, 16 Jun 2020 11:10:41 GMT):
Looking into the same.

sillysachin (Tue, 16 Jun 2020 11:13:34 GMT):
Thanks. This is different page than the one i reported yesterday.

jagpreet (Tue, 16 Jun 2020 11:19:22 GMT):
Yes, I have checked the issue. The links broke with newer version of parser which don't parse the anchor references correctly.

jagpreet (Tue, 16 Jun 2020 11:19:22 GMT):
Yes, I have checked the issue. The links broke with newer version of parser which don't parse the anchor references incorrectly.

sownak (Tue, 16 Jun 2020 13:18:36 GMT):
Issue fixed in develop version https://blockchain-automation-framework.readthedocs.io/en/develop/operations/setting_dlt.html

sillysachin (Tue, 16 Jun 2020 17:07:25 GMT):
Is it valid setup - 4 microk8 k8s clusters in 4 machines for supply chain example ? Sort of intermediate between single node minikube and multi machine k8s for 4orgs

deepakkumardbd (Wed, 17 Jun 2020 04:40:13 GMT):
we haven't tried setting it up , give it a try and let us know of your findings.

cavellt (Wed, 17 Jun 2020 19:30:28 GMT):
We've migrated the test environment to an AWS cluster. Do you happen have a set of instructions on the necessary configurations needed to utilize it for BAF?

deepakkumardbd (Thu, 18 Jun 2020 04:57:53 GMT):
Are u using managed cluster? All instructions are provided here https://blockchain-automation-framework.readthedocs.io/en/develop/gettingstarted.html

cavellt (Thu, 18 Jun 2020 13:03:13 GMT):
I guess a more specific question is what do you use for the external url suffix? I tried using the address of the ELB, but the name ended being too large for ambassador credential creation.

sownak (Thu, 18 Jun 2020 13:07:06 GMT):
You need a domain as mentioned in https://blockchain-automation-framework.readthedocs.io/en/latest/prerequisites.html#internet-domain And then use the child domains in the external url, like org1.example.com

cavellt (Thu, 18 Jun 2020 21:38:42 GMT):
I established the test network on AWS and added a new organization. I created a CLI container for the new organization and invoked a transaction and received the same error as before. The ledger did not accept the new transaction as a valid one. I believe this is still a persistent issue https://github.com/hyperledger-labs/blockchain-automation-framework/issues/699.

deepakkumardbd (Fri, 19 Jun 2020 04:34:40 GMT):
we are testing this from our end once again , will get back to you

jagpreet (Fri, 19 Jun 2020 04:39:24 GMT):
Are you running the sample supplychain chaincode provided by BAF?

cavellt (Fri, 19 Jun 2020 21:11:43 GMT):
Yes, I am running the given chaincode and using the arguments that were listed in the issue. My testing scheme was deploying the initial network and invoking a transaction from the cli once the instantiation job is completed. I invoke the same transaction again to verify that the block exists on the ledger. Once the new organization has been added, I perform the same process with a new transaction from the new organization this time.

jagpreet (Mon, 22 Jun 2020 13:13:36 GMT):
These are the steps we follow: 1. Deploy a network with 2 organizations (manufacturer, warehouse) 2. Add a new organization (store) 3. Deploy the express-api, frontend, restserver for all the organizations 4. Run the postman collection suite (I am attaching the screenshots of postman test suite outputs for reference)

jagpreet (Mon, 22 Jun 2020 13:15:58 GMT):
Ignore the api's output where there is a write to ledger as it takes a while to write (the check api's will show that the query were successful)

jagpreet (Mon, 22 Jun 2020 13:19:08 GMT):

1.PNG

jagpreet (Mon, 22 Jun 2020 13:19:44 GMT):

2.PNG

jagpreet (Mon, 22 Jun 2020 13:19:52 GMT):

3.PNG

jagpreet (Mon, 22 Jun 2020 13:20:01 GMT):

4.PNG

jagpreet (Mon, 22 Jun 2020 13:20:13 GMT):

5.PNG

jagpreet (Mon, 22 Jun 2020 13:20:22 GMT):

6.PNG

jagpreet (Mon, 22 Jun 2020 13:20:36 GMT):

7.PNG

jagpreet (Mon, 22 Jun 2020 13:20:45 GMT):

8.PNG

jagpreet (Mon, 22 Jun 2020 13:20:55 GMT):

9.PNG

zhubao315 (Fri, 26 Jun 2020 02:19:32 GMT):
Has joined the channel.

marcdk (Mon, 06 Jul 2020 05:28:58 GMT):
Has joined the channel.

suvajit-sarkar (Thu, 16 Jul 2020 14:44:41 GMT):
Hi All, We are having PI demo for Blockchain Automation Framework (BAF) today. (9pm-10pm IST) The topics for the demo are: 1. BAF Architecture for Enterprise Corda and Hyperledger Besu walk through 2. Deploying Besu network using BAF (IBFT consensus and Orion TM) 3. BAF Travis CI and Molecule walk through You can join us on https://zoom.us/my/hyperledger.community.3

gmanjun1 (Sun, 19 Jul 2020 09:11:10 GMT):
Has joined the channel.

gmanjun1 (Sun, 19 Jul 2020 09:11:10 GMT):
Hi All - I am new joiner and interested to work on the Blockchain Automation Framework (BAF) . I am having 2 year experience in Blockchain frameworks Fabric, Ethereum. Have conceptual knowledge on Hyperledger Besu. To contribute/work on Blockchain Automation Framework (BAF) , what is the required OS.. Is windows OS would be ok. Or Having Ubuntu OS would be helpful.

sownak (Mon, 20 Jul 2020 08:38:30 GMT):
Ubuntu is always better over windows as we mainly use docker and ansible, both does not work on base Windows.

suvajit-sarkar (Mon, 20 Jul 2020 13:32:44 GMT):
Hi All, We are having Sprint planning for Blockchain Automation Framework (BAF) today. (7pm-8pm IST) You can join us on https://zoom.us/my/hyperledger.community.3

arunhlf (Wed, 22 Jul 2020 19:21:23 GMT):
Has joined the channel.

arunhlf (Wed, 22 Jul 2020 19:31:17 GMT):
Hi All , Please do help me out, while running the docker command to start the hyperledgerlabs/baf-build , ansible script fails. with error. "An exception occurred during task execution. To see the full traceback, use -vvv. The error was: kubernetes.config.config_exception.ConfigException: Invalid kube-config file. No configuration found."

arunhlf (Wed, 22 Jul 2020 19:31:17 GMT):
Hi All , Please do help me out, while running the docker command to start the hyperledgerlabs/baf-build container , ansible script fails. with error. "An exception occurred during task execution. To see the full traceback, use -vvv. The error was: kubernetes.config.config_exception.ConfigException: Invalid kube-config file. No configuration found."

sownak (Thu, 23 Jul 2020 08:29:18 GMT):
"Invalid kube-config file" means that the kubernetes config file that you have provided is wrong. Please check the path is correct as per your docker container and you have mounted the file.

SivaramKannan (Fri, 24 Jul 2020 11:45:18 GMT):
Has joined the channel.

SivaramKannan (Fri, 24 Jul 2020 11:45:18 GMT):
Hi Team - I was trying to use BAF against azure and I could not figure out how to make it work. although kubectl normally works, Ansible fails to find the kubeconfig ```kubernetes.config.config_exception.ConfigException: Invalid kube-config file. No configuration found.```

SivaramKannan (Fri, 24 Jul 2020 11:45:18 GMT):
Hi Team - I was trying to use BAF against AKS(azure) and I could not figure out how to make it work. although kubectl normally works, Ansible fails to find the kubeconfig ```kubernetes.config.config_exception.ConfigException: Invalid kube-config file. No configuration found.```

SivaramKannan (Fri, 24 Jul 2020 11:46:12 GMT):
I guess this would not be an issue if tested against aws. any idea how I can debug this issue?

sownak (Fri, 24 Jul 2020 11:48:51 GMT):
are you able to connect to the cluster from within the baf-build docker container?

SivaramKannan (Fri, 24 Jul 2020 11:50:37 GMT):
using kubectl?

SivaramKannan (Fri, 24 Jul 2020 11:50:59 GMT):
using kubectl?

sownak (Fri, 24 Jul 2020 11:51:51 GMT):
yes. (as I mentioned in the previous comment as well, maybe the paths are wrong)

SivaramKannan (Fri, 24 Jul 2020 11:52:59 GMT):
let me try that and come back. thanks

SivaramKannan (Fri, 24 Jul 2020 11:54:27 GMT):
This is the command I gave ```ansible-playbook platforms/shared/configuration/site.yaml -e "@./build/network.yaml" -e 'ansible_python_interpreter=/usr/local/bin/python3'```

SivaramKannan (Fri, 24 Jul 2020 11:54:52 GMT):
since I directly use ansible command on the host, it should go to the default location right??

sownak (Fri, 24 Jul 2020 11:55:25 GMT):
no, the Kubernetes config file paths are taken from the network.yaml

SivaramKannan (Fri, 24 Jul 2020 11:55:42 GMT):
ohh.. I see that now.

SivaramKannan (Fri, 24 Jul 2020 11:55:51 GMT):
will configure that.

SivaramKannan (Fri, 24 Jul 2020 11:55:55 GMT):
thanks

sownak (Fri, 24 Jul 2020 11:56:10 GMT):
Perfect. Let us know how it went.

SivaramKannan (Fri, 24 Jul 2020 11:56:25 GMT):
config_file: "cluster_config"

SivaramKannan (Fri, 24 Jul 2020 11:56:37 GMT):
I will give the absolute path here I suppose?

sownak (Fri, 24 Jul 2020 11:56:48 GMT):
yes. that should be absolute path in the container

SivaramKannan (Fri, 24 Jul 2020 11:56:59 GMT):
got it. will update after my test

SivaramKannan (Fri, 24 Jul 2020 12:15:11 GMT):
I can confirm that I got through that error. looks like cluster_context also should be explicitly mentioned and the playbook had proceeded

SivaramKannan (Fri, 24 Jul 2020 12:18:51 GMT):
I see the installation is waiting for tiller pod to come up. does it mean baf has a hard requirement for helm v2??

SivaramKannan (Fri, 24 Jul 2020 12:18:51 GMT):
I see the installation is waiting for tiller pod to come up. does it mean baf has a hard requirement for helm v2?? I don't see that in the requirement though and I have helm v3 installed.

SivaramKannan (Fri, 24 Jul 2020 12:20:13 GMT):
the deployment would not be successful I suppose, right?

sownak (Fri, 24 Jul 2020 13:12:49 GMT):
Yes, it would not work then. We do have helm3 feature in waiting. But currently everything is helm2

SivaramKannan (Fri, 24 Jul 2020 15:45:26 GMT):
got it working. just figured I have to configure git in the network.yml.

SivaramKannan (Fri, 24 Jul 2020 15:45:52 GMT):
but I have to say this is most further I went with deploying Hyperledger anywhere.

sownak (Fri, 24 Jul 2020 15:47:52 GMT):
Just curious are you working on a real cluster and for a production deployment? It always boosts our confidence.

SivaramKannan (Fri, 24 Jul 2020 15:48:46 GMT):
eventually production.

sownak (Fri, 24 Jul 2020 15:49:35 GMT):
Superb. Now you can make minor changes by just checkin-in code in the branch that is synced via gitops.

SivaramKannan (Fri, 24 Jul 2020 15:49:43 GMT):
I was searching for an automation tool when I was asked to automate a difficult deployment process. I like it so far

sownak (Fri, 24 Jul 2020 15:50:20 GMT):
Great. Would love to get a note here about what your clients say.

sownak (Fri, 24 Jul 2020 15:50:37 GMT):
Maybe you can also suggest some enhancements/new features.

SivaramKannan (Fri, 24 Jul 2020 15:51:49 GMT):
absolutely. I am taking notes as proceed slowly, will keep the community posted

SivaramKannan (Fri, 24 Jul 2020 16:01:20 GMT):
what am i missing here ``` Warning FailedMount 21s (x7 over 52s) kubelet, 2node-cluster-worker2 MountVolume.SetUp failed for volume "git-key" : secret "git-auth-dev" not found```

SivaramKannan (Fri, 24 Jul 2020 16:01:37 GMT):
I have configured the gitOps.private_key correctly though

SivaramKannan (Fri, 24 Jul 2020 16:02:33 GMT):
also, if I am configuring the private key path, why do I also mention the git password??

sownak (Fri, 24 Jul 2020 16:03:04 GMT):
That path also needs to be absolute and readable from inside the docker container.

SivaramKannan (Fri, 24 Jul 2020 16:03:56 GMT):
I have configured absolute path

sownak (Fri, 24 Jul 2020 16:05:03 GMT):
The Gitops component uses the SSH key, but the ansible controller uses the password. Maybe it is better to use ssh for that as well. You can submit an enhancement request.

SivaramKannan (Fri, 24 Jul 2020 16:05:16 GMT):
opps, I have the pub key path rather than private key. sorry

SivaramKannan (Fri, 24 Jul 2020 16:06:01 GMT):
will do.

SivaramKannan (Fri, 24 Jul 2020 16:10:17 GMT):
another question I have, why does baf needs a seprate vault rather than using the existing k8s secrets itself?

sownak (Fri, 24 Jul 2020 16:12:27 GMT):
We consider the k8s cluster itself to be ephemeral. So everything related to k8s is stored in Git, and the same settings can be applied to a new cluster altogether. We have tried to use minimum K8s secrets and all highly-needed secrets are stored separately in a Vault.

SivaramKannan (Fri, 24 Jul 2020 16:14:24 GMT):
hmm.. ok. thanks.

sownak (Fri, 24 Jul 2020 16:15:13 GMT):
All the few k8s secrets we create are for TLS and the actual certs are derived from Vault.

SivaramKannan (Fri, 24 Jul 2020 16:16:18 GMT):
maintaining the vault outside the cluster is another overhead right?

SivaramKannan (Fri, 24 Jul 2020 16:16:38 GMT):
you recommend one vault per org right?

sownak (Fri, 24 Jul 2020 16:17:41 GMT):
Yes, ideally orgs should not share secret storage as they are separate business entities. Maintaining a separate Vault is cheaper than recreating everything from scratch

SivaramKannan (Fri, 24 Jul 2020 16:17:58 GMT):
I guess you are coming from a DR angle, say you lose your cluster, with only a data backup the cluster can be deployed in a DR sight with this configure - right

sownak (Fri, 24 Jul 2020 16:22:22 GMT):
Yes, so data backup comes auto with BAF. Also operations become easier as small changes are just git merge to this branch.

sownak (Fri, 24 Jul 2020 16:22:22 GMT):
Yes, so cluster config backup comes auto with BAF. Also operations become easier as small changes are just git merge to this branch.

SivaramKannan (Fri, 24 Jul 2020 16:23:42 GMT):
cool man. appreciate your patient response.

mwklein (Fri, 24 Jul 2020 16:23:43 GMT):
Externalizing key/crypto storage from k8s also provides more options for integration with HSM and cloud key vaults.

SivaramKannan (Fri, 24 Jul 2020 16:27:02 GMT):
I am actually testing it in local cluster build with kind, if I am successful, I will write a wiki page to setup locally. it might lower the barrier to entry a bit.

SivaramKannan (Fri, 24 Jul 2020 16:48:39 GMT):
git push task seems to fail with this error ```TASK [/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/git_push : Error for git_push] **************************************** ok: [localhost] => { "msg": [ "/bin/sh: line 15: @github.com/sivaramkannan/blockchain-automation-framework.git: No such file or directory", "fatal: unable to access 'https://sivaramkannan:/‘: URL using bad/illegal format or missing URL" ] } ```

SivaramKannan (Fri, 24 Jul 2020 16:48:56 GMT):
I don't understand the weird url

sownak (Fri, 24 Jul 2020 16:49:35 GMT):
use a token rather than password. I guess your password has @

SivaramKannan (Fri, 24 Jul 2020 16:50:23 GMT):
ok, let me try

SivaramKannan (Sat, 25 Jul 2020 03:01:48 GMT):
This task does not seem to proceed ```TASK [Checking for the manufacturer-net-role-tokenreview-binding] ************************************************************************************************************************************************************ TASK [/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding manufacturer-net-role-tokenreview-binding is created] *** skipping: [localhost] TASK [/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding manufacturer-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding manufacturer-net-role-tokenreview-binding (20 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding manufacturer-net-role-tokenreview-binding (19 retries left).```

SivaramKannan (Sat, 25 Jul 2020 03:01:48 GMT):
This task does not seem to proceed after the below task ```TASK [Checking for the manufacturer-net-role-tokenreview-binding] ************************************************************************************************************************************************************ TASK [/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding manufacturer-net-role-tokenreview-binding is created] *** skipping: [localhost] TASK [/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding manufacturer-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding manufacturer-net-role-tokenreview-binding (20 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding manufacturer-net-role-tokenreview-binding (19 retries left).```

SivaramKannan (Sat, 25 Jul 2020 03:01:52 GMT):
any idea why?

SivaramKannan (Sat, 25 Jul 2020 03:01:52 GMT):
any idea why? let me know whether you need a bug report

SivaramKannan (Sat, 25 Jul 2020 03:27:12 GMT):
also, if I deploying all the org in a single cluster, does haproxy-ingress still needed?? - https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#haproxy-ingress

jkalwar (Sat, 25 Jul 2020 19:42:40 GMT):
Has joined the channel.

suvajit-sarkar (Mon, 27 Jul 2020 07:28:12 GMT):
In theory you can, but not recommended. Thought we do have a minikube configuration which does somewhat similar not using external domain and HAProxy, but its not tested e2e, you can give it a try and let us know too

suvajit-sarkar (Mon, 27 Jul 2020 07:28:12 GMT):
In theory you can, but not recommended. Though we do have a minikube configuration which does somewhat similar not using external domain and HAProxy, but its not tested e2e, you can give it a try and let us know too

SivaramKannan (Mon, 27 Jul 2020 12:20:21 GMT):
since you have a requirement of vault accessible by both the host machine as well as the k8s cluster, it is going to be quite difficult requirement to standup a vault before the deployment. for testing I will stand up a single node vault on the host and make it available within the cluster as well, but it going to be a diffcult requirement for customers who rely on the cloud right? if can support other types of vaults like Azure key-vaule store that will be very helpful.

SivaramKannan (Mon, 27 Jul 2020 12:20:47 GMT):
do you already support azure key-value store or only hasicorp vault??

sownak (Mon, 27 Jul 2020 12:37:37 GMT):
The Hashicorp Vault can also be on cloud as a VM, so I do not think it is difficult for customers.

sownak (Mon, 27 Jul 2020 12:38:52 GMT):
We only support Hashicorp Vault as it is Cloud-agnostic.

SivaramKannan (Mon, 27 Jul 2020 12:39:07 GMT):
hmm.. ok.

mwklein (Mon, 27 Jul 2020 12:41:30 GMT):
Hashicorp Vault does have integration with Azure Key Vault as well: https://learn.hashicorp.com/vault/operations/autounseal-azure-keyvault

SivaramKannan (Mon, 27 Jul 2020 12:43:05 GMT):
I think that is only for Auto-unseal. I could not find a full vault service in azure

SivaramKannan (Mon, 27 Jul 2020 13:03:16 GMT):
some of the pods are stuck and found the pvc seems to have an issue ```Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning ProvisioningFailed 27s (x63 over 15m) persistentvolume-controller no volume plugin matched``` what volume plugin does baf need? I did not see it in the requirement though

SivaramKannan (Mon, 27 Jul 2020 13:03:16 GMT):
some of the pods are stuck and I found the pvc seems to have an issue ```Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning ProvisioningFailed 27s (x63 over 15m) persistentvolume-controller no volume plugin matched``` what volume plugin does baf need? I did not see it in the requirement though

sownak (Mon, 27 Jul 2020 13:04:55 GMT):
1. Have you used cloud_provider: "azure"

sownak (Mon, 27 Jul 2020 13:05:12 GMT):
2. It uses provisioner: kubernetes.io/azure-disk

SivaramKannan (Mon, 27 Jul 2020 13:06:44 GMT):
ohh.. ok. actually I am trying the deployment on my local machine with kind, so I change it to minikube I think

SivaramKannan (Mon, 27 Jul 2020 13:06:58 GMT):
what plugin would minikube provisioner expect??

sownak (Mon, 27 Jul 2020 13:07:21 GMT):
k8s.io/minikube-hostpath

SivaramKannan (Mon, 27 Jul 2020 13:07:43 GMT):
got it. thanks

sownak (Mon, 27 Jul 2020 13:07:59 GMT):
cloud_prover: "minikub"

sownak (Mon, 27 Jul 2020 13:07:59 GMT):
cloud_prover: "minikube"

sownak (Mon, 27 Jul 2020 13:07:59 GMT):
cloud_provider: "minikube"

sownak (Mon, 27 Jul 2020 13:09:07 GMT):
if you are trying kind, you may have to redefine the storageclass. platforms/hyperledger-fabric/configuration/roles/create/storageclass/templates contains the supported templates. mini_sc is used when cloud_provider is minikube

SivaramKannan (Mon, 27 Jul 2020 13:09:55 GMT):
may be I should simply test with minikube

SivaramKannan (Mon, 27 Jul 2020 13:10:11 GMT):
let me do that.

SivaramKannan (Mon, 27 Jul 2020 16:30:34 GMT):
minikube still seems to be choosing kubernetes.io/azure-disk. could be a bug, I have modified the azurepeer_sc.tpl to confirm it, will create a bug if that is the case

sownak (Mon, 27 Jul 2020 16:32:56 GMT):
cloud_provider should be minikube for all orgs, if that is the case, minikube will not be choosing azure-disk. Maybe you need to delete the gitops release files from releases folder first.

SivaramKannan (Mon, 27 Jul 2020 16:33:51 GMT):
it still is choosing azure disk, let me delete the Gitops and try it.

SivaramKannan (Mon, 27 Jul 2020 16:34:45 GMT):
this folder right - ./platforms/hyperledger-fabric/releases?

sownak (Mon, 27 Jul 2020 16:35:30 GMT):
yes. also delete the storage classes manually, if they have been created.

SivaramKannan (Mon, 27 Jul 2020 16:50:16 GMT):
even after deleting releases folder, it still creates only azure-disk. I am stumped

SivaramKannan (Mon, 27 Jul 2020 16:51:46 GMT):
I actually recreated the whole cluster.

SivaramKannan (Thu, 30 Jul 2020 05:43:01 GMT):
Is it possible to configure NFS as persistent store??

jagpreet (Thu, 30 Jul 2020 06:40:40 GMT):
We have tested the BAF deployments with AWSElasticBlockStore and AzureDisk Provisioner only.

SivaramKannan (Thu, 30 Jul 2020 07:33:15 GMT):
may be this is more of a blockchain question, what happens when the ledger data hits the disk limit?

SivaramKannan (Thu, 30 Jul 2020 07:49:25 GMT):
if I modify the storage class template, should it be possible to make NFS work??

jagpreet (Thu, 30 Jul 2020 12:54:35 GMT):
BAF currently doesnt support NFS. Please refer to the Kubernetes documentation for the same.

jagpreet (Thu, 30 Jul 2020 12:54:35 GMT):
BAF currently doesnt support NFS. Please refer to the Kubernetes documentation for the same. Here's the link https://kubernetes.io/docs/concepts/storage/volumes/#nfs

jagpreet (Thu, 30 Jul 2020 12:54:35 GMT):
BAF currently doesnt support NFS. Please refer to the Kubernetes documentation for the same. https://kubernetes.io/docs/concepts/storage/volumes/#nfs

jagpreet (Thu, 30 Jul 2020 12:54:35 GMT):
Yes, its possible to have NFS volumes. BAF currently doesn't support NFS. Please refer to the Kubernetes documentation for the same.

jagpreet (Thu, 30 Jul 2020 12:56:29 GMT):
You can contribute back to BAF with the NFS support. :slight_smile:

SivaramKannan (Thu, 30 Jul 2020 15:58:15 GMT):
if I make it work, surely will raise a PR

SivaramKannan (Thu, 30 Jul 2020 15:59:58 GMT):
it might just work if I change the disk type to azurefile instead of azuredisk. will test and get back.

jagpreet (Fri, 31 Jul 2020 07:04:18 GMT):
We tried AzureFile earlier and faced issues with concurrency.

joy_2_code (Sat, 01 Aug 2020 04:49:12 GMT):
Has joined the channel.

SivaramKannan (Sat, 01 Aug 2020 11:13:28 GMT):
interesting. can you point me to any discussions or a ticket about the issue you faced?

suvajit-sarkar (Mon, 03 Aug 2020 06:50:08 GMT):
Hi All, We are having Sprint planning for Blockchain Automation Framework (BAF) today. (7pm-8pm IST) Please feel free to join us on https://zoom.us/my/hyperledger.community.3

jagpreet (Mon, 03 Aug 2020 10:31:58 GMT):
You can refer to Kubernetes documentation for the same as we faced the concurrency issue before BAF was opensource

jagpreet (Mon, 03 Aug 2020 10:31:58 GMT):
You can refer to Kubernetes documentation for the same.

mantajoh (Tue, 04 Aug 2020 20:02:16 GMT):
Has joined the channel.

mantajoh (Tue, 04 Aug 2020 20:02:17 GMT):
I'm having an error after running "docker run -it -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build” TASK [setup/vault : Unzip vault archive] ********************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/vault/tasks/main.yaml:35 failed: [localhost] (item=vault) => {"ansible_loop_var": "bin_item", "bin_item": "vault", "changed": false, "msg": "Failed to find handler for \"/tmp/ansible.4k1wv_ki/vault_1.0.1_linux_amd64.zip\". Make sure the required command to extract the file is installed. Command \"/usr/bin/unzip\" could not handle archive. Command \"/bin/tar\" could not handle archive."} I'm using Mac btw and I'm not sure why it wasn't able to extract the file.

renrenpedrajeta (Wed, 05 Aug 2020 09:38:29 GMT):
Has joined the channel.

renrenpedrajeta (Wed, 05 Aug 2020 09:38:29 GMT):
Hi. I am having this error. I already copied the config file from .kube to the build folder. Upon running ./run.sh, here is the error output: An exception occurred during task execution. To see the full traceback, use -vvv. The error was: kubernetes.config.config_exception.ConfigException: Invalid kube-config file. Expected object with name raredb-kuber-cluster-1 in /home/blockchain-automation-framework/build/config/contexts list fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-tmp-1596438937. 5109766-1386-240840034677171/AnsiballZ_k8s_info.py\", line 102, in \n ansiballzmain()\n File \"/root/.ansible /tmp/ansible-tmp-1596438937.5109766-1386-240840034677171/AnsiballZ_k8s_info.py\", line 94, in ansiballzmain\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-tmp-1596438937.5109766-1386-240840034677171/AnsiballZ_k8s_info.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.clustering.k8s.k8s_info', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib/python3.5/runpy.py\", line 196, in run_module\n return runmodule_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.5/runpy.py\", line 96, in runmodule_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib/python3.5/runpy.py\", line 85, in runcode\n exec(code, run_globals)\n File \"/tmp/ansible_k8s_info_payload_c1c_keyx/ansible_k8s_info_payload.zip/ansible/modules/clustering/k8s/k8s_info.py\", line 179, in \n File \"/tmp/ansible_k8s_info_payload_c1c_keyx/ansible_k8s_info_payload.zip/ansible/modules/clustering/k8s/k8s_info.py\", line 175, in main\n File \"/tmp/ansible_k8s_info_payload_c1c_keyx/ansible_k8s_info_payload.zip/ansible/modules/clustering/k8s/k8s_info.py\", line 148, in execute_module\n File \"/tmp/ansible_k8s_info_payload_c1c_keyx/ansible_k8s_info_payload.zip/ansible/module_utils/k8s/common.py\", line 182, in get_api_client\n File \"/usr/local/lib/python3.5/dist-packages/kubernetes/config/kube_config.py\", line 739, in load_kube_config\n persist_config=persist_config)\n File \"/usr/local/lib/python3.5/dist-packages/kubernetes/config/kube_config.py\", line 707, in getkube_config_loader_for_yaml_file\n **kwargs)\n File \"/usr/local/lib/python3.5/dist-packages/kubernetes/config/kube_config.py\", line 197, in init\n self.set_active_context(active_context)\n File \"/usr/local/lib/python3.5/dist-packages/kubernetes/config/kube_config.py\", line 250, in set_active_context\n context_name)\n File \"/usr/local/lib/python3.5/dist-packages/kubernetes/config/kube_config.py\", line 625, in get_with_name\n 'Expected object with name %s in %s list' % (name, self.name))\nkubernetes.config.config_exception.ConfigException: Invalid kube-config file. Expected object with name raredb-kuber-cluster-1 in /home/blockchain-automation-framework/build/config/contexts list\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1} Thank you for helping!

renrenpedrajeta (Wed, 05 Aug 2020 09:40:12 GMT):

Clipboard - August 5, 2020 5:40 PM

renrenpedrajeta (Wed, 05 Aug 2020 09:40:15 GMT):
Here is the actual screenshot

suvajit-sarkar (Wed, 05 Aug 2020 12:08:28 GMT):
The context value under the field k8s is incorrect, please check your kube config file for the correct context

ALURUJAWAHAR (Thu, 06 Aug 2020 13:54:49 GMT):
Has joined the channel.

ALURUJAWAHAR (Thu, 06 Aug 2020 13:54:50 GMT):
If you open config file in /home//.kube

ALURUJAWAHAR (Thu, 06 Aug 2020 13:55:09 GMT):
you will fine contexts section

ALURUJAWAHAR (Thu, 06 Aug 2020 13:55:28 GMT):
you need to change it according to you cluster names

ALURUJAWAHAR (Thu, 06 Aug 2020 13:57:07 GMT):
When I'm trying to deploy cluster, 2 flux are not getting started. It is showing the same state "ContainerCreating"

ALURUJAWAHAR (Thu, 06 Aug 2020 13:57:18 GMT):
ouput:

ALURUJAWAHAR (Thu, 06 Aug 2020 13:57:25 GMT):
kba@osboxes:~/project/blockchain-automation-framework$ kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE default flux-dev-849898c7cd-s42vl 0/1 ContainerCreating 0 4h58m default flux-dev-helm-operator-745dc7fb99-8czrk 0/1 ContainerCreating 0 4h58m default flux-dev-memcached-5f689bfdb9-9gk2b 1/1 Running 0 4h58m kube-system coredns-56fbd5c8dd-mhgg8 1/1 Running 0 2d17h kube-system coredns-56fbd5c8dd-sfx8g 1/1 Running 0 8d kube-system tiller-deploy-cf88b7d9-x97fv 1/1 Running 0 6h58m

ALURUJAWAHAR (Thu, 06 Aug 2020 13:57:50 GMT):
could some one help this! thanks in advance

sownak (Thu, 06 Aug 2020 13:59:02 GMT):
check the "kubectl describe " . Most likely it seems your gitops pem file is wrong/unreadable

ALURUJAWAHAR (Thu, 06 Aug 2020 13:59:39 GMT):
Oh thank you I will check

ALURUJAWAHAR (Thu, 06 Aug 2020 14:01:25 GMT):
But one of the default container "flux-dev-memcached-5f689bfdb9-9gk2b" is running fine

sownak (Thu, 06 Aug 2020 14:01:44 GMT):
that does not need the git key

ALURUJAWAHAR (Thu, 06 Aug 2020 14:02:14 GMT):
oh ok

ALURUJAWAHAR (Thu, 06 Aug 2020 14:02:36 GMT):
Does it fetch the pem file from build folder?

ALURUJAWAHAR (Thu, 06 Aug 2020 14:02:39 GMT):
or .ssh?

sownak (Thu, 06 Aug 2020 14:03:06 GMT):
depends on what you have given in network.yaml

ALURUJAWAHAR (Thu, 06 Aug 2020 14:03:33 GMT):
oh ok I will check

ALURUJAWAHAR (Thu, 06 Aug 2020 14:29:22 GMT):
Fantastic!!! I did not specify the full path.. now its working

ALURUJAWAHAR (Thu, 06 Aug 2020 14:29:53 GMT):
Thank you so much for responding!!

ALURUJAWAHAR (Fri, 07 Aug 2020 08:29:02 GMT):
got another problem with ingress controller. I have checked the configuration.

ALURUJAWAHAR (Fri, 07 Aug 2020 08:29:07 GMT):
NAMESPACE NAME READY STATUS RESTARTS AGE default flux-dev-849898c7cd-f64dh 1/1 Running 1 34m default flux-dev-helm-operator-745dc7fb99-fxzmq 1/1 Running 0 34m default flux-dev-memcached-5f689bfdb9-2n9q2 1/1 Running 0 34m ingress-controller ingress-default-backend-f5dfbf97-glml8 0/1 Pending 0 23m kube-system coredns-56fbd5c8dd-mhgg8 1/1 Running 0 3d12h kube-system coredns-56fbd5c8dd-sfx8g 1/1 Running 0 8d kube-system tiller-deploy-cf88b7d9-x97fv 1/1 Running 0 25h

ALURUJAWAHAR (Fri, 07 Aug 2020 08:30:05 GMT):
ingress container " ingress-default-backend-f5dfbf97-glml8" is in pending state

ALURUJAWAHAR (Fri, 07 Aug 2020 08:30:57 GMT):
could you please help me with dependency of it

ALURUJAWAHAR (Fri, 07 Aug 2020 08:34:09 GMT):
@sownak

sownak (Fri, 07 Aug 2020 08:38:15 GMT):
same response there. Use kubectl describe to check the real reason of Pending state. We cannot help you there as we do not know how the kubernetes cluster was created.

Rachit-gaur (Thu, 13 Aug 2020 12:22:53 GMT):
Has joined the channel.

Rachit-gaur (Thu, 13 Aug 2020 12:22:54 GMT):
Looking to collaborate

AmanAgrawal (Fri, 14 Aug 2020 06:26:38 GMT):
Has joined the channel.

jvdacasin (Fri, 14 Aug 2020 09:12:51 GMT):
Has joined the channel.

jvdacasin (Fri, 14 Aug 2020 09:12:52 GMT):
Hello, I am trying to deploy my local BAF to minikube. I have encountered an error, here's my error log: TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/git_push : Execute git push via shell task] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/git_push/tasks/main.yaml:10 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "cd \"/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../\"\necho \"---------------SHOW CONTENT OF DIR---------------\"\nls -a\necho \"---------------GIT PUSH---------------\"\ngit config user.email jorell.v.dacasin@accenture.com\ngit config user.name JorellDacasin\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git add -A .\n\n# To ignore a directory add it add reset path\nreset_path=platforms/hyperledger-fabric/configuration\nif [ -n \"$reset_path\" ]; then\n git --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git reset \"platforms/hyperledger-fabric/configuration\"\nfi \n\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git commit -s -m \"[ci skip] Pushing deployment files for namespace, service accounts and clusterrolebinding\" || true\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git push https://JorellDacasin:@quickbroWnfox1121!@github.com/JorellDacasin/blockchain-automation-framework.git HEAD:local\n", "delta": "0:00:23.347944", "end": "2020-08-14 06:49:57.801328", "msg": "non-zero return code", "rc": 128, "start": "2020-08-14 06:49:34.453384", "stderr": "fatal: unable to access 'https://JorellDacasin:@quickbroWnfox1121!@github.com/JorellDacasin/blockchain-automation-framework.git/': Could not resolve host: quickbroWnfox1121!@github.com", "stderr_lines": ["fatal: unable to access 'https://JorellDacasin:@quickbroWnfox1121!@github.com/JorellDacasin/blockchain-automation-framework.git/': Could not resolve host: quickbroWnfox1121!@github.com"], "stdout": "---------------SHOW CONTENT OF DIR---------------\n.\n..\n.circleci\n.git\n.github\n.gitignore\n.travis.yml\nCODEOWNERS\nCODE_OF_CONDUCT.md\nCONTRIBUTING.md\nDockerfile\nLICENSE\nMAINTAINERS.md\nREADME.md\nautomation\nbuild\ndocs\nexamples\nplatforms\nrelease-notes.md\nreset.sh\nrun.sh\n---------------GIT PUSH---------------\nOn branch local\nYour branch is ahead of 'origin/local' by 3 commits.\n (use \"git push\" to publish your local commits)\n\nIt took 2.94 seconds to enumerate untracked files. 'status -uno'\nmay speed it up, but you have to be careful not to forget to add\nnew files yourself (see 'git help status').\nnothing to commit, working directory clean", "stdout_lines": ["---------------SHOW CONTENT OF DIR---------------", ".", "..", ".circleci", ".git", ".github", ".gitignore", ".travis.yml", "CODEOWNERS", "CODE_OF_CONDUCT.md", "CONTRIBUTING.md", "Dockerfile", "LICENSE", "MAINTAINERS.md", "README.md", "automation", "build", "docs", "examples", "platforms", "release-notes.md", "reset.sh", "run.sh", "---------------GIT PUSH---------------", "On branch local", "Your branch is ahead of 'origin/local' by 3 commits.", " (use \"git push\" to publish your local commits)", "", "It took 2.94 seconds to enumerate untracked files. 'status -uno'", "may speed it up, but you have to be careful not to forget to add", "new files yourself (see 'git help status').", "nothing to commit, working directory clean"]} ...ignoring skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:17 FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). . . FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (1 retries left). fatal: [localhost]: FAILED! => {"attempts": 50, "changed": false, "resources": []} PLAY RECAP ************************************************************************************************************* localhost : ok=87 changed=23 unreachable=0 failed=1 skipped=131 rescued=0 ignored=1 root@323f2c1b8d4e:/home/blockchain-automation-framework# ----Here's the steps I have followed: https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html Any help will do. Thank you! :)

jvdacasin (Fri, 14 Aug 2020 09:15:51 GMT):
Hello, I am trying to deploy my local BAF to minikube. I have encountered an error, here's my error log: TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/git_push : Execute git push via shell task] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/git_push/tasks/main.yaml:10 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "cd \"/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../\"\necho \"---------------SHOW CONTENT OF DIR---------------\"\nls -a\necho \"---------------GIT PUSH---------------\"\ngit config user.email jorell.v.dacasin@accenture.com\ngit config user.name JorellDacasin\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git add -A .\n\n# To ignore a directory add it add reset path\nreset_path=platforms/hyperledger-fabric/configuration\nif [ -n \"$reset_path\" ]; then\n git --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git reset \"platforms/hyperledger-fabric/configuration\"\nfi \n\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git commit -s -m \"[ci skip] Pushing deployment files for namespace, service accounts and clusterrolebinding\" || true\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git push https://JorellDacasin:@quickbroWnfox1121!@github.com/JorellDacasin/blockchain-automation-framework.git HEAD:local\n", "delta": "0:00:23.347944", "end": "2020-08-14 06:49:57.801328", "msg": "non-zero return code", "rc": 128, "start": "2020-08-14 06:49:34.453384", "stderr": "fatal: unable to access 'https://JorellDacasin:@** @github.com/JorellDacasin/blockchain-automation-framework.git/': Could not resolve host: ** @github.com", "stderr_lines": ["fatal: unable to access 'https://JorellDacasin:@** github.com/JorellDacasin/blockchain-automation-framework.git/': Could not resolve host: ** github.com"], "stdout": "---------------SHOW CONTENT OF DIR---------------\n.\n..\n.circleci\n.git\n.github\n.gitignore\n.travis.yml\nCODEOWNERS\nCODE_OF_CONDUCT.md\nCONTRIBUTING.md\nDockerfile\nLICENSE\nMAINTAINERS.md\nREADME.md\nautomation\nbuild\ndocs\nexamples\nplatforms\nrelease-notes.md\nreset.sh\nrun.sh\n---------------GIT PUSH---------------\nOn branch local\nYour branch is ahead of 'origin/local' by 3 commits.\n (use \"git push\" to publish your local commits)\n\nIt took 2.94 seconds to enumerate untracked files. 'status -uno'\nmay speed it up, but you have to be careful not to forget to add\nnew files yourself (see 'git help status').\nnothing to commit, working directory clean", "stdout_lines": ["---------------SHOW CONTENT OF DIR---------------", ".", "..", ".circleci", ".git", ".github", ".gitignore", ".travis.yml", "CODEOWNERS", "CODE_OF_CONDUCT.md", "CONTRIBUTING.md", "Dockerfile", "LICENSE", "MAINTAINERS.md", "README.md", "automation", "build", "docs", "examples", "platforms", "release-notes.md", "reset.sh", "run.sh", "---------------GIT PUSH---------------", "On branch local", "Your branch is ahead of 'origin/local' by 3 commits.", " (use \"git push\" to publish your local commits)", "", "It took 2.94 seconds to enumerate untracked files. 'status -uno'", "may speed it up, but you have to be careful not to forget to add", "new files yourself (see 'git help status').", "nothing to commit, working directory clean"]} ...ignoring skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:17 FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). . . FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (1 retries left). fatal: [localhost]: FAILED! => {"attempts": 50, "changed": false, "resources": []} PLAY RECAP ************************************************************************************************************* localhost : ok=87 changed=23 unreachable=0 failed=1 skipped=131 rescued=0 ignored=1 root@323f2c1b8d4e:/home/blockchain-automation-framework# ----Here's the steps I have followed: https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html Any help will do. Thank you! 🙂

jvdacasin (Fri, 14 Aug 2020 09:17:14 GMT):
Hello, I am trying to deploy my local BAF to minikube. I have encountered an error, here's my error log: TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/git_push : Execute git push via shell task] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/git_push/tasks/main.yaml:10 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "cd \"/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../\"\necho \"---------------SHOW CONTENT OF DIR---------------\"\nls -a\necho \"---------------GIT PUSH---------------\"\ngit config user.email jorell.v.dacasin@accenture.com\ngit config user.name JorellDacasin\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git add -A .\n\n# To ignore a directory add it add reset path\nreset_path=platforms/hyperledger-fabric/configuration\nif [ -n \"$reset_path\" ]; then\n git --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git reset \"platforms/hyperledger-fabric/configuration\"\nfi \n\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git commit -s -m \"[ci skip] Pushing deployment files for namespace, service accounts and clusterrolebinding\" || true\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git push https://JorellDacasin:@*** @github.com/JorellDacasin/blockchain-automation-framework.git HEAD:local\n", "delta": "0:00:23.347944", "end": "2020-08-14 06:49:57.801328", "msg": "non-zero return code", "rc": 128, "start": "2020-08-14 06:49:34.453384", "stderr": "fatal: unable to access 'https://JorellDacasin:@** @github.com/JorellDacasin/blockchain-automation-framework.git/': Could not resolve host: ** @github.com", "stderr_lines": ["fatal: unable to access 'https://JorellDacasin:@** github.com/JorellDacasin/blockchain-automation-framework.git/': Could not resolve host: ** github.com"], "stdout": "---------------SHOW CONTENT OF DIR---------------\n.\n..\n.circleci\n.git\n.github\n.gitignore\n.travis.yml\nCODEOWNERS\nCODE_OF_CONDUCT.md\nCONTRIBUTING.md\nDockerfile\nLICENSE\nMAINTAINERS.md\nREADME.md\nautomation\nbuild\ndocs\nexamples\nplatforms\nrelease-notes.md\nreset.sh\nrun.sh\n---------------GIT PUSH---------------\nOn branch local\nYour branch is ahead of 'origin/local' by 3 commits.\n (use \"git push\" to publish your local commits)\n\nIt took 2.94 seconds to enumerate untracked files. 'status -uno'\nmay speed it up, but you have to be careful not to forget to add\nnew files yourself (see 'git help status').\nnothing to commit, working directory clean", "stdout_lines": ["---------------SHOW CONTENT OF DIR---------------", ".", "..", ".circleci", ".git", ".github", ".gitignore", ".travis.yml", "CODEOWNERS", "CODE_OF_CONDUCT.md", "CONTRIBUTING.md", "Dockerfile", "LICENSE", "MAINTAINERS.md", "README.md", "automation", "build", "docs", "examples", "platforms", "release-notes.md", "reset.sh", "run.sh", "---------------GIT PUSH---------------", "On branch local", "Your branch is ahead of 'origin/local' by 3 commits.", " (use \"git push\" to publish your local commits)", "", "It took 2.94 seconds to enumerate untracked files. 'status -uno'", "may speed it up, but you have to be careful not to forget to add", "new files yourself (see 'git help status').", "nothing to commit, working directory clean"]} ...ignoring skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:17 FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). . . FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (1 retries left). fatal: [localhost]: FAILED! => {"attempts": 50, "changed": false, "resources": []} PLAY RECAP ************************************************************************************************************* localhost : ok=87 changed=23 unreachable=0 failed=1 skipped=131 rescued=0 ignored=1 root@323f2c1b8d4e:/home/blockchain-automation-framework# ----Here's the steps I have followed: https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html Any help will do. Thank you! 🙂

jagpreet (Fri, 14 Aug 2020 09:24:38 GMT):
Please make sure to replace only the fields in gitops section of all organizations. Also use git token instead of git password as git passwords sometimes requires escaping if there are special characters in it.

jvdacasin (Fri, 14 Aug 2020 09:44:55 GMT):
sure Jagpreet, will update you after i tried this. Thanks!

JHamilton (Fri, 14 Aug 2020 11:59:28 GMT):
@rjones the LF metrics dashboard is so amazing, is there still any way for us to see BAF stats directly? understood that it has been merged for practicality reasons, just wanted to check :)

rjones (Fri, 14 Aug 2020 11:59:28 GMT):
Has joined the channel.

Cato9 (Sat, 15 Aug 2020 06:59:33 GMT):
Has joined the channel.

jvdacasin (Sun, 16 Aug 2020 17:00:15 GMT):
_hello Jagpreet, I already have changed the field in the gitops section for every org. It resolved the git issues but the ClusterRoleBinding Retry issue was still there. Please see my logs:_ *TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/git_push : Execute git push via shell task] ******** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/git_push/tasks/main.yaml:10 changed: [localhost] => {"changed": true, "cmd": "cd \"/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../\"\necho \"---------------SHOW CONTENT OF DIR---------------\"\nls -a\necho \"---------------GIT PUSH---------------\"\ngit config user.email jorell.v.dacasin@accenture.com\ngit config user.name JorellDacasin\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git add -A .\n\n# To ignore a directory add it add reset path\nreset_path=platforms/hyperledger-fabric/configuration\nif [ -n \"$reset_path\" ]; then\n git --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git reset \"platforms/hyperledger-fabric/configuration\"\nfi \n\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git commit -s -m \"[ci skip] Pushing deployment files for namespace, service accounts and clusterrolebinding\" || true\ngit --git-dir=/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../..//.git push https://JorellDacasin:****@github.com/JorellDacasin/blockchain-automation-framework.git HEAD:local\n", "delta": "0:04:38.738302", "end": "2020-08-16 16:25:52.808731", "rc": 0, "start": "2020-08-16 16:21:14.070429", "stderr": "To https://JorellDacasin:****@github.com/JorellDacasin/blockchain-automation-framework.git\n ac67fe2..1fb7d88 HEAD -> local", "stderr_lines": ["To https://JorellDacasin:****@github.com/JorellDacasin/blockchain-automation-framework.git", " ac67fe2..1fb7d88 HEAD -> local"], "stdout": "---------------SHOW CONTENT OF DIR---------------\n.\n..\n.circleci\n.git\n.github\n.gitignore\n.travis.yml\nCODEOWNERS\nCODE_OF_CONDUCT.md\nCONTRIBUTING.md\nDockerfile\nLICENSE\nMAINTAINERS.md\nREADME.md\nautomation\nbuild\ndocs\nexamples\nplatforms\nrelease-notes.md\nreset.sh\nrun.sh\n---------------GIT PUSH---------------\nOn branch local\nYour branch is ahead of 'origin/local' by 3 commits.\n (use \"git push\" to publish your local commits)\nnothing to commit, working directory clean", "stdout_lines": ["---------------SHOW CONTENT OF DIR---------------", ".", "..", ".circleci", ".git", ".github", ".gitignore", ".travis.yml", "CODEOWNERS", "CODE_OF_CONDUCT.md", "CONTRIBUTING.md", "Dockerfile", "LICENSE", "MAINTAINERS.md", "README.md", "automation", "build", "docs", "examples", "platforms", "release-notes.md", "reset.sh", "run.sh", "---------------GIT PUSH---------------", "On branch local", "Your branch is ahead of 'origin/local' by 3 commits.", " (use \"git push\" to publish your local commits)", "nothing to commit, working directory clean"]}

jvdacasin (Sun, 16 Aug 2020 17:00:26 GMT):
. . …. TASK [Checking for the supplychain-net-role-tokenreview-binding] *********************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/namespace_vaultauth/tasks/main.yaml:90 TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding supplychain-net-role-tokenreview-binding is created] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:7 skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:17 FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (49 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (48 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (47 retries left). . . FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (1 retries left). fatal: [localhost]: FAILED! => {"attempts": 50, "changed": false, "resources": []} PLAY RECAP ***************************************************************************************************************************************************************** localhost : ok=87 changed=23 unreachable=0 failed=1 skipped=131 rescued=0 ignored=0* _Can you kindly give me an idea what the retry error is about? What could I possibly missing or configurations files or setup i need to work on? Thanks in advanced! :)_

suvajit-sarkar (Mon, 17 Aug 2020 03:39:26 GMT):
Hi Rachit, thanks for showing interest, please follow the contributing guide link for various was to contribute https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/CONTRIBUTING.md

suvajit-sarkar (Mon, 17 Aug 2020 03:39:26 GMT):
Hi Rachit, thanks for showing interest, please follow the contributing guide link for various ways to contribute https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/CONTRIBUTING.md

suvajit-sarkar (Mon, 17 Aug 2020 03:42:30 GMT):
Hi All, We are having the sprint planning for Blockchain Automation Framework (BAF) today. (7pm-8pm IST) Please feel free to join us on https://zoom.us/my/hyperledger.community.3

suvajit-sarkar (Mon, 17 Aug 2020 03:50:08 GMT):
To all members, There are multiple ways to contribute, please have a look at our contributing guide: https://github.com/suvajit-sarkar/blockchain-automation-framework/blob/master/CONTRIBUTING.md

suvajit-sarkar (Mon, 17 Aug 2020 03:50:08 GMT):
To all members, There are multiple ways to contribute, please have a look at our contributing guide: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/CONTRIBUTING.md

jagpreet (Mon, 17 Aug 2020 06:36:13 GMT):
There is still some wrong configuration going into the gitops section of the organizations. Can you paste your gitops section here (by putting dummy values instead of actual credentials)?

jvdacasin (Mon, 17 Aug 2020 07:21:37 GMT):
Hello, here it is: gitops: git_ssh: "git@github.com:MyUserName/blockchain-automation-framework.git" # Gitops ssh url for flux value files branch: "local" # Git branch where release is being made release_dir: "platforms/hyperledger-fabric/releases/dev" # Relative Path in the Git repo for flux sync per environment. chart_source: "platforms/hyperledger-fabric/charts" # Relative Path where the Helm charts are stored in Git repo git_push_url: "github.com/MyUserName/blockchain-automation-framework.git" # Gitops https URL for git push (without https://) username: "MyUserName" # Git user who has rights to check-in in all branches password: "GitToken" # Git Server user password or token email: "myemail.address.com" # Email to use in git config private_key: "/home/blockchain-automation-framework/build/gitops" # Path to private key file which has write-access to the git repo services: ca: name: ca subject: "/C=GB/ST=London/L=London/O=Carrier/CN=ca.carrier-net" type: ca grpc: port: 7054 peers: - peer: name: peer0 type: anchor # This can be anchor/nonanchor. Atleast one peer should be anchor peer. gossippeeraddress: peer0.carrier-net:7051 # Internal Address of the other peer in same Org for gossip, same peer if there is only one peer grpc: port: 7051 events: port: 7053 couchdb: port: 5984 restserver: targetPort: 20001 port: 20001 expressapi: targetPort: 3000 port: 3000 chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "cmd" #The main directory where chaincode is needed to be placed repository: username: "MyUserName" # Github username password: "GitToken" # Github token or password for above user url: "github.com/MyUserName/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode

jagpreet (Mon, 17 Aug 2020 09:55:06 GMT):
This seems fine. Can you verify if the gitops key is added to your git repository?

jvdacasin (Mon, 17 Aug 2020 10:57:47 GMT):

SSH Key

jvdacasin (Mon, 17 Aug 2020 10:57:54 GMT):
Hello, Jagpreet. I think yes. I have followed these steps for adding an ssh key https://docs.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account Its also my latest used key.

jvdacasin (Mon, 17 Aug 2020 10:58:14 GMT):

SSH Key

dengjiali (Mon, 17 Aug 2020 10:59:30 GMT):
Has joined the channel.

jvdacasin (Tue, 18 Aug 2020 04:57:31 GMT):
Hello, this was resolved as I regenerated the gitops keys and then re-adding them to github and also to the /build folder of the BAF. Thank you!

jvdacasin (Tue, 18 Aug 2020 09:23:06 GMT):
Hello, I am trying to deploy my local BAF via minikube. I got a vault error: Here's the details. TASK [setup/vault_kubernetes : Enable and configure Kubernetes-auth for Organization] ******************************************************************************************************* task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:50 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "vault auth enable --path=\"supplychain-net-auth\" kubernetes\n", "delta": "0:00:00.105694", "end": "2020-08-18 09:12:02.726178", "msg": "non-zero return code", "rc": 2, "start": "2020-08-18 09:12:02.620484", "stderr": "Error enabling kubernetes auth: Post http://localhost:8200/v1/sys/auth/supplychain-net-auth: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error enabling kubernetes auth: Post http://localhost:8200/v1/sys/auth/supplychain-net-auth: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []} ...ignoring TASK [setup/vault_kubernetes : Get Kubernetes cert files for organizations] ***************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:62 changed: [localhost] => {"changed": true, "cmd": "KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secrets $(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secrets | grep \"default\" | awk '{print $1}') -o jsonpath=\"{.data['ca\\.crt']}\" | base64 -d > \"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:01.910594", "end": "2020-08-18 09:12:05.641232", "rc": 0, "start": "2020-08-18 09:12:03.730638", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []} TASK [setup/vault_kubernetes : Write reviewer token for Organisations] ********************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:70 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "export REVIEWER_TOKEN=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secret $(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get serviceaccount -n supplychain-net vault-reviewer -o jsonpath={.secrets[0].name}) -n supplychain-net -o jsonpath={.data.token} | base64 -d)\nvault write auth/supplychain-net-auth/config token_reviewer_jwt=\"$REVIEWER_TOKEN\" kubernetes_host=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl config view -o jsonpath=\"{.clusters[?(@.name==\\\"minikube\\\")].cluster.server}\") kubernetes_ca_cert=@\"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:01.337063", "end": "2020-08-18 09:12:08.139167", "msg": "non-zero return code", "rc": 2, "start": "2020-08-18 09:12:06.802104", "stderr": "Error writing data to auth/supplychain-net-auth/config: Put http://localhost:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error writing data to auth/supplychain-net-auth/config: Put http://localhost:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []} PLAY RECAP ********************************************************************************************************************************************************************************** localhost : ok=105 changed=30 unreachable=0 failed=1 skipped=180 rescued=0 ignored=1 Any advise will do. Thanks! Upon checking the link (http://localhost:8200/v1/sys/auth/supplychain-net-auth) included on the error log, it shows a token error. Please see below:

jvdacasin (Tue, 18 Aug 2020 09:24:09 GMT):
Hello, I am trying to deploy my local BAF via minikube. I got a vault error: Here's the details. TASK [setup/vault_kubernetes : Enable and configure Kubernetes-auth for Organization] ******************************************************************************************************* task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:50 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "vault auth enable --path=\"supplychain-net-auth\" kubernetes\n", "delta": "0:00:00.105694", "end": "2020-08-18 09:12:02.726178", "msg": "non-zero return code", "rc": 2, "start": "2020-08-18 09:12:02.620484", "stderr": "Error enabling kubernetes auth: Post http://localhost:8200/v1/sys/auth/supplychain-net-auth: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error enabling kubernetes auth: Post http://localhost:8200/v1/sys/auth/supplychain-net-auth: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []} ...ignoring TASK [setup/vault_kubernetes : Get Kubernetes cert files for organizations] ***************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:62 changed: [localhost] => {"changed": true, "cmd": "KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secrets $(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secrets | grep \"default\" | awk '{print $1}') -o jsonpath=\"{.data['ca\\.crt']}\" | base64 -d > \"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:01.910594", "end": "2020-08-18 09:12:05.641232", "rc": 0, "start": "2020-08-18 09:12:03.730638", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []} TASK [setup/vault_kubernetes : Write reviewer token for Organisations] ********************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:70 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "export REVIEWER_TOKEN=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secret $(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get serviceaccount -n supplychain-net vault-reviewer -o jsonpath={.secrets[0].name}) -n supplychain-net -o jsonpath={.data.token} | base64 -d)\nvault write auth/supplychain-net-auth/config token_reviewer_jwt=\"$REVIEWER_TOKEN\" kubernetes_host=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl config view -o jsonpath=\"{.clusters[?(@.name==\\\"minikube\\\")].cluster.server}\") kubernetes_ca_cert=@\"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:01.337063", "end": "2020-08-18 09:12:08.139167", "msg": "non-zero return code", "rc": 2, "start": "2020-08-18 09:12:06.802104", "stderr": "Error writing data to auth/supplychain-net-auth/config: Put http://localhost:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error writing data to auth/supplychain-net-auth/config: Put http://localhost:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []} PLAY RECAP ********************************************************************************************************************************************************************************** localhost : ok=105 changed=30 unreachable=0 failed=1 skipped=180 rescued=0 ignored=1 Can you kindly advise? Thanks! Upon checking the link (http://localhost:8200/v1/sys/auth/supplychain-net-auth) included on the error log, it shows a token error. Please see below:

jvdacasin (Tue, 18 Aug 2020 09:24:51 GMT):

error

jvdacasin (Tue, 18 Aug 2020 09:26:01 GMT):

Token Error

jagpreet (Tue, 18 Aug 2020 09:31:55 GMT):
try accessing the vault from git bash export VAULT_ADDR= export VAULT_TOKEN= And then try to run a vault read command like vault read abcd

jagpreet (Tue, 18 Aug 2020 09:33:33 GMT):
If you want to access the vault on your browser, directly hit the VAULT_ADDR (vault_url:vault_port)

jvdacasin (Tue, 18 Aug 2020 10:21:46 GMT):

vault

jvdacasin (Tue, 18 Aug 2020 10:30:31 GMT):
Hello, Jagpreet. I am able to access the vault address, and unseal the vault. Also, here's the sample vault read user@IETA-**** ~/project $ vault read abcd No value found at abcd But still the error occured upon running the playbook

jvdacasin (Tue, 18 Aug 2020 10:31:06 GMT):

Vault

arnoudbevers (Tue, 18 Aug 2020 10:54:03 GMT):
Has joined the channel.

jagpreet (Tue, 18 Aug 2020 10:54:18 GMT):
Please use your networkcard IP as vault IP as mentioned in the docs https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html#edit-the-configuration-file

sownak (Tue, 18 Aug 2020 11:11:15 GMT):
url: "http://:8200" # Use the local IP address rather than localhost e.g. http://192.168.0.1:8200

jvdacasin (Tue, 18 Aug 2020 11:12:20 GMT):
sure guys, already updated my vault config and network.yaml. Running the playbook now. Will update you with the results. Thank you!! :)

jvdacasin (Tue, 18 Aug 2020 12:41:28 GMT):
Hello, Update: It was indeed resolved by changing the URL from "localhost" to your Local IP Here's what I've done: 1. export VAULT_ADDR='http://YourIPv4:8200' --> run on bash 2. reinitiate Hashicorp Vault code (.hcl) to unseal 3. Open the corrected vault url via local browser. Got past the issue. Its still running, Waiting for further log results. Thank you!

davidwboswell (Tue, 18 Aug 2020 17:04:14 GMT):
Has joined the channel.

jvdacasin (Wed, 19 Aug 2020 10:05:49 GMT):
Hello, we are trying to deploy local BAF via minikube. We encountered a FAILED - RETRY error on supplychain creation on the helm component and stopped to proceed. Please see screenshot:

jvdacasin (Wed, 19 Aug 2020 10:08:48 GMT):

Supply Chain_Helm

jvdacasin (Wed, 19 Aug 2020 10:09:17 GMT):

FAIL RETRY ERROR

sownak (Wed, 19 Aug 2020 11:36:55 GMT):
check flux logs and your ca pods are running or not. It seems there is a problem in creating ca pods in your minikube

NaveenRaju (Wed, 19 Aug 2020 19:12:11 GMT):
Has joined the channel.

NaveenRaju (Wed, 19 Aug 2020 19:12:12 GMT):
Hi Everyone, I am trying to create Quorum network in AKS using BAF. I have few doubts regarding the fields in network.yaml

jvdacasin (Thu, 20 Aug 2020 07:01:45 GMT):
hello, pls see the screenshot. here are the erroneous pods:

jvdacasin (Thu, 20 Aug 2020 07:01:47 GMT):

Pod List with Errors

sownak (Thu, 20 Aug 2020 07:47:46 GMT):
that looks like your init pods are failing, most likely because it is not able to connect to Vault. You will have to check the logs of that particular container of the pod

NaveenRaju (Thu, 20 Aug 2020 11:56:53 GMT):
Hi Everyone, I am trying to create a Quorum network in AKS using BAF. I have few doubts regarding the fields in network.yaml 1. This is a POC, I want to set up all the 4 nodes in one cluster only.

NaveenRaju (Thu, 20 Aug 2020 11:57:28 GMT):
2. what if I don't want GitOps?

NaveenRaju (Thu, 20 Aug 2020 11:57:52 GMT):
3. what if I want to use public docker images?

NaveenRaju (Thu, 20 Aug 2020 11:58:02 GMT):
Help much appreciated

renrenpedrajeta (Thu, 20 Aug 2020 12:53:01 GMT):
He

jvdacasin (Thu, 20 Aug 2020 13:10:25 GMT):

No Logs can Be Found

jvdacasin (Thu, 20 Aug 2020 13:11:19 GMT):
Hello, Sownak. We tried extracting the logs. No log can be found for the erroneous pods. Do you have an idea where could it possibly gone wrong?

sownak (Thu, 20 Aug 2020 13:55:29 GMT):
1. Possible 2. You will have to change the code yourself. 3. Use public docker hub URL

sownak (Thu, 20 Aug 2020 13:57:49 GMT):
Check kubectl commands https://kubernetes.io/docs/reference/kubectl/cheatsheet/

mantajoh (Thu, 20 Aug 2020 19:59:30 GMT):
I'm trying to deploy in gcp and having some error on the cluster role binding part, here is the last running tasks. I removed my cluster context name below: FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (4 retries left).Result was: { "attempts": 2, "changed": false, "invocation": { "module_args": { "api_key": null, "api_version": "v1", "ca_cert": null, "client_cert": null, "client_key": null, "context": "", "field_selectors": [], "host": null, "kind": "ClusterRoleBinding", "kubeconfig": "/home/blockchain-automation-framework/build/config", "label_selectors": [], "name": "supplychain-net-role-tokenreview-binding", "namespace": null, "password": null, "proxy": null, "username": null, "validate_certs": null } }, "resources": [], "retries": 6 } If I follow it correctly this might be in flux so I tried checking my flux logs and this is my error Error from server: Get https://10.148.0.8:10250/containerLogs/default/flux-dev-57b995fbb7-8zn8w/flux: No SSH tunnels currently open. Were the targets able to accept an ssh-key for user "gke-9158646aee4915ebebdf"?

mantajoh (Thu, 20 Aug 2020 19:59:30 GMT):
I'm trying to deploy in gcp and having some error on the cluster role binding part, here is the last running tasks. I removed my cluster context name below: FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (4 retries left).Result was: { "attempts": 2, "changed": false, "invocation": { "module_args": { "api_key": null, "api_version": "v1", "ca_cert": null, "client_cert": null, "client_key": null, "context": "", "field_selectors": [], "host": null, "kind": "ClusterRoleBinding", "kubeconfig": "/home/blockchain-automation-framework/build/config", "label_selectors": [], "name": "supplychain-net-role-tokenreview-binding", "namespace": null, "password": null, "proxy": null, "username": null, "validate_certs": null } }, "resources": [], "retries": 6 } If I followed it correctly based on previous issues this might be in flux so I tried checking my flux logs and this is my error Error from server: Get https://10.148.0.8:10250/containerLogs/default/flux-dev-57b995fbb7-8zn8w/flux: No SSH tunnels currently open. Were the targets able to accept an ssh-key for user "gke-9158646aee4915ebebdf"? I'm sure all the gitops token and sshkey has been added correctly and generated correctly. Is there a way I could check where is the issue?

sownak (Fri, 21 Aug 2020 06:26:39 GMT):
Looks like ssh access is blocked from the kubernetes network. Check if you can git clone using ssh from a sample pod in your kubernetes cluster.

mantajoh (Fri, 21 Aug 2020 12:20:39 GMT):
I created a firewall rule to allow port22 and the error message is now different.. ts=2020-08-21T12:13:47.321822976Z caller=images.go:17 component=sync-loop msg="polling for new images for automated workloads" ts=2020-08-21T12:13:47.321870004Z caller=images.go:27 component=sync-loop msg="no automated workloads" ts=2020-08-21T12:13:48.690723348Z caller=warming.go:180 component=warmer canonical_name=gcr.io/cloud-marketplace/google/jenkins@sha256 auth={map[]} err="requesting tags: mux: variable \"cloud-marketplace/google/jenkins@sha256\" doesn't match, expected \"^(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?/)?[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$\"" ts=2020-08-21T12:14:53.193874113Z caller=warming.go:180 component=warmer canonical_name=gcr.io/cloud-marketplace/google/jenkins@sha256 auth={map[]} err="requesting tags: mux: variable \"cloud-marketplace/google/jenkins@sha256\" doesn't match, expected \"^(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?/)?[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$\"" ts=2020-08-21T12:15:40.726277664Z caller=loop.go:101 component=sync-loop err="git repo not ready: git clone --mirror: fatal: Could not read from remote repository., full output:\n Cloning into bare repository '/tmp/flux-gitclone004774948'...\ngit@github.com: Permission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n" ts=2020-08-21T12:15:57.200951886Z caller=warming.go:180 component=warmer canonical_name=gcr.io/cloud-marketplace/google/jenkins@sha256 auth={map[]} err="requesting tags: mux: variable \"cloud-marketplace/google/jenkins@sha256\" doesn't match, expected \"^(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?/)?[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$\"" I saw this as a common issue in the net did you encounter this as well? Not sure if it's still an issue on git password.

mantajoh (Fri, 21 Aug 2020 12:20:39 GMT):
I created a firewall rule to allow port22 and the error message in flux is now different.. ts=2020-08-21T12:13:47.321822976Z caller=images.go:17 component=sync-loop msg="polling for new images for automated workloads" ts=2020-08-21T12:13:47.321870004Z caller=images.go:27 component=sync-loop msg="no automated workloads" ts=2020-08-21T12:13:48.690723348Z caller=warming.go:180 component=warmer canonical_name=gcr.io/cloud-marketplace/google/jenkins@sha256 auth={map[]} err="requesting tags: mux: variable \"cloud-marketplace/google/jenkins@sha256\" doesn't match, expected \"^(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?/)?[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$\"" ts=2020-08-21T12:14:53.193874113Z caller=warming.go:180 component=warmer canonical_name=gcr.io/cloud-marketplace/google/jenkins@sha256 auth={map[]} err="requesting tags: mux: variable \"cloud-marketplace/google/jenkins@sha256\" doesn't match, expected \"^(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?/)?[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$\"" ts=2020-08-21T12:15:40.726277664Z caller=loop.go:101 component=sync-loop err="git repo not ready: git clone --mirror: fatal: Could not read from remote repository., full output:\n Cloning into bare repository '/tmp/flux-gitclone004774948'...\ngit@github.com: Permission denied (publickey).\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists.\n" ts=2020-08-21T12:15:57.200951886Z caller=warming.go:180 component=warmer canonical_name=gcr.io/cloud-marketplace/google/jenkins@sha256 auth={map[]} err="requesting tags: mux: variable \"cloud-marketplace/google/jenkins@sha256\" doesn't match, expected \"^(?:(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])(?:(?:\\\\.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]))+)?(?::[0-9]+)?/)?[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?(?:(?:/[a-z0-9]+(?:(?:(?:[._]|__|[-]*)[a-z0-9]+)+)?)+)?$\"" I saw this as a common issue in the net did you encounter this as well? Not sure if it's still an issue on git password.

NaveenRaju (Fri, 21 Aug 2020 12:50:20 GMT):

Screenshot 2020-08-21 at 6.18.47 PM.png

NaveenRaju (Fri, 21 Aug 2020 12:51:07 GMT):
Host machine is Macbook and I changed necessary env vars also

sownak (Fri, 21 Aug 2020 21:25:29 GMT):
Publickey is wrong as it is complaining about permission denied.

jcldnatv (Sat, 22 Aug 2020 17:23:17 GMT):
Has joined the channel.

renrenpedrajeta (Tue, 25 Aug 2020 14:15:45 GMT):

Clipboard - August 25, 2020 10:15 PM

renrenpedrajeta (Tue, 25 Aug 2020 14:17:26 GMT):
Hello, I am encountering this error on local deployment via minikube: TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Pod orderer1 in supplychain-net] **************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:36 FAILED - RETRYING: Wait for Pod orderer1 in supplychain-net (50 retries left). FAILED - RETRYING: Wait for Pod orderer1 in supplychain-net (49 retries left). FAILED - RETRYING: Wait for Pod orderer1 in supplychain-net (48 retries left). FAILED - RETRYING: Wait for Pod orderer1 in supplychain-net (47 retries left). FAILED - RETRYING: Wait for Pod orderer1 in supplychain-net (46 retries left). FAILED - RETRYING: Wait for Pod orderer1 in supplychain-net (45 retries left). It keeps on retrying up to 50 retries and will fail in the end. I already re-run my docker by deleting the "default" in virtualbox,

renrenpedrajeta (Tue, 25 Aug 2020 14:18:58 GMT):

Clipboard - August 25, 2020 10:18 PM

renrenpedrajeta (Tue, 25 Aug 2020 14:18:58 GMT):
this is the actual error
Clipboard - August 25, 2020 10:18 PM

sownak (Tue, 25 Aug 2020 14:21:30 GMT):
@renrenpedrajeta not sure how we can help here. If the ansible process is waiting for orderer1 to start that means that your orderer1 is not starting.

renrenpedrajeta (Tue, 25 Aug 2020 14:27:00 GMT):
can you give me some advice on what are the things that I should check to trigger down the issue? thank you! :)

sownak (Tue, 25 Aug 2020 14:31:26 GMT):
check the logs of flux and helm operator

renrenpedrajeta (Tue, 25 Aug 2020 14:53:19 GMT):
will check and update you on this. thanks!

renrenpedrajeta (Tue, 25 Aug 2020 15:53:00 GMT):

flux.PNG

renrenpedrajeta (Tue, 25 Aug 2020 15:53:47 GMT):

log.txt

renrenpedrajeta (Tue, 25 Aug 2020 15:54:14 GMT):

log2.txt

sownak (Tue, 25 Aug 2020 15:57:37 GMT):
logs seems fine, then check why orderer pod is not working

renrenpedrajeta (Tue, 25 Aug 2020 16:46:42 GMT):
okay this is noted. will check it. thanks!

renrenpedrajeta (Wed, 26 Aug 2020 15:28:56 GMT):

Clipboard - August 26, 2020 11:28 PM

renrenpedrajeta (Wed, 26 Aug 2020 15:31:47 GMT):

Clipboard - August 26, 2020 11:30 PM

sownak (Wed, 26 Aug 2020 15:48:20 GMT):
that means you were using a old orderder1.crt

sownak (Thu, 27 Aug 2020 08:19:22 GMT):
same comment as earlier, check the logs of the respective pod

jagpreet (Thu, 27 Aug 2020 09:08:28 GMT):
If the job fails, it retries for 5 times and then the pod wont appear. You have to delete its helmrelease, and then flux will re-deploy it again and then you can observe the logs. To list the helmreleases in a given namespace use, kubectl get hr -n NAMESPACE To delete the hr use, kubectl delete hr HR_NAME -n NAMESPACE

AbhijeetSamanta (Fri, 28 Aug 2020 14:32:17 GMT):
Has joined the channel.

SivaramKannan (Sat, 29 Aug 2020 05:15:38 GMT):
Hi Team - I made another attempt to finish my BAF deployment and made some good progress. I am facing the below error in all the ca-server pods. ``` Warning FailedScheduling 103s (x4 over 2m1s) default-scheduler pod has unbound immediate PersistentVolumeClaims (repeated 5 times) Normal Scheduled 94s default-scheduler Successfully assigned manufacturer-net/ca-84fdc4d869-b99h5 to aks-default-15230193-vmss000002 Warning FailedAttachVolume 28s (x8 over 94s) attachdetach-controller AttachVolume.Attach failed for volume "pvc-c135ecd8-7cc2-4bbc-bca9-d6b27fe10417" : compute.VirtualMachineScaleSetVMsClient#Update: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidParameter" Message="Required parameter 'dataDisk.managedDisk' is missing (null)." Target="dataDisk.managedDisk"```

SivaramKannan (Sat, 29 Aug 2020 05:17:04 GMT):
I changed the storage template from Premium_LRS(managed) to Stardard_LRS(shared) for orderer and peers ```kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: {{ sc_name }} provisioner: kubernetes.io/azure-disk reclaimPolicy: Retain parameters: storageaccounttype: Standard_LRS kind: Shared```

SivaramKannan (Sat, 29 Aug 2020 05:18:05 GMT):
I am not getting why ca servers are trying to attach a managed disk though, any idea where to change that?

SivaramKannan (Sat, 29 Aug 2020 05:20:53 GMT):
The above referenced PVC has this parameters `Parameters: kind=Shared,storageaccounttype=Standard_LRS`, so, somewhere there is an assumption this only a managed disk.

SivaramKannan (Sat, 29 Aug 2020 05:21:13 GMT):
May be I should not have changed an existing template, but created a new one??

SivaramKannan (Sat, 29 Aug 2020 06:21:03 GMT):
Looks like creating a new storage class for Standard_LRS do not help as well. any pointers as to how I solve this issue?

SivaramKannan (Sat, 29 Aug 2020 09:53:31 GMT):
Please ignore the above question ^^. I went past it when I changed the Kind to Managed from Shared.

SivaramKannan (Sat, 29 Aug 2020 14:00:18 GMT):
I moved along further, but hitting the below error.

SivaramKannan (Sat, 29 Aug 2020 14:00:21 GMT):
TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path] *********************************************************************************************** changed: [localhost] => (item={'orderer': None, 'type': 'orderer', 'name': 'orderer1', 'org_name': 'supplychain', 'uri': 'orderer1.org1ambassador.blockchaincloudpoc.com:8443', 'certificate': '/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt'}) An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [localhost] (item={'orderer': None, 'type': 'orderer', 'name': 'orderer2', 'org_name': 'supplychain', 'uri': 'orderer2.org1ambassador.blockchaincloudpoc.com:8443', 'certificate': '/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer2.crt'}) => {"ansible_loop_var": "orderer", "changed": false, "msg": "Could not find or access './build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt'\nSearched in:\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/files/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/files/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/shared/configuration/../../hyperledger-fabric/configuration/files/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/shared/configuration/../../hyperledger-fabric/configuration/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option", "orderer": {"certificate": "/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer2.crt", "name": "orderer2", "orderer": null, "org_name": "supplychain", "type": "orderer", "uri": "orderer2.org1ambassador.blockchaincloudpoc.com:8443"}}

SivaramKannan (Sat, 29 Aug 2020 14:02:14 GMT):
the configuration mentioned to have the folder to exist, which is /Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/. Do I need to create a selfsigned certs orderer1.crt??

pikvik (Mon, 31 Aug 2020 02:31:31 GMT):
Has joined the channel.

ArnabChatterjee (Mon, 31 Aug 2020 05:23:47 GMT):
Has joined the channel.

suvajit-sarkar (Mon, 31 Aug 2020 05:39:48 GMT):
Hi All, We are having the sprint planning for Blockchain Automation Framework (BAF) today. (5.30pm-6.30pm IST) Please feel free to join us on https://zoom.us/my/hyperledger.community.3

arnoudbevers (Mon, 31 Aug 2020 08:45:23 GMT):
Hi Sivaram, for your problem with the orderer TLS certificate, please check the value for the certificate path, network.orderer.certificate in your network.yaml. This path should exist and should have read & write permissions. Before setting up the network, this certificate should be empty. Please check this as well.

SivaramKannan (Mon, 31 Aug 2020 08:46:34 GMT):
read write permissions to ansible user?

SivaramKannan (Mon, 31 Aug 2020 08:47:38 GMT):
ok, it did not have w permission to group and others, let me try with write permissions. Thanks

NaveenRaju (Mon, 31 Aug 2020 09:36:49 GMT):

error.png

SivaramKannan (Mon, 31 Aug 2020 11:12:52 GMT):
ok. I think I moved from that error to the next one

SivaramKannan (Mon, 31 Aug 2020 11:12:53 GMT):
TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path] ******************************************************************************* changed: [localhost] => (item={'orderer': None, 'type': 'orderer', 'name': 'orderer1', 'org_name': 'supplychain', 'uri': 'orderer1.org1ambassador.blockchaincloudp oc.com:8443', 'certificate': '/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt'}) An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the rem ote, see the remote_src option failed: [localhost] (item={'orderer': None, 'type': 'orderer', 'name': 'orderer2', 'org_name': 'supplychain', 'uri': 'orderer2.org1ambassador.blockchaincloudpoc.c om:8443', 'certificate': '/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer2.crt'}) => {"ansible_loop_var": "orderer", "changed": false, "msg": "Could not find or access './build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt'\nSearched in:\n \t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/files/./build/crypto-co nfig/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/pla tforms/hyperledger-fabric/configuration/roles/create/crypto/peer/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/files/./b uild/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation -framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2. supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/platforms/shared/configuration/../../hyperledger-fabric/configu ration/files/./build/crypto-config/ordererOrganizations/supplychain-net/orderers/orderer2.supplychain-net/tls/ca.crt\n\t/Users/sivaramkannan/projects/go/src/block chain-automation-framework/platforms/shared/configuration/../../hyperledger-fabric/configuration/./build/crypto-config/ordererOrganizations/supplychain-net/ordere rs/orderer2.supplychain-net/tls/ca.crt on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option ", "orderer": {"certificate": "/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer2.crt", "name": "orderer2", "orderer": null, "org _name": "supplychain", "type": "orderer", "uri": "orderer2.org1ambassador.blockchaincloudpoc.com:8443"}}

SivaramKannan (Mon, 31 Aug 2020 12:03:45 GMT):
ok. I moved further along and I hit this ```TASK [create/channels : Call valuefile when participant is creator] ********************************************************************************************** fatal: [localhost]: FAILED! => {"msg": "You need to install \"jmespath\" prior to running json_query filter"}```

SivaramKannan (Mon, 31 Aug 2020 12:03:59 GMT):
I don't think this is covered in pre-reqs right

SivaramKannan (Mon, 31 Aug 2020 12:27:17 GMT):
finally the peers are getting deployed now, but the orderer are still failing. I think I should change it to raft consensus instead. can I change the consensus type to raft and deploy again or is there any other config done similar to Kafka?? ``` consensus: name: kafka type: broker replicas: 4 grpc: port: 9092```

SivaramKannan (Mon, 31 Aug 2020 12:30:02 GMT):
I don't see the configuration document very clear on how to configure raft for this

SivaramKannan (Mon, 31 Aug 2020 14:25:52 GMT):
I think I configure raft by just mentioning raft as consensus type in orderers, hope that is correct. But I am still facing the below error in the orderer ```2020-08-31 14:22:54.883 UTC [orderer.common.server] Start -> PANI 003 Failed validating bootstrap block: empty block data panic: Failed validating bootstrap block: empty block data````

SivaramKannan (Mon, 31 Aug 2020 14:26:05 GMT):
any idea what I missing here?

SivaramKannan (Mon, 31 Aug 2020 14:26:46 GMT):
may be I should use a different port??

SivaramKannan (Mon, 31 Aug 2020 15:10:36 GMT):
peers are all up for me and only orderers are having a problem. can someone help me with the raft configuration for fabric. This the configuration I have for raft ``` consensus: name: raft type: broker replicas: 1 grpc: port: 9092 orderers: # This sample has multiple orderers as an example. # You can use a single orderer for most production implementations. - orderer: name: orderer1 type: orderer consensus: raft grpc: port: 7050 ```

SivaramKannan (Mon, 31 Aug 2020 15:11:30 GMT):
and my orderer has the below error ```2020-08-31 15:09:09.965 UTC [orderer.common.server] Start -> PANI 003 Failed validating bootstrap block: empty block data panic: Failed validating bootstrap block: empty block data goroutine 1 [running]: github.com/hyperledger/fabric/vendor/go.uber.org/zap/zapcore.(*CheckedEntry).Write(0xc000385290, 0x0, 0x0, 0x0) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/zapcore/entry.go:229 +0x546 github.com/hyperledger/fabric/vendor/go.uber.org/zap.(*SugaredLogger).log(0xc000012188, 0x16ab104, 0x1552904, 0x25, 0xc0003f3cd0, 0x1, 0x1, 0x0, 0x0, 0x0) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/sugar.go:234 +0x101 github.com/hyperledger/fabric/vendor/go.uber.org/zap.(*SugaredLogger).Panicf(...) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/sugar.go:159 github.com/hyperledger/fabric/common/flogging.(*FabricLogger).Panicf(...) /opt/gopath/src/github.com/hyperledger/fabric/common/flogging/zap.go:74 github.com/hyperledger/fabric/orderer/common/server.Start(0x15309fe, 0x5, 0xc000496900) /opt/gopath/src/github.com/hyperledger/fabric/orderer/common/server/main.go:98 +0xe5 github.com/hyperledger/fabric/orderer/common/server.Main() /opt/gopath/src/github.com/hyperledger/fabric/orderer/common/server/main.go:91 +0x208 main.main() /opt/gopath/src/github.com/hyperledger/fabric/orderer/main.go:15 +0x20```

jvdacasin (Mon, 31 Aug 2020 18:55:25 GMT):
Hello, I am trying to create a namespace and use a deployment definition from an existing namespace. Here's the definitions: *apiVersion: extensions/v1beta1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: "1" flux.weave.works/antecedent: carrier-net:helmrelease/carrier-net-ca-tools creationTimestamp: "2020-08-21T17:09:49Z" generation: 2 labels: name: ca-tools name: ca-tools namespace: carrier-net resourceVersion: "2058" selfLink: /apis/extensions/v1beta1/namespaces/carrier-net/deployments/ca-tools uid: ea13333f-0375-43ee-85bc-3a8cdafd60ba spec: progressDeadlineSeconds: 600 replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: name: ca-tools strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: creationTimestamp: null labels: name: ca-tools spec: containers: - command: - sh - -c - /bin/bash image: hyperledger/fabric-ca-tools:1.2.0 imagePullPolicy: IfNotPresent name: ca-tools resources: {} stdin: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File tty: true volumeMounts: - mountPath: /root/ca-tools name: ca-tools-pv - mountPath: /crypto-config name: ca-tools-crypto-pv dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - name: ca-tools-pv persistentVolumeClaim: claimName: ca-tools-pvc - name: ca-tools-crypto-pv persistentVolumeClaim: claimName: ca-tools-crypto-pvc status: availableReplicas: 1 conditions: - lastTransitionTime: "2020-08-21T17:12:10Z" lastUpdateTime: "2020-08-21T17:12:10Z" message: Deployment has minimum availability. reason: MinimumReplicasAvailable status: "True" type: Available - lastTransitionTime: "2020-08-21T17:09:49Z" lastUpdateTime: "2020-08-21T17:12:10Z" message: ReplicaSet "ca-tools-599c8b474d" has successfully progressed. reason: NewReplicaSetAvailable status: "True" type: Progressing observedGeneration: 2 readyReplicas: 1 replicas: 1 updatedReplicas: 1* How can i properly use this for my new namespace? Are there parameters I should remove? How can i deploy it? Thanks in advance!

lakshyakumar (Tue, 01 Sep 2020 04:17:14 GMT):
Hi, In BAF fabric code, the namespaces are created using the "-net" suffix after the name of the organization ( carrier-net in the definition pasted here ). If you want a deployment to get deployed in your namespace, you can make the required changes in the value file to reflect your namespace and the corresponding changes should be done. The deployment gets deployed by flux after the valuefile is pushed to the github.

SivaramKannan (Tue, 01 Sep 2020 07:20:14 GMT):
Can someone help me with this error in the orderer please? ```2020-09-01 06:56:22.789 UTC [orderer.common.server] Start -> PANI 003 Failed validating bootstrap block: empty block data panic: Failed validating bootstrap block: empty block data goroutine 1 [running]: github.com/hyperledger/fabric/vendor/go.uber.org/zap/zapcore.(*CheckedEntry).Write(0xc0004ab290, 0x0, 0x0, 0x0) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/zapcore/entry.go:229 +0x546 github.com/hyperledger/fabric/vendor/go.uber.org/zap.(*SugaredLogger).log(0xc0001241e8, 0x16ab104, 0x1552904, 0x25, 0xc000515cd0, 0x1, 0x1, 0x0, 0x0, 0x0) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/sugar.go:234 +0x101 github.com/hyperledger/fabric/vendor/go.uber.org/zap.(*SugaredLogger).Panicf(...) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/sugar.go:159 github.com/hyperledger/fabric/common/flogging.(*FabricLogger).Panicf(...) /opt/gopath/src/github.com/hyperledger/fabric/common/flogging/zap.go:74 github.com/hyperledger/fabric/orderer/common/server.Start(0x15309fe, 0x5, 0xc000022900) /opt/gopath/src/github.com/hyperledger/fabric/orderer/common/server/main.go:98 +0xe5 github.com/hyperledger/fabric/orderer/common/server.Main() /opt/gopath/src/github.com/hyperledger/fabric/orderer/common/server/main.go:91 +0x208 main.main() /opt/gopath/src/github.com/hyperledger/fabric/orderer/main.go:15 +0x20```

SivaramKannan (Tue, 01 Sep 2020 07:20:50 GMT):
I retried with the default network-fabricv2-raft.yaml with 3 orderers and I still facing the same issue

jvdacasin (Tue, 01 Sep 2020 07:25:05 GMT):
Hello, thanks for your response. What particular parameter values shall I change? is it only the namespace parameter? For my example here: *selfLink: /apis/extensions/v1beta1/namespaces/carrier-net/deployments/ca-tools* It has "carrier-net" and "ca-tools" on its naming convention, How would it affect the carrier-net namespace if i won't change this? Thank you!

suvajit-sarkar (Tue, 01 Sep 2020 07:30:37 GMT):
Looks like your genesis block is empty. This can happen with incorrect network.yaml configuration or not resetting the network before rerun. If can share with your network.yaml without the credential parts we can have a look

suvajit-sarkar (Tue, 01 Sep 2020 07:30:41 GMT):
Looks like your genesis block is empty. This can happen with incorrect network.yaml configuration or not resetting the network before rerun. If can share with your network.yaml without the credential parts we can have a look

SivaramKannan (Tue, 01 Sep 2020 07:33:16 GMT):

network.txt

SivaramKannan (Tue, 01 Sep 2020 07:34:31 GMT):
opps... I forgot the cred part, let me re-upload.

SivaramKannan (Tue, 01 Sep 2020 07:34:51 GMT):
also, does it make sense for me to reset and try it once again??

suvajit-sarkar (Tue, 01 Sep 2020 07:36:50 GMT):
If you have not reset it earlier, you should.

SivaramKannan (Tue, 01 Sep 2020 07:37:21 GMT):
ok. I am not sure whether I did that. let me try that and get back.

SivaramKannan (Tue, 01 Sep 2020 07:40:26 GMT):

network.txt

SivaramKannan (Tue, 01 Sep 2020 07:41:05 GMT):
I am resetting the network to retry, but please let me know if there is something wrong.

SivaramKannan (Tue, 01 Sep 2020 07:41:34 GMT):
I did not modify anything from the samples except for the creds for azure, Gitops

suvajit-sarkar (Tue, 01 Sep 2020 07:47:24 GMT):
Can you try the following steps:

suvajit-sarkar (Tue, 01 Sep 2020 07:47:24 GMT):
Looks like the issue is with trying to setup tiller. Can you try the following manual steps to resolve: 1. Reset the network 2. helm reset --force 3. helm init --upgrade If successful, run site.yaml again

jagpreet (Tue, 01 Sep 2020 08:10:46 GMT):
You need to change the external url suffixes and their usage as well in the network.yaml

jagpreet (Tue, 01 Sep 2020 08:11:07 GMT):
Also, the vault credentials

SivaramKannan (Tue, 01 Sep 2020 08:21:29 GMT):
vault creds I specifically changed to share it here. for external url, there is a statement in the documentation if all the orgs are in the same k8s cluster, I need not use that

SivaramKannan (Tue, 01 Sep 2020 08:21:34 GMT):
isn't that true??

SivaramKannan (Tue, 01 Sep 2020 08:24:08 GMT):
```NOTE: If single cluster is being used for all organizations in a dev/POC environment, then domain name is not needed.```

SivaramKannan (Tue, 01 Sep 2020 08:28:50 GMT):
ok, that might be the problem. if I have only one k8s cluster what should I fill this entry? ```uri: orderer1.org1ambassador.blockchaincloudpoc.com:8443 ```

SivaramKannan (Tue, 01 Sep 2020 08:29:33 GMT):
is there a corresponding service for the orderer that I could use here?

jagpreet (Tue, 01 Sep 2020 08:47:19 GMT):
Yes, if all the orgs are in the same cluster, then you dont need the external DNS. But then you have to use the internal service urls

SivaramKannan (Tue, 01 Sep 2020 08:48:21 GMT):
Thanks. let me try that.

SivaramKannan (Tue, 01 Sep 2020 09:22:40 GMT):
when using the internal url, the port should be 7050 right?

jagpreet (Tue, 01 Sep 2020 09:57:02 GMT):
yes

jagpreet (Tue, 01 Sep 2020 09:57:12 GMT):
7050 for the orderer

jagpreet (Tue, 01 Sep 2020 09:57:17 GMT):
7051 for the nodes

jagpreet (Tue, 01 Sep 2020 09:57:17 GMT):
7051 for the peers

SivaramKannan (Tue, 01 Sep 2020 10:17:25 GMT):
cool. let me try that.

NaveenRaju (Tue, 01 Sep 2020 10:49:49 GMT):
Found the issue, it's because of helm version. Downgrading to v2 worked. Thanks.

SivaramKannan (Tue, 01 Sep 2020 11:12:24 GMT):

network.txt

SivaramKannan (Tue, 01 Sep 2020 11:12:38 GMT):
still hitting the same error. I am not sure what am I missing

SivaramKannan (Tue, 01 Sep 2020 11:14:15 GMT):
one error I noticed during deployment is this ```TASK [create/crypto/peer : Check if Orderer certs exist in Vault] ************************************************************************************************ failed: [localhost] (item={'orderer': None, 'type': 'orderer', 'name': 'orderer1', 'org_name': 'supplychain', 'uri': 'orderer1.org1ambassador.kluster.in:8443', 'c ertificate': '/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt'}) => {"ansible_loop_var": "orderer", "changed": false, "cmd ": "vault kv get -field=ca.crt secret/crypto/peerOrganizations/warehouse-net/orderer/tls\n", "delta": "0:00:01.058980", "end": "2020-09-01 16:33:20.079666", "msg" : "non-zero return code", "orderer": {"certificate": "/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt", "name": "orderer1" , "orderer": null, "org_name": "supplychain", "type": "orderer", "uri": "orderer1.org1ambassador.kluster.in:8443"}, "rc": 2, "start": "2020-09-01 16:33:19.020686" , "stderr": "No value found at secret/crypto/peerOrganizations/warehouse-net/orderer/tls", "stderr_lines": ["No value found at secret/crypto/peerOrganizations/wa$ ehouse-net/orderer/tls"], "stdout": "", "stdout_lines": []} ```

SivaramKannan (Tue, 01 Sep 2020 11:15:02 GMT):
could this be the problem?

SivaramKannan (Tue, 01 Sep 2020 11:16:50 GMT):
since I have only one cluster I assumed I need not touch `external_url_suffix: org1ambassador.kluster.in`

jagpreet (Tue, 01 Sep 2020 11:18:34 GMT):
The issue is, if you use the internal services, the external url suffix will be organization.name-net Example, for supplychain org, it will be supplychain-net

SivaramKannan (Tue, 01 Sep 2020 11:19:22 GMT):
ohh.. ok. let me try that.

jagpreet (Tue, 01 Sep 2020 11:19:27 GMT):
And the gossip address will be like peer0.carrier-net.svc.cluster.local:7051

SivaramKannan (Tue, 01 Sep 2020 11:19:43 GMT):
that I have configured correctly

jagpreet (Tue, 01 Sep 2020 11:19:57 GMT):
cool

SivaramKannan (Tue, 01 Sep 2020 11:20:00 GMT):
gossipAddress: peer0.carrier-net.svc.cluster.local:7051

SivaramKannan (Tue, 01 Sep 2020 12:59:55 GMT):
still getting the same error in orderer. during deployment I see this ```TASK [create/crypto/peer : Check if Orderer certs exist in Vault] ************************************************************************************************ failed: [localhost] (item={'orderer': None, 'type': 'orderer', 'name': 'orderer1', 'org_name': 'supplychain', 'uri': 'orderer1.supplychain-net.svc.cluster.local:7 050', 'certificate': '/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt'}) => {"ansible_loop_var": "orderer", "changed": fal se, "cmd": "vault kv get -field=ca.crt secret/crypto/peerOrganizations/warehouse-net/orderer/tls\n", "delta": "0:00:01.113287", "end": "2020-09-01 18:25:44.088827 ", "msg": "non-zero return code", "orderer": {"certificate": "/Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt", "name": "o rderer1", "orderer": null, "org_name": "supplychain", "type": "orderer", "uri": "orderer1.supplychain-net.svc.cluster.local:7050"}, "rc": 2, "start": "2020-09-01 18:25:42.975540", "stderr": "No value found at secret/crypto/peerOrganizations/warehouse-net/orderer/tls", "stderr_lines": ["No value found at secret/crypto/peerO rganizations/warehouse-net/orderer/tls"], "stdout": "", "stdout_lines": []} ...ignoring```

SivaramKannan (Tue, 01 Sep 2020 13:00:08 GMT):
any idea how I can debug this?

SivaramKannan (Tue, 01 Sep 2020 13:02:06 GMT):
just to summarise, the error I am getting is below ```2020-09-01 12:58:31.997 UTC [orderer.common.server] Start -> PANI 003 Failed validating bootstrap block: empty block data panic: Failed validating bootstrap block: empty block data goroutine 1 [running]: github.com/hyperledger/fabric/vendor/go.uber.org/zap/zapcore.(*CheckedEntry).Write(0xc000409550, 0x0, 0x0, 0x0) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/zapcore/entry.go:229 +0x546 github.com/hyperledger/fabric/vendor/go.uber.org/zap.(*SugaredLogger).log(0xc00012e358, 0x16ab104, 0x1552904, 0x25, 0xc0004a5cd0, 0x1, 0x1, 0x0, 0x0, 0x0) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/sugar.go:234 +0x101 github.com/hyperledger/fabric/vendor/go.uber.org/zap.(*SugaredLogger).Panicf(...) /opt/gopath/src/github.com/hyperledger/fabric/vendor/go.uber.org/zap/sugar.go:159 github.com/hyperledger/fabric/common/flogging.(*FabricLogger).Panicf(...) /opt/gopath/src/github.com/hyperledger/fabric/common/flogging/zap.go:74 github.com/hyperledger/fabric/orderer/common/server.Start(0x15309fe, 0x5, 0xc00039a000) /opt/gopath/src/github.com/hyperledger/fabric/orderer/common/server/main.go:98 +0xe5 github.com/hyperledger/fabric/orderer/common/server.Main() /opt/gopath/src/github.com/hyperledger/fabric/orderer/common/server/main.go:91 +0x208 main.main() /opt/gopath/src/github.com/hyperledger/fabric/orderer/main.go:15 +0x20```

SivaramKannan (Tue, 01 Sep 2020 13:02:29 GMT):

network.txt

SivaramKannan (Tue, 01 Sep 2020 13:04:53 GMT):

network.txt

SivaramKannan (Tue, 01 Sep 2020 13:05:13 GMT):
attached the network.yaml with creds removed. what am I missing?

SivaramKannan (Tue, 01 Sep 2020 13:06:45 GMT):

network.txt

abhaypsoni (Tue, 01 Sep 2020 16:04:11 GMT):
Has joined the channel.

abhaypsoni (Tue, 01 Sep 2020 16:04:11 GMT):
Hi, Prerequisite script is missing here. https://github.com/hyperledger-labs/blockchain-automation-framework/platforms/shared/scripts/pre_setup_win.bat

rjones (Tue, 01 Sep 2020 16:05:38 GMT):
@abhaypsoni hi, it is here: https://github.com/hyperledger-labs/blockchain-automation-framework/tree/master/platforms/shared/scripts

NaveenRaju (Tue, 01 Sep 2020 16:15:30 GMT):

error.png

SivaramKannan (Tue, 01 Sep 2020 16:17:04 GMT):
Did you define the azure-storageclass somewhere??

NaveenRaju (Tue, 01 Sep 2020 16:17:38 GMT):
No, I haven't define anywhere

SivaramKannan (Tue, 01 Sep 2020 16:18:48 GMT):
ohh.. this is quorum. I came across some storage issues in fabric last week, but quorum I am not sure.

NaveenRaju (Tue, 01 Sep 2020 16:19:07 GMT):
okay @SivaramKannan , anyways thanks for your inputs

NaveenRaju (Tue, 01 Sep 2020 16:19:21 GMT):
i checked in `/platforms/quorum/configuration/roles/create/k8_component/templates`

NaveenRaju (Tue, 01 Sep 2020 16:19:36 GMT):
but haven't found anything with that name

sownak (Tue, 01 Sep 2020 16:40:41 GMT):
Please follow https://blockchain-automation-framework.readthedocs.io/en/latest/operations/adding_new_storageclass.html#quorum to add a new storage class corresponding to your cloud provider

SivaramKannan (Tue, 01 Sep 2020 18:19:05 GMT):
this files has a weird genesis config - platforms/hyperledger-fabric/releases/dev/supplychain/orderer/orderer1-supplychain.yaml ``` genesis: |-```

SivaramKannan (Tue, 01 Sep 2020 18:19:14 GMT):
does that look good

NaveenRaju (Wed, 02 Sep 2020 04:25:17 GMT):
Thanks @sownak

sauveergoel (Wed, 02 Sep 2020 08:53:34 GMT):
Has joined the channel.

arnoudbevers (Wed, 02 Sep 2020 08:53:56 GMT):
The `|-` indicates a multi-line value. Does the genesis value contain more info below that line? Can you please send some more lines of your release file.

jvdacasin (Wed, 02 Sep 2020 09:25:23 GMT):
Hello, What could be the possible issue if the contents of the baf folder is missing on the ansible machine? Please see below: PS C:\users\jorell.v.dacasin\project\blockchain-automation-framework> docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build /bin/bash root@02d342a1fa94:/home# ls -ltr total 8 -rwxr-xr-x 1 root root 534 Aug 20 13:56 run.sh -rwxr-xr-x 1 root root 552 Aug 20 13:56 reset.sh drwxr-xr-x 2 root root 40 Sep 2 05:13 blockchain-automation-framework root@02d342a1fa94:/home# cd blockchain-automation-framework/ root@02d342a1fa94:/home/blockchain-automation-framework# ls -ltr *total 0*

sownak (Wed, 02 Sep 2020 09:26:58 GMT):
running the docker command from baf directory rather than project directory

sownak (Wed, 02 Sep 2020 09:26:58 GMT):
running the docker command from baf directory rather than project directory. Or missing the local volume mounting step.

SivaramKannan (Wed, 02 Sep 2020 09:45:04 GMT):
I don't think it had anything after this line. let me recreate the issue and upload the file here.

arnoudbevers (Wed, 02 Sep 2020 10:36:17 GMT):
Alright. Also include the network.yaml if it isn't different from the one you shared above

SivaramKannan (Wed, 02 Sep 2020 11:01:57 GMT):

orderer1-supplychain.txt

SivaramKannan (Wed, 02 Sep 2020 11:02:38 GMT):
Network yaml is the same. I also attempted deploy 2.0.0 to see if the behaviour changes, but still the same result.

jvdacasin (Wed, 02 Sep 2020 12:14:07 GMT):
hello, sownak. my BAF directory is in my project directory. Also i have mounted the BAF folder on my VM. please see screenshot. what do you mean by local volume mounting? Thank you!

sownak (Wed, 02 Sep 2020 12:15:27 GMT):
have you followed this https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html#windows_mount For Windows?

jvdacasin (Wed, 02 Sep 2020 12:17:54 GMT):

VM - default.PNG

jvdacasin (Wed, 02 Sep 2020 12:18:15 GMT):
Hello, Sownak. Yes I have.

sownak (Wed, 02 Sep 2020 12:19:02 GMT):
Then it should work. Check if you restarted the default machine after this and the baf folder is mounted correctly by logging into the default machine.

sownak (Wed, 02 Sep 2020 12:19:02 GMT):
Then it should work. Check if you restarted the default machine after this and the baf folder is mounted correctly by log-in into the default machine.

NaveenRaju (Wed, 02 Sep 2020 12:20:41 GMT):

Screenshot 2020-09-02 at 5.50.24 PM.png

NaveenRaju (Wed, 02 Sep 2020 12:20:58 GMT):
did everything as mentioned in the documentation

NaveenRaju (Wed, 02 Sep 2020 12:21:26 GMT):

Screenshot 2020-09-02 at 5.51.16 PM.png

NaveenRaju (Wed, 02 Sep 2020 12:32:08 GMT):
@SivaramKannan any help with the template?

SivaramKannan (Wed, 02 Sep 2020 12:34:25 GMT):
I have seen it taking a long time to create SC, does this fail for you or you did not wait?

NaveenRaju (Wed, 02 Sep 2020 12:34:49 GMT):
it is failing after retries

arnoudbevers (Wed, 02 Sep 2020 12:38:19 GMT):
Hi Naveen, does it go through all the retries? With Flux, it might take approx. 5-6 tries before a resource has been synced to your cluster

SivaramKannan (Wed, 02 Sep 2020 12:39:13 GMT):
in fabric both changing the existing template as well creating a new template worked for me.

NaveenRaju (Wed, 02 Sep 2020 12:39:32 GMT):
yes it is failing after reaching the limit

SivaramKannan (Wed, 02 Sep 2020 12:39:48 GMT):
quorum, I don't think my experience counts

jvdacasin (Wed, 02 Sep 2020 12:45:28 GMT):
docker-machine restart solved it. Thanks!

jvdacasin (Wed, 02 Sep 2020 12:45:56 GMT):

restart.PNG

jagpreet (Wed, 02 Sep 2020 12:50:16 GMT):
Can you please send the network.yaml (removing the credentials)?

SivaramKannan (Wed, 02 Sep 2020 12:50:37 GMT):
host: localhost

sownak (Wed, 02 Sep 2020 12:50:42 GMT):
If it is failing after all retries, check the flux logs if there is something wrong. Also check if sc azure_storageclass is created on Kubernetes.

SivaramKannan (Wed, 02 Sep 2020 12:50:54 GMT):
https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=igSAzyDGjgMFxvy7d

jagpreet (Wed, 02 Sep 2020 12:52:29 GMT):
Is this path (mentioned in your network.yaml) correct? /Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build/orderer1.crt

SivaramKannan (Wed, 02 Sep 2020 12:52:48 GMT):
yes.

jagpreet (Wed, 02 Sep 2020 12:54:10 GMT):
This path is wrong

jagpreet (Wed, 02 Sep 2020 12:54:35 GMT):
Why are you having a windows path for the dockerized environment?

jagpreet (Wed, 02 Sep 2020 12:54:35 GMT):
Why are you having a mac path for the dockerized environment?

SivaramKannan (Wed, 02 Sep 2020 12:55:02 GMT):
```sivaramkannan on in ~/projects/go/src/blockchain-automation-framework/build on 🍣 try2 via 🐏 86% | 84% 🕙 18:24:29 ❯ ls -l total 248 -rw-r--r-- 1 sivaramkannan staff 24419 Sep 1 09:31 network-fabricv2-raft.yaml -rw-r--r-- 1 sivaramkannan staff 23016 Sep 1 18:36 network.txt -rw-r--r-- 1 sivaramkannan staff 23561 Sep 2 15:22 network.yaml -rw-r--r-- 1 sivaramkannan staff 22886 Sep 1 09:54 network_attempt1.yaml -rw-r--r-- 1 sivaramkannan staff 23830 Aug 28 20:41 network_modified.yaml -rw-r--r-- 1 sivaramkannan staff 737 Sep 2 16:09 orderer1.crt sivaramkannan on in ~/projects/go/src/blockchain-automation-framework/build on 🍣 try2 via 🐏 86% | 84% 🕙 18:24:31 ❯ pwd /Users/sivaramkannan/projects/go/src/blockchain-automation-framework/build```

SivaramKannan (Wed, 02 Sep 2020 12:56:23 GMT):
can you help me with the correct path please?

jagpreet (Wed, 02 Sep 2020 12:57:14 GMT):
are you using the docker container for ansible?

SivaramKannan (Wed, 02 Sep 2020 12:57:29 GMT):
no. from the host

jagpreet (Wed, 02 Sep 2020 12:58:17 GMT):
You have configured the ansible on your Mac itself?

SivaramKannan (Wed, 02 Sep 2020 12:58:25 GMT):
yes

SivaramKannan (Wed, 02 Sep 2020 12:58:40 GMT):
```sivaramkannan on in ~/projects/go/src/blockchain-automation-framework/build on 🍣 try2 via 🐏 86% | 84% 🕙 18:24:52 ❯ which ansible /usr/local/bin/ansible```

jagpreet (Wed, 02 Sep 2020 13:00:04 GMT):
Cool. then the path seems fine (I cannot be sure still as I haven't used a mac before for deployment). Let me check the network.yaml

SivaramKannan (Wed, 02 Sep 2020 13:01:26 GMT):
appreciate the help.

SivaramKannan (Wed, 02 Sep 2020 13:06:15 GMT):
does integrating the CA's with cert-manager in your roadmap??

jagpreet (Wed, 02 Sep 2020 13:11:46 GMT):
Try changing these.. Under org, org.services.peers.peer[*].gossippeeraddress: peer0.carrier-net.svc.cluster.local:7051 And in the network.orderers section, change all the urls by just their name.namespace:port Like channels[*].participants[*].peers[*].gossipAddress: peer0.carrier-net:7051. And run the network. After this runs, when the ansible playbook is executing the channel_artificats role, please have a look at the logs. The genesis block get generated there. (You can manually run the steps mentioned in blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/channel_aritifacts/tasks/main.yaml to know the exact reason as in why the genesis block is not getting created). Also post the configtx.yaml file here for reference

NaveenRaju (Wed, 02 Sep 2020 13:12:56 GMT):
I changed the retry count to 30 just to test but no luck @sownak

SivaramKannan (Wed, 02 Sep 2020 13:17:33 GMT):

configtx.txt

jagpreet (Wed, 02 Sep 2020 13:17:39 GMT):
No, we use Fabric CA for certificate generation and use Vault for their storage. Any other solution to create certificates can be easily be plugged by generating the certificates and putting them at the paths, mentioned in the documentation. https://blockchain-automation-framework.readthedocs.io/en/latest/architectureref/certificates_path_list_fabric.html

SivaramKannan (Wed, 02 Sep 2020 13:17:53 GMT):
let me those suggested changes and get back

SivaramKannan (Wed, 02 Sep 2020 13:19:58 GMT):
the orderer address ```ordererAddress: orderer1.supplychain-net.svc.cluster.local:7050 ``` is still fine?

jagpreet (Wed, 02 Sep 2020 13:21:21 GMT):
No, please change all the urls in channel section

SivaramKannan (Wed, 02 Sep 2020 13:21:44 GMT):
you want me to remove the .svc.cluster.local right?

jagpreet (Wed, 02 Sep 2020 13:21:55 GMT):
Yes

SivaramKannan (Wed, 02 Sep 2020 13:22:07 GMT):
thanks, let me try and get back

jagpreet (Wed, 02 Sep 2020 13:23:25 GMT):
this is because at some places we use the . to create URLs. Hence the channel section should be uniform with that

SivaramKannan (Wed, 02 Sep 2020 13:24:33 GMT):
got it

mantajoh (Wed, 02 Sep 2020 13:55:25 GMT):
thank you I think what I am using at first gitops publickey inside the container... and also using "/" instead of ":" before my username in git_ssh credentials help me resolve issues in flux..... git_ssh: "ssh://git@github.com//blockchain-automation-framework.git"

mantajoh (Wed, 02 Sep 2020 13:55:25 GMT):
thank you! I think what I am using at first is gitops publickey inside the container... and also using "/" instead of ":" before my username in git_ssh credentials help me resolve issues in flux..... git_ssh: "ssh://git@github.com//blockchain-automation-framework.git"

NaveenRaju (Wed, 02 Sep 2020 14:07:00 GMT):
azure_storageclass is not getting created

mantajoh (Wed, 02 Sep 2020 14:19:34 GMT):
Hello Team, I'm getting the error below and upon checking there are no storage class template available for gcp.. I will create something on my own but not sure if you have any available template already. TASK [create/storageclass : Create Storage Class value file for orderers] ********************************************************************************* task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/storageclass/tasks/main.yaml:29 fatal: [localhost]: FAILED! => { "msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'gcp-orderer'\n\nThe error appears to be in '/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/storageclass/tasks/main.yaml': line 29, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# This task creates the value file for creating the storage class for Orderer\n- name: Create Storage Class value file for orderers\n ^ here\n" }

sownak (Wed, 02 Sep 2020 14:37:16 GMT):
have you checked flux logs for any errors?

NaveenRaju (Wed, 02 Sep 2020 14:44:35 GMT):
yup, all good over there.

NaveenRaju (Wed, 02 Sep 2020 14:47:25 GMT):
Thanks guys I was able to fix it. I renamed to azurestorageclass and removed the hyphen, I tested directly from kubectl cli it showed validation error before so I removed the hyphen.

sownak (Wed, 02 Sep 2020 15:04:31 GMT):
@NaveenRaju thanks. Did you get error like The StorageClass \"\" is invalid:?

suvajit-sarkar (Wed, 02 Sep 2020 15:58:34 GMT):
Hello Everyone, We will be having our PI demo tomorrow (3rd Sep 9:00 pm-10:00 pm IST) The following will be demoed 1. BAF Besu DLT network deployment with TLS enabled 2. Helm3 upgrade changes and Quorum-Tessera network deployment using helm version 3 3. BAF Corda Enterprise network deployment (Firewall Disabled) Feel free to join us on https://zoom.us/my/hyperledger.community.3

suvajit-sarkar (Wed, 02 Sep 2020 15:58:34 GMT):
Hello Everyone, We will be having our PI demo tomorrow (3rd Sep 9:00 pm-10:00 pm IST) The following will be demoed 1. BAF HL Besu network deployment with TLS enabled 2. Helm3 upgrade changes and Quorum-Tessera network deployment using helm version 3 3. BAF Corda Enterprise network deployment (Firewall Disabled) Feel free to join us on https://zoom.us/my/hyperledger.community.3

abhaypsoni (Thu, 03 Sep 2020 05:55:22 GMT):
I am getting this error. Do i need to disable Hyper-V

abhaypsoni (Thu, 03 Sep 2020 05:55:41 GMT):

Clipboard - September 3, 2020 11:25 AM

NaveenRaju (Thu, 03 Sep 2020 06:34:38 GMT):
Is it available public?

NaveenRaju (Thu, 03 Sep 2020 06:50:25 GMT):
Yes @sownak

NaveenRaju (Thu, 03 Sep 2020 07:05:18 GMT):

Screenshot 2020-09-03 at 12.34.39 PM.png

sownak (Thu, 03 Sep 2020 08:15:38 GMT):
Thanks for letting us know

sownak (Thu, 03 Sep 2020 08:16:28 GMT):
yes. https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html#setting-up-docker

sownak (Thu, 03 Sep 2020 08:17:45 GMT):
All hyperledger zoom meetings are public.

sownak (Thu, 03 Sep 2020 08:19:30 GMT):
No, domain name is non mandatory, if you cannot curl to the Vault address from your ansible controller, it will fail, because ansible also writes to Vault and that is why the root token is needed in network.yaml

NaveenRaju (Thu, 03 Sep 2020 08:40:53 GMT):
I mean is there any recording available?

SivaramKannan (Thu, 03 Sep 2020 12:43:26 GMT):
The changes made results in the below error ```TASK [setup/vault_kubernetes : Write reviewer token for Organisations] ******************************************************************************************* fatal: [localhost]: FAILED! => {"changed": true, "cmd": "export REVIEWER_TOKEN=$(KUBECONFIG=/Users/sivaramkannan/.kube/azurek8s kubectl get secret $(KUBECONFIG=/Users/sivaramkannan/.kube/azurek8s kubectl get serviceaccount -n supplychain-net vault-reviewer -o jsonpath={.secrets[0].name}) -n supplychain-net -o jsonpath={.data.token} | base64 -d)\nvault write auth/supplychain-net-auth/config token_reviewer_jwt=\"$REVIEWER_TOKEN\" kubernetes_host=$(KUBECONFIG=/Users/sivaramkannan/.kube/azurek8s kubectl config view -o jsonpath=\"{.clusters[?(@.name==\\\"andromeda\\\")].cluster.server}\") kubernetes_ca_cert=@\"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:02.575731", "end": "2020-09-03 18:06:45.770633", "msg": "non-zero return code", "rc": 2, "start": "2020-09-03 18:06:43.194902", "stderr": "Error writing data to auth/supplychain-net-auth/config: Error making API request.\n\nURL: PUT http://vault-test.eastus.azurecontainer.io:8200/v1/auth/supplychain-net-auth/config\nCode: 400. Errors:\n\n* one of pem_keys or kubernetes_ca_cert must be set", "stderr_lines": ["Error writing data to auth/supplychain-net-auth/config: Error making API request.", "", "URL: PUT http://vault-test.eastus.azurecontainer.io:8200/v1/auth/supplychain-net-auth/config", "Code: 400. Errors:", "", "* one of pem_keys or kubernetes_ca_cert must be set"], "stdout": "", "stdout_lines": []}```

SivaramKannan (Thu, 03 Sep 2020 12:44:02 GMT):
how can I resolve this?

SivaramKannan (Thu, 03 Sep 2020 12:44:02 GMT):
how can I overcome this?

sownak (Thu, 03 Sep 2020 12:51:27 GMT):
yes, it will be

SivaramKannan (Thu, 03 Sep 2020 18:34:33 GMT):
Still the same error ```2020-09-03 18:33:30.843 UTC [orderer.common.server] Start -> PANI 003 Failed validating bootstrap block: empty block data panic: Failed validating bootstrap block: empty block data```

SivaramKannan (Thu, 03 Sep 2020 18:35:11 GMT):
even with the suggested change.

SivaramKannan (Thu, 03 Sep 2020 18:36:38 GMT):
I will test with an ingress tomorrow to check whether that works

jvdacasin (Fri, 04 Sep 2020 08:49:04 GMT):
Hello, I have created a namespace and applied deployment definitions from another namespace. I am successful in creating a pod after the build run, but seeing a "Pending status" instead of Running / Completed (Please see screenshot) Any advice? Thanks!

jvdacasin (Fri, 04 Sep 2020 08:50:41 GMT):

PODS

arnoudbevers (Fri, 04 Sep 2020 09:16:56 GMT):
Hi, to get the logs of this pod you have to execute the following command: `kubectl logs {pod_name} -n {namespace}`; you just missed the correct combination of commands :grinning:

arnoudbevers (Fri, 04 Sep 2020 09:17:58 GMT):
Hi all, for anyone who couldn't make it: the recording of yesterday's PI demo is available at https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework. We covered Hyperledger Besu with TLS, Helm 3 upgrade and Corda Enterprise CENM deployment.

SivaramKannan (Sat, 05 Sep 2020 10:39:37 GMT):
Hi Team - I am still hitting the same error ```[orderer.common.server] Start -> PANI 003 Failed validating bootstrap block: empty block data panic: Failed validating bootstrap block: empty block data```

SivaramKannan (Sat, 05 Sep 2020 10:40:34 GMT):
Have a question regarding raft configuration in the fabric though, when I search the code for raft references I did not find anything in the fabric code ```sivaramkannan on in ~/projects/go/src/blockchain-automation-framework on 🍣 try2 via 🐏 84% | 60% 🕙 16:06:41 ❯ find . | grep raft ./platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml ./platforms/quorum/configuration/roles/create/crypto/raft ./platforms/quorum/configuration/roles/create/crypto/raft/tasks ./platforms/quorum/configuration/roles/create/crypto/raft/tasks/main.yaml ./platforms/quorum/configuration/roles/create/crypto/raft/tasks/nested_main.yaml ./platforms/quorum/configuration/roles/create/crypto/raft/meta ./platforms/quorum/configuration/roles/create/crypto/raft/meta/main.yaml ./platforms/quorum/configuration/roles/create/crypto/raft/Readme.md ./platforms/quorum/configuration/roles/create/genesis_raft ./platforms/quorum/configuration/roles/create/genesis_raft/tasks ./platforms/quorum/configuration/roles/create/genesis_raft/tasks/nested_validator_node_data.yaml ./platforms/quorum/configuration/roles/create/genesis_raft/tasks/main.yaml ./platforms/quorum/configuration/roles/create/genesis_raft/tasks/validator_node_data.yaml ./platforms/quorum/configuration/roles/create/genesis_raft/Readme.md ./platforms/quorum/configuration/roles/create/genesis_raft/templates ./platforms/quorum/configuration/roles/create/genesis_raft/templates/genesis.tpl ./build/network-fabricv2-raft.yaml```

SivaramKannan (Sat, 05 Sep 2020 10:41:01 GMT):
has raft consensus supported for fabric?

sownak (Sat, 05 Sep 2020 10:42:59 GMT):
yes. in platforms/hyperledger-fabric/configuration/roles/create/configtx/templates/configtxOrderer.tpl

sownak (Sat, 05 Sep 2020 10:43:54 GMT):
This is most probably because your channel configurations are wrong as a result the configtx.yaml created is wrong, which is causing the genesis block generation to fail.

SivaramKannan (Sat, 05 Sep 2020 10:45:10 GMT):
hmm.. how do I correct the configuration?

sownak (Sat, 05 Sep 2020 10:46:18 GMT):
you need to debug the configtx file, stop ansible when configtx has been generated and check the build folder for the file

SivaramKannan (Sat, 05 Sep 2020 10:48:02 GMT):
the only change I made to the default config in the example is the orderer and peer address in the channel configuration, which I don't think I can change.

sownak (Sat, 05 Sep 2020 11:27:20 GMT):
can you paste the new configtx.yaml here?

SivaramKannan (Sat, 05 Sep 2020 16:10:46 GMT):
I am trying with Kafka now and had some issues. will try again with raft later and post the configtx.yaml.

SivaramKannan (Sat, 05 Sep 2020 17:37:54 GMT):

network_kafka.txt

SivaramKannan (Sat, 05 Sep 2020 17:38:03 GMT):

configtx_kafka.txt

SivaramKannan (Sat, 05 Sep 2020 17:38:39 GMT):
I faced the same issue with Kafka config as well. Will try with raft and get the configtx.yaml as well, if that helps

sownak (Sat, 05 Sep 2020 17:48:59 GMT):
I understand you are using single kubernetes cluster. In that case 1. orderer1.supplychain-net:8443 should be orderer1.supplychain-net:7050 (8443 is used only when proxy is used) 2. Host: peer0.warehouse-net.warehouse-net Port: 8443 should be Host: peer0.warehouse-net Port: 7051 (for the same reasons as above) Also there is still the peer0.store-net.org3ambassador.blockchaincloudpoc.com which is wrong as pointed out earlier. As I mentioned, the network yaml configuration is wrong.

SivaramKannan (Sat, 05 Sep 2020 17:50:37 GMT):
only the configtx.yaml says 8443, not the network.yaml.

SivaramKannan (Sat, 05 Sep 2020 17:50:54 GMT):
peer0.store-net.org3ambassador.blockchaincloudpoc.com is a mistake I see, let me fix it and try again

sownak (Sat, 05 Sep 2020 17:51:34 GMT):
yes, our code is updated for use with proxy, if you need to run it without proxy, you will have to make the changes

SivaramKannan (Sat, 05 Sep 2020 17:51:59 GMT):
ok, will change that and try again.

jagpreet (Mon, 07 Sep 2020 06:44:58 GMT):
As the pods are in pending state, try to describe the pod instead. kubectl describe pod -n

jagpreet (Mon, 07 Sep 2020 06:44:58 GMT):
As the pods are in pending state, try to describe the pod instead. `kubectl describe pod -n `

SivaramKannan (Mon, 07 Sep 2020 17:34:34 GMT):

network-2_org_raft.txt

SivaramKannan (Mon, 07 Sep 2020 17:34:40 GMT):

configtx.txt

SivaramKannan (Mon, 07 Sep 2020 17:35:05 GMT):
So, I made some changes in the templates to get a confixtx.yaml that looked right to me, but still getting the same error. I am out of ideas to try here though.

sownak (Tue, 08 Sep 2020 08:21:33 GMT):
Are you able to see the certificates generated in the crypto-config directory inside build?

SivaramKannan (Tue, 08 Sep 2020 08:23:46 GMT):
Yes. I see it now

SivaramKannan (Tue, 08 Sep 2020 08:25:36 GMT):
```🕙 13:55:16 ❯ tree -L 2 . ├── lost+found ├── ordererOrganizations │ └── supplychain-net └── peerOrganizations ├── carrier-net └── store-net```

SivaramKannan (Tue, 08 Sep 2020 08:26:46 GMT):
``` supplychain-net ├── ca │ ├── ca.supplychain-net-cert.pem │ └── supplychain-net-CA.key ├── msp │ ├── admincerts │ │ └── Admin@supplychain-net-cert.pem │ ├── cacerts │ │ └── ca-supplychain-net-7054.pem │ ├── keystore │ ├── signcerts │ ├── tlscacerts │ │ └── ca-supplychain-net-7054.pem │ └── user ├── orderers │ └── orderer1.supplychain-net │ ├── msp │ │ ├── admincerts │ │ │ └── Admin@supplychain-net-cert.pem │ │ ├── cacerts │ │ │ └── ca-supplychain-net-7054.pem │ │ ├── keystore │ │ │ └── 60adaeb33136e29a774f3941bf168991b1c6ee5eef724df45f7ac44d490ba000_sk │ │ ├── signcerts │ │ │ └── cert.pem │ │ ├── tlscacerts │ │ │ └── ca-supplychain-net-7054.pem │ │ └── user │ └── tls │ ├── ca.crt │ ├── server.crt │ └── server.key```

sownak (Tue, 08 Sep 2020 08:29:10 GMT):
are you able to run the configtxgen command and get the genesis block manually?

SivaramKannan (Tue, 08 Sep 2020 08:30:32 GMT):
did not try. problem is I am not really familiar with fabric in general, I will try it now.

sownak (Tue, 08 Sep 2020 08:30:58 GMT):
commands are in this file platforms/hyperledger-fabric/configuration/roles/create/channel_artifacts/tasks/main.yaml

SivaramKannan (Tue, 08 Sep 2020 08:31:00 GMT):
if you can give me a list of debugging next set of steps, I can try and see what is the problem

jvdacasin (Tue, 08 Sep 2020 09:05:31 GMT):
Hello, I'm getting a Tiller error: *task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/tiller/tasks/main.yaml:2 An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.99.102', port=8443): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 113] No route to host',)) I have already re-booted docker, minikube. Re-copied config and .crt files to build folder. The error still occurs. PLease see screenshot of the whole error. Thanks!

jvdacasin (Tue, 08 Sep 2020 09:06:46 GMT):

Tiller Error

sownak (Tue, 08 Sep 2020 09:09:50 GMT):
looks like the address of your minikube has changed

NaveenRaju (Tue, 08 Sep 2020 09:13:59 GMT):

Screenshot 2020-09-08 at 2.42.40 PM.png

jvdacasin (Tue, 08 Sep 2020 09:20:49 GMT):
got past the issue, Changed the config file of the /build folder to the current address of minikube. Thanks!

jvdacasin (Tue, 08 Sep 2020 09:32:40 GMT):
Thanks Jagpreet!

suvajit-sarkar (Tue, 08 Sep 2020 09:44:21 GMT):
check your flux logs and also make sure that you are working on the branch that is mentioned in your network.yaml gitops section under each orgs.

anweiss (Tue, 08 Sep 2020 20:06:52 GMT):
Has joined the channel.

mantajoh (Tue, 08 Sep 2020 20:09:06 GMT):
Hello Team, I'm trying to deploy my fabric network in gcp and stucked on this issue: I check ca pods and they are all in CrashLoopBackOff error and when I check logs this is what I could find "Error: Failed to create default configuration file: An empty password in the '-b user:pass' option is not permitted"..

mantajoh (Tue, 08 Sep 2020 20:09:20 GMT):

errorBAF.txt

anweiss (Tue, 08 Sep 2020 20:15:35 GMT):
hey all ... I'm attempting to deploy Fabric via the `feature/helm3` branch, but am running into an error at the `setup/flux` task: ``` "stderr": "/bin/sh: 2: https://raw.githubusercontent.com/fluxcd/helm-operator/1.2.0/deploy/crds.yaml: not found\nError: could not find tiller\nError: could not find tiller" ```

anweiss (Tue, 08 Sep 2020 20:15:52 GMT):
not sure if this branch is stable at the moment, but I'd prefer to deploy using Helm3

SivaramKannan (Wed, 09 Sep 2020 04:48:52 GMT):
guess this is the problem ```sivaramkannan on in projects/go/src/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/build on 🍣 try2 via 🐏 84% | 86% took 15s 🕙 10:17:51 ❯ ./configtxgen -profile OrdererGenesis -outputBlock ./channel-artifacts/genesis.block zsh: exec format error: ./configtxgen```

SivaramKannan (Wed, 09 Sep 2020 04:49:24 GMT):
I was able to create the genesis block when I used the configtxgen from fabric-samples.

SivaramKannan (Wed, 09 Sep 2020 04:49:24 GMT):
I was able to create the genesis block when I used the configtxgen from fabric-samples that I downloaded for Mac.

SivaramKannan (Wed, 09 Sep 2020 04:50:34 GMT):
the script is not detecting the install_os correctly

SivaramKannan (Wed, 09 Sep 2020 04:50:34 GMT):
the script is not detecting the install_os correctly for macOS and it is downloading for linux

SivaramKannan (Wed, 09 Sep 2020 04:51:15 GMT):
would it work if I hard code the path here, or there are other places I may have to change??

SivaramKannan (Wed, 09 Sep 2020 04:53:15 GMT):
to make it simple, let me try this from a ubuntu machine before trying to fix it for mac

suvajit-sarkar (Wed, 09 Sep 2020 05:49:54 GMT):
Its work in progress branch; we have not tested Fabric on helm3, but the error is not related to fabric, we will have a look

jagpreet (Wed, 09 Sep 2020 06:04:35 GMT):
If you see the above error file, it says Could not find or access './build/crypto-config/ordererOrganizations/supplier-net/orderers/orderer1.supplier-net/tls/ca.crt' The orderer certificate section in the network.yaml should have absolute paths and the path should have read & write permission

sownak (Wed, 09 Sep 2020 10:22:37 GMT):
For running mac as the ansible controller you have to update vars: #These variables can be overriden from the command line install_os: "linux" #Default to linux OS install_arch: "amd64" #Default to amd64 architecture bin_install_dir: "~/bin" in the playbooks, we do not detect the os arch automatically. We have never completely tested on Mac and hence provide a docker image as ansible controller (which has all the pre-reqs as well)

SivaramKannan (Wed, 09 Sep 2020 10:23:39 GMT):
ohh... ok.

SivaramKannan (Wed, 09 Sep 2020 10:24:05 GMT):
is the above documented somewhere??

SivaramKannan (Wed, 09 Sep 2020 10:25:15 GMT):
I really don't want to try it from linux actually. these variables can be set in the network.yaml or as a ansible variables??

sownak (Wed, 09 Sep 2020 10:26:35 GMT):
How to use the docker image is documented here -> https://blockchain-automation-framework.readthedocs.io/en/latest/developer/docker-build.html

SivaramKannan (Wed, 09 Sep 2020 10:27:01 GMT):
thanks. let met try that.

sownak (Wed, 09 Sep 2020 10:27:02 GMT):
Yes you can set those variables in network.yaml at top level i.e. same level as network:

ashlinSajan (Wed, 09 Sep 2020 10:54:08 GMT):
Has joined the channel.

SivaramKannan (Wed, 09 Sep 2020 11:47:27 GMT):
yay... orderer is up when run from inside docker. fingers crossed for the whole deployment to finish

SivaramKannan (Wed, 09 Sep 2020 11:49:00 GMT):
the channel has this error ```Error: ordering service endpoint orderer1.supplychain-net is not valid or missing```

SivaramKannan (Wed, 09 Sep 2020 11:49:49 GMT):
I am guessing it should be orderer.supplychain-net:7050 right?

SivaramKannan (Wed, 09 Sep 2020 12:42:35 GMT):
```Job installchaincode-peer0-chaincode_name-chaincode_version in carrier-net``` is failing. which means the blockchain deployment is complete right? this is awesome. Thanks for the help @sownak @jagpreet

suvajit-sarkar (Wed, 09 Sep 2020 13:48:03 GMT):
we tested the feature/helm3 it looks fine for the setup/flux task, can confirm that you have the helm version ? use command `helm version`, in case its showing other than version 3, please remove it and run the deployment again

suvajit-sarkar (Wed, 09 Sep 2020 13:48:03 GMT):
we tested the feature/helm3 it looks fine for the setup/flux task, can you confirm that you have the helm version 3 ? use command `helm version`, in case its showing other than version 3, please remove it and run the deployment again

SivaramKannan (Wed, 09 Sep 2020 15:09:45 GMT):
In fabric, I see documentation to add a new organisation, can I also add a new channel to network?

sownak (Wed, 09 Sep 2020 16:39:55 GMT):
Yes, if your peer pods are up and they have each other in anchor peers, the DLT is complete. Chaincode is for supplychain application deployment.

SivaramKannan (Wed, 09 Sep 2020 16:41:29 GMT):
awesome thanks. does it make sense to commit the network.yaml as an example for single k8s deployment for fabric?

sownak (Wed, 09 Sep 2020 16:42:43 GMT):
Yes, that can be done BUT commit in a separate private repo, because your secrets should not be committed to public repo. Or replace the secrets and then commit

SivaramKannan (Wed, 09 Sep 2020 16:43:16 GMT):
will do.

sownak (Wed, 09 Sep 2020 16:43:40 GMT):
We believe it would work by updating the channel section of network yaml. Do give it a try and let us know any errors? Or if success, submit a .MD file?

SivaramKannan (Wed, 09 Sep 2020 16:44:15 GMT):
cool, let me try and update here.

SivaramKannan (Thu, 10 Sep 2020 07:04:57 GMT):
Team - can we expose metrics stats from the peers and orderers? can we configure those params in the charts used?

SivaramKannan (Thu, 10 Sep 2020 07:04:57 GMT):
Team - can we expose metrics stats from the fabric peers and orderers? can we configure those params in the charts used?

SivaramKannan (Thu, 10 Sep 2020 07:04:57 GMT):
Team - can we expose metrics stats from the fabric peers and orderers? can we configure those params in the helm charts used?

NaveenRaju (Fri, 11 Sep 2020 09:56:23 GMT):
Hi, I'm able to run BAF successfully but the containers are not getting up. Please check the screenshots below for logs.

NaveenRaju (Fri, 11 Sep 2020 09:56:23 GMT):
Hi, I'm able to run BAF successfully but the containers are not getting up. Please check the screenshots below for logs.[Quorum]

NaveenRaju (Fri, 11 Sep 2020 09:56:37 GMT):

Screenshot 2020-09-11 at 3.26.31 PM.png

NaveenRaju (Fri, 11 Sep 2020 09:57:36 GMT):

Screenshot 2020-09-11 at 3.27.29 PM.png

sownak (Fri, 11 Sep 2020 09:58:24 GMT):
If Fabric allows it, it should be possible in BAF as well. Please try and let us know..

SivaramKannan (Fri, 11 Sep 2020 09:59:11 GMT):
fabric allows it for sure, but there should be a way to pass it down from the charts right?

SivaramKannan (Fri, 11 Sep 2020 09:59:57 GMT):
the chart that we currently use - https://github.com/helm/charts/tree/master/stable/hlf-peer

SivaramKannan (Fri, 11 Sep 2020 10:00:08 GMT):
it has peer.metrics.provider

sownak (Fri, 11 Sep 2020 10:00:19 GMT):
seems like you have older pvc around. You may need to delete the helmreleases and check if the PVCs are deleted as well. Then flux will restart the pods.

sownak (Fri, 11 Sep 2020 10:01:20 GMT):
yes, then it is configurable in our peer helmcharts

SivaramKannan (Fri, 11 Sep 2020 10:01:49 GMT):
ok, will try that too.

SivaramKannan (Fri, 11 Sep 2020 11:40:22 GMT):
I don't understand the below error ```TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path] *********************************************************************************************** An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option failed: [localhost] (item={'uri': 'orderer1.ordorg-net:7050', 'name': 'orderer1', 'org_name': 'ordorg', 'type': 'orderer', 'orderer': None, 'certificate': '/home/blockchain-automation-framework/orderer-certs/orderer1.crt'}) => {"ansible_loop_var": "orderer", "changed": false, "msg": "Could not find or access './build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt'\nSearched in:\n\t/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/files/./build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt\n\t/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/./build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt\n\t/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/files/./build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt\n\t/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/./build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt\n\t/home/blockchain-automation-framework/platforms/shared/configuration/../../hyperledger-fabric/configuration/files/./build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt\n\t/home/blockchain-automation-framework/platforms/shared/configuration/../../hyperledger-fabric/configuration/./build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option", "orderer": {"certificate": "/home/blockchain-automation-framework/orderer-certs/orderer1.crt", "name": "orderer1", "orderer": null, "org_name": "ordorg", "type": "orderer", "uri": "orderer1.ordorg-net:7050"}}```

SivaramKannan (Fri, 11 Sep 2020 11:41:27 GMT):
I have a working network.yaml and I replaced only the org names in the new one and I get this error.

NaveenRaju (Fri, 11 Sep 2020 11:41:58 GMT):
Issue is with mysql 5.7 https://github.com/docker-library/mysql/issues/186

SivaramKannan (Fri, 11 Sep 2020 11:43:36 GMT):
the only difference between the two yaml file is the orgnames

sownak (Fri, 11 Sep 2020 15:02:16 GMT):
This means that the tls certificates were not created at the location. Did you name the new org orderer as orderer1 as well?

rjones (Fri, 11 Sep 2020 15:31:03 GMT):
Has left the channel.

SivaramKannan (Fri, 11 Sep 2020 15:39:49 GMT):
yes.

SivaramKannan (Fri, 11 Sep 2020 15:39:49 GMT):
no. orderer name is ordorg

SivaramKannan (Fri, 11 Sep 2020 15:39:49 GMT):
yes, orderer name is orderer1

SivaramKannan (Fri, 11 Sep 2020 15:40:17 GMT):

network.txt

SivaramKannan (Fri, 11 Sep 2020 15:40:59 GMT):
the only change I made was to change the org names

SivaramKannan (Sat, 12 Sep 2020 13:28:56 GMT):
I know I missed something some where, but I my bad I did not use search and replace. The mistake I did was in below line ```subject: "/C=GB/ST=London/L=London/O=Orderer/CN=ca.ordorg-net"```

SivaramKannan (Sat, 12 Sep 2020 13:28:56 GMT):
I know I missed something some where, but my bad I did not use search and replace. The mistake I did was in below line ```subject: "/C=GB/ST=London/L=London/O=Orderer/CN=ca.ordorg-net"```

SivaramKannan (Sat, 12 Sep 2020 13:29:22 GMT):
I forgot to change the org name in the CN in orderer and other organizations

SivaramKannan (Sat, 12 Sep 2020 13:29:22 GMT):
I forgot to change the org name in the CN of subject in orderer and other organizations

SivaramKannan (Sat, 12 Sep 2020 13:29:53 GMT):
the cluster came up successfully once I changed that

SivaramKannan (Mon, 14 Sep 2020 08:15:15 GMT):
Hi - I was able to deploy the 2.0.0 in fabric and was a able to add a new organisation according to the document. But I could not upgrade to 2.0.0 from 1.4.4 - is that a supported upgrade path?? although the document says upgrade is possible the roadmap says it is in progress.

SivaramKannan (Mon, 14 Sep 2020 08:17:59 GMT):
I also tried to add a new channel to an existing network and that did not work as well. Although document does not say it is supported, but that is a pretty common use case I suppose. what I did was to try adding a new channel to the network.yaml and try the script for add_new_organization.yaml. one more thing I tried is to create a new add_new_channel.yaml (copied relevant tasks from deploy_network.yaml), but that did not work as well. any idea how I can create a new channel in an existing cluster?

jagpreet (Mon, 14 Sep 2020 09:33:23 GMT):
BAF currently doesn't support upgrading an 'existing' 1.4.x network to 2.x version. The logic to have a fresh 2.x network is currently in place and we are working on implementing 2.x specific features rather than relying on backward compatible features.

SivaramKannan (Mon, 14 Sep 2020 09:34:10 GMT):
:thumbsup:

jagpreet (Mon, 14 Sep 2020 09:36:17 GMT):
We have enabled our configuration file (network.yaml) to support multi channel requirements, but is still not implemented completely. We will create an issue and refer the issue number here for any updates on the same.

SivaramKannan (Mon, 14 Sep 2020 09:58:22 GMT):
ok thanks. I should be able to create multi channel during initial deployment right?

suvajit-sarkar (Mon, 14 Sep 2020 11:46:25 GMT):
Hi all, We will be having our Sprint planning today ( 5.30-6.30 pm IST) Please feel free to join on https://zoom.us/my/hyperledger.community.3

azoumi (Tue, 15 Sep 2020 08:29:54 GMT):
Has joined the channel.

ashlinSajan (Tue, 15 Sep 2020 13:18:42 GMT):

Screenshot from 2020-09-15 18-13-11.png

azoumi (Tue, 15 Sep 2020 13:33:16 GMT):
It looks like you haven't configured your KUBECONFIG variable correctly. In your .bashrc file you should have something like this: `export KUBECONFIG=pathtoyourkubeconfig.yaml`

ashlinSajan (Tue, 15 Sep 2020 13:37:57 GMT):
I have given that correctly

azoumi (Tue, 15 Sep 2020 13:40:40 GMT):
Have you also added the path in your deployment yaml file? At the `k8s.config_file` property

ashlinSajan (Wed, 16 Sep 2020 04:31:59 GMT):
yes

ashlinSajan (Wed, 16 Sep 2020 06:16:34 GMT):
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: kubernetes.config.config_exception.ConfigException: File does not exists: /home/nodeuser/.minikube/ca.crt

ashlinSajan (Wed, 16 Sep 2020 06:16:47 GMT):
Facing this issue while running with minikube

ashlinSajan (Wed, 16 Sep 2020 06:19:40 GMT):
Please help me on this #blockchain-automation-framework

ashlinSajan (Wed, 16 Sep 2020 06:32:42 GMT):
Or can anyone share the config file used in the build folder

ashlinSajan (Wed, 16 Sep 2020 06:57:27 GMT):
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='172.17.0.2', port=8443): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',))

ashlinSajan (Wed, 16 Sep 2020 07:00:21 GMT):
Can someone please share the config file for minikube?

suvajit-sarkar (Wed, 16 Sep 2020 08:56:33 GMT):
please follow the guide the following guides (dev-prerequisite and baf on minikube): https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

suvajit-sarkar (Wed, 16 Sep 2020 08:56:33 GMT):
please follow the following guides (dev-prerequisite and baf on minikube): https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

jagpreet (Wed, 16 Sep 2020 09:03:30 GMT):
Can you post the entire log in a file here?

ashlinSajan (Wed, 16 Sep 2020 14:28:56 GMT):
Thanks the issue was fixed.

ashlinSajan (Thu, 17 Sep 2020 05:37:03 GMT):

Screenshot from 2020-09-16 19-36-12.png

sownak (Thu, 17 Sep 2020 08:17:05 GMT):
Have you checked the flux logs?

ashlinSajan (Thu, 17 Sep 2020 08:18:07 GMT):

Screenshot from 2020-09-17 13-47-51.png

sownak (Thu, 17 Sep 2020 08:19:30 GMT):
yes, looks like port 22 is blocked in your network. You cannot change ssh port to something else, you have to change the network. Or ask your network admin to open port 22

sownak (Thu, 17 Sep 2020 08:20:53 GMT):
Or you have to enable https for flux, for that you will need to update the baf code

ashlinSajan (Thu, 17 Sep 2020 08:21:42 GMT):
okay how to do thath within baf code?

sownak (Thu, 17 Sep 2020 08:28:31 GMT):
Follow guidance to https://docs.fluxcd.io/en/1.18.0/guides/use-git-https.html and update the setup/flux ansible role

SivaramKannan (Thu, 17 Sep 2020 10:11:49 GMT):
In 2.0.0 fabric installation, chain code instantiation fails with the below error ```TASK [Git Push] ****************************************************************************************************************************************************************** fatal: [localhost]: FAILED! => {"msg": "The conditional check 'instantiate_chaincode.results[0].resources|length == 0' failed. The error was: error while evaluating conditional (instantiate_chaincode.results[0].resources|length == 0): 'dict object' has no attribute 'resources'\n\nThe error appears to be in '/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/chaincode/instantiate/tasks/valuefile.yaml': line 62, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n#Git Push : Pushes the above generated files to git directory\n- name: Git Push\n ^ here\n"}```

SivaramKannan (Thu, 17 Sep 2020 10:12:47 GMT):
I think the command in 2.0 is for chain code is initialize and not instantiate, has this been tested??

jagpreet (Thu, 17 Sep 2020 10:48:29 GMT):
The current Fabric code for 2.0 in BAF works with the backward compatibility features with 1.4.x versions. No new features are added. Currently new features are implemented. Here's the list of corresponding issues which will enable the use of 2.x features. https://github.com/hyperledger-labs/blockchain-automation-framework/issues/963 https://github.com/hyperledger-labs/blockchain-automation-framework/issues/980

SivaramKannan (Thu, 17 Sep 2020 10:49:37 GMT):
got it, thanks.

ashlinSajan (Thu, 17 Sep 2020 14:25:52 GMT):
Anyone used gitlab instead of github?

SivaramKannan (Fri, 18 Sep 2020 04:49:07 GMT):
as far as I know, there should not be anything different between GitHub and gitlab.

ashlinSajan (Fri, 18 Sep 2020 05:44:43 GMT):
Presently my gitlab repo is accessed using http instead of https.. Is there any solution for accessing http from flux pod?

azoumi (Fri, 18 Sep 2020 08:36:52 GMT):
As far as I know flux works only with https and ssh.

jagpreet (Mon, 21 Sep 2020 07:17:20 GMT):
Yes, you need to edit the role blockchain-automation-framework/platforms/shared/configuration/roles/git_push/tasks/main.yaml and then change the line number 26 from git --git-dir={{ GIT_DIR }}/.git push https://{{ GIT_USERNAME }}:{{ GIT_PASSWORD }}@{{ GIT_REPO }} HEAD:{{ GIT_BRANCH }} to git --git-dir={{ GIT_DIR }}/.git push http://{{ GIT_USERNAME }}:{{ GIT_PASSWORD }}@{{ GIT_REPO }} HEAD:{{ GIT_BRANCH }}

SivaramKannan (Tue, 22 Sep 2020 03:35:53 GMT):
In the default configuration samples of fabric with RAFT, the orderer URI is this "uri: orderer1.org1ambassador.blockchaincloudpoc.com:8443". Does it mean orderer2 reaches orderer1 through the ingress? Wouldn't latency be a problem here?? as far as I know RAFT is pretty sensitive to latency issues.

suvajit-sarkar (Tue, 22 Sep 2020 08:43:49 GMT):
Yep, the orderer communicates via ingress, we have architected for future scope of inter cluster orderer communication.

SivaramKannan (Tue, 22 Sep 2020 09:47:37 GMT):
are you saying the orderer itself will be in separate k8s clusters??

suvajit-sarkar (Tue, 22 Sep 2020 10:50:45 GMT):
yeah orderers can be part separate organizations which can be on different cluster.

suvajit-sarkar (Tue, 22 Sep 2020 10:50:45 GMT):
yeah orderers can be part of separate organizations which can be on different cluster.

jagpreet (Tue, 22 Sep 2020 10:53:54 GMT):
This feature, of having multiple orderer in multiple organizations is not yet implemented in BAF. We encourage the community to contribute to this. The issue is already created and can be picked up https://github.com/hyperledger-labs/blockchain-automation-framework/issues/614

SivaramKannan (Tue, 22 Sep 2020 13:59:24 GMT):
thanks for clarification.

SivaramKannan (Wed, 23 Sep 2020 03:59:38 GMT):
The storageclass defined for azure don't have this key "allowVolumeExpansion: true" and I think this is relevant to have in the SC. does it make sense to create a PR for this?

ashlinSajan (Wed, 23 Sep 2020 05:09:08 GMT):
Hi, I'm getting an error in the flux pod "Name does not resolve\r\nfatal: Could not read from remote repository.\n\nPlease make sure you have the correct access rights\nand the repository exists"

SivaramKannan (Wed, 23 Sep 2020 05:10:15 GMT):
either gitops key or the personal access token is wrong

ashlinSajan (Wed, 23 Sep 2020 05:14:34 GMT):
But outside the flux pod I'm able to make git operations..Both the key and token are fine only.

SivaramKannan (Wed, 23 Sep 2020 05:16:56 GMT):
the error says "Name does not resolve"

SivaramKannan (Wed, 23 Sep 2020 05:17:04 GMT):
could be a DNS issue

ashlinSajan (Wed, 23 Sep 2020 05:25:05 GMT):
how to fix that issue?

SivaramKannan (Wed, 23 Sep 2020 05:28:39 GMT):
check git endpoint is reachable from flux. if git endpoint is not reachable, you need to debug why DNS is not working from the pod

suvajit-sarkar (Wed, 23 Sep 2020 05:45:37 GMT):
Yes, you can create a PR for this

jagpreet (Wed, 23 Sep 2020 05:54:29 GMT):
The flux pod, which gets deployed by BAF playbooks, uses git ssh URL. The error you are getting can be due a varied number of reasons 1. The git ssh URL is wrong (the syntax of the ssh url is different for gitlab) 2. The gitops public/private key pair created arent correct. 3. The gitops public key isn't added to the git repository or/and the gitops private key path (mentioned in network.yaml) is incorrect/non-accessible from ansible host. 4. The ssh URL isnt accesible from flux pod, and inturn from the cluster. You can try cloning your repo using the git ssh url mentioned in the network.yaml to check if its correct (after configuring the public/private key pair required for ssh)

ashlinSajan (Wed, 23 Sep 2020 06:17:50 GMT):
Yeah, the error is the 4th option which you have mentioned.How to fix that? I'm new to the kubernetes.

ashlinSajan (Wed, 23 Sep 2020 06:18:19 GMT):
Also I have generated ssh-rsa key for gitlab not the gitops thing which is mentioned in the document.

ashlinSajan (Wed, 23 Sep 2020 07:10:56 GMT):
Also I'm able to clone that using ssh outside the pod.

ashlinSajan (Wed, 23 Sep 2020 08:23:42 GMT):
Within the pod also I'm able to clone but while running only this happends

suvajit-sarkar (Wed, 23 Sep 2020 08:30:11 GMT):
The outbound rule on your k8s cluster worker node security groups should allow flux and ssh ports

ashlinSajan (Wed, 23 Sep 2020 08:35:32 GMT):
okay, how to do that?

ashlinSajan (Wed, 23 Sep 2020 08:35:41 GMT):
I'm using minikube

sownak (Wed, 23 Sep 2020 09:47:27 GMT):
there is no security group for minikube. This is mostly because your docker container which is running minikube is not able to connect to the internet. Did you create a sample pod with git on minikube and try to git clone ssh from there?

sownak (Wed, 23 Sep 2020 09:48:34 GMT):
Anyway, these are not BAF problems but your minikube setup problems, so this team will provide only limited support.

ashlinSajan (Wed, 23 Sep 2020 10:51:50 GMT):
yeah I'm able to clone from git within flux pod using ssh command. But while running the BAF docker container only the issue occurs

sownak (Wed, 23 Sep 2020 10:53:14 GMT):
check if the platforms/shared/configuration/flux_known_hosts file is correctly populated. That may be the problem then

sownak (Wed, 23 Sep 2020 10:53:30 GMT):
it is a temp file generated when flux is deployed.

ashlinSajan (Wed, 23 Sep 2020 11:08:51 GMT):
ok

ashlinSajan (Wed, 23 Sep 2020 13:10:46 GMT):
It is not correctly generated

ashlinSajan (Wed, 23 Sep 2020 13:31:52 GMT):
How to generate that?

sownak (Wed, 23 Sep 2020 13:44:45 GMT):
can you paste the gitops section here, without the passwords?

ashlinSajan (Wed, 23 Sep 2020 14:41:56 GMT):
fatal: [localhost]: FAILED! => {"changed": true, "cmd": "vault auth enable --path=\"ordorg-net-auth\" kubernetes\n", "delta": "0:00:00.038836", "end": "2020-09-23 14:08:57.523715", "msg": "non-zero return code", "rc": 2, "start": "2020-09-23 14:08:57.484879", "stderr": "Error enabling kubernetes auth: Post http://127.0.0.1:8200/v1/sys/auth/ordorg-net-auth: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error enabling kubernetes auth: Post http://127.0.0.1:8200/v1/sys/auth/ordorg-net-auth: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []}

ashlinSajan (Wed, 23 Sep 2020 14:42:07 GMT):
Any idea on this error?

ashlinSajan (Thu, 24 Sep 2020 05:42:20 GMT):
I'm running vault in my local machine only where I have set up the BAF

ashlinSajan (Thu, 24 Sep 2020 05:42:26 GMT):
Now facing the above error

suvajit-sarkar (Thu, 24 Sep 2020 08:42:11 GMT):
vault address should not be your localhost address as the controller machine for your case is a docker container, you need to provide your machine IP address

suvajit-sarkar (Thu, 24 Sep 2020 08:45:21 GMT):
also make sure your vault service is running.

ashlinSajan (Thu, 24 Sep 2020 08:45:33 GMT):
vault service is running fine

ashlinSajan (Thu, 24 Sep 2020 08:45:50 GMT):
and if I changed to my system addres then also same issue

suvajit-sarkar (Thu, 24 Sep 2020 08:46:10 GMT):
are you able to access vault UI on your browser using the machine IP ?

ashlinSajan (Thu, 24 Sep 2020 08:46:31 GMT):
If I replace 127.0.0.1 with my system IP same issue occurs

ashlinSajan (Thu, 24 Sep 2020 08:46:46 GMT):
Yes,I'm able to browse UI

sownak (Thu, 24 Sep 2020 08:49:14 GMT):
Please check point 3 of https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html#edit-the-configuration-file

ashlinSajan (Thu, 24 Sep 2020 08:51:21 GMT):
After changing the vault address, do I need to generate token and all again?

ashlinSajan (Thu, 24 Sep 2020 08:52:02 GMT):
Bcoz, Once after doing export VAULT_ADDR="myip"

sownak (Thu, 24 Sep 2020 08:52:06 GMT):
No. the same thing is mentioned in Point 8 of https://blockchain-automation-framework.readthedocs.io/en/latest/developer/dev_prereq.html#setting-up-hashicorp-vault

ashlinSajan (Thu, 24 Sep 2020 08:52:33 GMT):
when I do vault status, it is showing connection refused

sownak (Thu, 24 Sep 2020 08:54:20 GMT):
Please paste your export command here

ashlinSajan (Thu, 24 Sep 2020 08:55:24 GMT):
export VAULT_ADDR='http://10.53.19.134:8200'

sownak (Thu, 24 Sep 2020 08:55:51 GMT):
are you able to open that address on your browser?

ashlinSajan (Thu, 24 Sep 2020 08:56:07 GMT):
yes

sownak (Thu, 24 Sep 2020 08:57:03 GMT):
if you are able to login using the same token, then it is working with the same token

ashlinSajan (Thu, 24 Sep 2020 08:57:34 GMT):
I havent done the step export VAULT_TOKEN='token'

ashlinSajan (Thu, 24 Sep 2020 09:23:12 GMT):
Fixed the issue

ashlinSajan (Fri, 25 Sep 2020 05:37:58 GMT):

Screenshot from 2020-09-25 11-07-12.png

SivaramKannan (Fri, 25 Sep 2020 06:18:59 GMT):
make sure the build folder where you are writing the orderer.crt has write permission

SivaramKannan (Fri, 25 Sep 2020 06:19:41 GMT):
Hi Team - I did a test deployment of fabric 2.0 on azure and the deployment was successful. when I tried to install a chaincode, Got the following error, during installation, Error: chaincode install failed with status: 500 - Failed to authorize invocation due to failed ACL check: Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [The identity is not an admin under this MSP [org1MSP]: cannot test for classification, node ou for type [ADMIN], not defined, msp: [org1MSP]]

ashlinSajan (Fri, 25 Sep 2020 06:20:06 GMT):
yeah It is having full permission

SivaramKannan (Fri, 25 Sep 2020 06:20:28 GMT):
On digging further, I noticed the orderers and peers has a config.yaml file like this ```NodeOUs: Enable: true ClientOUIdentifier: Certificate: cacerts/ca-org1-net-7054.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: cacerts/ca-org1-net-7054.pem OrganizationalUnitIdentifier: peer ```

SivaramKannan (Fri, 25 Sep 2020 06:20:59 GMT):
in a working cluster the file is like this ``` NodeOUs: Enable: true ClientOUIdentifier: Certificate: OrganizationalUnitIdentifier: PeerOUIdentifier: Certificate: OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: OrganizationalUnitIdentifier: orderer```

SivaramKannan (Fri, 25 Sep 2020 06:20:59 GMT):
in a working cluster(not installed through BAF) the file is like this ``` NodeOUs: Enable: true ClientOUIdentifier: Certificate: OrganizationalUnitIdentifier: PeerOUIdentifier: Certificate: OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: OrganizationalUnitIdentifier: orderer```

SivaramKannan (Fri, 25 Sep 2020 06:20:59 GMT):
in a working cluster(not installed through BAF) the file is like this ``` NodeOUs: Enable: true ClientOUIdentifier: Certificate: OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: OrganizationalUnitIdentifier: orderer```

SivaramKannan (Fri, 25 Sep 2020 06:20:59 GMT):
in a working cluster(1.4.2 and not installed through BAF) the file is like this ``` NodeOUs: Enable: true ClientOUIdentifier: Certificate: OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: OrganizationalUnitIdentifier: orderer```

SivaramKannan (Fri, 25 Sep 2020 06:20:59 GMT):
in a working cluster(fabric 1.4.2 and not installed through BAF) the file is like this ``` NodeOUs: Enable: true ClientOUIdentifier: Certificate: OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: OrganizationalUnitIdentifier: orderer```

SivaramKannan (Fri, 25 Sep 2020 06:22:13 GMT):
I am guessing AdminOUIdentifier is not getting installed to peers. How do I include this to the peer? or am I am making a mistake here?

SivaramKannan (Fri, 25 Sep 2020 06:41:35 GMT):
another issue I have faced is to having a wrong organization name in the orderer config. these are the two issues that resulted in this issue for me

ashlinSajan (Fri, 25 Sep 2020 06:50:10 GMT):
where we are configuring orderer config

SivaramKannan (Fri, 25 Sep 2020 07:13:14 GMT):
in the network.yaml, search for org_name

Vgkmanju (Fri, 25 Sep 2020 07:16:56 GMT):
Has joined the channel.

ashlinSajan (Fri, 25 Sep 2020 07:45:20 GMT):
yeah It is correct only because I have used the configuration file which you have shared

SivaramKannan (Fri, 25 Sep 2020 08:19:21 GMT):
sorry, I have this issue only on two of the above mentioned scenarios.

SivaramKannan (Fri, 25 Sep 2020 08:30:32 GMT):
I tried the chaincode-install in the fabric220 branch with the below config ``` chaincode: name: "fabcar" #This has to be replaced with the name of the chaincode version: "0.1" #This has to be replaced with the version of the chaincode maindirectory: "fabric-sample/chaincode" #The main directory where chaincode is needed to be placed repository: username: ““ # Git Service user who has rights to check-in in all branches password: ““ url: "git@github.com:sivaramsk/fabric-samples.git" branch: develop path: "fabcar/go/" #The path to the chaincode arguments: '{Make: "Toyota", Model: "Prius", Colour: "blue", Owner: "Tomoko"}' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode```

SivaramKannan (Fri, 25 Sep 2020 08:31:28 GMT):
I got the below error in the chaincode install job ```Error: failed to read chaincode package at 'fabcar.tar.gz': open fabcar.tar.gz: no such file or directory Chaincode install for Fabric v.2.X```

SivaramKannan (Fri, 25 Sep 2020 08:31:56 GMT):
I am guessing the configuation is wrong here. can someone help with the configuration with supplychain samples in the BAF code?

sownak (Fri, 25 Sep 2020 08:32:27 GMT):
The certificate files are not generated as Ansible is complaining about the location of the ca.crt file. As @SivaramKannan mentioned, please check the confgurations in network yaml.

sownak (Fri, 25 Sep 2020 08:33:58 GMT):
BAF does not give admin permissions to the peers. If you want to install a chaincode manually, you have to use the cli. Please use cli_enabled feature for the peer.

SivaramKannan (Fri, 25 Sep 2020 08:35:31 GMT):
If I can install chaincode without admin permission, I don't mind. can I get an example for chaincode install in the BAF examples directory??

ashlinSajan (Fri, 25 Sep 2020 08:39:47 GMT):
ok.

ashlinSajan (Fri, 25 Sep 2020 08:39:54 GMT):
That issue got resolved

jagpreet (Fri, 25 Sep 2020 08:49:04 GMT):
Yes, I will paste the snippet here

SivaramKannan (Fri, 25 Sep 2020 08:49:38 GMT):
awesome. Thanks.

jagpreet (Fri, 25 Sep 2020 08:50:02 GMT):

Clipboard - September 25, 2020 2:19 PM

SivaramKannan (Fri, 25 Sep 2020 08:52:47 GMT):
Thanks. let me try this.

Soundarya_Ayyappan (Fri, 25 Sep 2020 09:06:23 GMT):
Has joined the channel.

SivaramKannan (Fri, 25 Sep 2020 09:28:27 GMT):
Thanks a lot @jagpreet - that worked.

SivaramKannan (Fri, 25 Sep 2020 09:28:56 GMT):
having this in the example would be greatly helpful

SivaramKannan (Fri, 25 Sep 2020 09:28:56 GMT):
having this in the documentation would be greatly helpful

SivaramKannan (Fri, 25 Sep 2020 09:30:39 GMT):
Just to clarify, this would work only in fabric220 branch right?

ashlinSajan (Fri, 25 Sep 2020 09:33:49 GMT):

Screenshot from 2020-09-25 13-59-21.png

ashlinSajan (Fri, 25 Sep 2020 09:34:20 GMT):

Screenshot from 2020-09-25 14-03-36.png

ashlinSajan (Fri, 25 Sep 2020 09:34:21 GMT):

Screenshot from 2020-09-25 14-05-37.png

jagpreet (Fri, 25 Sep 2020 09:36:47 GMT):
The certificates arent created properly because the network.yaml is incorrect. Can you show the logs of peer pod as well?

sownak (Fri, 25 Sep 2020 09:44:13 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=ppjqtr448wB3LdtWx) Check https://blockchain-automation-framework.readthedocs.io/en/latest/operations/fabric_networkyaml.html and/or https://blockchain-automation-framework.readthedocs.io/en/latest/operations/upgrading_chaincode.html

ashlinSajan (Fri, 25 Sep 2020 09:47:38 GMT):

Screenshot from 2020-09-25 15-17-05.png

ashlinSajan (Fri, 25 Sep 2020 09:47:48 GMT):
How to fix this issue?

ashlinSajan (Fri, 25 Sep 2020 09:53:23 GMT):
I'm using minikube

SivaramKannan (Fri, 25 Sep 2020 09:57:47 GMT):
is it possible to install multiple chaincodes for peers??

jagpreet (Fri, 25 Sep 2020 11:23:38 GMT):
We haven't tested it, but looks like it will just be like a custom playbook run with new chaincode section and corresponding roles.

sownak (Fri, 25 Sep 2020 11:43:09 GMT):
Please check the sample https://github.com/hyperledger-labs/blockchain-automation-framework/blob/develop/platforms/hyperledger-fabric/configuration/samples/network-minikube.yaml and compare and fix your network.yaml

SivaramKannan (Fri, 25 Sep 2020 11:52:50 GMT):
@sownak - although the sample network.yaml has cli:enabled in orgs and peers, I don't see that in the specification documentation

SivaramKannan (Fri, 25 Sep 2020 11:53:29 GMT):
will test this when I get time.

sownak (Fri, 25 Sep 2020 12:27:05 GMT):
That's because that feature is not released to master branch yet, so please check develop version docs

sownak (Fri, 25 Sep 2020 12:30:57 GMT):
https://blockchain-automation-framework.readthedocs.io/en/develop/operations/fabric_networkyaml.html

SivaramKannan (Fri, 25 Sep 2020 12:32:21 GMT):
I was wondering why the cli pod was not getting launched even after enabling it. got it, thanks.

banikanand (Sun, 27 Sep 2020 14:08:53 GMT):
Has joined the channel.

banikanand (Sun, 27 Sep 2020 14:11:01 GMT):
hello....i am trying to deploy fabric 1.4.4 on minikube following the docs mentioned https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html. The deploying to ordering pod and kafka pod is failing with the error "error while running "VolumeBinding" filter plugin for pod "kafka-0": pod has unbound immediate PersistentVolumeClaims". Could someone please help?...thanks

suvajit-sarkar (Mon, 28 Sep 2020 04:01:56 GMT):
Hello Everyone, We will be having for Sprint Planning today (28th Sep 5.30pm - 6.30pm IST) Feel free to join us on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Mon, 28 Sep 2020 04:01:56 GMT):
Hello Everyone, We will be having our Sprint Planning today (28th Sep 5.30pm - 6.30pm IST) Feel free to join us on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

knagware9 (Mon, 28 Sep 2020 10:22:17 GMT):
Hello community from the Hyperledger India Chapter, we are calling for speakers to engage with the community in Asia Pacific, Europe and Africa. Please see our event details here https://www.linkedin.com/feed/update/urn:li:activity:6715897303481372672 Calling the tech enthusiasts, maintainers to be part of it.

ashlinSajan (Tue, 29 Sep 2020 06:26:39 GMT):
Facing issues while installing chaincode, I'm using minkube and gitlab for configuratio.

suvajit-sarkar (Tue, 29 Sep 2020 09:47:06 GMT):
We do not expressly support minikube specific queries, please refer to the verification guide for debugging fabric deployment https://blockchain-automation-framework.readthedocs.io/en/develop/operations/fabric_verify.html

suvajit-sarkar (Tue, 29 Sep 2020 09:50:21 GMT):
Also the the Minikube support for fabric was for 0.4.0.0 release and post that we have not tested it. You can use code from that version tag

ashlinSajan (Tue, 29 Sep 2020 10:36:39 GMT):
Thanks @sownak for the help, it got fixed. I was using private gitlab host without https so,need to change the template according to that.

SivaramKannan (Tue, 29 Sep 2020 11:13:54 GMT):
Hi Team - I am tring the fabric220 branch. One of the new configurations peer.certificate seems empty in the sample network.yaml, what does this value should be?

SivaramKannan (Tue, 29 Sep 2020 11:42:16 GMT):
I am assuming this is a local path, and mentioned it as a ./build/peer0.pem".

SivaramKannan (Tue, 29 Sep 2020 11:42:24 GMT):
let me know if I am making a mistake here

ashlinSajan (Tue, 29 Sep 2020 13:29:19 GMT):
Hi Team, How we can do upgrade of chaincode, add organization, add peer etc on existing deployed network? Please help me on this.

sownak (Tue, 29 Sep 2020 13:47:07 GMT):
https://blockchain-automation-framework.readthedocs.io/en/develop/operationalguide.html

anweiss (Tue, 29 Sep 2020 14:21:08 GMT):
ok thanks @suvajit-sarkar ... I've resorted to using Helm 2 until Helm 3 support has stabilized

anweiss (Tue, 29 Sep 2020 14:22:14 GMT):
hey all ... is there a reason why a Hyperledger Fabric deployment seems to hang at the "Generate crypto material for organization peers" task? seems to take an incredibly long time

suvajit-sarkar (Wed, 30 Sep 2020 08:45:31 GMT):
the name of the file should be ca.crt and local path should as in the e.g /home/some_path/fabric/certificates/ml/peer0/ca.crt

ashlinSajan (Wed, 30 Sep 2020 08:56:15 GMT):
Can we able to run that using docker command which we are using to deploy the network,once after making changes in for adding new organization in network.yaml

sownak (Wed, 30 Sep 2020 09:01:50 GMT):
run what, sorry?

ashlinSajan (Wed, 30 Sep 2020 09:09:10 GMT):
I have added new org for adding org in the existing network, So I have previously deployed the network using docker run .

ashlinSajan (Wed, 30 Sep 2020 09:09:28 GMT):
So can I do the same?

sownak (Wed, 30 Sep 2020 09:10:23 GMT):
yes, you can use the docker container to execute all ansible commands. you have to run the respective playbooks as given in the operational guides

ashlinSajan (Wed, 30 Sep 2020 09:13:56 GMT):
okay thanks

ashlinSajan (Wed, 30 Sep 2020 09:22:37 GMT):
Error: genesis block file not found open allchannel.block: no such file or directory Facing this error while deploying org3 to existing network with 2 orgs completely deployed

sownak (Wed, 30 Sep 2020 09:26:01 GMT):
please check 1) You have the correct tags for new/existing in each org 2) You have the orderer certificates in your docker container

SivaramKannan (Wed, 30 Sep 2020 15:55:31 GMT):
I have asked this question in the fabric channel as well. Just wanted to check here as well, since the deployment was through BAF. I have a deployed Fabric 2.2 in Kubernetes 1.17 (AKS). I followed the lifecycle command to install and approve chaincode. although the "peer lifecycle chaincode queryinstalled" command says the chaincode is installed, I get the below error while issuing invoke command “Error: endorsement failure during invoke. response: status:500 message:"make sure the chaincode TestCC has been successfully defined on channel allchannel and try again: chaincode definition for ‘TestCC' exists, but chaincode is not installed” I check the underlying Host to check whether the chaincode is running as a container, but I don’t see it in the Host. Should I run the chaincode as an external chaincode? Is this a 2.x chaincode behaviour

SivaramKannan (Wed, 30 Sep 2020 15:55:31 GMT):
I have asked this question in the fabric channel as well. Just wanted to check here as well, since the deployment was through BAF. I have a deployed Fabric 2.2 in Kubernetes 1.17 (AKS). I used the cli_pod and used the lifecycle command to install and approve chaincode. although the "peer lifecycle chaincode queryinstalled" command says the chaincode is installed, I get the below error while issuing invoke command “Error: endorsement failure during invoke. response: status:500 message:"make sure the chaincode TestCC has been successfully defined on channel allchannel and try again: chaincode definition for ‘TestCC' exists, but chaincode is not installed” I check the underlying Host to check whether the chaincode is running as a container, but I don’t see it in the Host. Should I run the chaincode as an external chaincode? Is this a 2.x chaincode behaviour

SivaramKannan (Thu, 01 Oct 2020 04:17:00 GMT):
please ignore the question. The packag-id was wrong. this is spot on - https://stackoverflow.com/questions/62780362/connection-between-cli-and-peer-orderer-not-working-properly-kubernetes-setup

SivaramKannan (Thu, 01 Oct 2020 04:17:00 GMT):
please ignore the question. The package-id was wrong. this is spot on - https://stackoverflow.com/questions/62780362/connection-between-cli-and-peer-orderer-not-working-properly-kubernetes-setup

jagpreet (Thu, 01 Oct 2020 08:39:41 GMT):
The issue created for the same, seems to be fixed as per the issue https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1071

ashlinSajan (Thu, 01 Oct 2020 14:01:11 GMT):

Screenshot from 2020-10-01 19-30-24.png

sownak (Thu, 01 Oct 2020 19:07:33 GMT):
If you are trying this on minikube, we cannot guarantee it will work as we have seen memory issues with minikube. BAF is for operating networks on proper clusters and not minikube. We will not be able to support detailed issues related to minikube. If you are able to find and fix the problem, you are encouraged to submit a PR.

sownak (Fri, 02 Oct 2020 08:26:43 GMT):
Thanks @SivaramKannan If you are able to run the setup completely on Kubernetes 1.17 we can be sure that BAF is compatible on 1.17 as well. Let us know if you used any other version of the tools like helm and kubectl.

SivaramKannan (Fri, 02 Oct 2020 15:06:43 GMT):
I can confirm K8S version to be 1.17 and kubectl version as 1.18

SivaramKannan (Mon, 05 Oct 2020 05:06:49 GMT):
Question regarding the peer's non-admin configuration. I had a question earlier about peer's not having admin permissions and you have pointed out to use cli_pod for manual chaincode installation. I found out that the chaincode endorsements by default has "MAJORITY" policy, which means, two or more endorsements needed for the chaincode operations. other fabrics examples like Test-network and minifabric seems to have admin permissions to peer and when they use --signarure-policy switch with a policy the chaincode command seems to work. But the same command does not work in BAF. I worked this around by changing the "MAJORITY" policy to "ANY" for endorsements for now. But I think your chaincode installation would also face the same issue in the fabric220 branch. You may have to enable admin permissions to the peer.

SivaramKannan (Mon, 05 Oct 2020 05:06:49 GMT):
Question regarding the peer's non-admin configuration. I had a question earlier about peer's not having admin permissions and you have pointed out to use cli_pod for manual chaincode installation. I found out that the chaincode endorsements by default has "MAJORITY" policy, which means, two or more endorsements needed for the chaincode operations. other fabrics examples like Test-network and minifabric seems to have admin permissions to peer and when they use --signarure-policy switch with a policy the chaincode command seems to work. But the same command does not work in BAF. I worked this around by changing the "MAJORITY" policy to "ANY" for endorsements for now. But I think your chaincode installation would also face the same issue in the fabric220 branch. Would enabling admin permission to peer would solve the issue?

SivaramKannan (Mon, 05 Oct 2020 05:06:49 GMT):
Question regarding the peer's non-admin configuration. I had a question earlier about peer's not having admin permissions and you have pointed out to use cli_pod for manual chaincode installation. I found out that the chaincode endorsements by default has "MAJORITY" policy, which means, two or more endorsements needed for the chaincode operations. other fabrics examples like Test-network and minifabric seems to have admin permissions to peer and when they use --signarure-policy switch with a policy the chaincode command seems to work. But the same command does not work in BAF. I worked this around by changing the "MAJORITY" policy to "ANY" for endorsements for now. I think your chaincode installation would also face the same issue in the fabric220 branch. Would enabling admin permission to peer would solve the issue?

jagpreet (Mon, 05 Oct 2020 08:47:29 GMT):
You mean, giving admin permissions to peer to install chaincode from peer pod itself?

SivaramKannan (Mon, 05 Oct 2020 08:50:00 GMT):
No. I am talking about NodeOU's here

SivaramKannan (Mon, 05 Oct 2020 08:50:17 GMT):
the below is a config I took from a 1.4.4 cluster

SivaramKannan (Mon, 05 Oct 2020 08:50:19 GMT):
NodeOUs: Enable: true ClientOUIdentifier: Certificate: cacerts/cacert.pem OrganizationalUnitIdentifier: client PeerOUIdentifier: Certificate: cacerts/cacert.pem OrganizationalUnitIdentifier: peer AdminOUIdentifier: Certificate: cacerts/cacert.pem OrganizationalUnitIdentifier: admin OrdererOUIdentifier: Certificate: cacerts/cacert.pem OrganizationalUnitIdentifier: orderer

SivaramKannan (Mon, 05 Oct 2020 08:51:31 GMT):
In BAF deployments, there are only ClientOUIdentifier and PeerOUIdentifier. minifabric and test-network does have adminouidntifier enabled for peers

jagpreet (Mon, 05 Oct 2020 09:03:46 GMT):
Yes, that is fine. I meant to ask, is this to enable peers itself to install chaincode?

SivaramKannan (Mon, 05 Oct 2020 09:42:16 GMT):
no. I am ok if I can install from the peer-cli.

SivaramKannan (Mon, 05 Oct 2020 09:42:48 GMT):
right now unless I change the endorsement policy to ANY, I could not approve the chaincode

jagpreet (Mon, 05 Oct 2020 09:43:38 GMT):
Yes, having separate pods for operational tasks and with admin access is better

SivaramKannan (Mon, 05 Oct 2020 09:45:53 GMT):
installing from cli_pod is fine. But is changing MAJORITY to ANY is not fine I suppose right? how can I install the chaincode without changing the endorsement policy from MAJORITY

SivaramKannan (Mon, 05 Oct 2020 09:45:53 GMT):
installing from cli_pod is fine. But changing MAJORITY to ANY is not fine I suppose right? how can I install the chaincode without changing the endorsement policy from MAJORITY

SivaramKannan (Mon, 05 Oct 2020 09:45:53 GMT):
installing from cli_pod is fine. But changing MAJORITY to ANY is not correct I suppose right? how can I install the chaincode without changing the endorsement policy from MAJORITY

jagpreet (Mon, 05 Oct 2020 09:52:11 GMT):
Approve chaincode works fine if your network.yaml and code is in sync with https://github.com/hyperledger-labs/blockchain-automation-framework/tree/feature/fabric220

NaveenRaju (Mon, 05 Oct 2020 09:53:40 GMT):

Screenshot 2020-10-05 at 3.23.32 PM.png

NaveenRaju (Mon, 05 Oct 2020 09:53:40 GMT):
Hi All, I'm trying to set up Quorum in AKS. I'm able to see only these two lines and it is in failed state. I think something went wrong. It would be a great help, stuck here for so long
Screenshot 2020-10-05 at 3.23.32 PM.png

NaveenRaju (Mon, 05 Oct 2020 09:53:40 GMT):

Message Attachments

SivaramKannan (Mon, 05 Oct 2020 09:54:05 GMT):
for me the fabric220 branch always fails with the below error when approving chaincode

SivaramKannan (Mon, 05 Oct 2020 09:54:07 GMT):
TASK [Git Push] ************************************************************************************************************************************************************************************************************** fatal: [localhost]: FAILED! => {"msg": "The conditional check 'approve_chaincode.results[0].resources|length == 0' failed. The error was: error while evaluating conditional (approve_chaincode.results[0].resources|length == 0): 'dict object' has no attribute 'resources'\n\nThe error appears to be in '/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/chaincode/approve/tasks/valuefile.yaml': line 62, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n#Git Push : Pushes the above generated files to git directory\n- name: Git Push\n ^ here\n"}

SivaramKannan (Mon, 05 Oct 2020 09:54:41 GMT):
let me sync with the latest code and try.

NaveenRaju (Mon, 05 Oct 2020 09:56:20 GMT):

Screenshot 2020-10-05 at 3.25.56 PM.png

jagpreet (Mon, 05 Oct 2020 09:59:17 GMT):
Are you using BAF to setup Quorum network?

jagpreet (Mon, 05 Oct 2020 10:19:37 GMT):
Sure

SivaramKannan (Tue, 06 Oct 2020 09:04:07 GMT):
I made some progress. the chaincode now gets installed, but approve job does not get started.

SivaramKannan (Tue, 06 Oct 2020 09:04:13 GMT):
the flux has the below error

SivaramKannan (Tue, 06 Oct 2020 09:04:17 GMT):
```ts=2020-10-06T09:02:45.19736361Z caller=sync.go:545 method=Sync cmd="kubectl apply -f -" took=194.927936ms err="running kubectl: The HelmRelease \"approve-org1-allchannel-supplychain0.3\" is invalid: spec.releaseName: Invalid value: \"\": spec.releaseName in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'" output=```

NaveenRaju (Tue, 06 Oct 2020 12:59:52 GMT):
Yes

SivaramKannan (Wed, 07 Oct 2020 06:20:02 GMT):
I getting the below error during approve chaincode job ```ts=2020-10-07T06:18:30.963832173Z caller=sync.go:159 component=daemon err="org1-net:helmrelease/approve-org1-allchannel-supplychain0.3: running kubectl: The HelmRelease \"approve-org1-allchannel-supplychain0.3\" is invalid: spec.releaseName: Invalid value: \"\": spec.releaseName in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'; org2-net:helmrelease/approve-org2-allchannel-supplychain0.3: running kubectl: The HelmRelease \"approve-org2-allchannel-supplychain0.3\" is invalid: spec.releaseName: Invalid value: \"\": spec.releaseName in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'"```

SivaramKannan (Wed, 07 Oct 2020 06:20:02 GMT):
I am getting the below error during approve chaincode job ```ts=2020-10-07T06:18:30.963832173Z caller=sync.go:159 component=daemon err="org1-net:helmrelease/approve-org1-allchannel-supplychain0.3: running kubectl: The HelmRelease \"approve-org1-allchannel-supplychain0.3\" is invalid: spec.releaseName: Invalid value: \"\": spec.releaseName in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'; org2-net:helmrelease/approve-org2-allchannel-supplychain0.3: running kubectl: The HelmRelease \"approve-org2-allchannel-supplychain0.3\" is invalid: spec.releaseName: Invalid value: \"\": spec.releaseName in body should match '^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'"```

SivaramKannan (Wed, 07 Oct 2020 06:20:44 GMT):
I am positive I have synced the network.yaml with the fabric220 branch and atleast install is working. any idea how I can get past the above error

SivaramKannan (Wed, 07 Oct 2020 06:20:44 GMT):
I am positive I have synced the network.yaml with the fabric220 branch and atleast chaincode install is working. any idea how I can get past the above error

anchit (Wed, 07 Oct 2020 07:27:05 GMT):
Has joined the channel.

anchit (Wed, 07 Oct 2020 07:28:21 GMT):
Hi Team, Wanted to check if BAF supports deployment of Hyperledger Indy along with Aries agents (specifically looking for aca-py agents) in k8s? If yes, is there any documentation/samples available which one can refer ?

arnoudbevers (Wed, 07 Oct 2020 08:36:36 GMT):
Hi Sivaram, your name for your Helm Release is incorrect. If you look the regex at the bottom, a helm release name can only contain lowercase letters, numbers and dashes (-). If you remove the 0.3 from your helm release it should work.

suvajit-sarkar (Wed, 07 Oct 2020 08:37:30 GMT):
you can have a look at our readthedocs https://blockchain-automation-framework.readthedocs.io/en/latest/example/indy-refapp.html

SivaramKannan (Wed, 07 Oct 2020 09:58:53 GMT):
ok. I see a difference in the install chaincode and approvechaincode on this line. it might be a bug.

SivaramKannan (Wed, 07 Oct 2020 10:05:00 GMT):
I will make the change and test it

SivaramKannan (Wed, 07 Oct 2020 11:47:06 GMT):
Once I changed the version value to "1", approvechaincode worked.

SivaramKannan (Wed, 07 Oct 2020 11:47:30 GMT):
Thanks for the input @arnoudbevers

SivaramKannan (Wed, 07 Oct 2020 12:05:58 GMT):
In a single kubernetes cluster what does the below value should be configured as ```corepeerAddress: - peer0.carrier-net.hf.demo.aws.blockchaincloudpoc.com:8443 - peer0.warehouse-net.hf.demo.aws.blockchaincloudpoc.com:8443 - peer0.manufacturer-net.hf.demo.aws.blockchaincloudpoc.com:8443 - peer0.store-net.hf.demo.aws.blockchaincloudpoc.com:8443```

SivaramKannan (Wed, 07 Oct 2020 12:06:18 GMT):
same as peerAddress right?

NaveenRaju (Wed, 07 Oct 2020 12:45:16 GMT):
I'm trying to setup one node quorum in a AKS cluster. Tessera is failing to start

NaveenRaju (Wed, 07 Oct 2020 12:45:16 GMT):
I'm trying to setup one node quorum in a AKS cluster. Tessera is failing to start ```

NaveenRaju (Wed, 07 Oct 2020 12:45:16 GMT):
I'm trying to setup one node quorum in a AKS cluster. Tessera is failing to start ``` ```

NaveenRaju (Wed, 07 Oct 2020 12:45:16 GMT):
I'm trying to setup one node quorum in a AKS cluster. Tessera is failing to start `

NaveenRaju (Wed, 07 Oct 2020 12:45:16 GMT):
I'm trying to setup one node quorum in a AKS cluster. Tessera is failing to start ``

mwklein (Wed, 07 Oct 2020 16:39:21 GMT):
BAF does not have automation for Aries wallets/agents that would typically be tightly integrated with applications. You can look at how this was implemented in the refapp link provided.

lakshyakumar (Thu, 08 Oct 2020 03:51:01 GMT):
yes, this section is consumed by the commit chaincode as the list of addresses of approvers.

NaveenRaju (Thu, 08 Oct 2020 08:17:25 GMT):

NaveenRaju - Thu Oct 08 2020 13:47:20 GMT+0530 (India Standard Time).txt

NaveenRaju (Thu, 08 Oct 2020 08:18:16 GMT):
Hi All, I'm trying to setup Quorum on AKS. Tessera is failing with the below error. ``` 2020-10-08T08:13:31.169156613Z 2020-10-08 08:13:31.168 [main] WARN o.e.j.unixsocket.UnixSocketConnector - cannot bind /etc/quorum/qdata/tm/tm.ipc exists=false writable=false 2020-10-08T08:13:31.169936414Z Operation not permitted 2020-10-08T08:13:31.170671314Z 2020-10-08 08:13:31.170 [Thread-1] INFO c.quorum.tessera.server.JerseyServer - Stopping Jersey server at http://carrier:9080 2020-10-08T08:13:31.179851820Z 2020-10-08 08:13:31.178 [Thread-1] INFO o.e.jetty.server.AbstractConnector - Stopped ServerConnector@1a4d1ab7{HTTP/1.1,[http/1.1]}{0.0.0.0:9080} 2020-10-08T08:13:31.218631743Z 2020-10-08 08:13:31.218 [Thread-1] INFO o.e.j.server.handler.ContextHandler - Stopped o.e.j.s.ServletContextHandler@6ecc02bb{/,null,UNAVAILABLE} 2020-10-08T08:13:31.221441245Z 2020-10-08 08:13:31.221 [Thread-1] INFO c.quorum.tessera.server.JerseyServer - Stopped Jersey server at http://carrier:9080 2020-10-08T08:13:31.221471845Z 2020-10-08 08:13:31.221 [Thread-1] INFO c.quorum.tessera.server.JerseyServer - Stopping Jersey server at unix:/etc/quorum/qdata/tm/tm.ipc 2020-10-08T08:13:31.221708045Z 2020-10-08 08:13:31.221 [Thread-1] INFO o.e.jetty.server.AbstractConnector - Stopped UnixSocketConnector@602f8f94{HTTP/1.1,[http/1.1]}{/etc/quorum/qdata/tm/tm.ipc} 2020-10-08T08:13:31.237263355Z 2020-10-08 08:13:31.237 [Thread-1] INFO o.e.j.server.handler.ContextHandler - Stopped o.e.j.s.ServletContextHandler@3bb9ca38{/,null,UNAVAILABLE} 2020-10-08T08:13:31.240026357Z 2020-10-08 08:13:31.239 [Thread-1] INFO c.quorum.tessera.server.JerseyServer - Stopped Jersey server at unix:/etc/quorum/qdata/tm/tm.ipc 2020-10-08T08:13:31.240093857Z 2020-10-08 08:13:31.239 [Thread-1] INFO c.quorum.tessera.server.JerseyServer - Stopping Jersey server at http://carrier.test.quorum.blockchaincloudpoc.com:8443 2020-10-08T08:13:31.240258357Z 2020-10-08 08:13:31.240 [Thread-1] INFO c.quorum.tessera.server.JerseyServer - Stopped Jersey server at http://carrier.test.quorum.blockchaincloudpoc.com:8443 ```

suvajit-sarkar (Thu, 08 Oct 2020 08:44:16 GMT):
you need to configure the dns, for the tm service connections

sownak (Thu, 08 Oct 2020 09:08:37 GMT):
@NaveenRaju Please check the network.yaml. Following items are wrong in your configuration: 1. external_url_suffix: test.quorum.blockchaincloudpoc.com # This is the url suffix that will be added in DNS recordset. Must be different for different clusters 2. transaction_manager: port: 8443 # use port: 9001 when transaction_manager = "constellation" ambassador: 8443 # use ambassador: 15012 when transaction_manager = "constellation"

SivaramKannan (Thu, 08 Oct 2020 10:04:06 GMT):
Quick question: the orderer address configurd under channel's is this "ordererAddress: orderer1.org1ambassador.blockchaincloudpoc.com:8443". What if the orderer1 goes down some time after installation? I am guessing after installation it would not have an impact, but can some one clarify this?

SivaramKannan (Thu, 08 Oct 2020 10:04:06 GMT):
Quick question: In fabric network.yaml the orderer address configurd under channel's is this "ordererAddress: orderer1.org1ambassador.blockchaincloudpoc.com:8443". What if the orderer1 goes down some time after installation? I am guessing after installation it would not have an impact, but can some one clarify this?

suvajit-sarkar (Thu, 08 Oct 2020 11:26:56 GMT):
Hi All, We are not having our PI demo today. We will update on the date and time once the new invite is created

jagpreet (Fri, 09 Oct 2020 08:51:31 GMT):
Yes, its fine if it goes down after everything is setup. It might give error during a transaction though

SivaramKannan (Fri, 09 Oct 2020 08:58:38 GMT):
say I have 3 orderers in the system and orderer1 goes down, ideally transactions should go through since the orderers still have quorum

jagpreet (Fri, 09 Oct 2020 09:31:42 GMT):
Yes, that's fine. What I think from my end is the number of orderers which might create a issue (incase they cant have a consensus over even number of RAFT orderers)

NaveenRaju (Fri, 09 Oct 2020 13:01:22 GMT):
@sownak I'm using Tessera for TM, so I no need to change ports right?

sownak (Fri, 09 Oct 2020 15:09:18 GMT):
doesnt seem you are using 8443, because tessera is starting with 9080 port

SivaramKannan (Mon, 12 Oct 2020 03:55:34 GMT):
Hi team - does the issue #1094(https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1094) mean configuring multiple orderers in fabric won't work until the issue is fixed?

suvajit-sarkar (Mon, 12 Oct 2020 09:09:00 GMT):
Multi orderers support is already supported by BAF https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1094 issue blocks adding of new orderer to RAFT cluster

SivaramKannan (Mon, 12 Oct 2020 09:20:42 GMT):
Thanks for the clarification

suvajit-sarkar (Mon, 12 Oct 2020 11:13:38 GMT):
Hello Everyone, We will be having our Sprint Planning today (5.30pm - 6.30pm IST) Feel free to join us on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

skulos (Mon, 12 Oct 2020 12:55:00 GMT):
Has joined the channel.

SivaramKannan (Tue, 13 Oct 2020 03:31:15 GMT):
Can a fabric orderer be part of multiple organisations(including organisation that has a peer?). Theoretically this should be possible considering each orderer has a organization key, I am not sure whether it is acceptable configuration with BAF though

suvajit-sarkar (Tue, 13 Oct 2020 09:12:40 GMT):
Currently BAF does not provide this configuration option, though we have an open issue to add this feature https://github.com/hyperledger-labs/blockchain-automation-framework/issues/614

NaveenRaju (Wed, 14 Oct 2020 20:47:15 GMT):

Screenshot 2020-10-15 at 2.15.56 AM.png

NaveenRaju (Wed, 14 Oct 2020 20:47:35 GMT):
@sownak

NaveenRaju (Wed, 14 Oct 2020 20:50:35 GMT):

Screenshot 2020-10-15 at 2.20.19 AM.png

VinodReddy (Thu, 15 Oct 2020 07:17:10 GMT):
Has joined the channel.

VinodReddy (Thu, 15 Oct 2020 08:39:02 GMT):
does BAF runs on 4GB RAM

jagpreet (Thu, 15 Oct 2020 08:41:07 GMT):
BAF runs on kubernetes cluster and if you want to simulate a kubernetes cluster on a local machine with 4GB ram using minikube, 4GB ram is insufficient.

sownak (Thu, 15 Oct 2020 08:43:02 GMT):
That seems to me as a problem with your container. The error says "cannot bind". Please check tessera documentation

skulos (Thu, 15 Oct 2020 08:56:20 GMT):
Minikube is great, but Kind (https://kind.sigs.k8s.io/) is better if you are looking to simulate multi nodes, with as many masters and slaves as you'd like. It's the "original Kubernetes" project.

jagpreet (Thu, 15 Oct 2020 09:22:41 GMT):
Yes kind is way better. It supports multi cluster environment setup with each cluster having multiple master and slaves, with diffirent kubernetes images (as well as self build ones). The current BAF code needs some modifications to work with kind (mostly the changes are in the storage class template for kind). We look forward towards community contribution for the same. :slight_smile:

skulos (Thu, 15 Oct 2020 10:13:13 GMT):
I'd love to help, but I'm not on the BAF wagon yet. Still finding my feet. But when I'm here, I'll check it out if some else has not done it yet

Bobbijn (Thu, 15 Oct 2020 16:58:18 GMT):
Has joined the channel.

davidwboswell (Thu, 15 Oct 2020 17:11:18 GMT):
For anyone who missed the BAF meetup today you can find the recording at: https://youtu.be/VWG8WRo5EVQ

jagpreet (Fri, 16 Oct 2020 08:55:26 GMT):
Yes sure. You can visit our [github issue board](https://github.com/hyperledger-labs/blockchain-automation-framework/labels/good-first-issue) which has issues tagged as 'good-first-issue'. The issues tagged with this can be easily picked up the community to get in touch with BAF

SivaramKannan (Fri, 16 Oct 2020 15:05:18 GMT):
Say I have lost a whole K8S cluster due to a DR scenario which has one organisation (CA, CA tools and peers), is it possible to recover or re-deploy that particular organisation?

sownak (Fri, 16 Oct 2020 15:11:14 GMT):
All the kubernetes configs except the secrets should be stored in your git repo and as soon as deploy flux, you should be able to get everything, just the secrets need to be created

SivaramKannan (Fri, 16 Oct 2020 15:12:55 GMT):
if I create the secret, can I use deploy-network.yaml to deploy the network?

sownak (Fri, 16 Oct 2020 15:13:43 GMT):
if you again use deploy-network, the required secrets will be created

sownak (Fri, 16 Oct 2020 15:14:17 GMT):
maybe it needs to be tested, and a operational process/steps need to be defined

SivaramKannan (Fri, 16 Oct 2020 15:15:28 GMT):
Let me test it and will create a ticket if there are issues

SivaramKannan (Fri, 16 Oct 2020 15:15:33 GMT):
thanks

suneel18 (Sun, 18 Oct 2020 17:47:39 GMT):
Has joined the channel.

suneel18 (Sun, 18 Oct 2020 17:47:43 GMT):
Does BAF support Hybrid Deployment, like can I spread my networks across different cloud providers on, in house cloud server's + public cloud?

sauveergoel (Mon, 19 Oct 2020 07:04:03 GMT):
Hi @suneel18, I would says as of now its partially correct as you can deploy the various organizations on multiple clusters but the only catch is they should be either MiniKube or AWS EKS clusters, since we haven't yet tested our platform with other cloud providers

sauveergoel (Mon, 19 Oct 2020 07:04:03 GMT):
Hi @suneel18, I would says as of now its partially correct as you can deploy the various organizations on multiple clusters but the only catch is they should be either MiniKube or a managed K8S cluster. We have tested it for AWS and Azure, not sure how BAF will respond to other cloud providers

sauveergoel (Mon, 19 Oct 2020 07:04:03 GMT):
Hi @suneel18, I would says as of now its partially correct as you can deploy the various organizations on multiple clusters but the only catch is they should be either MiniKube or a managed K8S cluster. We have only tested it for AWS and Azure yet, not sure how BAF will respond to other cloud providers

jagpreet (Mon, 19 Oct 2020 09:34:22 GMT):
Theoretically BAF does support housing various organizations on different cloud providers. We just require to test it out. We encourage the community engagement and contribution for the same. Major things to remember is the storage class templates of cloud providers, which are not incorporated yet in BAF (like for GKE and inhouse servers) and the DNS mapping to the load balancer URL.

mwklein (Mon, 19 Oct 2020 16:33:30 GMT):
Yes, BAF does support hybrid deployments with the caveats mentioned above for storage class templates. The construct to do this is via separate organizations for each k8s cluster running on different cloud providers.

SivaramKannan (Mon, 19 Oct 2020 16:36:36 GMT):
https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1117

ashlinSajan (Tue, 20 Oct 2020 11:00:13 GMT):

Screenshot from 2020-10-20 16-29-40.png

ashlinSajan (Tue, 20 Oct 2020 11:08:57 GMT):
Please help me on fixing this issue

sauveergoel (Tue, 20 Oct 2020 15:39:40 GMT):
@ashlinSajan seems like the playbook is not able to connect to the k8s cluster. you can verify your k8s configuration parameter in the network.yaml

sauveergoel (Tue, 20 Oct 2020 15:39:40 GMT):
@ashlinSajan seems like the playbook is not able to connect to your k8s cluster. You can verify your `k8s` configuration parameter in the `network.yaml`

SivaramKannan (Wed, 21 Oct 2020 11:59:42 GMT):
Hi Team - can someone take a look at this bug and tell me what could be wrong here - https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1117. I can work on this if there is some guidance

suvajit-sarkar (Thu, 22 Oct 2020 05:18:34 GMT):
Hi Everyone, We will be having our PI Demo today (22nd Oct, 9:00pm-10:00pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 The topics that will covered are - 1. BAF release v0.6.1 update and current roadmap 2. HL-Indy network deployment and identity reference app. integration using BAF 3. HL-Besu addition of member node organization on an existing network using BAF

sownak (Thu, 22 Oct 2020 13:30:07 GMT):
check the comment on there

sownak (Thu, 22 Oct 2020 15:36:46 GMT):
:star2: Announcement :star2: BAF 0.6.1 is released. This is the last release with Helm2 support. All active development on develop branch will be on Helm3 from now.

davidefreeman (Thu, 22 Oct 2020 16:27:36 GMT):
Has joined the channel.

suneel18 (Fri, 23 Oct 2020 08:35:36 GMT):
Hello Team, Is there any guide or document describing the steps to install and run BAF over Azure kubernetes service?

sownak (Fri, 23 Oct 2020 08:48:20 GMT):
We do not have a guide specific for AKS (we do not have a guide for EKS specific either). BAF is independent of the underlying Kubernetes platform, and as long as you provide the correct kubeconfig.yaml and the cloud_provider parameter in network.yaml, it should work. Fabric on AKS is already implemented by the community, so the storageclass template is also available. Let us know if you are facing any specific issue in deploying BAF on AKS.

SivaramKannan (Fri, 23 Oct 2020 10:18:02 GMT):
I have successfully run BAF on AKS. one potential thing is, while creating the storageclass BAF only creates Premium_LRS disks, the machine type I have chose did not support that. I had to change the Premium_LRS to Standard_LRS in the storageclass template.

SivaramKannan (Fri, 23 Oct 2020 10:29:25 GMT):
How do a delete an auth entry in the vault?? ``` 🕙 [23-Oct-2020 03:58:23 PM ] ❯ vault delete auth/org2-net-auth/config Error deleting auth/org2-net-auth/config: Error making API request.```

jagpreet (Fri, 23 Oct 2020 10:31:39 GMT):
You can disable an auth entry using `vault auth disable AUTH_PATH`

jagpreet (Fri, 23 Oct 2020 10:32:19 GMT):
For more information, you can refer to https://www.vaultproject.io/docs/commands/auth/disable

SivaramKannan (Fri, 23 Oct 2020 10:32:40 GMT):
is that what BAF does during reset?

jagpreet (Fri, 23 Oct 2020 10:39:43 GMT):
You can even use this `vault delete sys/auth/path`

SivaramKannan (Fri, 23 Oct 2020 10:44:01 GMT):
cool. let me try, thanks

amolpednekar (Fri, 23 Oct 2020 11:36:23 GMT):
Has joined the channel.

sidnaik1989 (Fri, 23 Oct 2020 11:37:57 GMT):
Has joined the channel.

anchit (Fri, 23 Oct 2020 14:27:51 GMT):
Is it recorded anywhere ?

mwklein (Fri, 23 Oct 2020 14:43:55 GMT):
@SivaramKannan that AKS storage class option sounds a great pull request candidate. Would love the contribution!

suneel18 (Fri, 23 Oct 2020 15:49:37 GMT):
Am trying to run BAF from my local mac and connecting it to Azure kubernetes cluster but it fails with below error, could anyone please suggest me on whats going wrong here FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (1 retries left).Result was: { "attempts": 20, "changed": false, "invocation": { "module_args": { "api_key": null, "api_version": "v1", "ca_cert": null, "client_cert": null, "client_key": null, "context": "CLUSTER", "field_selectors": [], "host": null, "kind": "ClusterRoleBinding", "kubeconfig": "MYPATH/build/kubeconfig.yaml", "label_selectors": [], "name": "supplychain-net-role-tokenreview-binding", "namespace": null, "password": null, "persist_config": null, "proxy": null, "username": null, "validate_certs": null, "wait": false, "wait_condition": null, "wait_sleep": 5, "wait_timeout": 120 } }, "resources": [], "retries": 21 }

sownak (Fri, 23 Oct 2020 15:50:38 GMT):
https://blockchain-automation-framework.readthedocs.io/en/develop/operations/baf_verify.html

suneel18 (Fri, 23 Oct 2020 16:35:52 GMT):
how would we know which issue is matching to my problem

sownak (Fri, 23 Oct 2020 16:38:01 GMT):
By following the flowchart step by step.

arsulegai (Fri, 23 Oct 2020 18:01:26 GMT):
Has joined the channel.

SivaramKannan (Sat, 24 Oct 2020 05:16:10 GMT):
BAF on AKS has its quirks. I have see it waiting long time to create clusterrole bindings and storageclass. What I have seen is, if the script fails on these two places, re-run the script. Also, make sure your gitops is set correctly, so the git push to the branch is successful.

suvajit-sarkar (Mon, 26 Oct 2020 10:12:20 GMT):
Hi All, We will having for Sprint planning today (26th Oct, 5.30pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

arsulegai (Tue, 27 Oct 2020 04:49:38 GMT):
This is where probably the AKS is not able to reach out to the Git repository.

SivaramKannan (Wed, 28 Oct 2020 06:12:22 GMT):
Hi Team - I am trying to test the DR scenario with BAF fabric and adding my observations to this ticket - https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1132. Can I get some comments on that please?

arsulegai (Wed, 28 Oct 2020 11:00:21 GMT):
Hi @sownak , I am trying out HLF through BAF When I am creating a new channel, I see the following path set in the HelmRelease that creates a job to create the channel. ``` vault: role: vault-role address: http://vault.arun-baf.svc.cluster.local:8200 authpath: org2-net-auth adminsecretprefix: secret/crypto/peerOrganizations/org2-net/users/admin orderersecretprefix: secret/crypto/peerOrganizations/org2-net/orderer serviceaccountname: vault-auth imagesecretname: regcred ```

arsulegai (Wed, 28 Oct 2020 11:01:27 GMT):
The path in the Vault is empty! Is there something fishy here?

jagpreet (Wed, 28 Oct 2020 11:03:19 GMT):
The paths should have the cryto already created by the CA. Are you trying to add a new channel to an existing HLF network, setup by BAF?

arsulegai (Wed, 28 Oct 2020 11:04:20 GMT):
Yes, I am adding a new channel to the existing network

jagpreet (Wed, 28 Oct 2020 11:07:51 GMT):
The vault should have the certificates already present, when the first network came up.

arsulegai (Wed, 28 Oct 2020 11:08:59 GMT):
I see the certificates and the keys present in the peers/orderers folder

arsulegai (Wed, 28 Oct 2020 11:09:09 GMT):
Just not this path, pointed here

arsulegai (Wed, 28 Oct 2020 11:10:22 GMT):
If you don't mind, can you tell when is this path supposed to be created?

jagpreet (Wed, 28 Oct 2020 11:11:53 GMT):
When the CA-Tools (CA Cli) comes up, we copy a script there to generate the crypto. That script upon running, generate the certificates. blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer

jagpreet (Wed, 28 Oct 2020 11:13:04 GMT):
In this role, there are tasks which push the certificates on these paths in vault (main.yaml)

arsulegai (Wed, 28 Oct 2020 12:03:21 GMT):
Thanks, I see this file. I see the folder structure created without the contents in the vault.

arsulegai (Wed, 28 Oct 2020 12:04:13 GMT):
Maybe it is checking if the msp folder is created and if so then the following condition won't be `True` ``` when: vault_admin_result.failed == True ``` Thus it is ignoring copy operation

arsulegai (Wed, 28 Oct 2020 12:04:55 GMT):
So if I go and delete this path in the vault and rerun, it should pick it up. But just curious if anybody have faced such issues?

SivaramKannan (Wed, 28 Oct 2020 12:37:40 GMT):
do you have the flag channelstatus set to new in the network.yaml?

arsulegai (Wed, 28 Oct 2020 12:38:46 GMT):
This is what I have set ``` channel_status: new ```

arsulegai (Wed, 28 Oct 2020 12:39:01 GMT):
Also, removing the secrets in vault didn't help

arsulegai (Wed, 28 Oct 2020 12:39:27 GMT):
It created those files with no content

arsulegai (Wed, 28 Oct 2020 12:40:25 GMT):

Clipboard - October 28, 2020 6:09 PM

SivaramKannan (Wed, 28 Oct 2020 12:41:16 GMT):
you are running add-new-channel.yaml playbook right?

arsulegai (Wed, 28 Oct 2020 12:44:50 GMT):
Oh! I am running the shared `site.yaml`.. Hmm, good point. Let me try the `add-new-channel.yaml` placed under `hyperledger-fabric`

arsulegai (Wed, 28 Oct 2020 12:49:19 GMT):
Is the above path a temporary one, used only by the CLIs/these kind of one time job?

SivaramKannan (Wed, 28 Oct 2020 12:49:51 GMT):
you mean the files under build folder?

arsulegai (Wed, 28 Oct 2020 12:50:40 GMT):
Files in the path shown above

arsulegai (Wed, 28 Oct 2020 12:50:53 GMT):
Curious to know why it is having secrets with empty contents

arsulegai (Wed, 28 Oct 2020 12:51:13 GMT):
(in the screenshot)

SivaramKannan (Wed, 28 Oct 2020 12:51:21 GMT):
in the vault?

arsulegai (Wed, 28 Oct 2020 12:51:26 GMT):
Yes

SivaramKannan (Wed, 28 Oct 2020 12:52:04 GMT):
the vault data is stored permanent. I am not sure why it it empty.

arsulegai (Wed, 28 Oct 2020 13:03:35 GMT):
I keep getting the same error

arsulegai (Wed, 28 Oct 2020 13:03:38 GMT):
The vault path is empty

SivaramKannan (Wed, 28 Oct 2020 13:40:29 GMT):
vault should not be empty. the scripts pulls the required certs and keys from vault to local temp folder for channel creation to work

arsulegai (Wed, 28 Oct 2020 14:23:28 GMT):
Vault has secrets in other files except for the above path

arsulegai (Wed, 28 Oct 2020 14:23:38 GMT):
I tried a clean install

arsulegai (Wed, 28 Oct 2020 14:23:47 GMT):
On 0.6.0.0 version

ashlinSajan (Fri, 30 Oct 2020 06:39:41 GMT):
Hi, I'm facing issue on creating the network, in my network.yaml only 2 org is mentioned and while running the BAF 3 org pods are creating. Is that issue is with the releases folder inside hyperledger fabric.Because in that org3 is present.

ashlinSajan (Fri, 30 Oct 2020 06:39:53 GMT):
Please help me on this.

suvajit-sarkar (Fri, 30 Oct 2020 08:37:13 GMT):
For fresh deployments you need to reset the network using the reset playbook or run /site.yaml -e @network.yaml -e reset=true

sownak (Fri, 30 Oct 2020 10:39:05 GMT):
Vault data can only be empty if the files were not there originally i.e your tlscerts are not getting created in your ansible controller

arsulegai (Mon, 02 Nov 2020 10:56:19 GMT):
Thanks, it was the issue with upgrade. Changing from Fabric version 1.4.x to 2.0.x

arsulegai (Mon, 02 Nov 2020 10:57:24 GMT):
Curious, this vault seems to be giving me multiple issues. Have you seen this error? ``` error while running "VolumeBinding" filter plugin for pod "ca-xxxxx-xxx": pod has unbound immediate PersistentVolumeClaims ``` This happens on all the pods unfortunately. It never was the case until today.

sidnaik1989 (Mon, 02 Nov 2020 10:57:59 GMT):
I am trying to setup a network through BAF on a on-prem kubernetes cluster.

sidnaik1989 (Mon, 02 Nov 2020 10:57:59 GMT):
I am trying to setup a network through BAF on a on-prem kubernetes cluster (not minikube) . What should be the value of cloud_provider field? The sample file only seems to mention # Options: aws, azure, gcp, minikube

sownak (Mon, 02 Nov 2020 11:01:11 GMT):
Dont think Vault has anything to fo with your volumes on Kubernetes. Please check your Kubernetes storageclass and volume definitions

sownak (Mon, 02 Nov 2020 11:01:11 GMT):
Dont think Vault has anything to do with your volumes on Kubernetes. Please check your Kubernetes storageclass and volume definitions

sownak (Mon, 02 Nov 2020 11:03:11 GMT):
BAF has been tested for non-managed k8s only for Indy, so you can find how that is done in the Indy code. But it will be on AWS VMs. On-prem support is not out-of-the-box for BAF, you will have to configure the strorageclasses and code according to your own requirements.

sidnaik1989 (Mon, 02 Nov 2020 11:08:41 GMT):
In the sample file there under Organizations.Organization.type the value is orderer \ peer. Does BAF support a single organization running both an orderer and a peer?

sownak (Mon, 02 Nov 2020 11:10:02 GMT):
No. Only one as defined by type of the organization

sownak (Mon, 02 Nov 2020 11:10:52 GMT):
Again, if that needs as per your requirement, you can configure the code to suit your needs. It is opensource after all

sownak (Mon, 02 Nov 2020 11:10:52 GMT):
Again, if that is needed as per your requirement, you can configure the code to suit your needs. It is opensource after all

sidnaik1989 (Mon, 02 Nov 2020 11:50:09 GMT):
Has the fabric deployment been tested with any other provider other then AWS?

sownak (Mon, 02 Nov 2020 11:50:27 GMT):
Azure

chanjaljayaram (Mon, 02 Nov 2020 14:12:25 GMT):
Has joined the channel.

chanjaljayaram (Mon, 02 Nov 2020 14:28:20 GMT):
I'm trying a sample Fabric network deployment through BAF on Azure. I'm hitting "no such hosts" issues like the one pasted below. I believe external DNS have to set up to resolve the hostnames?````````` ``` 2020-11-02 13:52:44.205 UTC [orderer.common.cluster.puller] func1 -> WARN 690 Received error of type 'failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp: lookup orderer2.org1ambassador.blockchaincloudpoc.com on 10.0.0.10:53: no such host"' from {orderer2.org1ambassador.blockchaincloudpoc.com:8443 ``` ``` ``` Is there a follow along documentation for Fabric network deployment via BAF? ```

chanjaljayaram (Mon, 02 Nov 2020 14:28:20 GMT):
I'm trying a sample Fabric network deployment through BAF on Azure. I'm hitting "no such hosts" issues like the one pasted below. I believe external DNS have to set up to resolve the hostnames?````````` ``` 2020-11-02 13:52:44.205 UTC [orderer.common.cluster.puller] func1 -> WARN 690 Received error of type 'failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp: lookup orderer2.org1ambassador.blockchaincloudpoc.com on 10.0.0.10:53: no such host"' from {orderer2.org1ambassador.blockchaincloudpoc.com:8443 ``` ``` Since the HA Proxy deployment is also part of the package BAF deploys how do I make the external DNS updates? ``` Is there a follow along kind of documentation for Fabric network deployment via BAF? ```

sownak (Mon, 02 Nov 2020 15:17:08 GMT):
External DNS is a prerequisite for BAF. Please check https://blockchain-automation-framework.readthedocs.io/en/develop/operations/configure_prerequisites.html on how to configure the pre-requisites

mwklein (Mon, 02 Nov 2020 17:25:07 GMT):
The updates to support a vanilla k8s deployment should only be to the storage classes and associated PVs and PVCs. We are not sure what the needs will be of those deployment types, but could definitely consider creating a generic "baf-vanilla" storage class that could be used as you see fit.

sidnaik1989 (Tue, 03 Nov 2020 03:58:35 GMT):
The sample nettwork.yaml file mentions below for version ``` # currently tested 1.4.0 and 1.4.4 ```

sidnaik1989 (Tue, 03 Nov 2020 03:58:35 GMT):
The sample nettwork.yaml file mentions below for version ``` # currently tested 1.4.0 and 1.4.4 ``` Has it been tested with 2.0.0 also?

suneel18 (Tue, 03 Nov 2020 12:04:16 GMT):
Hello Team, Am trying to run BAF on Azure kubernetes service and making changes with "cli:" property under peer One thing I observed is for Peer0 when cli property is enabled the cli container does not get created on first run, but when I run the operation to add a new peer, then the cli pod for existing peer(peer0) gets created and no cli for newly added peer even while cli is enabled for new peer(peer1). Plus my operation of adding a new org to network fails at a step to "create existing_peer_cli_job file for Existing Org" Can anyone explain why is it happening so and what's the logic behind this working

Asthay971234 (Thu, 05 Nov 2020 06:05:13 GMT):
Has joined the channel.

arnoudbevers (Thu, 05 Nov 2020 10:08:07 GMT):
Hey Sidnaik, currently we have not tested `2.0.0`. We saw that there were no big functionality changes from `1.4.4` to `2.0.0`. There is a feature branch for `2.2.0` which has some larger changes. You can use that one but remember it's still in feature state.

arnoudbevers (Thu, 05 Nov 2020 10:08:07 GMT):
Hey Sidnaik, we have tested `2.0.0`, but we saw that there were no big functionality changes from `1.4.4` to `2.0.0` to add it as a major supported version. There is a feature branch for `2.2.0` which has some larger changes. You can use that one but remember it's still in feature state.

jagpreet (Thu, 05 Nov 2020 10:14:50 GMT):
I think there is some other issue with your deployment. If the cli: enabled is there in the network.yaml, it spins up the cli for the respective peer. (Even for first time network deployment) For the add new org scenario, the CLI is created at 2 steps. 1. When `cli: enabled` is present in the peer section of network.yaml 2. A series of CLI are created to sign the channel config block difference, which is required to add a new org

jvdacasin (Thu, 05 Nov 2020 12:29:56 GMT):
Hello team, Am trying to run BAF using minikube and Corda opensource network on AWS and getting this error: TASK [setup/tiller : Check if Tiller is already installed in the Kubernetes clusters] ******************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/tiller/tasks/main.yaml:2 redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get client due to HTTPSConnectionPool(host='*minikube ip*', port=8443): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 110] Connection timed out',))"} P.S. *I have already added an AWS egress rule for HTTPS. Any ideas? Thank you!

jvdacasin (Thu, 05 Nov 2020 12:31:38 GMT):
also, I am running OS Linux 2 Rhel

suvajit-sarkar (Thu, 05 Nov 2020 14:31:39 GMT):
can you kindly confirm which BAF release tag your are running ?

suvajit-sarkar (Thu, 05 Nov 2020 14:31:39 GMT):
can you kindly confirm which BAF release tag you are running ?

sudobangbang (Thu, 05 Nov 2020 15:33:52 GMT):
Has joined the channel.

duncanjw (Thu, 05 Nov 2020 18:39:54 GMT):
Has joined the channel.

duncanjw (Thu, 05 Nov 2020 18:39:55 GMT):
@JHamilton cool presentation @ Hyperledger Denver Meetup

MohitRakhade (Thu, 05 Nov 2020 18:55:54 GMT):
Has joined the channel.

MohitRakhade (Thu, 05 Nov 2020 18:55:55 GMT):
Hi my name is Mohit Rakhade, I am purusing B.Tech in Information technology currently in 3rd year. I have knowledge of web technologies in like nodejs and react js. And its been 2 months I am learning about Fabric.

davidwboswell (Thu, 05 Nov 2020 18:56:37 GMT):
@MohitRakhade -- thanks for joining the chat and nice to get a chance to talk with you at the Denver meetup today.

MohitRakhade (Thu, 05 Nov 2020 18:57:07 GMT):
My plesure @davidwboswell

JHamilton (Thu, 05 Nov 2020 20:00:33 GMT):
Thank you Duncan and welcome to the BAF channel!

JHamilton (Thu, 05 Nov 2020 20:01:50 GMT):
Hi Mohit, thanks for joining the session today & the channel!

JHamilton (Thu, 05 Nov 2020 20:02:41 GMT):
for those joining after the webinar, i'm sharing some content that is helpful for learning about BAF and using / contributing Repo https://github.com/hyperledger-labs/blockchain-automation-framework Roadmap https://blockchain-automation-framework.readthedocs.io/en/latest/roadmap.html Wiki https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework+lab Upcoming Meetings https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings (search Blockchain Automation Framework) Demos https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework

moosman (Fri, 06 Nov 2020 02:01:04 GMT):
Has joined the channel.

jvdacasin (Fri, 06 Nov 2020 08:48:06 GMT):
Hello Suvajit. I forked the latest BAF here https://github.com/hyperledger-labs/blockchain-automation-framework So i think im at latest tag 0.6.1

sownak (Fri, 06 Nov 2020 09:51:25 GMT):
Is your minikube running on AWS EC2 machine?

jvdacasin (Fri, 06 Nov 2020 10:02:13 GMT):
Hello Sownak. On an AWS Workspace.

sownak (Fri, 06 Nov 2020 10:04:04 GMT):
ok, so it looks like where you are running the ansible from, it is not able to reach the minikube ip. Are you able to run "kubectl get pods -A" from the ansible machine with the same kubeconfig that you have specified in network.yaml?

jvdacasin (Fri, 06 Nov 2020 15:29:49 GMT):
hello, Sownak. got an error the first time: root@1c67cefafe2d:/home# kubectl get pods -A The connection to the server localhost:8080 was refused - did you specify the right host or port? so I exported the KUBECONFIG location. root@1c67cefafe2d:/home# export KUBECONFIG=/home/blockchain-automation-framework/build/config But when i tried again I got this: root@1c67cefafe2d:/home# kubectl get pods -A Unable to connect to the server: dial tcp *minikube ip*:8443: i/o timeout

sownak (Fri, 06 Nov 2020 15:30:30 GMT):
so your kubeconfig file is wrong

sownak (Fri, 06 Nov 2020 15:32:24 GMT):
Does it actually contain "minikube ip" or are you masking it because you dont want to share?

jvdacasin (Fri, 06 Nov 2020 15:33:42 GMT):
yes Sownak its an actual IP address im just masking it.

sownak (Fri, 06 Nov 2020 15:38:13 GMT):
well, then either the minikube is not running or the kubeconfig file is wrong

sownak (Fri, 06 Nov 2020 15:38:45 GMT):
until you can do a kubectl get pods with the same kubeconfig file, it will never work from Ansible

jvdacasin (Fri, 06 Nov 2020 15:42:30 GMT):
Thanks Sownak, I will check and try some things to the ansible setup.

jvdacasin (Fri, 06 Nov 2020 15:44:21 GMT):

minikube dashboard

jvdacasin (Fri, 06 Nov 2020 15:44:23 GMT):
I can confirm that minikube is up

MaximusGit (Sat, 07 Nov 2020 09:31:10 GMT):
Has joined the channel.

arsulegai (Sat, 07 Nov 2020 10:21:25 GMT):
Got it! This was more of an issue with my setup because of the VM size in the K8s cluster.

AliciaKiran (Sun, 08 Nov 2020 12:58:56 GMT):
Has joined the channel.

Vats 25 (Sun, 08 Nov 2020 14:31:23 GMT):
Has joined the channel.

suvajit-sarkar (Mon, 09 Nov 2020 06:08:42 GMT):
Hi All, We will having our Sprint planning today (9th Nov, 5.30pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Mon, 09 Nov 2020 06:08:42 GMT):
Hi All, We will be having our Sprint planning today (9th Nov, 5.30pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Mon, 09 Nov 2020 06:08:42 GMT):
Hi All, We will be having our Sprint planning today 9th Nov, 1-2pm GMT (6.30-7.30 pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suneel18 (Mon, 09 Nov 2020 06:57:41 GMT):
How could we skip the default chaincode install+instantiate step while starting the network in network.yaml file?

suneel18 (Mon, 09 Nov 2020 06:57:41 GMT):
How could we skip the default chaincode install+instantiate step while starting the network in network.yaml file? I tried commenting out the chaincode section in yaml but it still attempts for install-chaincode job

sidnaik1989 (Mon, 09 Nov 2020 12:45:05 GMT):
In platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml under channel > participants > organization > manufecturer, the gossip address is from domain 'warehouse-net.org2ambassador.blockchaincloudpoc.com' while the peer address is under domain 'warehouse-net.org3ambassador.blockchaincloudpoc.com'. ``` ``` In the organization config for manufacturer external url suffix is org2ambassador.blockchaincloudpoc.com. while peerAddress us under org3Ambassador. Should the peers external URL also be under the same namespace? i.e org2ambassador ? What am I missing here?

sidnaik1989 (Mon, 09 Nov 2020 12:45:05 GMT):
In platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml under channel > participants > organization > warehouse, the gossip address is from domain 'warehouse-net.org2ambassador.blockchaincloudpoc.com' while the peer address is under domain 'warehouse-net.org3ambassador.blockchaincloudpoc.com'. ``` ``` In the organization config for warehouse external url suffix is org2ambassador.blockchaincloudpoc.com. while peerAddress us under org3Ambassador. Should the peers external URL also be under the same namespace? i.e org2ambassador ? What am I missing here?

sidnaik1989 (Mon, 09 Nov 2020 12:45:05 GMT):
In platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml under channel > participants > organization > warehouse, the gossip address is from domain 'warehouse-net.org2ambassador.blockchaincloudpoc.com' while the peer address is under domain 'warehouse-net.org3ambassador.blockchaincloudpoc.com'. ``` ``` In the organization config for warehouse external url suffix is org2ambassador.blockchaincloudpoc.com. while peerAddress is under org3Ambassador. Should the peers external URL also be under the same namespace? i.e org2ambassador ? What am I missing here?

arsulegai (Mon, 09 Nov 2020 12:47:02 GMT):
You are right, this looks to be a miss.

sidnaik1989 (Mon, 09 Nov 2020 12:47:29 GMT):
same is the case with manufacturer

arsulegai (Mon, 09 Nov 2020 12:48:15 GMT):
You could correct it in a PR

sidnaik1989 (Mon, 09 Nov 2020 12:48:57 GMT):
yes

suneel18 (Mon, 09 Nov 2020 18:50:16 GMT):
Does BAF support operation to Install chaincode on an existing network, since we don't have any sample task just for installing chaincode and even the document does not include it in operation guide?

sidnaik1989 (Tue, 10 Nov 2020 03:52:44 GMT):
I am trying to setup a fabric network on azure cluster through BAF. When executing environment-setup.yaml there is a failure at ``` TASK [setup/tiller : Check if Tiller is already installed in the Kubernetes clusters] ``` The error see is ``` * An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) ``` However the cluster is not setup on a different host. Shouldn't the task be trying to connect at he k8s cluster API URL setup in k8s.config_file? What could be the issue?

sidnaik1989 (Tue, 10 Nov 2020 03:52:44 GMT):
I am trying to setup a fabric network on azure cluster through BAF. When executing environment-setup.yaml there is a failure at ``` TASK [setup/tiller : Check if Tiller is already installed in the Kubernetes clusters] ``` The error see is ``` An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) ``` However the cluster is not setup on a different host. Shouldn't the task be trying to connect at he k8s cluster API URL setup in k8s.config_file? What could be the issue?

sidnaik1989 (Tue, 10 Nov 2020 03:52:44 GMT):
I am trying to setup a fabric network on azure cluster through BAF. When executing environment-setup.yaml there is a failure at ``` TASK [setup/tiller : Check if Tiller is already installed in the Kubernetes clusters] ``` The error see is ``` An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) ``` However the cluster is not setup on a different host. Shouldn't the task be trying to connect at he k8s cluster API URL setup in k8s.config_file? What could be the issue? I am able to connect to the cluster through kubectl on the same system

sidnaik1989 (Tue, 10 Nov 2020 03:55:39 GMT):
I am able to connect to the cluster through kubectl on the same system

SivaramKannan (Tue, 10 Nov 2020 04:49:12 GMT):
Hi Team - I was trying the deployment with minikube and I get this below error with the init containers of CA ``` + VAULT_CLIENT_TOKEN='{ "errors": [ "permission denied" ] }' + validateVaultResponse 'vault login token' '{ "errors": [ "permission denied" ] }' + echo '{' '"errors":' '[' '"permission' 'denied"' ] '}' + grep errors { "errors": [ "permission denied" ] } ERROR: unable to retrieve vault login token: { "errors": [ "permission denied" ] } + echo 'ERROR: unable to retrieve vault login token: { "errors": [ "permission denied" ] }' + exit 1 ```

SivaramKannan (Tue, 10 Nov 2020 04:50:30 GMT):
Actually I was trying to make kind work and I hit the same error. Just to see whether minikube works I tried and hit the same error. Any idea why am I getting this error?

sidnaik1989 (Tue, 10 Nov 2020 04:58:07 GMT):
Seems like this was related to python. Worked after updating ansible config to use python 3

jagpreet (Tue, 10 Nov 2020 05:55:55 GMT):
Yes

jagpreet (Tue, 10 Nov 2020 06:02:57 GMT):
Hi, We do support installation of chaincode over existing network. This playbook can be used to do the same https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-fabric/configuration/chaincode-install-instantiate.yaml Regarding, having an operational guide for the same, you can contribute back by writing the same, which is tracked by the issue https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1165

jagpreet (Tue, 10 Nov 2020 06:07:57 GMT):
We don't actively support testing over minikube, but this seems to be an issue with the vault itself. Can you verify if the [vault-kubernetes role](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml) performed the tasks over the vault?

jagpreet (Tue, 10 Nov 2020 06:22:23 GMT):
The code has checks in place which will not install chaincode, if the chaincode section is missing. For example, In this [file](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-fabric/configuration/roles/create/chaincode/install/tasks/main.yaml), there is a check for the chaincode block. Can you please confirm which fabric version are you mentioning in the network.yaml and which code branch are you using to deploy the network?

SivaramKannan (Tue, 10 Nov 2020 06:33:30 GMT):
I can actually see the auth created in the vault with the org name. that means the vault-kubernetes-role is successful right?

jagpreet (Tue, 10 Nov 2020 06:34:31 GMT):
Yes

jagpreet (Tue, 10 Nov 2020 06:39:24 GMT):

Clipboard - November 10, 2020 12:09 PM

jagpreet (Tue, 10 Nov 2020 06:39:28 GMT):
It is successful, but when the init container of CA is trying to fetch the custom vault token using the Service account token, it is not being authorized. So, you can try to manually run those commands in the init container of CA (using tail -f /dev/null so that the container doesnt exit)

SivaramKannan (Tue, 10 Nov 2020 06:40:07 GMT):
cool. let me try that.

SivaramKannan (Tue, 10 Nov 2020 06:40:09 GMT):
thanks

jwavoetacn (Tue, 10 Nov 2020 08:46:55 GMT):
Has joined the channel.

SivaramKannan (Tue, 10 Nov 2020 10:32:13 GMT):
``` /usr/src # curl -sS --request POST ${VAULT_ADDR}/v1/auth/${KUBERNETES_AUTH_PATH}/login -H "Content-Type: application/json" -d '{"role":"'"${VAULT_APP_ROLE}"'","jwt":"'"${KUBE_SA_TOKEN}"'"}' {"errors":["permission denied"]} /usr/src # echo $VAULT_ADDR http://vault-kind.eastus.azurecontainer.io:8200 /usr/src # echo $KUBERNETES_AUTH_PATH ordorg-net-auth```

SivaramKannan (Tue, 10 Nov 2020 10:32:44 GMT):
I guess it is failing at the same place above. but I don't understand it though. any idea why it is failing here?

jagpreet (Tue, 10 Nov 2020 10:34:19 GMT):
Hmm, mostly the auth path didnt got deleted on reset.. That's why its expecting the prev SA token which in case of minikube will change.

SivaramKannan (Tue, 10 Nov 2020 10:34:50 GMT):
ohh.. if I delete it should work then?

jagpreet (Tue, 10 Nov 2020 10:35:34 GMT):
Yes, try that, and let us know, was it the issue.

jagpreet (Tue, 10 Nov 2020 10:36:32 GMT):
In the above command it is trying to log into vault using the KUBE_SA_TOKEN and getting access denied.. So most probably that SA_TOKEN is not the one registered with the KUBERNETES_AUTH_PATH

SivaramKannan (Tue, 10 Nov 2020 10:37:09 GMT):
let me try that

arsulegai (Tue, 10 Nov 2020 13:01:35 GMT):
@sownak curious to learn if adding members to the consortium in case of Hyperledger Fabric was thought of, if not then we would evaluate?

sownak (Tue, 10 Nov 2020 13:02:46 GMT):
What do you mean by consortium in Fabric?

arsulegai (Tue, 10 Nov 2020 13:04:05 GMT):
I am trying out a scenario to create a new channel, by adding an organization that was not part of the initial `network.yaml`. This later ends up with the error `Error: got unexpected status: BAD_REQUEST -- Attempted to include a member which is not in the consortium`

sownak (Tue, 10 Nov 2020 13:05:18 GMT):
If you are adding a new org to existing channel, you need to follow the Add new org playbook

arsulegai (Tue, 10 Nov 2020 13:09:02 GMT):
Followed that, addition of a new org to an existing channel is successful. However, if I want to propose a new channel (be with the members not part of the initial `network.yaml`) it doesn't work. Reason is `syschannel` does not include these new orgs in the consortium.

sownak (Tue, 10 Nov 2020 13:10:14 GMT):
yes, adding a new org to a new channel is not supported yet. Can be taken up

arsulegai (Tue, 10 Nov 2020 13:10:46 GMT):
Got it! Thanks

suneel18 (Tue, 10 Nov 2020 14:08:47 GMT):
am using version as "2.0.0" on master branch

suvajit-sarkar (Wed, 11 Nov 2020 06:34:58 GMT):
Hi @jvdacasin, wanted to follow up with you on this, is your error resolved ?

suvajit-sarkar (Wed, 11 Nov 2020 08:57:51 GMT):
The code on master branch should work as explained above, please verify that you don't have the chaincode field defined under the any organization.services.peer section

suneel18 (Wed, 11 Nov 2020 14:26:35 GMT):
Hello Team, am able to deploy and run chaincode on a fabric network through BAF but am not able to see any pod created for chaincode containers, where can we see the containers/pods created for chaincode runtime of each peers

jorgeRodriguez (Wed, 11 Nov 2020 16:00:11 GMT):
Has joined the channel.

anweiss (Wed, 11 Nov 2020 17:31:45 GMT):
hey @SivaramKannan @jagpreet I'm running into this same issue ... what exactly should be deleted to get this working? I've tried removing my minikube cluster altogether and re-creating it, but am still running into an "permission denied" error when it attempts the vault login

jagpreet (Thu, 12 Nov 2020 09:23:27 GMT):
Can you check the master k8's node for the chaincode container (using docker ps --no-trunc)?

suneel18 (Thu, 12 Nov 2020 13:57:40 GMT):
where can we find the code that sets up chaincode containers to master node?

suneel18 (Thu, 12 Nov 2020 13:57:40 GMT):
do we have any description that mentions about this process of running chaincode containers inside master node and also where can we find the code that sets up chaincode containers to master node?

SivaramKannan (Thu, 12 Nov 2020 14:29:38 GMT):
I am not sure what provider you are running BAF on, AKS makes it very difficult to see it. You need to login to the worker node and do a docker ps to see the container that is launched.

SivaramKannan (Thu, 12 Nov 2020 14:30:09 GMT):
For AKS - https://docs.microsoft.com/en-us/azure/aks/ssh

SivaramKannan (Thu, 12 Nov 2020 14:38:45 GMT):
To remove the docker dependency and make it much more CI/CD friendly - https://hyperledger-fabric.readthedocs.io/en/release-2.2/cc_service.html

suneel18 (Thu, 12 Nov 2020 14:56:00 GMT):
Yeah am trying it on AKS for fabric version 2.0

SivaramKannan (Thu, 12 Nov 2020 14:57:33 GMT):
you can see the container running in the worker node after installation of the chaincode

suneel18 (Thu, 12 Nov 2020 15:00:46 GMT):
is there anyway we can modify this behaviour through BAF by changing the value for CORE_VM_ENDPOINT in the chaincode instantiation task?

SivaramKannan (Thu, 12 Nov 2020 15:03:35 GMT):
you mean changing it to external chaincode? I am not sure.

SivaramKannan (Thu, 12 Nov 2020 15:04:05 GMT):
but do you have a problem with chaincode right now??

suneel18 (Thu, 12 Nov 2020 15:05:15 GMT):
no it runs properly but its just that we were not to able to see any containers for chaincode runtime

SivaramKannan (Thu, 12 Nov 2020 15:06:08 GMT):
login to the worker node as I mentioned above. also, you can see the execution information in the peer logs as well

suneel18 (Thu, 12 Nov 2020 15:07:01 GMT):
wanted to see where it is runing and to check if we can modify it to run as a pod or container like other kubernetes objects

SivaramKannan (Thu, 12 Nov 2020 15:08:49 GMT):
you can get a more authoritative answer from #fabric-questions I guess

suneel18 (Thu, 12 Nov 2020 15:09:58 GMT):
Sure, thanks a lot Sivaram :)

anweiss (Fri, 13 Nov 2020 17:55:04 GMT):
hey all ...I'm trying to deploy BAF on a brand new MInikube deployment, but am getting the following error: ``` Getting secrets from Vault Server: http:// { "errors": [ "permission denied" ] } ERROR: unable to retrieve vault login token: { "errors": [ "permission denied" ] } ```

anweiss (Fri, 13 Nov 2020 17:55:23 GMT):
I verified that the root token in my `network.yaml` is correct

mwklein (Fri, 13 Nov 2020 20:18:37 GMT):
Is your vault unsealed prior to executing the playbook?

arsulegai (Sun, 15 Nov 2020 13:43:29 GMT):
The link you gave looks to be something useful. One cannot guarantee the guarantee of service availability if it runs outside the K8s control. @SivaramKannan do you know if this feature is in line for a release in BAF?

SivaramKannan (Sun, 15 Nov 2020 15:59:54 GMT):
where is your vault running?

SivaramKannan (Sun, 15 Nov 2020 16:00:31 GMT):
I faced the same issue when I was running vault in the cloud with minikube and kind, but when I moved the vault to local machine I don't face the issue any more

SivaramKannan (Mon, 16 Nov 2020 03:17:49 GMT):
I am not sure. But if you look at how BAF operates now, there is a job that installs CC. The job fails or runs successfully depending on whether the CC runs successfully in the platform. I don't think BAF can guarantee anything beyond this.

SivaramKannan (Mon, 16 Nov 2020 03:18:14 GMT):
are you running BAF from master branch or from feature/fabric220?

SivaramKannan (Mon, 16 Nov 2020 06:01:23 GMT):
I was able to make BAF work with Kind. If there is enough interest in Kind support, I can create a PR and document the same.

ginspctw (Mon, 16 Nov 2020 09:54:36 GMT):
Has joined the channel.

arnoudbevers (Tue, 17 Nov 2020 08:38:01 GMT):
Hi @anweiss is there any updates on this? We'd love to assist you on this

arnoudbevers (Tue, 17 Nov 2020 13:49:13 GMT):
Hey @SivaramKannan, this is a good suggestion, thank you! We're discussing this internally on how to approach this and will get back to you soon!

SivaramKannan (Tue, 17 Nov 2020 14:40:23 GMT):
I hit a problem though. Although the deployment of fabric is successful, CC installation is failing as there are issues with docker-on-docker in MAC. I think this would work in a linux machine, but in MAC I could not make the CC installation to work

SivaramKannan (Tue, 17 Nov 2020 14:41:45 GMT):
How do I change the volume size for CA/orderers/peers? I remember making the changes in values.yaml and working, but now I have to make the change directly on the deployment.yaml of CA/Orderes/peers to make changes to the volumes size? Is that how it is supposed to work?

SivaramKannan (Tue, 17 Nov 2020 14:42:40 GMT):
As a matter of fact minikube also fails during CC installation with similar issue

anweiss (Tue, 17 Nov 2020 17:34:15 GMT):
thanks @mwklein ... the Vault is unsealed

anweiss (Tue, 17 Nov 2020 17:34:33 GMT):
@SivaramKannan, indeed my Vault is running in the cloud

anweiss (Tue, 17 Nov 2020 17:35:02 GMT):
thanks @arnoudbevers, I managed to get this running by spinning up a different Vault instance in the Minikube cluster itself rather than using an existing Vault instance that I had deployed in the cloud

anweiss (Tue, 17 Nov 2020 20:33:45 GMT):
hey all ... I'm running into a `Error: got unexpected status: SERVICE_UNAVAILABLE -- no Raft leader` in the `createchannel` container of the `createchannel-allchannel` job when attempting a deployment on a fresh minikube cluster ... any ideas as to why this might be occurring?

arnoudbevers (Wed, 18 Nov 2020 08:52:45 GMT):
Hi @anweiss, can you verify that you are using an uneven amount of orderers? With Raft, if using an even amount, sometimes the leader election fails. If that's not the problem, can you check the orderer logs and get back to us?

arnoudbevers (Wed, 18 Nov 2020 08:54:30 GMT):
You can change the volume size in the associated `.tpl` files for HLF. They can be found in `platforms/hyperledger-fabric/configuration/roles/helm_component/templates`. They are not put in the `network.yaml` since we are not regularly changing the volume size for Fabric. For future, we'll make the `.tpl` changes easier by adding some `README.md`s

arnoudbevers (Wed, 18 Nov 2020 08:54:50 GMT):
Alright, feel free to keep us up to date!

SivaramKannan (Wed, 18 Nov 2020 08:55:53 GMT):
got it. Thanks @arnoudbevers

SivaramKannan (Thu, 19 Nov 2020 10:25:28 GMT):
Hi - I am trying to add a new organisation to an existing cluster and I tested with a test cluster it worked fine. When I tried the same procedure on a cluster that I created 20 days ago, it is not creating the clusterrolebinding for the new org and the deployment fails. how do I debug this?

SivaramKannan (Thu, 19 Nov 2020 10:26:30 GMT):
I checked the flux logs, I don't see any reference of this clusterrolebinding being created.

SivaramKannan (Thu, 19 Nov 2020 11:36:36 GMT):
I think I might have done a "git fetch" from the upstream branch after I did the deployment to do a different deployment. would that affect the older deployments and the branches created for flux?

sownak (Thu, 19 Nov 2020 14:27:54 GMT):
Check if your git branch is same as the branch you specified in gitops. Most likely the git push is not successful via the ansible

SivaramKannan (Thu, 19 Nov 2020 14:28:22 GMT):
that is correct.

SivaramKannan (Thu, 19 Nov 2020 14:28:29 GMT):
git push is failing

SivaramKannan (Thu, 19 Nov 2020 14:28:58 GMT):
can I delete the git branch and run the add-org.yaml?

sownak (Thu, 19 Nov 2020 14:29:04 GMT):
yes, you have to resolve that. Manually git push in the branch

sownak (Thu, 19 Nov 2020 14:30:06 GMT):
add-org should happen from the same branch if you have the same env.type in network.yaml

SivaramKannan (Thu, 19 Nov 2020 14:30:44 GMT):
ok, let me try that

sidnaik1989 (Fri, 20 Nov 2020 07:02:04 GMT):
The chaincode section under organization has a field 'maindirectory' which is supposed to point to main.go file. I wante to try deploying a Java chaincode. Is it supported? what should be the value of 'maindirectory' in case of java?

arnoudbevers (Fri, 20 Nov 2020 08:06:55 GMT):
Hey @sidank

arnoudbevers (Fri, 20 Nov 2020 08:10:57 GMT):
Hey @sidnaik1989, the maindirectory is the directory where the main Java file is located - the file that implements the `ContractInterface` in the case of Java. If you look at the Fabcar example (https://github.com/hyperledger/fabric-samples) the `maindirectory` is `java/src/main/java/org/hyperledger/fabric/samples/fabcar/`. This is combined with the `chaincode.path` variable in our `network.yaml` which is added onto it. In the case of the Fabcar example, the `path` is `chaincode/fabcar/java`. Hope this helps!

arsulegai (Fri, 20 Nov 2020 09:54:36 GMT):
This is another feature request for HL Fabric. @sownak let me know your thoughts if such a thing fits in long term strategy. It would be nice to have user identities created by admins (one who can run the BAF). To start with, introduce a new field under the peer organization, that allows the admins to create those user identities if not already present in the

sownak (Fri, 20 Nov 2020 10:38:15 GMT):
seems a good feature for advanced users and use-cases

metadata (Sat, 21 Nov 2020 09:54:31 GMT):
Has joined the channel.

jainsamyak (Sat, 21 Nov 2020 09:56:53 GMT):
Has joined the channel.

suvajit-sarkar (Mon, 23 Nov 2020 05:56:45 GMT):
Hi All, We will be having our Sprint planning today 23rd Nov, 1-2 pm GMT (6.30-7.30 pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

SivaramKannan (Tue, 24 Nov 2020 06:07:17 GMT):
While trying to add a new organization in fabric, I get the below error ```TASK [create/crypto/peer : Check that orderer-certificate file exists] ******************************************************************************************************************************************************* fatal: [localhost]: FAILED! => {"msg": "The conditional check 'add_new_org == 'true' and not orderer_file_result.stat.exists' failed. The error was: error while evaluating conditional (add_new_org == 'true' and not orderer_file_result.stat.exists): 'add_new_org' is undefined"}```

SivaramKannan (Tue, 24 Nov 2020 06:08:17 GMT):
I understand the script is expcepting orderer1.crt, but say if I have not preserved the crt file, can I get the cert from vault to make this work?

SivaramKannan (Tue, 24 Nov 2020 06:22:07 GMT):
what is add_new_org? I have org_status = new for the org I wanted to add, but what is add_new_org?

SivaramKannan (Tue, 24 Nov 2020 06:22:07 GMT):
what is add_new_org? I have org_status = new for the org I wanted to add, but the error is add_new_org is undefined

SivaramKannan (Tue, 24 Nov 2020 06:39:48 GMT):
ok, I guess the documentation is not update. I had to pass --extra-vars "add_new_org=True" as part of the ansible command. but my earlier question about orderer1.crt still stands? say if I don't preserve the file in the build dir, is it possible to get the file from vault?

SivaramKannan (Tue, 24 Nov 2020 08:26:50 GMT):
Ignore my above messages.

SivaramKannan (Tue, 24 Nov 2020 08:29:26 GMT):
I am trying to add a new organization to a cluster I created a month ago. since I had deleted the orderer1.crt, the deployment was failing. I copied the orderer1.crt from this path of another organization `secret/crypto/peerOrganizations//orderer/tls`

SivaramKannan (Tue, 24 Nov 2020 08:30:07 GMT):
during the peer deployment, the peer is crash looping with this error ```2020-11-24 08:21:10.777 UTC [msp] getPemMaterialFromDir -> WARN 001 Failed reading file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt: no pem content for file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt 2020-11-24 08:21:10.777 UTC [main] InitCmd -> ERRO 002 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/crypto/msp: Setup error: nil conf reference```

SivaramKannan (Tue, 24 Nov 2020 08:30:37 GMT):
and the server.crt in vault seems to be empty. not sure what I am missing here

SivaramKannan (Tue, 24 Nov 2020 08:55:27 GMT):
I think this might be the reason. the CA pod has this log "2020/11/24 08:12:14 [INFO] 10.244.2.61:48022 POST /enroll 500 0 "enroll handler failed to initialize DB: Error encountered while committing transaction: database is locked""

SivaramKannan (Tue, 24 Nov 2020 08:55:56 GMT):
any idea how to unlock this?

arnoudbevers (Tue, 24 Nov 2020 08:57:36 GMT):
Hi Sivaram, regarding this issue we have a bug about the certificates, found here, https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1178

arnoudbevers (Tue, 24 Nov 2020 08:58:27 GMT):
Which branch and fabric version are you using? The rerun of a Fabric network seems to fail most of the times due to the certificates not being on the right local file path and thus not being written to the Vault.

SivaramKannan (Tue, 24 Nov 2020 08:59:00 GMT):
I am on branch created from fabric220 probably a month ago

lakshyakumar (Tue, 24 Nov 2020 09:33:27 GMT):
Hi @SivaramKannan 1. The fabric 220 branch is experimental as of now, hence it might not be stable. 2. Which org CA logs are you refering to ( existing org or the new org ) ?

SivaramKannan (Tue, 24 Nov 2020 09:43:17 GMT):
Sorry, I think I might know why I am getting this error. I modified the SC to use azure-file, but CA won't start with azure-file.

SivaramKannan (Tue, 24 Nov 2020 09:43:28 GMT):
let me quickly fix that and try and get back.

SivaramKannan (Tue, 24 Nov 2020 10:26:34 GMT):
that was the issue. I normally deploy the CA on azure-disk and peers on azure-file. I forgot to make the right modification and CA also got deployed on azure-file and did not come up correctly. once I fixed it, peer came up correctly

jagpreet (Wed, 25 Nov 2020 03:41:29 GMT):
@anweiss you should run the [reset-network playbook](https://blockchain-automation-framework.readthedocs.io/en/latest/operations/setting_dlt.html?highlight=reset%3Dtrue#deleting-an-existing-dlt-blockchain-network), so that the vault settings are also deleted.

SivaramKannan (Thu, 26 Nov 2020 10:15:46 GMT):
Adding a new organization in fabric 2.2 fails with the below error ```"\u001b[36m2020-11-26 10:10:29.463 UTC [msp] Validate -> DEBU 01c\u001b[0m MSP org1MSP validating identity", "\u001b[36m2020-11-26 10:10:29.464 UTC [msp] GetDefaultSigningIdentity -> DEBU 01d\u001b[0m Obtaining default signing identity", "\u001b[34m2020-11-26 10:10:29.464 UTC [channelCmd] InitCmdFactory -> INFO 01e\u001b[0m Endorser and orderer connections initialized", "\u001b[36m2020-11-26 10:10:29.465 UTC [msp.identity] Sign -> DEBU 01f\u001b[0m Sign: plaintext: 0AA6080A076F7267314D5350129A082D...72697465727312002A0641646D696E73 ", "\u001b[36m2020-11-26 10:10:29.465 UTC [msp.identity] Sign -> DEBU 020\u001b[0m Sign: digest: CDEEE8E2587E2AC5B72B86FF9D904610A55A712325050E9AF69C3E4CDAF474D3 ", "\u001b[36m2020-11-26 10:10:29.466 UTC [msp.identity] Sign -> DEBU 021\u001b[0m Sign: plaintext: 0ADE080A1608021A060895FEFDFD0522...CEDA82A20F2F52B0F3E36B3D887946E4 ", "\u001b[36m2020-11-26 10:10:29.466 UTC [msp.identity] Sign -> DEBU 022\u001b[0m Sign: digest: 1F313A659A3D64C0E28B86186AD771790DD702AFBA9B85DE749BDC73A9C45050 ", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] WithKeepaliveParams -> DEBU 023\u001b[0m Adjusting keepalive ping interval to minimum period of 10s", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 024\u001b[0m parsed scheme: \"\"", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 025\u001b[0m scheme \"\" not registered, fallback to default scheme", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 026\u001b[0m ccResolverWrapper: sending update to cc: {[{orderer1.ordorg-net:7050 0 }] }", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 027\u001b[0m ClientConn switching balancer to \"pick_first\"", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 028\u001b[0m Channel switches to new LB policy \"pick_first\"", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 029\u001b[0m Subchannel Connectivity change to CONNECTING", "\u001b[36m2020-11-26 10:10:29.467 UTC [grpc] Infof -> DEBU 02a\u001b[0m Subchannel picks a new address \"orderer1.ordorg-net:7050\" to connect", "\u001b[36m2020-11-26 10:10:29.468 UTC [grpc] UpdateSubConnState -> DEBU 02b\u001b[0m pickfirstBalancer: HandleSubConnStateChange: 0xc00041bb10, {CONNECTING }", "\u001b[36m2020-11-26 10:10:29.468 UTC [grpc] Infof -> DEBU 02c\u001b[0m Channel Connectivity change to CONNECTING", "\u001b[36m2020-11-26 10:10:29.475 UTC [grpc] Infof -> DEBU 02d\u001b[0m Subchannel Connectivity change to READY", "\u001b[36m2020-11-26 10:10:29.475 UTC [grpc] UpdateSubConnState -> DEBU 02e\u001b[0m pickfirstBalancer: HandleSubConnStateChange: 0xc00041bb10, {READY }", "\u001b[36m2020-11-26 10:10:29.475 UTC [grpc] Infof -> DEBU 02f\u001b[0m Channel Connectivity change to READY", "Error: got unexpected status: BAD_REQUEST -- error applying config update to existing channel 'allchannel': error authorizing update: error validating DeltaSet: invalid mod_policy for element [Group] /Channel/Application/org3MSP: mod_policy not set", "command terminated with exit code 1"], "stdout": "", "stdout_lines": []} ```

SivaramKannan (Thu, 26 Nov 2020 10:15:47 GMT):
I know fabric220 is not a stable branch, but this feature is suppose to work right? should I create an issue?

Soundarya_Ayyappan (Fri, 27 Nov 2020 08:09:59 GMT):
I have an hyperledger fabric network (v2.2.0) running in a kubernetes cluster deployed using baf. Initially the network had 5 orgs (Org1, Org2, Org3, Org4 and Org5), later I tried to join an org (Org6) into the network using the baf script. Since using baf script didn't add the org to the channel successfully, I have manually joined the org6 to the network using the configtxlator tool. Now during Chaincode installation, I am facing an issue. Tested the fabcar chaincode (from the github repo - fabric-samples-2.0.0-beta), this chaincode installation resulted in same package id for all the 6 orgs in the network. But when I tried to deploy my own chaincode, I am getting different package id for the newly added 6th org, and different package id for all the remaining 5 orgs. Can anyone explain the cause of this? Thanks in Advance!

arnoudbevers (Fri, 27 Nov 2020 08:41:11 GMT):
Hey Sivaram, we have not faced this before. Please create a bug for this, and we'll research it further. What would hugely help us is if you add your `network.yaml` configuration for that new organization in the comments. You can obscure your secrets/passwords.

arnoudbevers (Fri, 27 Nov 2020 08:42:53 GMT):
Hi Soundarya, thanks for the question. The team is researching this further and we'll get back to you!

SivaramKannan (Fri, 27 Nov 2020 09:01:36 GMT):
https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1199

SivaramKannan (Fri, 27 Nov 2020 09:01:59 GMT):
I can confirm the behaviour is consistent. I have tested this is two different clusters

arnoudbevers (Fri, 27 Nov 2020 09:03:01 GMT):
Ah great, you already did! If you ad the `network.yaml` we have a perfect overview of the issue.

arnoudbevers (Fri, 27 Nov 2020 09:03:01 GMT):
Ah great, you already did! If you add the `network.yaml` we have a perfect overview of the issue.

Soundarya_Ayyappan (Fri, 27 Nov 2020 09:14:28 GMT):
Thanks arnoudbevers!

anweiss (Mon, 30 Nov 2020 19:41:00 GMT):
hey @arnoudbevers I confirmed that I have an uneven number of orderers ... I'm using 3

anweiss (Mon, 30 Nov 2020 20:24:40 GMT):
here are the messages from one of the orderer nodes

anweiss (Mon, 30 Nov 2020 20:24:46 GMT):
``` 2020-11-30 20:23:22.111 UTC [orderer.consensus.etcdraft] campaign -> INFO 27c 1 [logterm: 1, index: 3] sent MsgPreVote request to 2 at term 1 channel=syschannel node=1 2020-11-30 20:23:22.111 UTC [orderer.consensus.etcdraft] campaign -> INFO 27d 1 [logterm: 1, index: 3] sent MsgPreVote request to 3 at term 1 channel=syschannel node=1 2020-11-30 20:23:23.350 UTC [comm.grpc.server] 1 -> INFO 27e streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.17.0.27:53444 grpc.code=OK grpc.call_duration=284.549µs 2020-11-30 20:23:23.438 UTC [orderer.common.broadcast] ProcessMessage -> WARN 27f [channel: allchannel] Rejecting broadcast of config message from 172.17.0.27:53448 with SERVICE_UNAVAILABLE: rejected by Configure: no Raft leader 2020-11-30 20:23:23.438 UTC [comm.grpc.server] 1 -> INFO 280 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Broadcast grpc.peer_address=172.17.0.27:53448 grpc.code=OK grpc.call_duration=20.768107ms 2020-11-30 20:23:23.445 UTC [common.deliver] Handle -> WARN 281 Error reading from 172.17.0.27:53446: rpc error: code = Canceled desc = context canceled 2020-11-30 20:23:23.447 UTC [comm.grpc.server] 1 -> INFO 282 streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.17.0.27:53446 error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.call_duration=34.290353ms 2020-11-30 20:23:27.110 UTC [orderer.consensus.etcdraft] Step -> INFO 283 1 is starting a new election at term 1 channel=syschannel node=1 2020-11-30 20:23:27.110 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO 284 1 became pre-candidate at term 1 channel=syschannel node=1 2020-11-30 20:23:27.110 UTC [orderer.consensus.etcdraft] poll -> INFO 285 1 received MsgPreVoteResp from 1 at term 1 channel=syschannel node=1 2020-11-30 20:23:27.110 UTC [orderer.consensus.etcdraft] campaign -> INFO 286 1 [logterm: 1, index: 3] sent MsgPreVote request to 2 at term 1 channel=syschannel node=1 2020-11-30 20:23:27.110 UTC [orderer.consensus.etcdraft] campaign -> INFO 287 1 [logterm: 1, index: 3] sent MsgPreVote request to 3 at term 1 channel=syschannel node=1 ```

anweiss (Mon, 30 Nov 2020 20:26:35 GMT):
looks like the orderers are all attempting to start a new leader election

anweiss (Mon, 30 Nov 2020 20:26:38 GMT):
``` 2020-11-30 20:25:27.648 UTC [comm.grpc.server] 1 -> INFO fcc streaming call completed grpc.service=orderer.AtomicBroadcast grpc.method=Deliver grpc.peer_address=172.17.0.20:47252 grpc.peer_subject="CN=orderer1.supplychain-net,OU=peer,O=Orderer,L=51.50/-0.13/London,C=GB" error="context finished before block retrieved: context canceled" grpc.code=Unknown grpc.call_duration=3.208265ms 2020-11-30 20:25:27.745 UTC [orderer.consensus.etcdraft] Step -> INFO fcd 2 is starting a new election at term 1 channel=syschannel node=2 2020-11-30 20:25:27.745 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO fce 2 became pre-candidate at term 1 channel=syschannel node=2 2020-11-30 20:25:27.745 UTC [orderer.consensus.etcdraft] poll -> INFO fcf 2 received MsgPreVoteResp from 2 at term 1 channel=syschannel node=2 2020-11-30 20:25:27.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fd0 2 [logterm: 1, index: 3] sent MsgPreVote request to 1 at term 1 channel=syschannel node=2 2020-11-30 20:25:27.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fd1 2 [logterm: 1, index: 3] sent MsgPreVote request to 3 at term 1 channel=syschannel node=2 2020-11-30 20:25:28.745 UTC [orderer.consensus.etcdraft] Step -> INFO fd2 2 is starting a new election at term 1 channel=syschannel node=2 2020-11-30 20:25:28.745 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO fd3 2 became pre-candidate at term 1 channel=syschannel node=2 2020-11-30 20:25:28.745 UTC [orderer.consensus.etcdraft] poll -> INFO fd4 2 received MsgPreVoteResp from 2 at term 1 channel=syschannel node=2 2020-11-30 20:25:28.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fd5 2 [logterm: 1, index: 3] sent MsgPreVote request to 1 at term 1 channel=syschannel node=2 2020-11-30 20:25:28.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fd6 2 [logterm: 1, index: 3] sent MsgPreVote request to 3 at term 1 channel=syschannel node=2 2020-11-30 20:25:29.745 UTC [orderer.consensus.etcdraft] Step -> INFO fd7 2 is starting a new election at term 1 channel=syschannel node=2 2020-11-30 20:25:29.745 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO fd8 2 became pre-candidate at term 1 channel=syschannel node=2 2020-11-30 20:25:29.745 UTC [orderer.consensus.etcdraft] poll -> INFO fd9 2 received MsgPreVoteResp from 2 at term 1 channel=syschannel node=2 2020-11-30 20:25:29.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fda 2 [logterm: 1, index: 3] sent MsgPreVote request to 1 at term 1 channel=syschannel node=2 2020-11-30 20:25:29.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fdb 2 [logterm: 1, index: 3] sent MsgPreVote request to 3 at term 1 channel=syschannel node=2 2020-11-30 20:25:30.745 UTC [orderer.consensus.etcdraft] Step -> INFO fdc 2 is starting a new election at term 1 channel=syschannel node=2 2020-11-30 20:25:30.745 UTC [orderer.consensus.etcdraft] becomePreCandidate -> INFO fdd 2 became pre-candidate at term 1 channel=syschannel node=2 2020-11-30 20:25:30.745 UTC [orderer.consensus.etcdraft] poll -> INFO fde 2 received MsgPreVoteResp from 2 at term 1 channel=syschannel node=2 2020-11-30 20:25:30.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fdf 2 [logterm: 1, index: 3] sent MsgPreVote request to 3 at term 1 channel=syschannel node=2 2020-11-30 20:25:30.745 UTC [orderer.consensus.etcdraft] campaign -> INFO fe0 2 [logterm: 1, index: 3] sent MsgPreVote request to 1 at term 1 channel=syschannel node=2 ```

anweiss (Mon, 30 Nov 2020 20:26:51 GMT):
this behavior is pretty consistent ... happens every time I attempt a new BAF deployment

Soundarya_Ayyappan (Tue, 01 Dec 2020 05:38:58 GMT):
@arnoudbevers The organisation_script.tpl file in the baf github repo contains the steps till the existing org peers signing and submitting the config update. It doesn't involve the steps of fetching the genesis.block from the channel and joining the peer to the channel. Will adding those missing steps in the file fix the issue?

jagpreet (Tue, 01 Dec 2020 09:02:46 GMT):
Hi @Soundarya_Ayyappan The organization_script.tpl located [here](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/develop/platforms/hyperledger-fabric/configuration/roles/create/new_organization/create_block/templates/organisation_script.tpl), creates the block difference. The subsequent roles in the [playbook](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/develop/platforms/hyperledger-fabric/configuration/add-organization.yaml) includes the tasks to join peer (create/channels_join) and other tasks. The steps aren't missing as per the [Hyperledger Fabric guide](https://hyperledger-fabric.readthedocs.io/en/release-1.4/channel_update_tutorial.html)

souptikmakarov (Tue, 01 Dec 2020 14:54:22 GMT):
Has joined the channel.

souptikmakarov (Tue, 01 Dec 2020 14:57:49 GMT):
Hi, I am trying to deploy fabric v2 network on a minikube cluster in an azure vm. I have done the prerequisite setup. But when I run the command `ansible-playbook platforms/shared/configuration/site.yaml -e "@./build/network.yaml"` I get the error ```The error was: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',))```

souptikmakarov (Tue, 01 Dec 2020 14:59:25 GMT):
Attaching the full traceback

souptikmakarov (Tue, 01 Dec 2020 14:59:47 GMT):

ansible traceback.txt

sownak (Tue, 01 Dec 2020 17:00:16 GMT):
Dont think all the pre-reqs are installed from wherever you are running the ansible scripts. Please use baf-build docker to execute or install all the pre-reqs

souptikmakarov (Tue, 01 Dec 2020 18:27:15 GMT):
when I use the script `docker run -it -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build`, it gives an error very early into the script saying `fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=/home/blockchainuser/baf/blockchain-automation-framework/build/config kubectl config set-context --current --namespace=default\n", "delta": "0:00:00.053611", "end": "2020-12-01 14:48:52.725452", "msg": "non-zero return code", "rc": 1, "start": "2020-12-01 14:48:52.671841", "stderr": "W1201 14:48:52.723356 293 loader.go:223] Config not found: /home/blockchainuser/baf/blockchain-automation-framework/build/config\nerror: no current context is set", "stderr_lines": ["W1201 14:48:52.723356 293 loader.go:223] Config not found: /home/blockchainuser/baf/blockchain-automation-framework/build/config", "error: no current context is set"], "stdout": "", "stdout_lines": []}`

souptikmakarov (Tue, 01 Dec 2020 18:28:07 GMT):
but the context is set properly and soesn't cause issue while running using the ansible-playbook command

souptikmakarov (Tue, 01 Dec 2020 18:28:07 GMT):
but the context is set properly and doesn't cause issue while running using the ansible-playbook command

suvajit-sarkar (Wed, 02 Dec 2020 08:43:51 GMT):
Hi @souptikmakarov , Please follow the following guide to deploy baf on minikube https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html You are missing the part where you need to copy the kube config file to build folder

souptikmakarov (Wed, 02 Dec 2020 14:33:08 GMT):
I was following this setup itself. And I have the kube config file in the build folder

souptikmakarov (Wed, 02 Dec 2020 14:33:32 GMT):
Without it the ansible playbook command would also throw error

souptikmakarov (Wed, 02 Dec 2020 14:34:16 GMT):
With the same setup, the playbook command gives error much later in the script, but with the docker command it gives very early on

souptikmakarov (Wed, 02 Dec 2020 14:34:27 GMT):
ideally both should behave the same way

SivaramKannan (Wed, 02 Dec 2020 15:11:39 GMT):
Hi team - I am planning for a staging deployment shortly and I wanted to clarify one of the concern I have. I am only focussing on Fabric 2.2, so, I will be using feature/fabric220 for the deployment. When you make the next release, you will merge the fabric220 branch to master and my upstream branch will cease to exist. My question is, can I change the upstream feature/fabric220 branch to master branch in my local deployment without screwing anything?

souptikmakarov (Wed, 02 Dec 2020 16:13:23 GMT):
Okay. I tried again today and now it gives the error `fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to load kubeconfig due to File does not exists: /home/blockchainuser/.minikube/ca.crt"}`. I have verified the minkube and the build folder both have a ca.crt and ca.key file

sownak (Wed, 02 Dec 2020 16:14:36 GMT):
The path should be accessible on your docker, your docker container cannot access your home dir on host machine

souptikmakarov (Wed, 02 Dec 2020 16:15:01 GMT):
How to fix that?

sownak (Wed, 02 Dec 2020 16:15:26 GMT):
dont change the path in the sample network.yaml

souptikmakarov (Wed, 02 Dec 2020 16:15:55 GMT):
which path? there is no path to the minikube folder in the yaml file

sownak (Wed, 02 Dec 2020 16:16:57 GMT):
there is. k8s.config_file

souptikmakarov (Wed, 02 Dec 2020 16:38:03 GMT):
Got it. Now it gives this error `fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get client due to HTTPSConnectionPool(host='192.168.49.2', port=8443): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 110] Connection timed out',))"}`

sownak (Wed, 02 Dec 2020 16:40:08 GMT):
I think you have to follow the guide from scratch again, we cannot help much here because we do not know which steps you have completed and which steps you have missed.

souptikmakarov (Wed, 02 Dec 2020 18:49:10 GMT):
I have done all the setup mentioned here https://blockchain-automation-framework.readthedocs.io/en/develop/developer/dev_prereq.html

sidnaik1989 (Thu, 03 Dec 2020 11:20:36 GMT):
I am facing the same issue. However this is a single cluster deployment. Would an external DNS be required in this case? or should the kube-dns suffice?

NaveenRaju (Thu, 03 Dec 2020 11:38:20 GMT):
I see master has been migrated to helm v3 but why still tiller is there in the setup? https://github.com/hyperledger-labs/blockchain-automation-framework/tree/master/platforms/shared/configuration/roles/setup/tiller

sauveergoel (Thu, 03 Dec 2020 11:48:03 GMT):
The role for tiller exists as a part of the code but is not being used during execution. That is present as a placeholder for fail-over purposes. Not sure but it might get removed with the next release.

NaveenRaju (Thu, 03 Dec 2020 11:50:13 GMT):
I saw it was getting executed while setting up the Quorum

sownak (Thu, 03 Dec 2020 12:08:30 GMT):
For Fabric, I think proxy as none is supported

sownak (Thu, 03 Dec 2020 12:10:18 GMT):
But if you change the minikube cluster, you have to redo some steps. Have you done that? As the error you mentioned means that the minikube cluster is not running or the kubeconfig file information is wrong

sidnaik1989 (Thu, 03 Dec 2020 13:08:18 GMT):
getting below error while trying to create a network in single Azure AKS cluster. ``` Error: failed to create deliver client for orderer: orderer client failed to connect to orderer1.ordererorg.pslblockchaincloudpoc.com:8443: failed to create new connection: connection error: desc = "transport: error while dialing: dial tcp: kubectl get pods orderer1.ordererorg.pslblockchaincloudpoc.com on 10.0.0.10:53: no such host" ``` The error is seen in logs for Job create channel. The Orderer and Org containers for ca, ca-tool and orderer/peer are getting created successfully. Also the crypto material is geting create. Would be great if some one could provide any pointer to the potential issue.

rjones (Thu, 03 Dec 2020 17:51:42 GMT):
Has joined the channel.

rjones (Thu, 03 Dec 2020 17:52:26 GMT):
Hello, maintainers. BAF consumed all 10,000 credits we get a month from Travis CI. You need to move to AZP or GitHub actions to keep building.

rjones (Thu, 03 Dec 2020 17:52:29 GMT):
https://travis-ci.com/github/hyperledger-labs/blockchain-automation-framework/builds

rjones (Thu, 03 Dec 2020 17:53:06 GMT):
`Builds have been temporarily disabled for public repositories due to a negative credit balance. Please go to the Plan page to replenish your credit balance or alter your Consume paid credits for OSS setting.`

rjones (Thu, 03 Dec 2020 17:53:15 GMT):
@here ^^

githubckgoh1439 (Fri, 04 Dec 2020 04:39:03 GMT):
Has joined the channel.

souptikmakarov (Fri, 04 Dec 2020 07:05:16 GMT):
I think you are right. The k8s config file has the cluster.server as https://192.168.49.2:8443

souptikmakarov (Fri, 04 Dec 2020 07:05:51 GMT):
If I am running everything on the same vm will this ip be https://127.:8443

souptikmakarov (Fri, 04 Dec 2020 07:05:51 GMT):
If I am running everything on the same vm will this ip be https://127.0.0.1:8443

souptikmakarov (Fri, 04 Dec 2020 07:06:07 GMT):
?

suvajit-sarkar (Fri, 04 Dec 2020 08:46:20 GMT):
yes if you are running everything on VM then localhost will work, but its better to use your ipconfig

jagpreet (Fri, 04 Dec 2020 08:48:51 GMT):
Hi @sidnaik1989 Please make sure that the external_url_suffix should be mapped to the haproxy load balancer URL. (Also, the logs show `kubectl get pods` which is not expected for the channel logs to show, maybe some logs got mixed?)

suvajit-sarkar (Fri, 04 Dec 2020 09:33:19 GMT):
Thanks @NaveenRaju for pointing this to us, we have create a PR on the develop branch to remove tiller from the code, it will be merged to master with the end of this sprint/release

sownak (Fri, 04 Dec 2020 09:50:18 GMT):
do you own the pslblockchaincloudpoc.com domain and have configured the routes correctly?

sownak (Fri, 04 Dec 2020 09:51:12 GMT):
That git will decide I think :)

SivaramKannan (Fri, 04 Dec 2020 09:52:05 GMT):
is this risky?

sownak (Fri, 04 Dec 2020 09:54:09 GMT):
As I said earlier, without knowing what exact environment you are running BAF on, it will always be a challenge fixing every error you get. If you are runnung BAF on minikube, please follow the guidance as published.

sownak (Fri, 04 Dec 2020 09:54:09 GMT):
As I said earlier, without knowing what exact environment you are running BAF on, it will always be a challenge fixing every error you get. If you are running BAF on minikube, please follow the guidance as published.

sownak (Fri, 04 Dec 2020 09:55:53 GMT):
If you are running production systems, yes. Because in that case you should not merge blindly from a already have another repo and then do the merges from upstream

sownak (Fri, 04 Dec 2020 09:55:53 GMT):
If you are running production systems, yes. Because in that case you should not merge blindly from a opensource repo. you should have another repo and then do the merges from upstream selectively.

SivaramKannan (Fri, 04 Dec 2020 09:57:12 GMT):
any rough timeline when you have Fabric 2.2.0 in the master branch?

SivaramKannan (Fri, 04 Dec 2020 09:57:12 GMT):
any rough timeline when you will have Fabric 2.2.0 in the master branch?

suvajit-sarkar (Fri, 04 Dec 2020 10:03:47 GMT):
By the end of the next Sprint, that is before 18th December. We are testing couple of feature on Fabric220 branch for compatibility with fabric 1.4.4, once that is done we will merge to develop and with release it will be on master

SivaramKannan (Fri, 04 Dec 2020 10:04:26 GMT):
cool, thanks. I guess I will hold off till then.

SivaramKannan (Fri, 04 Dec 2020 12:29:28 GMT):
https://www.zdnet.com/article/kubernetes-dropping-docker-is-not-that-big-of-a-deal/

SivaramKannan (Fri, 04 Dec 2020 12:30:45 GMT):
This might be relevant team, the direct implication is, fabric chaincode will no longer work in kubernetes, and external chaincode would only with kubernetes soon

ankush1995 (Fri, 04 Dec 2020 13:07:15 GMT):
Has joined the channel.

souptikmakarov (Fri, 04 Dec 2020 13:42:27 GMT):
is is absolutely necessary to run minikube with virtualbox driver?

scottyaml (Sat, 05 Dec 2020 15:03:52 GMT):
Has joined the channel.

scottyaml (Sat, 05 Dec 2020 15:03:53 GMT):
Hello, everyone. I am running ansible script successfully. I could also deploy chaincode. But queries are always returning empty (peer query...) and invokes are successful (peer invoke ... => 200) I realized that chaincode containers are not inside kubernetes cluster. They are working as a docker container. Am I missing a point?

scottyaml (Sat, 05 Dec 2020 15:04:17 GMT):
for hyperledger fabric 220

scottyaml (Sat, 05 Dec 2020 15:30:37 GMT):
I can invoke chaincode and it returns 200. However, I guess transaction is not written to the ledger. Because, when I query, it returns empty. How can I debug this situation?

SivaramKannan (Sun, 06 Dec 2020 01:46:04 GMT):
That is right. Chaincode is run as a docker container. login to the worker node to see the chaincode container.

SivaramKannan (Sun, 06 Dec 2020 01:46:43 GMT):
To debug, you can check the 1. peer logs, 2. check the CC container logs 3. and also orderer logs

serial-coder (Sun, 06 Dec 2020 10:42:43 GMT):

Screen Shot 2563-12-06 at 17.32.54.png

serial-coder (Sun, 06 Dec 2020 10:43:15 GMT):
Has joined the channel.

serial-coder (Sun, 06 Dec 2020 10:43:15 GMT):
Hello everyone. I'm using BAF to deploy Fabric in minikube. Now I'm stuck at the task: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding. ``` ... TASK [Checking for the supplychain-net-role-tokenreview-binding] *********************** TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding supplychain-net-role-tokenreview-binding is created] *** skipping: [localhost] TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (49 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (48 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (47 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (46 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (45 retries left). ``` Can anyone suggest this? Thanks.

serial-coder (Sun, 06 Dec 2020 10:43:15 GMT):
Hello everyone. I'm using BAF to deploy *Fabric in minikube*. Now I'm stuck at the task: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding. ``` ... TASK [Checking for the supplychain-net-role-tokenreview-binding] *********************** TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding supplychain-net-role-tokenreview-binding is created] *** skipping: [localhost] TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (49 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (48 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (47 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (46 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (45 retries left). ``` Can anyone suggest this? Thanks.

serial-coder (Sun, 06 Dec 2020 10:43:15 GMT):
Hello everyone. I'm using BAF to deploy *Fabric in minikube*. Now I'm stuck at the task: *Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding*. ``` ... TASK [Checking for the supplychain-net-role-tokenreview-binding] *********************** TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding supplychain-net-role-tokenreview-binding is created] *** skipping: [localhost] TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (49 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (48 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (47 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (46 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (45 retries left). ``` Can anyone suggest this? Thanks.

serial-coder (Sun, 06 Dec 2020 10:43:15 GMT):
Hello everyone. I'm using BAF to deploy *Fabric in minikube (localhost)*. Now I'm stuck at the task: *Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding*. ``` ... TASK [Checking for the supplychain-net-role-tokenreview-binding] *********************** TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Check ClusterRoleBinding supplychain-net-role-tokenreview-binding is created] *** skipping: [localhost] TASK [/Users/macmac/Desktop/blockchain-automation-framework-playground/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (50 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (49 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (48 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (47 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (46 retries left). FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (45 retries left). ``` Can anyone suggest this? Thanks.

serial-coder (Sun, 06 Dec 2020 10:44:42 GMT):

Screen Shot 2563-12-06 at 17.32.54.png

suvajit-sarkar (Mon, 07 Dec 2020 02:18:42 GMT):
Hi All, We will be having our Sprint planning today 7th Dec, 1-2pm GMT (6.30-7.30 pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

arnoudbevers (Mon, 07 Dec 2020 08:40:03 GMT):
Hey serial-coder, this might be related to your `gitops` section in your `network.yaml`. Please refer to our ReadTheDocs (https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html#baf-deployment-flowchart). From your screenshot it seems that the release files are not correctly being pushed to the repository.

sownak (Mon, 07 Dec 2020 09:44:59 GMT):
Yes, was highlighted in my google feed :) This is with Kuberntes 1.20 onwards I guess

sownak (Mon, 07 Dec 2020 09:46:09 GMT):
How are you querying? From which pod? or application?

serial-coder (Mon, 07 Dec 2020 10:11:03 GMT):
I'll check it out and let you know. Thanks.

arnoudbevers (Mon, 07 Dec 2020 10:11:21 GMT):
Hi @scottyaml, what chaincode are you using - if it is public? Also, check the logs of the couchdb of the peers when executing the queries. Something might have gone wrong there.

sownak (Mon, 07 Dec 2020 11:28:52 GMT):
Hi Ry, seems there were many PRs because of the dependabot. How do we see which PR consumed how many credits?

sownak (Mon, 07 Dec 2020 11:30:35 GMT):
That is how we have tested and found it worked. If you are using aby other driver and it works, let us know. But we may not be able to solve the errors you may have.

souptikmakarov (Mon, 07 Dec 2020 12:48:01 GMT):
Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedMount 39m (x339 over 2d22h) kubelet, minikube Unable to attach or mount volumes: unmounted volumes=[git-key], unattached volumes=[git-key flux-local-helm-operator-token-nfxpn config sshknownhosts]: timed out waiting for the condition Warning FailedMount 30m (x335 over 2d22h) kubelet, minikube Unable to attach or mount volumes: unmounted volumes=[git-key], unattached volumes=[sshknownhosts git-key flux-local-helm-operator-token-nfxpn config]: timed out waiting for the condition Warning FailedMount 15m (x2073 over 2d22h) kubelet, minikube MountVolume.SetUp failed for volume "git-key" : secret "git-auth-local" not found Warning FailedMount 10m (x797 over 2d22h) kubelet, minikube Unable to attach or mount volumes: unmounted volumes=[git-key], unattached volumes=[config sshknownhosts git-key flux-local-helm-operator-token-nfxpn]: timed out waiting for the condition Warning FailedMount 5m38s (x380 over 2d21h) kubelet, minikube Unable to attach or mount volumes: unmounted volumes=[git-key], unattached volumes=[flux-local-helm-operator-token-nfxpn config sshknownhosts git-key]: timed out waiting for the condition

souptikmakarov (Mon, 07 Dec 2020 12:48:54 GMT):
Any idea how to fix this. This is part of the output from kubectl describe of flux-local-helm-operator and flux-local pods

souptikmakarov (Mon, 07 Dec 2020 12:49:04 GMT):
these pods are not getting created

SivaramKannan (Mon, 07 Dec 2020 12:49:16 GMT):
Hi Team - I have created a ticket for DigitalOcean support for BAF. I can take the ticket, but let me know whether it makes sense - https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1219

sownak (Mon, 07 Dec 2020 12:49:32 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html#baf-deployment-flowchart

radoslawb (Mon, 07 Dec 2020 12:54:52 GMT):
Has joined the channel.

souptikmakarov (Mon, 07 Dec 2020 13:37:36 GMT):
If I am providing username and accesstoken as password, do I still need the private-key?

sownak (Mon, 07 Dec 2020 13:39:40 GMT):
yes, because GITOPS uses the SSH Key

souptikmakarov (Mon, 07 Dec 2020 13:42:14 GMT):
ok. I checked the path to the gitops file is correct. I placed it in the build directory and provided that path in the network.yaml file

souptikmakarov (Mon, 07 Dec 2020 13:42:28 GMT):
not sure why it is not able to access

sownak (Mon, 07 Dec 2020 13:48:30 GMT):
try reset and then deploy again

souptikmakarov (Mon, 07 Dec 2020 13:48:46 GMT):
reset how?

souptikmakarov (Mon, 07 Dec 2020 13:49:31 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=JnH9HHjfkakXzT54c) This doc is brilliant btw. Very helpful

sownak (Mon, 07 Dec 2020 13:50:16 GMT):
docker run -it -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build reset.sh

souptikmakarov (Mon, 07 Dec 2020 13:52:16 GMT):
gives this error `docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"reset.sh\": executable file not found in $PATH": unknown. ERRO[0000] error waiting for container: context canceled`

sownak (Mon, 07 Dec 2020 13:53:23 GMT):
please check if you have copied the command correctly

sownak (Mon, 07 Dec 2020 13:53:47 GMT):
reset can be run by running reset.sh from within the container as well

souptikmakarov (Mon, 07 Dec 2020 15:48:36 GMT):
Resetting and recreating worked!

souptikmakarov (Mon, 07 Dec 2020 15:48:50 GMT):
Now getting this error further down `TASK [setup/vault_kubernetes : Write reviewer token for Organisations] ******************************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:70 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "export REVIEWER_TOKEN=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secret $(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get serviceaccount -n supplychain-net vault-reviewer -o jsonpath={.secrets[0].name}) -n supplychain-net -o jsonpath={.data.token} | base64 -d)\nvault write auth/supplychain-net-auth/config token_reviewer_jwt=\"$REVIEWER_TOKEN\" kubernetes_host=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl config view -o jsonpath=\"{.clusters[?(@.name==\\\"minikube\\\")].cluster.server}\") kubernetes_ca_cert=@\"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:00.277499", "end": "2020-12-07 14:28:16.567734", "msg": "non-zero return code", "rc": 2, "start": "2020-12-07 14:28:16.290235", "stderr": "Error writing data to auth/supplychain-net-auth/config: Put http://127.0.0.1:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error writing data to auth/supplychain-net-auth/config: Put http://127.0.0.1:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []}

souptikmakarov (Mon, 07 Dec 2020 15:48:50 GMT):
Now getting this error further down ```TASK [setup/vault_kubernetes : Write reviewer token for Organisations] ******************************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/setup/vault_kubernetes/tasks/main.yaml:70 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "export REVIEWER_TOKEN=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get secret $(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl get serviceaccount -n supplychain-net vault-reviewer -o jsonpath={.secrets[0].name}) -n supplychain-net -o jsonpath={.data.token} | base64 -d)\nvault write auth/supplychain-net-auth/config token_reviewer_jwt=\"$REVIEWER_TOKEN\" kubernetes_host=$(KUBECONFIG=/home/blockchain-automation-framework/build/config kubectl config view -o jsonpath=\"{.clusters[?(@.name==\\\"minikube\\\")].cluster.server}\") kubernetes_ca_cert=@\"./build/supplychain-net.ca.cert\"\n", "delta": "0:00:00.277499", "end": "2020-12-07 14:28:16.567734", "msg": "non-zero return code", "rc": 2, "start": "2020-12-07 14:28:16.290235", "stderr": "Error writing data to auth/supplychain-net-auth/config: Put http://127.0.0.1:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused", "stderr_lines": ["Error writing data to auth/supplychain-net-auth/config: Put http://127.0.0.1:8200/v1/auth/supplychain-net-auth/config: dial tcp 127.0.0.1:8200: connect: connection refused"], "stdout": "", "stdout_lines": []}```

souptikmakarov (Mon, 07 Dec 2020 15:49:40 GMT):
Vault address should be different?

rjones (Mon, 07 Dec 2020 17:32:17 GMT):
I don't think there is an easy way. There was one build that went over 24 hours that burned them all, and I don't see a way to limit build times in the UI.

rjones (Tue, 08 Dec 2020 00:21:53 GMT):
It looks like Travis is no longer issuing credits to OSS projects: https://news.ycombinator.com/item?id=25338983

NaveenRaju (Tue, 08 Dec 2020 05:46:41 GMT):

error.png

serial-coder (Tue, 08 Dec 2020 07:46:25 GMT):

Screen Shot 2563-12-08 at 12.48.39.png

serial-coder (Tue, 08 Dec 2020 07:52:23 GMT):

Screen Shot 2563-12-08 at 12.48.12.png

suvajit-sarkar (Tue, 08 Dec 2020 09:06:38 GMT):
You need to enable the vault secrets engine, use the following command to do so `vault secrets enable -version=1 -path= kv`

suvajit-sarkar (Tue, 08 Dec 2020 09:06:38 GMT):
You need to enable the vault secrets engine, use the following command to do so `vault secrets enable -version=1 -path=secret kv`

suvajit-sarkar (Tue, 08 Dec 2020 09:10:01 GMT):
Can you please provide the role on which this is failing

serial-coder (Tue, 08 Dec 2020 09:27:35 GMT):

Screen Shot 2563-12-08 at 16.21.17.png

serial-coder (Tue, 08 Dec 2020 09:28:06 GMT):

Screen Shot 2563-12-08 at 16.23.43.png

NaveenRaju (Tue, 08 Dec 2020 09:32:37 GMT):
Hey guys, I'm able to resolve my issue by resetting the baf and running again with new gitops creds. Previously flux was not able to look into the releases directory. Much appreciated for your help

souptikmakarov (Tue, 08 Dec 2020 10:21:09 GMT):
```TASK [create/crypto/peer : Create the Ambassador credentials] ***************************************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/peer.yaml:107 fatal: [localhost]: FAILED! => {"msg": "The conditional check 'get_peer_secret_haproxy.resources|length == 0 and network.env.proxy == 'haproxy' and vault_peer_ambassador.failed == True' failed. The error was: error while evaluating conditional (get_peer_secret_haproxy.resources|length == 0 and network.env.proxy == 'haproxy' and vault_peer_ambassador.failed == True): 'dict object' has no attribute 'resources'\n\nThe error appears to be in '/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/peer.yaml': line 107, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Create the Ambassador credentials\n ^ here\n"}```

serial-coder (Tue, 08 Dec 2020 11:06:49 GMT):
@suvajit-sarkar What did I do wrong?

souptikmakarov (Tue, 08 Dec 2020 13:14:38 GMT):
I fixed it by changing line 110 of platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/peer.yaml from `when: get_peer_secret_haproxy.resources|length == 0 and network.env.proxy == 'haproxy' and vault_peer_ambassador.failed == True` to `when: network.env.proxy == 'haproxy' and get_peer_secret_haproxy.resources|length == 0 and vault_peer_ambassador.failed == True`

suvajit-sarkar (Wed, 09 Dec 2020 05:31:48 GMT):
@serial-coder, if you are using docker container to run your automation, can you please try providing your private IPv4 Address for vault path instead of 127.0.0.1

suvajit-sarkar (Wed, 09 Dec 2020 05:31:48 GMT):
@serial-coder, if you are using docker container to run your automation, can you try providing your private IPv4 Address for vault path instead of 127.0.0.1

suvajit-sarkar (Wed, 09 Dec 2020 05:56:25 GMT):
The issue is with v2 KV secret engine recreate the v1 KV secret using the following command `vault secrets disable secret vault secrets enable -version=1 -path=secret kv`

suvajit-sarkar (Wed, 09 Dec 2020 05:56:25 GMT):
The issue is with v2 KV secret engine recreate the v1 KV secret using the following command`vault secrets disable secret ` vault secrets enable -version=1 -path=secret kv

suvajit-sarkar (Wed, 09 Dec 2020 05:56:25 GMT):
The issue is with v2 KV secret engine recreate the v1 KV secret using the following command `vault secrets disable secret ` `vault secrets enable -version=1 -path=secret kv`

suvajit-sarkar (Wed, 09 Dec 2020 05:56:25 GMT):
The issue is with v2 KV secret engine recreate the v1 KV secret using the following commands `vault secrets disable secret ` `vault secrets enable -version=1 -path=secret kv`

sownak (Wed, 09 Dec 2020 10:50:36 GMT):
Looks like Flux is not working

serial-coder (Wed, 09 Dec 2020 11:32:06 GMT):
That works. Thank you

serial-coder (Wed, 09 Dec 2020 11:35:33 GMT):

Screen Shot 2563-12-09 at 15.22.27.png

serial-coder (Wed, 09 Dec 2020 11:50:02 GMT):

Screen Shot 2563-12-09 at 15.22.27.png

NaveenRaju (Wed, 09 Dec 2020 12:22:03 GMT):

quorum.png

sidnaik1989 (Wed, 09 Dec 2020 13:57:29 GMT):
its a single cluster. So guess an external domain is not needed. I did not have the DNS rout setup for the ha-proxy ingress External IP. Will set it up and try again

sidnaik1989 (Wed, 09 Dec 2020 13:59:01 GMT):
I am trying to run the environment setup playbook on a newly created VM. All the pre-requisits have been installed. However facing below error``` TASK [setup/tiller : Check if Tiller is already installed in the Kubernetes clusters] **************************************************************************************************************************************************** An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) ```

souptikmakarov (Wed, 09 Dec 2020 14:28:52 GMT):
```TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Job installchaincode-peer0-supplychain-1 in carrier-net] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:5 redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1 in carrier-net (50 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1 in carrier-net (49 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info ```

souptikmakarov (Wed, 09 Dec 2020 14:28:52 GMT):
```TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Job installchaincode-peer0-supplychain-1 in carrier-net] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:5 redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1 in carrier-net (50 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1 in carrier-net (36 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info fatal: [localhost]: FAILED! => {"msg": "The conditional check 'component_data.resources|length > 0' failed. The error was: error while evaluating conditional (component_data.resources|length > 0): 'dict object' has no attribute 'resources'"}``` What is the issue here?

souptikmakarov (Wed, 09 Dec 2020 14:28:52 GMT):
```TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Job installchaincode-peer0-supplychain-1 in carrier-net] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:5 redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1 in carrier-net (50 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0- . . . supplychain-1 in carrier-net (36 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info fatal: [localhost]: FAILED! => {"msg": "The conditional check 'component_data.resources|length > 0' failed. The error was: error while evaluating conditional (component_data.resources|length > 0): 'dict object' has no attribute 'resources'"}``` What is the issue here?

souptikmakarov (Wed, 09 Dec 2020 14:28:52 GMT):
```TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Job installchaincode-peer0-supplychain-1 in carrier-net] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:5 redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1 in carrier-net (50 retries left). . . . redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info FAILED - RETRYING: Wait for Job installchaincode-peer0- supplychain-1 in carrier-net (36 retries left). redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info fatal: [localhost]: FAILED! => {"msg": "The conditional check 'component_data.resources|length > 0' failed. The error was: error while evaluating conditional (component_data.resources|length > 0): 'dict object' has no attribute 'resources'"}``` What is the issue here?

sidnaik1989 (Thu, 10 Dec 2020 06:03:17 GMT):
This worked after adding a private DNS zone and adding a route to ingress external IP

arnoudbevers (Thu, 10 Dec 2020 08:41:09 GMT):
Hi @serial-coder, the password for the ca-server is read from the Vault in the `ca-certs-init` container and written to a file. Afterwards, this file is mounted to the ca-server. Please check the logs of that one using `kubectl logs ${ca-container} -n supplychain-net -c ca-certs-init`. I suspect something has gone wrong there.

suvajit-sarkar (Thu, 10 Dec 2020 11:00:54 GMT):
Add that 1 organization only

arnoudbevers (Thu, 10 Dec 2020 11:10:19 GMT):
Hi @souptikmakarov, what is the version of your OpenShift module for Pythn?

arnoudbevers (Thu, 10 Dec 2020 11:10:19 GMT):
Hi @souptikmakarov, what is the version of your OpenShift module for Python? You can check using `pip3 freeze | grep openshift`

serial-coder (Thu, 10 Dec 2020 12:17:27 GMT):
It got connection refused: ``` curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused ```

serial-coder (Thu, 10 Dec 2020 12:17:27 GMT):
Hi @arnoudbevers, It got connection refused: ``` curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused curl: (7) Failed to connect to 127.0.0.1 port 8200: Connection refused ```

souptikmakarov (Thu, 10 Dec 2020 12:34:56 GMT):
.openshift==0.11.2

souptikmakarov (Thu, 10 Dec 2020 12:34:56 GMT):
openshift==0.11.2

souptikmakarov (Thu, 10 Dec 2020 14:04:55 GMT):
at pip 9.0.1 from /usr/lib/python2.7/dist-packages (python 2.7)

souptikmakarov (Fri, 11 Dec 2020 06:47:23 GMT):
User User_1 added by souptikmakarov.

souptikmakarov (Sat, 12 Dec 2020 06:58:28 GMT):
Hey @arnoudbevers @sownak any help is appreciated here

arnoudbevers (Mon, 14 Dec 2020 08:34:53 GMT):
It seems to be a version mismatch then. We are personally using `0.10.1`. Can you try to switch to that version?

arnoudbevers (Mon, 14 Dec 2020 08:34:53 GMT):
It seems to be a version mismatch. We are personally using `0.10.1`. Can you try to switch to that version?

sownak (Mon, 14 Dec 2020 09:35:35 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=jPGgcZTTBswLCHGgZ) If you are running using ansible_interpretor=python3, then python2.7 packages does not count.

souptikmakarov (Tue, 15 Dec 2020 08:02:09 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=fArgHoSbL54R5pPWM) I didn't find any such configuration in ansible.cfg. My default python version is 2.7. I looked into the documentation \href{https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html}{here} and according to this, by default it should take /usr/bin/python which is python2

souptikmakarov (Tue, 15 Dec 2020 08:02:09 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=fArgHoSbL54R5pPWM) I didn't find any such configuration in ansible.cfg. My default python version is 2.7. I looked into the documentation https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html and according to this, by default it should take /usr/bin/python which is python2

SivaramKannan (Tue, 15 Dec 2020 08:55:54 GMT):
Hi Team - any reason why each cloud providers sc templates have separate template files. Like azure has azureorderer.tpl and azure peer.tpl with the same contents. I am trying to add DigitalOcean template with one template file, but trying to understand if I am missing anything by not adding two templates?

sownak (Tue, 15 Dec 2020 09:40:50 GMT):
They can have same template. Historically the orderer and peer sc were different, but not anymore

sownak (Tue, 15 Dec 2020 09:43:02 GMT):
Python2.7 is deprecated since release 0.4

jvdacasin (Wed, 16 Dec 2020 05:41:12 GMT):
Hello, I am trying to deploy BAF on GCP, using GKE cluster. I am encountering this error while running: *redirecting (type: modules) ansible.builtin.k8s_info to community.kubernetes.k8s_info fatal: [localhost]: FAILED! => {"msg": "The conditional check 'component_data.resources|length > 0' failed. The error was: error while evaluating conditional (component_data.resources|length > 0): 'dict object' has no attribute 'resources'"} PLAY RECAP ********************************************************************************************************************************************************************************************************************************** localhost* Any ideas? The file the run currently is: blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/taks/main.yaml Thanks!

arnoudbevers (Wed, 16 Dec 2020 08:39:10 GMT):
Hey @jvdacasin , this seems to be an OpenShift related issue. What version of OpenShift are you using?

arnoudbevers (Wed, 16 Dec 2020 08:39:10 GMT):
Hey @jvdacasin , this seems to be an OpenShift related issue. What version of OpenShift are you using? You can view this by executing `pip3 freeze | grep openshift`. Also, what version of Python are you using?

souptikmakarov (Wed, 16 Dec 2020 09:06:23 GMT):
After changing the opnshift version and pointing to python3 in ansible config now it is failing during the create channel task. I looked at your error flowchart page and it suggested to check the logs. In the createchannel logs I found this error `Cannot run peer because error when setting up MSP of type bccsp from directory /opt/gopath/src/github.com/hyperledger/fabric/crypto/admin/msp: KeyMaterial not found in SigningIdentityInfo` and in the certificates-init pod logs it says ```Getting secrets from Vault Server: http://192.168.99.1:8200 Getting Orderer TLS certificates from Vault using key secret/crypto/peerOrganizations/carrier-net/orderer/tls Getting MSP certificates from Vault using key secret/crypto/peerOrganizations/carrier-net/users/admin/msp```

sownak (Wed, 16 Dec 2020 12:48:38 GMT):
You have to debug based on Fabric guidance there. Most likely the pod is not able to connect to the peer and/or the orderer

sownak (Wed, 16 Dec 2020 12:51:15 GMT):
I think it has been aptly clear in https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html#edit-the-configuration-file to not use local ip for Vault

nikolas (Wed, 16 Dec 2020 18:11:03 GMT):
Hi, I try to join he call, but not working, it says the webinar has expired. Is there an issue or is it just me?

nikolas (Wed, 16 Dec 2020 18:17:07 GMT):
Has joined the channel.

mwklein (Wed, 16 Dec 2020 19:36:59 GMT):
The calendar invite was originally for the incorrect time. You can see the recorded session here: https://www.hyperledger.org/learn/webinars/hyperledger-member-webinar-accenture-blockchain-automation-framework-to-automatically-deploy-production-worthy-dlt-networks

nikolas (Wed, 16 Dec 2020 19:48:23 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=skkhhnHhSKsbWXLm7) Hahaha, I was getting crazy with it! :D thanks for the hint!

sidnaik1989 (Thu, 17 Dec 2020 04:09:25 GMT):
I was trying chaincode deployment through the chaincode-install-instantiate playbook. However in install_chaincode chart does not seem to have a way to put in '-l java' flag in 'peer chaincode install' command ( default is golang). Also the path used does not seem to match the expected directory structure for java. I am trying with fabric version 2.0.0 and with master branch of BAF codebase. Has anyone tried deploying a java chaincode? Is this a known issue?

lakshyakumar (Thu, 17 Dec 2020 04:49:14 GMT):
Hi @sidnaik1989 , We have tested the deployment of fabcar chaincode in java from hyperledger on BAF deployed Fabric v2.2.0 network. You can edit the `chaincode` section under `peers` in `network.yaml` according to your file structure and preffered language ( currently go and java are supported via BAF ). for example to deploy the fabcar java-chaincode, your values can be simmilar to: ` chaincode: name: "fabcar" #This has to be replaced with the name of the chaincode version: "2" #This has to be replaced with the version of the chaincode lang: "java" maindirectory: "java/src/main/java/org/hyperledger/fabric/samples/fabcar/" #The main directory where chaincode is needed to be placed repository: username: "" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/hyperledger/fabric-samples.git" branch: master path: "chaincode/fabcar/java/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode `

lakshyakumar (Thu, 17 Dec 2020 04:49:14 GMT):
Hi @sidnaik1989 , We have tested the deployment of fabcar chaincode in java from hyperledger on BAF deployed Fabric v2.2.0 network. You can edit the `chaincode` section under `peers` in `network.yaml` according to your file structure and preffered language ( currently go and java are supported via BAF ). for example to deploy the fabcar java-chaincode, your values can be simmilar to: ``` sh chaincode: name: "fabcar" #This has to be replaced with the name of the chaincode version: "2" #This has to be replaced with the version of the chaincode lang: "java" maindirectory: "java/src/main/java/org/hyperledger/fabric/samples/fabcar/" #The main directory where chaincode is needed to be placed repository: username: "" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/hyperledger/fabric-samples.git" branch: master path: "chaincode/fabcar/java/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode ```

lakshyakumar (Thu, 17 Dec 2020 04:49:14 GMT):
Hi @sidnaik1989 , We have tested the deployment of fabcar chaincode in java from hyperledger on BAF deployed Fabric v2.2.0 network. You can edit the `chaincode` section under `peers` in `network.yaml` according to your file structure and preffered language ( currently go and java are supported via BAF ). for example to deploy the fabcar java-chaincode, your values can be simmilar to: ``` chaincode: name: "fabcar" #This has to be replaced with the name of the chaincode version: "2" #This has to be replaced with the version of the chaincode lang: "java" maindirectory: "java/src/main/java/org/hyperledger/fabric/samples/fabcar/" #The main directory where chaincode is needed to be placed repository: username: "" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/hyperledger/fabric-samples.git" branch: master path: "chaincode/fabcar/java/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode ```

heena066 (Thu, 17 Dec 2020 05:35:29 GMT):
Has joined the channel.

jvdacasin (Thu, 17 Dec 2020 08:03:45 GMT):
Hello, Python version is 3.5 And then openshift==0.11.2

jvdacasin (Thu, 17 Dec 2020 08:11:59 GMT):
Thanks @arnoudbevers. Shall I update the phyton and openshift?

jvdacasin (Thu, 17 Dec 2020 08:12:18 GMT):

Screenshot pip3

arnoudbevers (Thu, 17 Dec 2020 08:45:30 GMT):
Hey @jvdacasin, you have to downgrade it ;). We currently use OpenShift `0.10.2`, the k8s_info module changes from 10 to 11.

jvdacasin (Thu, 17 Dec 2020 09:12:30 GMT):
Hello, @arnoudbevers do i have to specify this on a deployment or is there a specific command to do so?

jvdacasin (Thu, 17 Dec 2020 09:22:53 GMT):
Kindly note I am using a Debian Linux Machine for my docker and K8s cluster

SivaramKannan (Thu, 17 Dec 2020 10:51:28 GMT):
https://thenewstack.io/azure-kubernetes-service-replaces-docker-with-containerd/

SivaramKannan (Thu, 17 Dec 2020 10:52:08 GMT):
If I understand correctly the azure is going to remove the ability to launch docker container from the host - which means trouble for Hyperledger Fabric right?

SivaramKannan (Thu, 17 Dec 2020 10:52:08 GMT):
If I understand the above article correctly the azure is going to remove the ability to launch docker container from the host - which means trouble for Hyperledger Fabric right?

arnoudbevers (Thu, 17 Dec 2020 13:42:21 GMT):
Currently, you have to manually uninstall the existing openshift package and install it on the `0.10.2` version. Use `pip3 uninstall openshift` to uninstall and use `pip3 install openshift==0.10.2`

sidnaik1989 (Thu, 17 Dec 2020 15:28:52 GMT):
got below error when trying with fabric version 2.2.0 and above values under chaincode section``` Error: error getting chaincode deployment spec for fabcar: 'go list' failed with: can't load package: package github.com/chaincode/fabcar/java/src/main/java/org/hyperledger/fabric/samples/fabcar: cannot find package "github.com/chaincode/fabcar/java/src/main/java/org/hyperledger/fabric/samples/fabcar" in any of: /usr/local/go/src/github.com/chaincode/fabcar/java/src/main/java/org/hyperledger/fabric/samples/fabcar (from $GOROOT) /go/src/github.com/chaincode/fabcar/java/src/main/java/org/hyperledger/fabric/samples/fabcar (from $GOPATH): exit status 1 ```

jvdacasin (Thu, 17 Dec 2020 16:28:15 GMT):

Google Credential Missing

jvdacasin (Thu, 17 Dec 2020 16:28:30 GMT):
Hello, thanks @arnoudbevers. Got a new error in flux when i changed it Please check screenshot. maybe i have a config that needs to be adjusted too?

jagpreet (Fri, 18 Dec 2020 04:37:03 GMT):
I am not sure as in why it is trying to execute `go list`. Have you explicitly mentioned the chaincode language as `JAVA` ?

jagpreet (Fri, 18 Dec 2020 04:38:21 GMT):
Yes, I think the same. This needs to be confirmed on the fabric rc channel.

arnoudbevers (Fri, 18 Dec 2020 08:38:57 GMT):
Hey, from the error message it seems that you have to set your `GOOGLE_APPLICATION_CREDENTIALS` environment variable to point to your credentials. https://cloud.google.com/docs/authentication/getting-started should help you further with this. It is trying to execute the `kubectl` command without your CLI having access to the Kubernetes config.

sidnaik1989 (Fri, 18 Dec 2020 10:44:32 GMT):
have set lang: "java" under peers.chaincode as suggested above.

sidnaik1989 (Fri, 18 Dec 2020 10:45:47 GMT):
not sure how the lang parameter gets used though. Dont see a -l param in the 'peer chaincode install' command in the install_chaincode chart template file.

sidnaik1989 (Fri, 18 Dec 2020 10:50:12 GMT):
blockchain-automation-framework/platforms/hyperledger-fabric/charts/install_chaincode/templates/install_chaincode.yaml

sidnaik1989 (Fri, 18 Dec 2020 10:50:12 GMT):
blockchain-automation-framework/platforms/hyperledger-fabric/charts/install_chaincode/templates/install_chaincode.yaml. Branch master

sidnaik1989 (Fri, 18 Dec 2020 10:50:12 GMT):
blockchain-automation-framework/platforms/hyperledger-fabric/charts/install_chaincode/templates/install_chaincode.yaml. Branch: master

sidnaik1989 (Fri, 18 Dec 2020 11:53:12 GMT):
Guess this functionality is still in develop branch. Will try

srinivasansankaran (Fri, 18 Dec 2020 13:33:33 GMT):
Has joined the channel.

SivaramKannan (Mon, 21 Dec 2020 04:17:09 GMT):
Hi Team - the chaincode commit job in fabric220 pull all the crypto materials for defined endorsers. If you take a look at fabric-cli, it has the crypto material from only its own organization. since we would run all the chaincode lifecycle command from the fabric-cli including commit-chaincode, don't we need to have the crypto materials from all the endorsers? I don't see any easy way to have this now, but can I get a comment whether the fabric-cli needs the crypto materials for all the endorsers?

arsulegai (Mon, 21 Dec 2020 10:21:32 GMT):
Hi Team, ( @sownak ) This is regarding the Fabric support in BAF. We are trying to evaluate multiple chaincodes installation on a peer, as well as associating the chaincodes against channels. Do you have a plan already for that, or are you open for proposals?

arsulegai (Mon, 21 Dec 2020 10:21:54 GMT):
@karthiksamaganam ^

karthiksamaganam (Mon, 21 Dec 2020 10:25:50 GMT):
Has joined the channel.

SivaramKannan (Mon, 21 Dec 2020 11:49:05 GMT):
do you have a ticket already open? I can update the ticket with thoughts on the topic.

arsulegai (Mon, 21 Dec 2020 12:56:58 GMT):
Yes, https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1224 & https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1225

karthiksamaganam (Mon, 21 Dec 2020 13:03:01 GMT):
https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1251

jagpreet (Tue, 22 Dec 2020 07:20:57 GMT):
Yes, we require the crypto material for all the endorsers. Currently this is already implemented in BAF. (The develop branch is also merged to master recently.)

jagpreet (Tue, 22 Dec 2020 07:22:44 GMT):
Yes, the functionality was currently in fabric220 branch, which was merged into develop. Recently, we have merged the develop into master branch as well. Please re-sync your master branch with the BAF master branch, and then you can use this feature.

SivaramKannan (Tue, 22 Dec 2020 10:23:55 GMT):
ahh.. I am in fabric220. any idea when the release 0.7.0 is going to be?

trinayanbhatt (Tue, 22 Dec 2020 12:52:41 GMT):
Hi, can someone please help me with this I'm stuck with this error on production grade network: I have to restart my fabric-ca-server and when I have started it i got the following error from fabric ca server, here it is not able to initialize postgres database: 2020/12/22 12:35:07 [DEBUG] Initializing DB 2020/12/22 12:35:07 [DEBUG] Initializing 'postgres' database at 'host=postgres.example.com port=5432 user=** password=** dbname=fabriccaserver sslmode=verify-full' 2020/12/22 12:35:07 [DEBUG] Using postgres database, connecting to database... 2020/12/22 12:35:07 [DEBUG] Database Name: fabriccaserver 2020/12/22 12:35:07 [DEBUG] Connecting to PostgreSQL server, using connection string: host=postgres.example.com port=5432 user=** password=** dbname=fabriccaserver sslmode=verify-full sslrootcert=/tmp/postgresCerts/root.crt sslcert=/tmp/postgresCerts/server.crt sslkey=/tmp/postgresCerts/server.key 2020/12/22 12:35:07 [WARNING] Failed to connect to database 'fabriccaserver' 2020/12/22 12:35:07 [DEBUG] Connecting to PostgreSQL server, using connection string: host=postgres.example.com port=5432 user=** password=** dbname=postgres sslmode=verify-full sslrootcert=/tmp/postgresCerts/root.crt sslcert=/tmp/postgresCerts/server.crt sslkey=/tmp/postgresCerts/server.key 2020/12/22 12:35:07 [WARNING] Failed to connect to database 'postgres' 2020/12/22 12:35:07 [DEBUG] Connecting to PostgreSQL server, using connection string: host=postgres.example.com port=5432 user=** password=** dbname=template1 sslmode=verify-full sslrootcert=/tmp/postgresCerts/root.crt sslcert=/tmp/postgresCerts/server.crt sslkey=/tmp/postgresCerts/server.key 2020/12/22 12:35:07 [WARNING] Failed to connect to database 'template1' 2020/12/22 12:35:07 [ERROR] Error occurred initializing database: Failed to connect to Postgres database. Postgres requires connecting to a specific database, the following databases were tried: [fabriccaserver postgres template1]. Please create one of these database before continuing

sownak (Tue, 22 Dec 2020 14:03:22 GMT):
Guess you have to look into postgres documentation. Currently BAF only supports couchdb for Fabric. From what I can see, the hostname is wrong. Are you sure your DB is running at postgres.example.com?

suvajit-sarkar (Tue, 22 Dec 2020 14:44:47 GMT):
Hi All, We have closed Sprint 30 and with that we are ready with BAF release v0.7.0.0, master branch will have the latest code with the following changes https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.7.0.0

suvajit-sarkar (Tue, 22 Dec 2020 14:53:34 GMT):
Hi All, BAF is ready with release 0.7.0 Please find the latest code on master branch our use version tags The change logs for the release is in the link below https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.7.0.0 We are freezing our sprint cadence and will resume on 4th January. Wish you all a Happy new year and Merry Christmas

suvajit-sarkar (Tue, 22 Dec 2020 14:53:34 GMT):
Hi All, BAF is ready with release 0.7.0 Please find the latest code on master branch or use version v0.7.0.0 tag The change logs for the release is in the link below https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.7.0.0 We are freezing our sprint cadence and will resume on 4th January. Wish you all a very Happy New Year and Merry Christmas

suvajit-sarkar (Tue, 22 Dec 2020 14:53:34 GMT):
Hi All, BAF is ready with release 0.7.0 Please find the latest code on master branch or use v0.7.0.0 tag The change logs for the release is in the link below https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.7.0.0 We are freezing our sprint cadence and will resume on 4th January. Wish you all a very Happy New Year and Merry Christmas

suvajit-sarkar (Tue, 22 Dec 2020 14:53:34 GMT):
Hi All, BAF is ready with release 0.7.0 Please find the latest code on master branch or use v0.7.0.0 tag The change logs for the release is in the link below https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.7.0.0 We are also freezing our sprint cadence and will resume on 4th January. Wish you all a very Happy New Year and Merry Christmas

SivaramKannan (Wed, 23 Dec 2020 07:30:49 GMT):
@jagpreet - I don't see the crypto-materials for all the endorsers in the fibric-cli after deployment of 0.7.0. Any change the feature was missed? Can you share the ticket or PR associated with this feature?

SivaramKannan (Wed, 23 Dec 2020 08:34:01 GMT):
In a single Hyperledger Fabric network, would I be able to deploy the below channels and organisations? Channel 1: Org1, Org2, Org3 Channel 2: Org4, Org5, Org6 Channel 3: Org7, Org8, Org9

SivaramKannan (Wed, 23 Dec 2020 08:34:01 GMT):
In a single Hyperledger Fabric network, would I be able to deploy the below channels and organisations with BAF? Channel 1: Org1, Org2, Org3 Channel 2: Org4, Org5, Org6 Channel 3: Org7, Org8, Org9

NaveenRaju (Wed, 23 Dec 2020 10:21:46 GMT):
Hi All, Quorum node is not able to connect to tessera? [Quorum] `` waiting for transaction manager to start...+ curl -k --output /dev/null --silent --head --fail http://carrier.dummydomain.com:8443/upcheckwaiting for transaction manager to start...+ + echo 'waiting for transaction manager to start...'+ sleep 5 ``

NaveenRaju (Wed, 23 Dec 2020 10:21:46 GMT):
Hi All, Quorum node is not able to connect to tessera? [Quorum] ``` waiting for transaction manager to start...+ curl -k --output /dev/null --silent --head --fail http://carrier.dummydomain.com:8443/upcheckwaiting for transaction manager to start...+ + echo 'waiting for transaction manager to start...'+ sleep 5 ```

NaveenRaju (Wed, 23 Dec 2020 10:21:46 GMT):
Hi All, Quorum node is not able to connect to tessera but tessera is running though? [Quorum] ``` waiting for transaction manager to start...+ curl -k --output /dev/null --silent --head --fail http://carrier.dummydomain.com:8443/upcheckwaiting for transaction manager to start...+ + echo 'waiting for transaction manager to start...'+ sleep 5 ```

NaveenRaju (Wed, 23 Dec 2020 10:46:42 GMT):
tessera is running thought

NaveenRaju (Wed, 23 Dec 2020 10:46:42 GMT):
tessera is running though

trinayanbhatt (Wed, 23 Dec 2020 12:34:37 GMT):
I'm using postgres db for fabric-ca-server where sqlite is used as default option. Yes, host is right as it was working before the restart of the fabric-ca server. I haven't changed anything after in that any of the files and just restart my ca but now it is not able to make connection with postgres db.

sownak (Wed, 23 Dec 2020 17:50:59 GMT):
As mentioned, BAF is not tested with postgres for Fabric.

sownak (Wed, 23 Dec 2020 17:51:52 GMT):
Guess you will have to maintain separate network.yaml/config files for the combination as per current BAF design to achieve this.

sownak (Wed, 23 Dec 2020 17:51:52 GMT):
You will have to maintain separate network.yaml/config files for the combination as per current BAF design to achieve this.

sownak (Wed, 23 Dec 2020 17:53:38 GMT):
As it is saying in the logs, it is trying to reach http://carrier.dummydomain.com:8443/upcheckwaiting but I dont think that is a domain owned by you, so it is failing. You will have to configure the DNS correctly so that the domain you are using is reachable from the pod. Or update the domain correctly.

serial-coder (Thu, 24 Dec 2020 07:41:33 GMT):

Screen Shot 2563-12-24 at 14.35.12.png

serial-coder (Thu, 24 Dec 2020 07:42:55 GMT):

Screen Shot 2563-12-24 at 14.35.19.png

serial-coder (Thu, 24 Dec 2020 07:43:18 GMT):

Screen Shot 2563-12-24 at 14.35.29.png

serial-coder (Thu, 24 Dec 2020 07:43:27 GMT):

Screen Shot 2563-12-24 at 14.35.35.png

serial-coder (Thu, 24 Dec 2020 07:45:27 GMT):
Note, I followed the tutorial from the official docs: https://blockchain-automation-framework.readthedocs.io/en/latest/developerguide.html and https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

KochergaMaksym (Thu, 24 Dec 2020 08:54:48 GMT):

cluster_role_binding_error.png

KochergaMaksym (Thu, 24 Dec 2020 08:54:56 GMT):
Has joined the channel.

KochergaMaksym (Thu, 24 Dec 2020 08:59:37 GMT):
it's trying 20 times and false

suvajit-sarkar (Thu, 24 Dec 2020 09:49:03 GMT):
Use the following guide to debug/troubleshoot BAF deployment. For your error you can check your flux logs and ensure the current branch you are working on and the branch in your network.yaml gitops section are same

suvajit-sarkar (Thu, 24 Dec 2020 09:49:03 GMT):
Use the following guide to debug/troubleshoot BAF deployment. https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html For your error you can check your flux logs and also ensure the current branch you are working on and the branch in your network.yaml gitops section are same

serial-coder (Thu, 24 Dec 2020 11:01:57 GMT):
I achieved this by changing vault ip from localhost to local ip

serial-coder (Thu, 24 Dec 2020 11:03:44 GMT):

Screen Shot 2563-12-24 at 18.00.55.png

sownak (Thu, 24 Dec 2020 12:26:38 GMT):
The error message clearly says you have configured Vault as 127.0.0.1:8200 in your network.yaml. The guide says not to do that and use 192.x.x.x. (or whatever your own computer IP is). I am guessing you are using the baf-build docker image as the ansible controller. That ansible controller will never be able to reach 127.0.0.1:8200 vault because the vault service is not running inside that container, it is running on your machine. If this is not clear, please let us know how the documentation can be improved.

sownak (Thu, 24 Dec 2020 12:32:15 GMT):
Whats the value in your network.yaml for network.env.proxy?

KochergaMaksym (Thu, 24 Dec 2020 21:12:46 GMT):

vault_auth.png

KochergaMaksym (Thu, 24 Dec 2020 23:17:17 GMT):

baf_error.png

serial-coder (Thu, 24 Dec 2020 23:21:01 GMT):
Yes, I think the document should emphasize on this.

serial-coder (Fri, 25 Dec 2020 02:11:33 GMT):
@sownak here it is: ``` network: # Network level configuration specifies the attributes required for each organization # to join an existing network. type: fabric version: 1.4.4 # currently tested 1.4.0, 1.4.4 and 2.0.0 #Environment section for Kubernetes setup env: type: "local" # tag for the environment. Important to run multiple flux on single cluster proxy: none # 'none' only minikube does not use a proxy ambassadorPorts: 15010,15020 # Any additional Ambassador ports can be given here, must be comma-separated without spaces, this is valid only if proxy='ambassador' retry_count: 50 # Retry count for the checks external_dns: disabled # Should be disabled for minikube ```

NaveenRaju (Fri, 25 Dec 2020 07:33:14 GMT):
I changed the domain before posting here. I have configured my domain DNS to the external IP as said in the documentation. Tessera is running I have checked the logs of it as well

NaveenRaju (Fri, 25 Dec 2020 07:47:30 GMT):
Tessera Logs: ``` 2020-12-25 07:39:32.930 [main] INFO c.quorum.tessera.server.JerseyServer - Started unix:/tm.ipc2020-12-25 07:39:32.930 [main] INFO c.quorum.tessera.server.JerseyServer - WADL unix:/tm.ipc/application.wadl2020-12-25 07:39:32.931 [main] INFO c.quorum.tessera.server.JerseyServer - Starting http://carrier.dummydomain.com:84432020-12-25 07:39:32.931 [main] INFO org.eclipse.jetty.server.Server - jetty-9.4.25.v20191220; built: 2019-12-20T17:00:00.294Z; git: a9729c7e7f33a459d2616a8f9e9ba8a90f432e95; jvm 11.0.6+102020-12-25 07:39:33.030 [main] WARN o.g.jersey.internal.inject.Providers - A provider com.quorum.tessera.p2p.TransactionResource registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider com.quorum.tessera.p2p.TransactionResource will be ignored. 2020-12-25 07:39:33.031 [main] WARN o.g.jersey.internal.inject.Providers - A provider com.quorum.tessera.p2p.PartyInfoResource registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider com.quorum.tessera.p2p.PartyInfoResource will be ignored. 2020-12-25 07:39:33.135 [main] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.ServletContextHandler@df432ec{/,null,AVAILABLE}2020-12-25 07:39:33.139 [main] INFO o.e.jetty.server.AbstractConnector - Started ServerConnector@217b0952{HTTP/1.1,[http/1.1]}{0.0.0.0:8443}2020-12-25 07:39:33.139 [main] INFO org.eclipse.jetty.server.Server - Started @5943ms2020-12-25 07:39:33.139 [main] INFO c.quorum.tessera.server.JerseyServer - Started http://carrier.dummydomain.com:84432020-12-25 07:39:33.139 [main] INFO c.quorum.tessera.server.JerseyServer - WADL http://carrier.dummydomain.com:8443/application.wadl2020-12-25 07:39:36.056 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:39:36.060 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round2020-12-25 07:39:41.060 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:39:41.061 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round2020-12-25 07:39:46.061 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:39:46.062 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round2020-12-25 07:39:51.062 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:39:51.063 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round2020-12-25 07:39:56.063 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:39:56.064 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round2020-12-25 07:40:01.064 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:40:01.065 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round2020-12-25 07:40:06.065 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Started PartyInfo polling round2020-12-25 07:40:06.065 [pool-3-thread-1] INFO c.q.t.partyinfo.PartyInfoPoller - Finished PartyInfo polling round ```

NaveenRaju (Fri, 25 Dec 2020 07:54:49 GMT):
I had faced the same issue, check your flux logs.

KochergaMaksym (Fri, 25 Dec 2020 15:47:47 GMT):

external_dns_error.png

KochergaMaksym (Fri, 25 Dec 2020 21:53:57 GMT):
Hi team! let me know if it is not a but: File location - https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-fabric/configuration/roles/helm_component/templates/ca-orderer.tpl . For example secretcert: {{ vault.secret_path | default('secret') }}/crypto/ordererOrganizations/{{ component_name | e }}/ca?ca.{{ component_name | e }}-cert.pem (ca? - i think it must be ca/ ), and there are few places where i found it(

KochergaMaksym (Fri, 25 Dec 2020 21:55:21 GMT):

last_error.png

KochergaMaksym (Fri, 25 Dec 2020 21:55:21 GMT):

Message Attachments

KochergaMaksym (Fri, 25 Dec 2020 21:57:36 GMT):

pods_list.png

sownak (Sat, 26 Dec 2020 08:14:19 GMT):
Then most likely the port is blocked. I don't think this is a BAF issue

KochergaMaksym (Sat, 26 Dec 2020 08:50:44 GMT):
Hi team! let me know if it is not a `bug`

lakshyakumar (Mon, 28 Dec 2020 04:48:31 GMT):
Hi @KochergaMaksym , The `?` in the value is a correct implementaion and not a bug, the `?` is folowed by the `key` name on the path prior to the `?`.

BTSNetwork (Mon, 28 Dec 2020 22:53:11 GMT):

no_host_provided.png

BTSNetwork (Mon, 28 Dec 2020 22:55:08 GMT):
Has joined the channel.

BTSNetwork (Mon, 28 Dec 2020 22:56:18 GMT):
in my flux logs I only found those error - ts=2020-12-28T22:32:03.668975707Z caller=images.go:23 component=sync-loop error="getting unlocked automated resources: unable to read root path \"/tmp/flux-working074884451/platforms/hyperledger-fabric/releases/dev\": stat /tmp/flux-working074884451/platforms/hyperledger-fabric/releases/dev: no such file or directory", everything else seems ok.

BTSNetwork (Mon, 28 Dec 2020 23:18:57 GMT):

ca_pod_retry.png

BTSNetwork (Tue, 29 Dec 2020 08:12:13 GMT):

ca-b584766b5-ndh7m.txt

BTSNetwork (Tue, 29 Dec 2020 09:04:30 GMT):

events.png

lakshyakumar (Tue, 29 Dec 2020 09:10:53 GMT):
Hi @BTSNetwork , Can you please share the logs for the CA pods that is keep crashing?

BTSNetwork (Tue, 29 Dec 2020 09:11:31 GMT):

ca-b584766b5-ndh7m.txt

BTSNetwork (Tue, 29 Dec 2020 09:44:06 GMT):
note: i use external_dns: disabled. In aws route53 I added A record to existing load balancer as an alias, like in docs described

mohana.a (Wed, 30 Dec 2020 07:20:36 GMT):
Has joined the channel.

mohana.a (Wed, 30 Dec 2020 09:45:03 GMT):

Screenshot from 2020-12-30 15-12-11.png

mohana.a (Wed, 30 Dec 2020 10:15:11 GMT):

Screenshot from 2020-12-30 15-42-33.png

Vgkmanju (Wed, 30 Dec 2020 10:54:48 GMT):
Hi, Using BAF, deployed fabric 2.2 setup with 6 orgs ( each org has one peer ) and 1 orderer. While client processing (trying to query ledger data) facing the following issue Error: Failed to authorize invocation due to failed ACL check: Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [The identity is not an admin under this MSP [bankemaMSP]: cannot test for classification, node ou for type [ADMIN], not defined, msp: [bankemaMSP]] Can anyone suggest what is this error mean? how to resolve this?

Vgkmanju (Wed, 30 Dec 2020 10:54:48 GMT):
Hi, Using BAF, deployed fabric 2.2 setup with 6 orgs ( each org has one peer ) and 1 orderer. While client processing (trying to query ledger data) facing the following issue Error: Failed to authorize invocation due to failed ACL check: Failed verifying that proposal's creator satisfies local MSP principal during channelless check policy with policy [Admins]: [The identity is not an admin under this MSP [xyzMSP]: cannot test for classification, node ou for type [ADMIN], not defined, msp: [xyzMSP]] Can anyone suggest what is this error mean? how to resolve this?

suvajit-sarkar (Mon, 04 Jan 2021 05:55:45 GMT):
Hi all, We will be resuming our sprint cadence from today, feel free to join on open meeting for the sprint planning today, *4th Jan 1-2pm GMT (6.30-7.30 pm IST)*, please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Mon, 04 Jan 2021 05:55:45 GMT):
Hi all, We will be resuming our sprint cadence from today, feel free to join on open meeting for the sprint planning, *4th Jan 1-2pm GMT (6.30-7.30 pm IST)*, please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

lakshyakumar (Mon, 04 Jan 2021 09:19:35 GMT):
Are you using the `supplychain` chaincode provided in BAF examples?

suvajit-sarkar (Mon, 04 Jan 2021 09:21:28 GMT):
Hi Mohana, I don't think you own the domain blockchaincloud.com, kindly configure it your domain

suvajit-sarkar (Mon, 04 Jan 2021 09:21:28 GMT):
Hi Mohana, I don't think you own the domain blockchaincloud.com, kindly configure the network it with the domain you are using

suvajit-sarkar (Mon, 04 Jan 2021 09:21:28 GMT):
Hi Mohana, I don't think you own the domain blockchaincloud.com, kindly configure the network with the domain you are using

Vgkmanju (Mon, 04 Jan 2021 11:20:08 GMT):
No

sownak (Mon, 04 Jan 2021 13:02:50 GMT):
This seems to be a bug. Please create a bug on github

sownak (Mon, 04 Jan 2021 13:04:56 GMT):
Please follow https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html to check your deployment

sownak (Mon, 04 Jan 2021 13:06:23 GMT):
The path should be a physical path and not a URI

sownak (Mon, 04 Jan 2021 13:07:38 GMT):
Then we cannot provide much support, but you may check if you are running the commands from a CLI pod and not a peer pod.

punkrokk (Mon, 04 Jan 2021 16:04:05 GMT):
Has joined the channel.

mohana.a (Tue, 05 Jan 2021 05:52:44 GMT):

Screenshot from 2021-01-05 11-20-21.png

mohana.a (Tue, 05 Jan 2021 05:52:58 GMT):

Screenshot from 2021-01-05 11-20-36.png

mohana.a (Tue, 05 Jan 2021 06:10:05 GMT):
which physical path

mohana.a (Tue, 05 Jan 2021 08:23:35 GMT):
where to give the path

suvajit-sarkar (Tue, 05 Jan 2021 09:11:33 GMT):
You can try uninstalling the ambassador and rerun the playbook use the following command to remove ambassador `helm uninstall ambassador`

mohana.a (Tue, 05 Jan 2021 09:32:09 GMT):
ok thank you

mohana.a (Tue, 05 Jan 2021 11:25:35 GMT):

Screenshot from 2021-01-05 16-53-10.png

mohana.a (Tue, 05 Jan 2021 11:26:32 GMT):
Can someone assist me regarding this error?

punkrokk (Tue, 05 Jan 2021 14:46:46 GMT):
@jvdacasin Where you able to get this successfully working?

NaveenRaju (Wed, 06 Jan 2021 06:30:28 GMT):

ambassador.png

sownak (Wed, 06 Jan 2021 10:04:05 GMT):
Ok, seems you are using the sample URL. I do not think you own that URL and the networkmap service is not available. Please note Corda code is not enabled to work without Ambassador URLs.

sownak (Wed, 06 Jan 2021 10:07:55 GMT):
Are you able to see the frontend at https://networkmap.test.corda.emulta.com:8443/ from your browser?

sownak (Wed, 06 Jan 2021 10:08:41 GMT):
Our Ambassador deployment forwards 8443 to 443

suvajit-sarkar (Wed, 06 Jan 2021 10:54:52 GMT):
Also can you verify if your nms pod is up and running.

suvajit-sarkar (Wed, 06 Jan 2021 10:54:52 GMT):
Also can you verify that your nms pod is up and running.

BTSNetwork (Wed, 06 Jan 2021 21:46:44 GMT):
this is log from ca-certs-init container

BTSNetwork (Wed, 06 Jan 2021 21:47:00 GMT):
Getting secrets from Vault Server: https://vault.bfs-network.name:8200 { "errors": [ "invalid role name \"vault-role\"" ] } ERROR: unable to retrieve vault login token: { "errors": [ "invalid role name \"vault-role\"" ] }

BTSNetwork (Wed, 06 Jan 2021 21:47:11 GMT):
any idea team?

sownak (Thu, 07 Jan 2021 10:04:33 GMT):
Dont think your vault_kubernetes setup ran correctly because that should have created a kubernetes role called vault-role in the namespace

NaveenRaju (Thu, 07 Jan 2021 10:10:54 GMT):
if i want to set up in same cluster what domain name I need to give for tm nodes section?

NaveenRaju (Thu, 07 Jan 2021 10:23:22 GMT):

Screenshot 2021-01-07 at 3.51.47 PM.png

NaveenRaju (Thu, 07 Jan 2021 12:40:52 GMT):
@sownak but the tessera is running in 8443 port right?

sownak (Thu, 07 Jan 2021 14:05:07 GMT):
yes

NaveenRaju (Thu, 07 Jan 2021 17:49:01 GMT):
I'm bit confused here and I see some gap here, let me put it together. All the traffic from external ambassador exposed port 8443 is being redirected to 443? but the tessera is running in 8443 port internally. can you please clarify how this work?

sownak (Thu, 07 Jan 2021 17:51:38 GMT):
tessera is running internally on 8443 (so you can access it by localhost:8443 on the tessera container), but when using ambassador, the exposed port 8443 of ambassador will be used (so you will access it by tesseraxqz.:8443 from outside the tessera container)

NaveenRaju (Thu, 07 Jan 2021 17:58:13 GMT):
right now I can access the tessera locally but not through the ambassador, any guess on where would it went wrong?

NaveenRaju (Thu, 07 Jan 2021 17:59:11 GMT):

Screenshot 2021-01-07 at 11.28.46 PM.png

NaveenRaju (Thu, 07 Jan 2021 18:01:08 GMT):
I tried the curl the :8334 still no luck

sownak (Thu, 07 Jan 2021 18:01:37 GMT):
ambassador does host based routing, so IP:8443 wont work

sownak (Thu, 07 Jan 2021 18:01:48 GMT):
you have to check if the pod connects

sownak (Thu, 07 Jan 2021 18:02:16 GMT):
I am not sure you can access tessera via URL as it may be restricted given it is https

NaveenRaju (Thu, 07 Jan 2021 18:03:36 GMT):
I turned on the tm ssl and tried, no luck

BTSNetwork (Fri, 08 Jan 2021 19:28:39 GMT):
Hm... I am lost of ideas, AWS EKS cluster must be initialized with RBAC or without RBAC ? I can't understand where i made mistake, everything seems OK. Maybe some ideas, team?

BTSNetwork (Sat, 09 Jan 2021 18:54:07 GMT):
Also i used Ubuntu 18.04 LTS for Ansible controller, maybe better CentOs?

bh4rtp (Sun, 10 Jan 2021 16:14:58 GMT):
Has joined the channel.

jagpreet (Fri, 15 Jan 2021 08:35:03 GMT):
Is the issue still relevant?

BTSNetwork (Sat, 16 Jan 2021 17:01:32 GMT):
it must be internal or external addresses?

BTSNetwork (Sat, 16 Jan 2021 19:27:48 GMT):

core_peers.png

suvajit-sarkar (Mon, 18 Jan 2021 05:36:22 GMT):
Hi all, Please feel free to join the open meeting for BAF sprint planning, 18th Jan 1-2pm GMT (6.30-7.30 pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

sownak (Mon, 18 Jan 2021 10:54:15 GMT):
Yes.

mohana.a (Tue, 19 Jan 2021 06:09:56 GMT):

Screenshot from 2021-01-19 11-37-28.png

mohana.a (Tue, 19 Jan 2021 06:10:51 GMT):
We mapped the url to the ambassador ip but still getting error

mohana.a (Tue, 19 Jan 2021 10:16:51 GMT):

Screenshot from 2021-01-19 15-34-48.png

suvajit-sarkar (Wed, 20 Jan 2021 09:59:46 GMT):
Kindly provide us with the network yaml, removing the private information. We will have a look

waleed (Wed, 20 Jan 2021 10:57:12 GMT):
Has joined the channel.

mohana.a (Thu, 21 Jan 2021 04:56:36 GMT):

network.yaml.txt

mohana.a (Thu, 21 Jan 2021 04:57:50 GMT):
This is the network configuration file i use.

alvaropicazo (Thu, 21 Jan 2021 10:43:32 GMT):
Has joined the channel.

NaveenRaju (Fri, 22 Jan 2021 12:29:23 GMT):
can you explain what port you're referring?

sownak (Fri, 22 Jan 2021 12:30:00 GMT):
8443

BTSNetwork (Fri, 22 Jan 2021 14:14:05 GMT):
Hi Team! in case hyperledger fabric multy cluster option - ca_data: url: ca.supplychain-net:7054 certificate: file/server.crt

BTSNetwork (Fri, 22 Jan 2021 14:14:05 GMT):
Hi Team! in case hyperledger fabric multy cluster option - ``` ca_data: url: ca.supplychain-net:7054 certificate: file/server.crt``` ca.supplychain-net - must be internal or external uri?

sownak (Fri, 22 Jan 2021 18:08:38 GMT):
can be either. But for multi-cluster, I suppose the CA servers are on each organization, hence internal should work too.

Sandyzhanghs (Tue, 26 Jan 2021 08:48:35 GMT):
Has joined the channel.

sajidhz1 (Wed, 27 Jan 2021 04:21:40 GMT):
Has joined the channel.

sajidhz1 (Wed, 27 Jan 2021 04:21:40 GMT):
Hi I am deploying minikube yaml

suvajit-sarkar (Wed, 27 Jan 2021 14:38:39 GMT):
Hi all, We will be having our PI Demo tomorrow 28th Jan 1-2pm GMT (6.30-7.30 pm IST), please join us on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Wed, 27 Jan 2021 14:38:39 GMT):
Hi all, We will be having our PI Demo tomorrow 28th Jan 12-1pm GMT (5.30-6.30 pm IST), please join us on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Thu, 28 Jan 2021 06:32:30 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=E67cjeeKSuaH5HKze) *Change in time

mohana.a (Thu, 28 Jan 2021 08:19:58 GMT):

Screenshot from 2021-01-28 13-08-42.png

sownak (Thu, 28 Jan 2021 09:06:22 GMT):
Most probably because you have a cordapps key in netwrok.yaml but have not specified any urls under that key.

SivaramKannan (Thu, 28 Jan 2021 12:00:34 GMT):
Any plans for the BAF to move to flux v2?

suvajit-sarkar (Fri, 29 Jan 2021 08:38:46 GMT):
You can create an issue on the board, and we can discuss this on the upcoming planning

SivaramKannan (Mon, 01 Feb 2021 05:34:20 GMT):
sure, will do

RonaldReagan (Mon, 01 Feb 2021 05:43:45 GMT):
Has joined the channel.

suvajit-sarkar (Mon, 01 Feb 2021 05:58:03 GMT):
Hi all, Please feel free to join the open meeting for BAF sprint planning, 1st Feb 1-2pm GMT (6.30-7.30 pm IST), please feel free to join on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

Soundarya_Ayyappan (Mon, 01 Feb 2021 13:23:56 GMT):

Screenshot from 2021-02-01 18-34-45.png

sownak (Mon, 01 Feb 2021 15:12:35 GMT):
As you can see from the error message that the previous command failed. That is because your domain name is too long. Please use a shorter domain name as there is a 64 character limit on domain names universally.

Soundarya_Ayyappan (Tue, 02 Feb 2021 04:54:10 GMT):
Thanks! That solved the issue.

BTSNetwork (Tue, 02 Feb 2021 08:50:13 GMT):
Hi team! It's possible to use one Vault server to store all secrets for all organizations - of course using different secrets path's? Note: also one cluster planning to use.

suvajit-sarkar (Tue, 02 Feb 2021 09:18:34 GMT):
Yes that's possible

BTSNetwork (Tue, 02 Feb 2021 09:26:58 GMT):
Thanks team) Then all address's should be internal, except only peerAddress? Thanks in advance, team you are doing nice project

NaveenRaju (Wed, 03 Feb 2021 11:29:49 GMT):
Hi Team! I remember in the last sprint there was a task to upgrade the Ambassador to latest version, I still see the old version only in shared folder of both master/develop branches

BTSNetwork (Thu, 04 Feb 2021 17:04:24 GMT):
Hi team! It's true that BAF support for hyperledger fabric 2.2.0 only java and go version for chaincode installation? I am trying to install node chaincode version

BTSNetwork (Thu, 04 Feb 2021 17:43:27 GMT):
`chaincode: name: "bill" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "chaincode/" #The main directory where chaincode is needed to be placed lang: "node" # The language in which the chaincode is written ( golang/java/node ) repository: username: "username" # Git Service user who has rights to check-in in all branches password: "key" url: "github.com/my_username/blockchain-automation-framework.git" branch: master path: "platforms/hyperledger-fabric/chaincode" #The path to the chaincode arguments: '' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode`

BTSNetwork (Thu, 04 Feb 2021 17:43:57 GMT):
my node chaincode located at platforms/hyperledger-fabric/chaincode path

BTSNetwork (Thu, 04 Feb 2021 17:43:57 GMT):
my node chaincode located at platforms/hyperledger-fabric/chaincode

BTSNetwork (Thu, 04 Feb 2021 22:13:11 GMT):

install_chaincode.png

E.alcazar (Fri, 05 Feb 2021 08:35:32 GMT):
Has joined the channel.

BTSNetwork (Sat, 06 Feb 2021 09:27:22 GMT):

npm_i.png

BTSNetwork (Sat, 06 Feb 2021 09:28:13 GMT):
this error i got upon chaincode installation - seems npm i not go, any idea team?

sownak (Wed, 10 Feb 2021 11:02:50 GMT):
isnt this a #fabric-questions question?

BTSNetwork (Wed, 10 Feb 2021 11:05:18 GMT):
Hi) I solved this issue, when changed eks cluster create template ( i added preBootstrapCommands). Chaincode installed, but approve chancode job was failed

BTSNetwork (Wed, 10 Feb 2021 11:06:01 GMT):

network_cluster.png

BTSNetwork (Wed, 10 Feb 2021 11:07:41 GMT):
so, now trying to understand why chancode can't be approved by both orgs

BTSNetwork (Wed, 10 Feb 2021 11:45:49 GMT):

networkteam.txt

Vgkmanju (Thu, 11 Feb 2021 11:10:27 GMT):
Hi, I have a fabric 2.2 setup using BAF with nodesdk v2.1.0. When I tried to use discovery via nodesdk, I got the following error with error: Error: No discovery results found at DiscoveryService.getDiscoveryResults (/usr/lib/node_modules/fabric-network/node_modules/fabric-common/lib/DiscoveryService.js:355:10) at DiscoveryHandler.endorse (/usr/lib/node_modules/fabric-network/node_modules/fabric-common/lib/DiscoveryHandler.js:156:40) at Endorsement.send (/usr/lib/node_modules/fabric-network/node_modules/fabric-common/lib/Proposal.js:362:29) at Transaction.submit (/usr/lib/node_modules/fabric-network/lib/transaction.js:205:52) at Can anyone suggest how to resolve this?

sownak (Thu, 11 Feb 2021 11:43:04 GMT):
Is nodesdk supported in BAF?

ayham (Fri, 12 Feb 2021 15:29:04 GMT):
Has joined the channel.

ayham (Fri, 12 Feb 2021 15:29:04 GMT):
Hi, I'm Ayham, I wish to use your framework for research purposes. I want to deploy fabric 2.2.0 and I would like to know what kind of issues I could encounter with the current state of the code for fabric-CA, since it's marked as "not yet implemented" in the system diagram: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/docs/images/blockchain-automation-framework-fabric.png And considering that the CA chart is 4 month old: https://github.com/hyperledger-labs/blockchain-automation-framework/tree/master/platforms/hyperledger-fabric/charts/ca Thanks in advance.

suvajit-sarkar (Mon, 15 Feb 2021 04:53:05 GMT):
Hi all, Please feel free to join the open meeting for BAF sprint planning, 15th Feb 1-2pm GMT (6.30-7.30 pm IST). https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

jagpreet (Mon, 15 Feb 2021 07:59:19 GMT):
Yes, our supplychain cc example application connects via nodesdk as referenced [here](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/examples/supplychain-app/fabric/chaincode_rest_server/rest-server/src/SupplyChainClient.ts)

jagpreet (Mon, 15 Feb 2021 07:59:19 GMT):
Yes, our supplychain chaincode connects via nodesdk as referenced [here](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/examples/supplychain-app/fabric/chaincode_rest_server/rest-server/src/SupplyChainClient.ts)

jagpreet (Mon, 15 Feb 2021 08:17:17 GMT):
Hi @Vgkmanju Can you have a look on how we used the same, in the supplychain chaincode example provided and corresponding helper files [here](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/examples/supplychain-app/fabric/chaincode_rest_server/rest-server/src/SupplyChainClient.ts)

jagpreet (Mon, 15 Feb 2021 08:19:17 GMT):
We will get back on this in sometime.

jagpreet (Mon, 15 Feb 2021 08:59:31 GMT):
The current BAF code for HL Fabric uses Fabric CA and it works fine. The diagram refers to use of External CA which hasn't been implemented yet.

ayham (Mon, 15 Feb 2021 09:46:31 GMT):
Great! thanks for your reply.

Soundarya_Ayyappan (Tue, 16 Feb 2021 13:05:02 GMT):
Hi, I tried to add a new peer in the existing org in an existing network (Fabric v2.2.0) using baf. It was successful and the new peer has also joined the channel. But the chaincode deployment is throwing error in new peer. I am able to package the chaincode and install the chaincode, but the "approvemyorg" is throwing error like below, *Error: timed out waiting for txid on all peers* So, I did the approvemyorg step from the peer which was there from the initial network deployment. There the approval was successful. Then I used "peer lifecycle chaincode checkcommitreadiness" command to check the orgs those who have got approved in the new peer, it is showing the below result, { "approvals": { "abcMSP": false, "defMSP": false } } But if I try the same command in an old peer, it says the right result, { "approvals": { "abcMSP": true, "defMSP": true } } Also, the invoke or query in the new peer is throwing, Error: endorsement failure during invoke. response: status:500 message:"make sure the chaincode fabcarv3 has been successfully defined on channel intainchannel and try again: chaincode fabcarv3 not found" Error: endorsement failure during query. response: status:500 message:"make sure the chaincode fabcarv3 has been successfully defined on channel intainchannel and try again: chaincode fabcarv3 not found". Can anyone pls help me out to solve this? Thanks in Advance!

suvajit-sarkar (Wed, 17 Feb 2021 08:38:27 GMT):
Hi @Soundarya_Ayyappan thanks for raising this. Will have a look and let you know

bh4rtp (Thu, 18 Feb 2021 00:40:41 GMT):
I get this issue too. After approved by Org1, checkcommitreadiness always replies all false from Org2.

Soundarya_Ayyappan (Thu, 18 Feb 2021 06:36:26 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=ePCdEzHuTATYKgtSY) Thanks @suvajit-sarkar. It would be helpful if we know the cause asap.

suvajit-sarkar (Thu, 18 Feb 2021 08:40:40 GMT):
It would be really great if you would raise a bug on the github issues

Soundarya_Ayyappan (Thu, 18 Feb 2021 10:36:11 GMT):
@suvajit-sarkar I have started an issue in github - https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1307

arsulegai (Fri, 19 Feb 2021 09:36:44 GMT):
Hi team

arsulegai (Fri, 19 Feb 2021 09:37:45 GMT):
A random question, in case of organizations. I see `external_suffix` used as is with the name of the node for orderers, but for peer nodes it adds the `org_name-net` (namespace I guess?) before the suffix.

arsulegai (Fri, 19 Feb 2021 09:38:30 GMT):
Is this done for specific reason or unintentional?

arsulegai (Fri, 19 Feb 2021 09:45:46 GMT):
Question 2: There is a section for `ca_data`, can somebody please tell me how is `certificate` meant to be used. The comment says `# This has not been implemented in 0.2.0.0`

Soundarya_Ayyappan (Fri, 19 Feb 2021 10:08:08 GMT):
Additional info, the following channel info is from old peer of the org, bash-5.0# peer channel getinfo -c mychannel 2021-02-19 09:32:10.533 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized Blockchain info: {"height":9,"currentBlockHash":"3JWXNwGt9rhGldFcUyBqjWizsOKRbQBKY3KNvBl6rA8=","previousBlockHash":"oIlDSVnCj4fOkozTjN2BDDLIs16RwooQy59qI1P9Eu4="} The below result is from the new peer, bash-5.0# peer channel getinfo -c mychannel 2021-02-19 09:40:59.093 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized Blockchain info: {"height":1,"currentBlockHash":"3WnnD9/ZMu56urG8Mdzw4/VHvCZOkCssCf+AyyWATGs="} This difference is the cause for the CC to not work in the new peer. I guess this info gives you some more view on the issue.

suvajit-sarkar (Fri, 19 Feb 2021 10:08:32 GMT):
thanks for raising the bug, we will update on it

jagpreet (Fri, 19 Feb 2021 10:12:24 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=yFep9d5Ef99dFYKQv) Yes, So let's say the external_url_suffix is abc.com Orderers can be orderer1.abc.com, orderer2.abc.com, orderer3.abc.com (This will also change once we support orderers from different organizations) But for the peers, if we don't have the org in the name, then it will not work, because peer0 can be the same name of the peer in 2 orgs and then peer0.abc.com isn't sufficient enough to point to that peer

jagpreet (Fri, 19 Feb 2021 10:14:50 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=5WCRpZc5aoXzqEqRg) Yes, not implemented. This needs to be reflected in the docs or removed from the network.yaml

arsulegai (Fri, 19 Feb 2021 10:20:23 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=AkfeDQTykTpxQgWP5) Do you mean, does external CAS here mean support of non-fabric-CA component or does it mean CA external to BAF?

arsulegai (Fri, 19 Feb 2021 10:20:23 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=AkfeDQTykTpxQgWP5) Did you mean external CA which is not a fabric-CA component or does it mean CA external to BAF?

suvajit-sarkar (Fri, 19 Feb 2021 10:22:22 GMT):
Adding to that on an ideal production case the DNS suffix will be different for different orgs. For development purpose we differentiate it using namespaces

suvajit-sarkar (Fri, 19 Feb 2021 10:22:22 GMT):
Adding to that on an ideal production case the DNS will be different for different orgs. For development purpose we differentiate it using namespaces

arsulegai (Fri, 19 Feb 2021 10:22:47 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=k2AmY3yq5W4NzS8mN) Still unsure, since each organization will ideally have their own domain name. The uri would still be different right? `peer0` with `org1-suffix`, `peer0` with `org2-suffix`.

suvajit-sarkar (Fri, 19 Feb 2021 10:26:06 GMT):
yes, for development purpose we use the same DNS for each org with namespace as differentiator for each org

suvajit-sarkar (Fri, 19 Feb 2021 10:26:06 GMT):
yes, for development purpose we use the same DNS for each org with namespace suffix as differentiator for each org

arsulegai (Fri, 19 Feb 2021 10:28:34 GMT):
Ok, thanks for clarification. Let me know which standard will be followed in the long run. I guess the one with namespace?

arsulegai (Fri, 19 Feb 2021 10:30:48 GMT):
Not sure if this would be an issue when exposing to public, it will definitely expose the namespace of the cluster where these are running. The URL gets added to the certificate and verification requires somebody to call the service as it is put in the certificate. Would it make sense to add an additional URL which is pre-computed?

jagpreet (Fri, 19 Feb 2021 10:50:04 GMT):
Yes, we generally go with the trend of having url's like .. (Haven't been done for orderers as currently all the orderers are in the same org)

arsulegai (Fri, 19 Feb 2021 10:59:57 GMT):
Has there been thoughts of distributing different peer nodes across multiple K8s clusters for the same organization?

sownak (Fri, 19 Feb 2021 11:26:16 GMT):
Not yet. Can be done if you divide the organization in the network.yaml. If you want to use the same CA server etc, that is when the external CA implementation needs to be done, because for OrgA2, the CA still needs to be from OrgA1 (Assuming we have divided OrgA into 1 and 2)

arsulegai (Fri, 19 Feb 2021 11:27:21 GMT):
Ok, so external CA is the concept of using a CA running elsewhere but it still is `fabric-ca`?

arsulegai (Fri, 19 Feb 2021 11:27:35 GMT):
And is there a timeline for this feature?

sownak (Fri, 19 Feb 2021 11:28:08 GMT):
It can or cannot be the Fabric CA. There is no timeline because we did not see much market evidence on this particular feature yet

arsulegai (Fri, 19 Feb 2021 11:29:02 GMT):
If not external CA, but at least splitting organization nodes across clusters is a requirement for us.

sownak (Fri, 19 Feb 2021 11:30:08 GMT):
With them sharing the CA? Then please create a feature request

arsulegai (Fri, 19 Feb 2021 11:30:46 GMT):
Yes, CA would be setup once for org.

arsulegai (Fri, 19 Feb 2021 11:30:53 GMT):
Sure, I will raise a request

hoang-tranviet (Sun, 21 Feb 2021 22:54:44 GMT):
Has joined the channel.

Soundarya_Ayyappan (Tue, 23 Feb 2021 04:52:01 GMT):
Hi, I have deployed an hyperledger fabric network v2.2.0 using baf in a kubernetes cluster. All the jobs till createchannel were successful. But the joinchannel task got succeeded only for 1 org out of 3. Since joinchannel task for 2nd org didn't complete, the anchor peer updation job has not came up for any of the orgs. Though I have done the joinchannel and anchor peer updation things manually, it would be better for me to understand why the jobs are getting failed in baf deployment. Also, no error is thrown by baf script, the joinchannel task got failed after the number of retries mentioned in the network configuration file got exceeded. Can anyone explain the cause? Thanks in Advance!

jagpreet (Tue, 23 Feb 2021 09:57:55 GMT):
Hi @Soundarya_Ayyappan Can you reset and re-run the deployment. Once the join channel job starts failing, please take the log of the job pod and send us here. It will be helpful to debug the issue. Because in general, the join-channel job runs correctly.

Soundarya_Ayyappan (Tue, 23 Feb 2021 10:20:17 GMT):
@jagpreet The pod itself is not getting created for joinchannel job. Also, not all the times I am facing this issue. Rarely I see the issue with join channel job. Can you explain the reason why the pod itself is not getting created. The baf script is getting ended after all the retries (of checking if that particular joinchannel got completed) got failed.

Soundarya_Ayyappan (Tue, 23 Feb 2021 10:22:34 GMT):

joinchannel-error.png

Soundarya_Ayyappan (Tue, 23 Feb 2021 10:29:31 GMT):

Screenshot from 2021-02-23 15-58-14.png

Soundarya_Ayyappan (Tue, 23 Feb 2021 13:11:12 GMT):
HI, I am trying to deploy an hyperledger fabric network v2.2.0 using baf with 2 peer orgs and 1 orderer org. My actual requirement is to deploy the orderer org and a peer org in one k8s cluster and the other peer org in an another k8s cluster. Since I haven't tested that before, currently I have configured the network.yaml file in such a way that the above mentioned org structure to be done in a single k8s cluster, but I have used external uris for all the peers and orderer (except gossip address under network.organizations.services.peer.gossippeeraddress). All the peers and the orderer came up but the create channel is throwing the error, "*2021-02-23 12:59:04.393 UTC [grpc] Infof -> DEBU 035 Channel Connectivity change to CONNECTING 2021-02-23 12:59:04.397 UTC [grpc] Warningf -> DEBU 036 grpc: addrConn.createTransport failed to connect to {orderer1.yyy-net.testing.multicluster.emulya.com:443 0 }. Err: connection error: desc = "transport: authentication handshake failed: x509: certificate is valid for ingress.local, not orderer1.yyy-net.testing.multicluster.emulya.com". Reconnecting... 2021-02-23 12:59:04.397 UTC [grpc] Infof -> DEBU 037 Subchannel Connectivity change to TRANSIENT_FAILURE 2021-02-23 12:59:04.397 UTC [grpc] UpdateSubConnState -> DEBU 038 pickfirstBalancer: HandleSubConnStateChange: 0xc0001b0c50, {TRANSIENT_FAILURE connection error: desc = "transport: authentication handshake failed: x509: certificate is valid for ingress.local, not orderer1.yyy-net.testing.multicluster.emulya.com"} 2021-02-23 12:59:04.397 UTC [grpc] Infof -> DEBU 039 Channel Connectivity change to TRANSIENT_FAILURE 2021-02-23 12:59:04.968 UTC [grpc] Infof -> DEBU 03a Channel Connectivity change to SHUTDOWN 2021-02-23 12:59:04.968 UTC [grpc] Infof -> DEBU 03b Subchannel Connectivity change to SHUTDOWN Error: failed to create deliver client for orderer: orderer client failed to connect to orderer1.yyy-net.testing.multicluster.emulya.com:443: failed to create new connection: context deadline exceeded*".

cato91 (Tue, 23 Feb 2021 15:06:04 GMT):
Has joined the channel.

pmillwee (Tue, 23 Feb 2021 22:15:01 GMT):
Has joined the channel.

jagpreet (Wed, 24 Feb 2021 04:47:30 GMT):
There can be a couple of reasons for this to happen. 1. There is some issue with the HelmRelease 2. There is some issue with Flux deploying it. To check if issue 1 is happening, run the command `kubectl get HelmRelease -n ` This will list down the HelmReleases created in that namespace. If you can see the join channel HelmRelease in it, then we can be sure that, flux deployed it correctly. Then you describe the HelmRelease of the joinchannel job and at the end, you will get the error message, if any. To check if the issue 2 is happening, we need to check the flux pod logs itself after like a few retries (on the ansible playbook) to check if flux pod itself has some issue deploying the join-channel HelmRelease. To check the flux pod logs, run this command `kubectl get logs ` You can pass in any flux pod name in this.

Soundarya_Ayyappan (Wed, 24 Feb 2021 08:10:32 GMT):
Hi, I am trying a deploy an hyperledger fabric network v2.2.0 using BAF. My network includes 2 peer orgs and 1 orderer org and 1 channel. I am trying to deploy the orderer org and 1 peer org in a k8s cluster and the 2nd peer org in another k8s cluster. But I am facing error with the initial stage of flux installation itself. The error I faced is "*MountVolume.SetUp failed for volume "git-key" : secret "git-auth-dev" not found*". Can anyone let me know if the above deployment is possible using BAF and is that already been tested? Thanks in Advance.

suvajit-sarkar (Wed, 24 Feb 2021 08:43:28 GMT):
Hi @Soundarya_Ayyappan , please have a look at our troubleshooting guide https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html#common-troubleshooting

Soundarya_Ayyappan (Wed, 24 Feb 2021 10:31:05 GMT):
Thanks @suvajit-sarkar for your suggestion. I have regenerated the gitops key and added tothe repo. Now my deployment has passed the flux error.

Soundarya_Ayyappan (Wed, 24 Feb 2021 11:57:35 GMT):
@suvajit-sarkar After regenerating the key, due to some issue, I did reset and started the deployment again, but this time I got the same error "*MountVolume.SetUp failed for volume "git-key" : secret "git-auth-dev" not found*"

sidnaik1989 (Thu, 25 Feb 2021 15:26:07 GMT):
I am trying a deployment of Fabric V2.2. Was able to get a network up with 1 orderer and 1 org. Also a channel was created successfully. Followed this with chaincode deployment with Fabcar. I see the installchaincode, approvechaincode and commitchaincode jobs have completed successfully. However when I login to peer0-cli and run 'peer chaincode list --installed' it does not list any chaincode. Also tried '--instantiated -C allchannel'. What could be the issue?

jagpreet (Fri, 26 Feb 2021 10:41:27 GMT):
Hi @sidnaik1989 Those command will not work with new chaincode lifecycle process in 2.2.0 Use this command to list the installed chaincode `peer lifecycle chaincode queryinstalled`

suvajit-sarkar (Mon, 01 Mar 2021 06:40:39 GMT):
Hi all, Please feel free to join the open meeting for BAF sprint planning,1st March 1-2pm GMT (6.30-7.30 pm IST). https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

cato91 (Tue, 02 Mar 2021 11:04:36 GMT):
I've been trying BAF and cannot get the Helm operator to work with a private GitLab for blockchain-automation-framework repo. Key error is 'terminal prompts disabled' which means Git is prompting for a username/password: ``` ts=2021-03-02T11:03:22.330510935Z caller=release.go:85 component=release release=supplychain-net-ca targetNamespace=supplychain-net resource=supplychain-net:helmrelease/supplychain-net-ca helmVersion=v3 error="failed to prepare chart for release: chart not ready: git clone --mirror: fatal: could not read Username for 'https://gitlab.com': terminal prompts disabled, full output:\n Cloning into bare repository '/tmp/flux-gitclone721589042'...\nfatal: could not read Username for 'https://gitlab.com': terminal prompts disabled\n" ``` Doing `helm get values --all flux-bafpoc-helm-operator` gives this for Git config: ``` git: config: createSecret: true data: "" enabled: false secretName: "" defaultRef: "" pollInterval: 2m ssh: configMapKey: config configMapName: "" known_hosts: "" secretName: git-auth-bafpoc timeout: 200s url: https://gitlab-user:mypassword@gitlab.com/mygroup//blockchain-automation-framework.git ```

cato91 (Tue, 02 Mar 2021 11:11:54 GMT):
I've tried config with SSH for git, and HTTPS, changing secrets as required and checking their values, and I've double-checked user and password etc. Current network YAML config is: ```gitops: git_protocol: "https" git_url: "https://gitlab.com/myorg/blockchain-automation-framework.git" branch: "localdev" release_dir: "platforms/hyperledger-fabric/releases/dev" chart_source: "platforms/hyperledger-fabric/charts" git_repo: "gitlab.com/myorg/blockchain-automation-framework.git" username: "gitlab-user" password: "mypassword" email: "abc@example.com" private_key: "/home/vagrant/iac/baf/secrets/gitops" ```

cato91 (Tue, 02 Mar 2021 11:13:50 GMT):
Using latest BAF repo - have tried Helm operator 1.2.0 and also built a chart from latest master in flux helm operator repo

sidnaik1989 (Tue, 02 Mar 2021 12:54:11 GMT):
I am trying to setup a multicluster network where in Org1 and Orderer org are on one kubernetes cluster and org2 is on a different cluster. Have copied the configs for both clusters under build folder. Have updated the network.yaml file such that k8s section for orderer and org1 are pointing to cluster 1 config and k8s for org2 is pointing to cluster 2. I was able to run the env setup scripts to get flux and HAProxy ingress deployed on both clusters. However when I run the network setup script I see org2 pods being created in cluster 1 and vice versa. Can some one please confirm if the usage pattern where in I am using a single network.yaml to deploy to multiple clusters is right? if yes.. what could be the issue here?

sidnaik1989 (Wed, 03 Mar 2021 04:19:27 GMT):
In the git_push role we have``` cd "{{ GIT_DIR }}" ```

sidnaik1989 (Wed, 03 Mar 2021 04:19:27 GMT):
In the git_push role we have``` cd "{{ GIT_DIR }}" `````` git --git-dir={{ GIT_DIR }}/.git add -A . ``` hence all the files generated in the release directly will get committed to all gitOps repos configured in all organization. This is causing the components for Org1 to be created in cluster2 in my case.

sidnaik1989 (Wed, 03 Mar 2021 04:19:27 GMT):
In the git_push role we have``` cd "{{ GIT_DIR }}" ``` ``` git --git-dir={{ GIT_DIR }}/.git add -A . ``` hence all the files generated in the release directly will get committed to all gitOps repos configured in all organization. This is causing the components for Org1 to be created in cluster2 in my case.

sidnaik1989 (Wed, 03 Mar 2021 04:19:27 GMT):
In the git_push role we have `cd "{{ GIT_DIR }}" git --git-dir={{ GIT_DIR }}/.git add -A .` hence all the files generated in the release directly will get committed to all gitOps repos configured in all organization. This is causing the components for Org1 to be created in cluster2 in my case.

sidnaik1989 (Wed, 03 Mar 2021 04:29:18 GMT):
Is using a single network.yaml to deploy to multiple clusters a valid approach? As k8s and gitOps repo are configured separately for each org, I assumed it should work

cato91 (Wed, 03 Mar 2021 07:08:16 GMT):
Workaround was to manually insert a secretRef into the generated HelmRelease for supplychain ca-server - clearly not a great approach. Would like to find a simpler fix without changing HelmRelease manifests

jagpreet (Wed, 03 Mar 2021 08:38:18 GMT):
Hi @sidnaik1989 For achieving multi-cluster multi-organization based setup, please make sure that the `gitops.release_dir` is different for different organizations. In that way, the folders will be different for different organizations.

arsulegai (Wed, 03 Mar 2021 12:45:08 GMT):
Hi team, I wanted to discuss regarding https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1310

arsulegai (Wed, 03 Mar 2021 12:45:36 GMT):
The feature request/enhancement is to improve manageability.

arsulegai (Wed, 03 Mar 2021 12:51:32 GMT):
@jagpreet @sownak ^

cato91 (Thu, 04 Mar 2021 09:12:38 GMT):
Since I had this error recently (invalid role name 'vault-role') and fixed it, here's what I did: Ensure that the kubeconfig file you are using looks like this - the commented out version is what you get from `aws eks update-kubeconfig`: ``` # - cluster: # certificate-authority-data: XXXX= # server: https://XXXXXX.gr7.eu-west-2.eks.amazonaws.com # name: arn:aws:eks:eu-west-2:XXXXXXXXXX:cluster/myenv - cluster: certificate-authority-data: XXXX= server: https://XXXXXX.gr7.eu-west-2.eks.amazonaws.com name: mypoc contexts: # - context: # cluster: arn:aws:eks:eu-west-2:XXXXXXXXXX:cluster/myenv # user: arn:aws:eks:eu-west-2:XXXXXXXXXX:cluster/myenv # name: arn:aws:eks:eu-west-2:XXXXXXXXXX:cluster/myenv - context: cluster: mypoc user: arn:aws:eks:eu-west-2:XXXXXXXXXX:cluster/myenv name: mypoc current-context: mypoc ```

cato91 (Thu, 04 Mar 2021 09:13:24 GMT):
The root cause (for me) was an earlier 'no host provided' code 400 error due to the vault CLI's kubernetes_host parameter being empty in the task "Write reviewer token for Organisations" in vault_kubernetes role

cato91 (Thu, 04 Mar 2021 09:14:38 GMT):
general comment - code in that task is complex and does not check for errors, making it harder to diagnose. As a minimum, doing `set -xeu` at top of all such shell scripts in Ansible code would help diagnosis - and in this task, unwrapping the nested command substitutions was helpful to debugging.

cato91 (Thu, 04 Mar 2021 09:15:43 GMT):
for anyone who gets a Vault error `"invalid role name \"vault-role\""` - see this thread for one solution

cato91 (Thu, 04 Mar 2021 09:16:32 GMT):
having a kubeconfig that is not quite right can cause some hard to localise errors in `vault_kubernetes` role

sownak (Thu, 04 Mar 2021 09:57:42 GMT):
As I mentioned on the issue as well, the cert is read from the local path and then stored on the org's Vault. This is done so that automation can be achieved, as we remove the process of manually copying the certs to Vault. It is not right/wrong approach, it is about what suits the operator. And the operator is free to change the approach.

arsulegai (Thu, 04 Mar 2021 10:50:59 GMT):
Ok, to keep the scope of modules/components in check. We will introduce an alternate option (either store in Vault or in path) kind of feature if team is ok with it.

sownak (Thu, 04 Mar 2021 11:44:44 GMT):
yes, that is fine

sidnaik1989 (Tue, 09 Mar 2021 04:48:40 GMT):
Though this worked, Should the ideal solution be to update the git_push task to push only the respective changes to the repositories of various orgs? Believe this should be possible by maintaining .git folders for both the repos and setting --git-dir accordingly

sidnaik1989 (Tue, 09 Mar 2021 04:50:19 GMT):
will also need to modify below command to use a specific add path instead of '.'``` git --git-dir={{ GIT_DIR }}/.git add -A . ```

HighBrow (Tue, 16 Mar 2021 06:41:19 GMT):
Has joined the channel.

mvaibhav (Tue, 16 Mar 2021 06:43:23 GMT):
Has joined the channel.

sidnaik1989 (Tue, 16 Mar 2021 12:08:23 GMT):
@suvajit-sarkar @sownak would like to hear your view on the above

jagpreet (Wed, 17 Mar 2021 08:49:02 GMT):
We cannot just push the value file always. For meeting various requirements, there are times, where we need to change some logic in the charts, like changing the vault (init-container logic) and other utilities. Having `git add .` will enable to push the updated charts as well along with the value files. Also, you can have a look at the gitignore file to know the build folders where you can place your content without them being pushed to the git repository

stranger (Wed, 17 Mar 2021 08:55:00 GMT):
Has joined the channel.

SoundaryaAyyappan (Wed, 17 Mar 2021 10:33:17 GMT):
Has joined the channel.

sidnaik1989 (Fri, 19 Mar 2021 06:25:57 GMT):
so in case of a multicluster (separate cluster for each org) setup, where the deployment is still being done by a single operator, even though we can have separate Git repos assigned to each org, each repo will have value files for all organizations.

sidnaik1989 (Fri, 19 Mar 2021 06:26:53 GMT):
flux would select files under respective path within the repo to apply cluster specific changes.

sidnaik1989 (Fri, 19 Mar 2021 06:28:18 GMT):
So it makes more sense to have a single repo URL across all orgs

jagpreet (Fri, 19 Mar 2021 08:52:20 GMT):
Yes, we have provided the option to use a different repo for different organization, or use the the same repo with all the organizations with different release directories. It's upto the user, which way they want to go with. Also, regarding your comment stating 'even though we can have separate Git repos assigned to each org, each repo will have value files for all organizations', this is wrong. If there are different repos for different organizations, you will have different local repos as well. So by doing `git add .` you will add only the files of that organization in that local repository.

Ramses-Hernandez (Sat, 20 Mar 2021 00:14:53 GMT):
Has joined the channel.

Ramses-Hernandez (Sat, 20 Mar 2021 00:14:53 GMT):
Hi Guys, I'm new on this forum, and so excited to work with BAF as framework; so I'm trying to install BAF follow steps github, and arised some questions about

Ramses-Hernandez (Sat, 20 Mar 2021 00:15:06 GMT):

Clipboard - 19 de marzo de 2021 18:14

Ramses-Hernandez (Sat, 20 Mar 2021 00:18:27 GMT):
On this, I checked version BAF Dockerfile has, and it is ubuntu 16.04, I changed to 18.04 LTS and it worked well, but I don't know if was correct make a change versión ubuntu, or is missing add some changes to BAF DockerFiles,

rjones (Sat, 20 Mar 2021 02:34:00 GMT):
@alfonsogovela over here

alfonsogovela (Sat, 20 Mar 2021 02:34:00 GMT):
Has joined the channel.

robertjames77 (Sun, 21 Mar 2021 04:20:06 GMT):
Has joined the channel.

robertjames77 (Sun, 21 Mar 2021 19:00:21 GMT):
Hello my name is Robert Jameson and I am a member of the CASIG, May I ask a simple question : The goal of the Blockchain Automation Framework is to connect various blockchain technologies into one interoperable framework. Is this the gist of the raison d'etre for the group? It sounds bold yet achievable. Fabric, Sawtooth et al are non-native coin architectures with transactions based upon Accounts and UXTO. This needs to be matched with ERC20 or its progeny; Corda; Quorum; Binance/BTS, XRP and Stellar. Let us know how we can contribute! Robert

jagpreet (Mon, 22 Mar 2021 08:36:49 GMT):
It's fine if the docker container worked with 18.04 LTS. We don't have dependencies as such for the OS version.

jagpreet (Mon, 22 Mar 2021 08:36:49 GMT):
It's fine if the docker container worked with 18.04 LTS. We don't have dependencies as such, for the OS version.

jagpreet (Mon, 22 Mar 2021 09:29:32 GMT):
Hi @robertjames77 Blockchain Automation Framework (BAF), is used to automate the deployment of production grade blockchain network (Currently supported certain versions of Hyperledger Fabric, Hyperledger Indy, Hyperledger Besu, R3 Corda OpenSource & Enterprise and Quorum) . You can read more about it on our [ReadTheDocs page](https://blockchain-automation-framework.readthedocs.io/en/latest/index.html) . Interoperability is featured in another Hyperledger project, [Hyperledger Cactus](https://github.com/hyperledger/cactus) Here's a [link]( https://chat.hyperledger.org/channel/cactus) to Hyperledger Cactus Rocket Chat. Hope it helps.

jagpreet (Mon, 22 Mar 2021 09:29:32 GMT):
Hi @robertjames77 Blockchain Automation Framework (BAF), is used to automate the deployment of production grade blockchain network (Currently supported certain versions of Hyperledger Fabric, Hyperledger Indy, Hyperledger Besu, R3 Corda OpenSource & Enterprise and Quorum) . You can read more about it on our [ReadTheDocs page](https://blockchain-automation-framework.readthedocs.io/en/latest/index.html) . Interoperability is featured in another Hyperledger project, [Hyperledger Cactus](https://github.com/hyperledger/cactus) Here's a [link](https://chat.hyperledger.org/channel/cactus) to Hyperledger Cactus Rocket Chat. Hope it helps.

robertjames77 (Mon, 22 Mar 2021 13:09:22 GMT):
@jagpreet Thank you for your helpful comment.

cmhacker (Tue, 23 Mar 2021 05:24:03 GMT):
Has joined the channel.

da3v21 (Tue, 23 Mar 2021 06:49:47 GMT):
Has joined the channel.

mohana.a (Tue, 23 Mar 2021 08:20:14 GMT):

Screenshot from 2021-03-23 13-40-03.png

mohana.a (Tue, 23 Mar 2021 08:22:05 GMT):

Screenshot from 2021-03-23 13-51-23.png

dgt1nsty (Tue, 23 Mar 2021 19:37:36 GMT):
Has joined the channel.

suvajit-sarkar (Wed, 24 Mar 2021 08:21:02 GMT):
Since your others org peers are running fine, it could be an issue with pod limit or storage. Kindly verify the same by describing the crashing pod

mvaibhav (Wed, 24 Mar 2021 08:56:24 GMT):
Has anybody here tries the Hyperledger-Indy Identity-app example? I really need your help to run it.

mvaibhav (Wed, 24 Mar 2021 08:56:24 GMT):
Has anybody here tried the Hyperledger-Indy Identity-app example? I really need your help to run it.

sownak (Wed, 24 Mar 2021 10:39:59 GMT):
@cato91 Thanks for this analysis, can you submit a doc for this, under operations guide, new section called troubleshooting?

franco.rcr (Thu, 25 Mar 2021 08:39:50 GMT):
Has joined the channel.

franco.rcr (Thu, 25 Mar 2021 08:39:51 GMT):
Hi, I'm trying to install the BAF for Fabric. I followed exactly (I suppose) all the steps: I correctly forked the repository, I installed kubernetes and kubectl, I installed Vault, I installed ANSIBLE, I generated gitops keys, all on ubuntu 20.04, inside a clean VM with ubuntu 20.04. I checked all the steps and all is correctly installed (checking for version,for daemon, ...). Now, I cannot install the docker image: docker pull hyperledgerlabs/supplychain_fabric. The answer is: Error response from daemon: manifest for hyperledgerlabs/supplychain_fabric:latest not found: manifest unknown: manifest unknown Do there is something I can do?

sauveergoel (Thu, 25 Mar 2021 09:04:43 GMT):
Can you help with more details about what exactly you need help on?

sauveergoel (Thu, 25 Mar 2021 09:04:43 GMT):
Can you help with more details about what exactly you need help on? which step/configuration?

sauveergoel (Thu, 25 Mar 2021 09:07:21 GMT):
you can also go thru the `Readme.md` file in the following link for details of the steps to execute the app: https://github.com/sauveergoel/blockchain-automation-framework/tree/master/examples/identity-app/configuration

jagpreet (Thu, 25 Mar 2021 09:12:53 GMT):
Hi @franco.rcr Thanks for showing interest in Blockchain Automation Framework. The supplychain fabric images can be pulled using these 2 commands (as there are 2 images) ` docker pull hyperledgerlabs/supplychain_fabric:express_app_latest docker pull hyperledgerlabs/supplychain_fabric:rest_server_latest `

jagpreet (Thu, 25 Mar 2021 09:12:53 GMT):
Hi @franco.rcr Thanks for showing interest in Blockchain Automation Framework. The supplychain fabric images can be pulled using these 2 commands (as there are 2 images) ``` docker pull hyperledgerlabs/supplychain_fabric:express_app_latest docker pull hyperledgerlabs/supplychain_fabric:rest_server_latest ```

jagpreet (Thu, 25 Mar 2021 09:14:07 GMT):
These images will be required once the fabric network (along with the supplychain chaincode) is in place using BAF.

jagpreet (Thu, 25 Mar 2021 09:14:07 GMT):
These images will be required, once the fabric network (along with the supplychain chaincode) is in place using BAF.

jagpreet (Thu, 25 Mar 2021 09:14:49 GMT):
Also, can you let us know which guide you are referring to, for the same?

jagpreet (Thu, 25 Mar 2021 09:14:49 GMT):
Also, can you let us know which guide you are referring to, for the same? We might need to update the relevant docs.

franco.rcr (Thu, 25 Mar 2021 09:25:49 GMT):
Thank, you @jagpreet , the guides are https://blockchain-automation-framework.readthedocs.io/en/latest/prerequisites.html and https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html

sownak (Thu, 25 Mar 2021 10:32:06 GMT):
Looks like your pod pvc has been corrupted and it is not able to find the chaincode path, as mentioned in the error. Please check Fabric documentation on the error

Ramses-Hernandez (Thu, 25 Mar 2021 19:59:36 GMT):
I tried to install again BAF using steps github has, and I share you images with error I got it:

Ramses-Hernandez (Thu, 25 Mar 2021 19:59:39 GMT):

Clipboard - 25 de marzo de 2021 13:58

Ramses-Hernandez (Thu, 25 Mar 2021 20:00:31 GMT):
Here steps I ran,

Ramses-Hernandez (Thu, 25 Mar 2021 20:00:33 GMT):

Clipboard - 25 de marzo de 2021 13:59

Ramses-Hernandez (Thu, 25 Mar 2021 20:01:36 GMT):
I'll appreciate any clue about it ...

sauveergoel (Fri, 26 Mar 2021 05:11:24 GMT):
This error means that your pip got corrupted, you can ignore the `pip3 install --no-cache --upgrade pip setuptools wheel` command in the dockerfile and try again

franco.rcr (Fri, 26 Mar 2021 08:16:48 GMT):
fabric platform. architecture 4 local VM I Installed all but amdabassador/haproxy (I work only on the local VM) Finally I run the command: ansible-playbook platforms/shared/configuration/site.yaml -e "@./platforms/hyperledger-fabric/configuration/network.yaml" It runs without errors until: TASK [setup/flux : Check if Flux is running] ******************************************************************************************** An exception occurred during task execution. To see the full traceback, use -vvv. The error was: urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused')) I'm investigating on the BAF site, without success, so far.

sownak (Fri, 26 Mar 2021 10:12:05 GMT):
@Ramses-Hernandez Or you can just docker pull hyperledgerlabs/baf-build without rebuilding it yourself

sownak (Fri, 26 Mar 2021 10:13:03 GMT):
Is Kubernetes running on the 4 local VMs?

franco.rcr (Fri, 26 Mar 2021 10:27:55 GMT):
yes, and I checked from the master that the other are ok

franco.rcr (Fri, 26 Mar 2021 10:28:25 GMT):
kubectl get nodes

sownak (Fri, 26 Mar 2021 10:43:16 GMT):
This looks like the ansible controller is not able to connect to the Kubernetes cluster, maybe the kubeconfig path or file is wrong

franco.rcr (Fri, 26 Mar 2021 10:47:30 GMT):
ok, I'll try

Ramses-Hernandez (Fri, 26 Mar 2021 16:31:17 GMT):
Thanks Guys, I followed your advice you've shared me

Ramses-Hernandez (Fri, 26 Mar 2021 16:37:14 GMT):
Thanks guys for your support, on other hand, I'm configuring VAULT-KUBERNETES however arise this error msg, I know coming from VAULT configure, but I added the supplychain-net-auth but I can't get grants to access

Ramses-Hernandez (Fri, 26 Mar 2021 16:37:14 GMT):
doing a request to auth path I can get output of configure, but if I make a request using the path supplychian-net-auth the msg is unsupported operation, althought I assigned path to kubernetes plugin:

Ramses-Hernandez (Fri, 26 Mar 2021 16:37:33 GMT):

Clipboard - 26 de marzo de 2021 10:36

Ramses-Hernandez (Fri, 26 Mar 2021 16:41:14 GMT):
Thanks guys for your support, on other hand, I'm configuring VAULT-KUBERNETES however arise this error msg, I know coming from VAULT configure, but I added the supplychain-net-auth but I can't get grants to access

Ramses-Hernandez (Fri, 26 Mar 2021 16:41:48 GMT):

Clipboard - 26 de marzo de 2021 10:40

Ramses-Hernandez (Fri, 26 Mar 2021 16:42:58 GMT):
I'm trying to fix it or check the configure, but again if you have any clue, I'll appreciate ... thanks

sownak (Fri, 26 Mar 2021 18:57:41 GMT):
Looks like the Vault server Address is wrong. You should not used localhost for vaultserver as it wont be able to connect to localhost from Kubernetes server

Ramses-Hernandez (Sat, 27 Mar 2021 00:13:52 GMT):
Thanks for your support, I logged into image baf, and I did not arise the vault server ip, I follow your advice now this is not an issue

mohjam2004 (Sat, 27 Mar 2021 14:50:05 GMT):
Has joined the channel.

mohjam2004 (Sat, 27 Mar 2021 14:50:06 GMT):
I have deployed a kubernetes cluster on 3 nodes. My nodes are VMs created in physical server (I have no cloud provider for my cluster nodes). I have another node in which I have installed haproxy to expose my cluster services to outside world. My cluster dns service is core-dns and this service do my name resolution in cluster. All my nodes have a static public and private IP address. I have done all pre-requisits but I have some question on network.yml file: what consideration I must take to edit this file correctly: how to complete this parts:

mohjam2004 (Sat, 27 Mar 2021 14:50:50 GMT):

Clipboard - March 27, 2021 7:20 PM

mohjam2004 (Sat, 27 Mar 2021 14:51:51 GMT):

Clipboard - March 27, 2021 7:21 PM

mohjam2004 (Sat, 27 Mar 2021 14:53:50 GMT):

Clipboard - March 27, 2021 7:23 PM

mohjam2004 (Sun, 28 Mar 2021 05:05:16 GMT):
I have only one cluster. I don't need to configure Ambassador?

suvajit-sarkar (Mon, 29 Mar 2021 08:09:24 GMT):
Hi @mohjam2004, from the clips shared below looks like you are trying to setup Besu using BAF. If so then some pointers to help you 1. HAProxy has not been implemented for besu, Ambassador is used as proxy. 2. Work on supporting Besu on BAF is still ongoing, we have not implemented deployment without Ambassador (proxy as none) yet for Besu. i.e. you need to configure external DNS and routes to make it work. 3. You can create an issue to enable Besu deployment without proxy. Contribution on that would be really appreciated

suvajit-sarkar (Mon, 29 Mar 2021 08:17:42 GMT):
Hi All, We are shifting our Sprint planning for this cadence to tomorrow (Tuesday 30th March), due to team unavailability on the occasion of Holi. Will update the calendar and share the link here. Thanks and Happy Holi

suvajit-sarkar (Mon, 29 Mar 2021 08:17:53 GMT):

Holi.jpg

suvajit-sarkar (Mon, 29 Mar 2021 08:17:53 GMT):
Happy Holi
Holi.jpg

suvajit-sarkar (Tue, 30 Mar 2021 06:32:14 GMT):
Hi All, Feel free to join the Sprint planning today (30th March) 12pm-1pm GMT https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mohjam2004 (Tue, 30 Mar 2021 07:01:43 GMT):
hi @suvajit-sarkar Thanx for the help. I opened a new issue for the enhancement. I'm sure many people or companies have my condition. They have a ready kubernetes cluster and have a node by which manage the cluster (kubectl and helm) and a node by which (haproxy installed) they expose kubernetes services to outside world, this node can be the same as the node by which they manage the cluster(kubectl and helm).

vikimeng (Tue, 30 Mar 2021 10:35:26 GMT):
Has joined the channel.

vikimeng (Tue, 30 Mar 2021 10:35:28 GMT):
I have trouble to invoke chaincode. I am use the minikube config in MacOS, use fabric v 2.2.0 and chaincode https://github.com/hyperledger/fabric-samples/tree/main/asset-transfer-private-data/chaincode-java, the chaincode install and approve success. But the invoke get failed, i use the arguments of chaincode in network.yaml `arguments: '\"CreateAsset\",\"asset_properties\" :"{\"objectType\":\"asset\",\"assetID\":\"asset10\"}"'` after my check log in the invoke-chaincode pod, `Building Invoke Command: peer chaincode invoke -o orderer1.supplychain-net:7050 --tls true --cafile /opt/gopath/src/github.com/hyperledger/fabric/crypto/orderer/tls/ca.crt --channelID allchannel --name private --isInit -c '{"Args":'[\"CreateAsset\",\"asset_properties\" :"{\"objectType\":\"asset\",\"assetID\":\"asset10\"}"]'}' --peerAddresses peer0.carrier-net:7051 --peerAddresses peer0.manufacturer-net:7051 --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/crypto/endorsers/carrier/msp/cacerts/ca.crt --tlsRootCertFiles /opt/gopath/src/github.com/hyperledger/fabric/crypto/endorsers/manufacturer/msp/cacerts/ca.crt` and the error log is `Error: chaincode argument error: unexpected end of JSON input` my question is 1. how to change to the correct invoke argument 2. after change to correct argument, how to run it. I tried to helm delete the invoke pod but it always restart. Reset the network and reinstall can create new invoke pod but this process take very long time

cchatfield (Tue, 30 Mar 2021 10:48:36 GMT):
Has joined the channel.

mohjam2004 (Tue, 30 Mar 2021 12:22:44 GMT):
Hi, I have open stack cloud, I can define a tenant with specific resources (RAM,CPU,DISK). Does your platform automate creating VMs on this cloud provider and deploy private hyperledger network on it?

mohjam2004 (Tue, 30 Mar 2021 12:26:46 GMT):
Actually I have a private cloud on openstack

mohjam2004 (Tue, 30 Mar 2021 12:27:07 GMT):
with specific resources on it

mohjam2004 (Tue, 30 Mar 2021 12:29:12 GMT):
which platform is suitable for my condition?

rjones (Tue, 30 Mar 2021 13:59:38 GMT):
Has left the channel.

mwklein (Tue, 30 Mar 2021 15:22:19 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=gc6LyBGwRYQRFf2Jw) No, BAF does not provide infrastructure provisioning automation. Due to a wide variety of security and operational policies across organizations, there is no consistent, production-ready way to automate underlying infrastructure provisioning that would be reusable across organizations. BAF automates the deployment of DLT platforms on-top of an already provisioned k8s clusters.

sownak (Tue, 30 Mar 2021 17:35:06 GMT):
Looks like escape character error, you need to check how to pass the arguments in a correctly escaped way.

vikimeng (Fri, 02 Apr 2021 06:17:09 GMT):
Thanks for your reply, i found for the private data, should not pass data in the Args, should use `--transient`

vikimeng (Fri, 02 Apr 2021 06:19:42 GMT):
How can i check the chaincode log in BAF? In the native fabric, the chaincode can start a docker, i can check the log in the docker. but how can i check log in BAF?

mohjam2004 (Sat, 03 Apr 2021 05:37:33 GMT):
I have a provisioned and ready k8s cluster (rancher kubernetes engine). which platform I can use to deploy hyperledger network on top of it? I saw some cloud provider configurations in BAF and I have no cloud provider.

jagpreet (Mon, 05 Apr 2021 08:43:39 GMT):
Hi @mon

jagpreet (Mon, 05 Apr 2021 08:46:20 GMT):
Hi @mohjam2004 Thanks for using Blockchain Automation Framework. You can deploy any platform supported by BAF. We maintain cloud agnostic code, but there is a limitation of storage classes (which are specific to specific cloud providers). As you are using Racher Kubernetes Engine, please refer to our guide, to add a new storage class for the same. https://blockchain-automation-framework.readthedocs.io/en/latest/operations/adding_new_storageclass.html

jagpreet (Mon, 05 Apr 2021 08:47:27 GMT):
As for now, chaincode gets deployed in a docker container and kubernetes doesn't log/maintain containers (it maintains the k8's pods), you have to check each kubernetes node provisioned. The node will have the chaincode container running.

BrunoVavala (Mon, 05 Apr 2021 18:39:50 GMT):
Has joined the channel.

sownak (Tue, 06 Apr 2021 08:38:57 GMT):
@mohjam2004 as replied to in your issue https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1361 You have to configure your own cloud_provider value, or use "none" but you will have to update helm code accordingly.

suvajit-sarkar (Tue, 06 Apr 2021 15:02:38 GMT):
Hi All, BAF is ready with release 0.8.0 Please find the latest code on master branch or use v0.8.0.0 tag The change logs for the release is in the link below https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.8.0.0

kritank21 (Wed, 07 Apr 2021 09:22:09 GMT):
Has joined the channel.

kritank21 (Wed, 07 Apr 2021 09:29:28 GMT):
Hi All, I have created a private network on ethash & clique ,Now i want to sync the nodes But i am not able to sync running nodes in a private network using ethash & Clique. So how can i do it ?

sownak (Wed, 07 Apr 2021 12:58:04 GMT):
We do not have support for Clique on Besu yet.

kritank21 (Thu, 08 Apr 2021 05:59:24 GMT):
So it's possible in a private network using ethash ?

kritank21 (Thu, 08 Apr 2021 06:21:01 GMT):
And is there any way to create a backup for the running nodes in a private network using ethash?

SoundaryaAyyappan (Thu, 08 Apr 2021 09:35:10 GMT):
Hi All, I have configured the network.yaml with 2 channels, each with 2 orgs. The channel creation for 2 channels got succeeded but the joinchannel job and anchor peer updation didn't work for both the channels. Can anyone explain me the cause for this? Thanks in Advance!

SoundaryaAyyappan (Thu, 08 Apr 2021 09:35:10 GMT):
Hi All, I am using the new release v0.8.0.0 baf to deploy a hyperledger fabric network. I have configured the network.yaml with 2 channels, each with 2 orgs. The channel creation for 2 channels got succeeded but the joinchannel job and anchor peer updation didn't work for both the channels. Also, this is the initial setup of the network (not adding new channel after the network deployment). Can anyone explain me the cause for this? Thanks in Advance!

sownak (Thu, 08 Apr 2021 11:53:01 GMT):
You have to check the logs of the jobs

SoundaryaAyyappan (Fri, 09 Apr 2021 04:50:13 GMT):
The job itself didn't come up, which means, the pod called "joinchannel-peer0-mychannel" is not created. So I am unable to take a look at the logs of the job

SoundaryaAyyappan (Fri, 09 Apr 2021 06:42:12 GMT):
As an additional info, I can provide the following flux logs, *flux-dev logs:* helmrelease.helm.fluxcd.io/joinchannel-peer0-join-mychannel-org2-peer0 created\nhelmrelease.helm.fluxcd.io/joinchannel-peer0-join-mychannel-org3-peer0 created\nhelmrelease.helm.fluxcd.io/joinchannel-peer0-join-mychannel-org1-peer0 created\nhelmrelease.helm.fluxcd.io/org2-net-ca unchanged\nhelmrelease.helm.fluxcd.io/org2-net-ca-tools unchanged\nhelmrelease.helm.fluxcd.io/org2-peer0 unchanged\nhelmrelease.helm.fluxcd.io/org3-net-ca unchanged\nhelmrelease.helm.fluxcd.io/org3-net-ca-tools unchanged\nhelmrelease.helm.fluxcd.io/org3-peer0 unchanged\nhelmrelease.helm.fluxcd.io/org1-net-ca unchanged\nhelmrelease.helm.fluxcd.io/org1-net-ca-tools unchanged\nhelmrelease.helm.fluxcd.io/org1-peer0 unchanged" ts=2021-04-09T06:32:24.680903785Z caller=daemon.go:701 component=daemon event="Sync: d5fcc72..96714b4, org2-net:helmrelease/joinchannel-peer0-join-mychannel-org2-peer0, org3-net:helmrelease/joinchannel-peer0-join-mychannel-org3-peer0, org1-net:helmrelease/joinchannel-peer0-join-mychannel-org1-peer0" *flux-dev-helm-operator:* component=release release=joinchannel-peer0-join-mychannel-org3-peer0 targetNamespace=org3-net resource=org3-net:helmrelease/joinchannel-peer0-join-mychannel-org3-peer0 helmVersion=v3 error="failed to determine sync action for release: failed to retrieve Helm release: releaseContent: Release name is invalid: joinchannel-peer0-join-mychannel-org3-peer0"

sownak (Fri, 09 Apr 2021 13:07:24 GMT):
Please check the status of the helmrelease CRD `kubectl get helmrelease -A` and then `kubectl describe helmrelease -n `

SoundaryaAyyappan (Fri, 09 Apr 2021 16:08:34 GMT):
Describe of helmrelease has the following event, Warning FailedReleaseSync 3m29s (x192 over 9h) helm-operator synchronization of release 'joinchannel-peer0-join-mychannel-org1-peer0' in namespace 'org1-net' failed: failed to determine sync action for release: failed to retrieve Helm release: releaseContent: Release name is invalid: joinchannel-peer0-join-mychannel-org1-peer0

suvajit-sarkar (Mon, 12 Apr 2021 10:50:39 GMT):
Hi All, Please feel free to join the BAF Sprint planning today (12th April) 12pm GMT. https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

bur (Mon, 12 Apr 2021 12:05:56 GMT):
Has joined the channel.

bur (Mon, 12 Apr 2021 12:06:17 GMT):
hi all, Marcus just joined!

bur (Mon, 12 Apr 2021 12:43:29 GMT):
as just discussed in the BAF community meeting; I would like to demonstrate the deployment of Fabric Private Chaincode (FPC) (https://github.com/hyperledger-labs/fabric-private-chaincode) with BAF. FPC deployment relies on Fabric External Chaincode feature. I've already prepared a tutorial that shows how to step a Fabric network using K8s (minikube) and install and run a FPC chaincode. Please, have a look (https://github.com/hyperledger-labs/fabric-private-chaincode/blob/94f80f81c47cdc71058cd773751b502948b0d5f0/integration/k8s/README.md) and let's see if we can "translate" my tutorial to use BAF. Thank you!

sownak (Mon, 12 Apr 2021 12:56:50 GMT):
Thanks @bur for sharing this. I just went through your readme, and I think you can offload the "Prepare k8s network" to BAF (of course you have to run BAF and check and provide a sample network yaml). https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html has a guide to deploy Fabric on minikube, you can update/extend that as well.

bur (Mon, 12 Apr 2021 13:04:15 GMT):
cool! I will look into this. Once the network is deployed using BAF, what is the "BAF" way to manage the FPC chaincode containers. Deployment of these containers can only happen after packaging, so the "chaincode as server" will register to the correct pkg ID once it is started.

sownak (Mon, 12 Apr 2021 13:22:31 GMT):
BAF also deploys chaincode from a github link. but the process may be a bit different for external chaincode which part has not been opensourced yet, so for now, I guess you can use the manual steps i.e. via the cli, then maybe automate via BAF

roshan13046 (Mon, 12 Apr 2021 14:48:10 GMT):
Has joined the channel.

pppazos (Mon, 12 Apr 2021 19:06:26 GMT):
Has joined the channel.

SoundaryaAyyappan (Tue, 13 Apr 2021 07:04:37 GMT):
Hi, I am trying to deploy an hyperledger fabric (v2.2.0) network using baf release v0.8.0.0. My network has a orderer org and a peer org. I have configured the network.yaml in such a way that the orderer org to be deployed in a kubernetes cluster and the peer org in another kubernetes cluster. The baf script goes well till the CA and CA-Tools are up. The issue is with the task - *TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path*. Getting an error that "Could not find or access './build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt". Since the file ca.crt is not present in source dir, the copying task mentioned above got failed. Can anyone confirm is this a problem with v0.8.0.0 release? If not, please help me how to overcome this failure. Thanks in Advance!

SoundaryaAyyappan (Tue, 13 Apr 2021 07:04:37 GMT):
Hi, I am trying to deploy an hyperledger fabric (v2.2.0) network using baf release v0.8.0.0. My network has an orderer org and a peer org. I have configured the network.yaml in such a way that the orderer org to be deployed in a kubernetes cluster and the peer org in another kubernetes cluster. The baf script goes well till the CA and CA-Tools are up. The issue is with the task - *TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path*. Getting an error that "Could not find or access './build/crypto-config/ordererOrganizations/ordorg-net/orderers/orderer1.ordorg-net/tls/ca.crt". Since the file ca.crt is not present in source dir, the copying task mentioned above got failed. Can anyone confirm is this a problem with v0.8.0.0 release? If not, please help me how to overcome this failure. Thanks in Advance!

SoundaryaAyyappan (Tue, 13 Apr 2021 08:46:38 GMT):
I am trying a deployment of a hyperledger fabric network (v2.2.0) using baf release v0.8.0.0. My network has totally 2 orgs ( a peer org and an orderer org ). I have configured the network.yaml in such a way that the peer org will be deployed in one kubernetes cluster (cluster1) and the orderer org will be deployed in an another kubernetes cluster (cluster2). Initially the deployment of these orgs were done in both the clusters (which should not have happened), like CA of both the orgs deployed in both clusters but the peer org's CA didn't successfully started up in cluster2. First I have configured the release_dir in network.yaml common for both the orgs. Because of the above issue, I have created separate directory for each org and mentioned it in the respective org's release_dir. It resolved the issue and the network deployment is done successfully. Can anyone please confirm whether it is the right way to mention separate folders for each org for release_dir? Thanks in Advance.

SoundaryaAyyappan (Tue, 13 Apr 2021 08:52:44 GMT):
This post is regarding a CA configuration change in v0.8.0.0 release network.yaml. I am trying a deployment of a hyperledger fabric network (v2.2.0) using baf release v0.8.0.0. My network has totally 2 orgs ( a peer org and an orderer org ). I have configured the network.yaml in such a way that the peer org will be deployed in one kubernetes cluster (cluster1) and the orderer org will be deployed in an another kubernetes cluster (cluster2). The network deployment got succeeded till the CA and ca tools were up. But the TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path] has failed, then I realized that the ca.crt file itself not generated. So in the network.yaml, I have changed the ca_data url configuration from external to internal, that resolved the issue and I was able to complete the network deployment successfully. Hope this helps if anyone using v0.8.0.0 release for deploying hyperledger fabric network.

SoundaryaAyyappan (Tue, 13 Apr 2021 08:52:44 GMT):
This post is regarding a CA configuration change in v0.8.0.0 release network.yaml. I am trying a deployment of a hyperledger fabric network (v2.2.0) using baf release v0.8.0.0. My network has totally 2 orgs ( a peer org and an orderer org ). I have configured the network.yaml in such a way that the peer org will be deployed in one kubernetes cluster (cluster1) and the orderer org will be deployed in an another kubernetes cluster (cluster2). The network deployment got succeeded till the CA and ca tools were up. But the *TASK [create/crypto/peer : Copy tls ca.crt from auto-generated path to given path]* has failed, then I realized that the ca.crt file itself not generated. So in the network.yaml, I have changed the *ca_data url configuration from external to internal*, that resolved the issue and I was able to complete the network deployment successfully. Hope this helps if anyone using v0.8.0.0 release for deploying hyperledger fabric network.

sownak (Tue, 13 Apr 2021 14:18:01 GMT):
yes, that is the right way. If you have diff orgs in diff clusters but using the same network.yaml, the release_dir should be different for each org

sownak (Tue, 13 Apr 2021 14:19:22 GMT):
Thanks @SoundaryaAyyappan Thanks for this, are you using HAProxy?

sownak (Tue, 13 Apr 2021 14:20:07 GMT):
If you are, and want to share the CA server via haproxy, then the CA server address should be public one

arsulegai (Wed, 14 Apr 2021 17:16:32 GMT):
Hi, Does anybody know why genesis block data is stored on Vault? If I install multiple networks using single Vault, it will override the same location. Did not understand the purpose.

sownak (Wed, 14 Apr 2021 17:58:54 GMT):
It is stored for backup. and it is stored in individual org. If you are deploying multiple networks using the same Vault (which you should not), the org names should be different for the different networks.

arsulegai (Wed, 14 Apr 2021 18:12:20 GMT):
Thanks, I remember it was added as genesis under ordererOrganizations and not under one specific org-net

sownak (Wed, 14 Apr 2021 18:15:57 GMT):
then that is a bug, should be under ordererOrg namespace

HLFPOC (Wed, 14 Apr 2021 19:43:27 GMT):
Hi Team, Wanted to check if there is any feature to temporarily stop the peer node in a running fabric network using BAF?

SoundaryaAyyappan (Thu, 15 Apr 2021 05:39:59 GMT):
Ok, thanks

SoundaryaAyyappan (Thu, 15 Apr 2021 05:40:50 GMT):
@sownak, Yeah I am using HAProxy

SoundaryaAyyappan (Thu, 15 Apr 2021 05:40:50 GMT):
@sownak, Yeah I am using HAProxy. Thanks for your explanation!

SivaramKannan (Thu, 15 Apr 2021 12:20:54 GMT):
you can scale down the peer deployment to 0

SivaramKannan (Thu, 15 Apr 2021 12:20:54 GMT):
you can scale down the peer deployment replica to 0 and scale it up again to 1 when you need

roshan13046 (Sat, 17 Apr 2021 07:04:29 GMT):
Hi

roshan13046 (Sat, 17 Apr 2021 07:04:29 GMT):
Hi Where can I get the recorded session of the BAF Sprint Planning that held on 12 th April?

roshan13046 (Sat, 17 Apr 2021 07:04:29 GMT):
Hi! Suvjit. Where can I get the recorded session of the BAF Sprint Planning that held on 12 th April?

roshan13046 (Sat, 17 Apr 2021 07:04:29 GMT):
Hi! Suvajit. Where can I get the recorded session of the BAF Sprint Planning that held on 12 th April?

arsulegai (Sun, 18 Apr 2021 17:19:27 GMT):
Request for new dot release on 0.8.0 version with the feature to run ordering service cluster across organizations.

SivaramKannan (Mon, 19 Apr 2021 04:35:28 GMT):
Is this feature already available or this is a feature request?

arsulegai (Mon, 19 Apr 2021 04:35:53 GMT):
It is feature under development

SivaramKannan (Mon, 19 Apr 2021 04:39:03 GMT):
cool. can I know the ticket number please?

SivaramKannan (Mon, 19 Apr 2021 04:39:34 GMT):
this feature is something that I would love to have.

suvajit-sarkar (Mon, 19 Apr 2021 11:14:53 GMT):
https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1318

SoundaryaAyyappan (Mon, 19 Apr 2021 11:59:21 GMT):
Hi, I have a network with 2 channels (firstchannel and secondchannel). Firstchannel has orgs org1 and org2. Secondchannel has orgs org1 and org3. The network is deployed in multiclusters like each org in a separate kubernetes cluster. I was testing a DR scenario which is - Is it possible to remove an org from the channel after that org has gone unreachable? To simulate this scenario, I have destroyed the cluster where the org3 is deployed. Then I tried removing the org3 from secondchannel using remove-organization.yaml BAF script after made the required changes in network configuration file. But it resulted in error in the TASK [setup/config_block/sign_and_update : updating the channel with the new configuration block]. Can anyone confirm if it is possible to overcome the above mentioned DR scenario with BAF? Thanks in Advance!

SoundaryaAyyappan (Mon, 19 Apr 2021 12:00:48 GMT):

removing-org3-error.txt

arsulegai (Mon, 19 Apr 2021 12:09:40 GMT):
@suvajit-sarkar this is for peer nodes, there is one more for orderers belonging to different organizations

arsulegai (Mon, 19 Apr 2021 12:09:46 GMT):
Is that also done?

TonyRowntree (Mon, 19 Apr 2021 15:30:03 GMT):
Has joined the channel.

suvajit-sarkar (Wed, 21 Apr 2021 05:47:07 GMT):
yeah my mistake, the issue for ordering service cluster across prg. issue is still under development https://github.com/hyperledger-labs/blockchain-automation-framework/issues/614

suvajit-sarkar (Wed, 21 Apr 2021 05:47:07 GMT):
yeah my mistake, the issue for ordering service cluster across org. issue is still under development https://github.com/hyperledger-labs/blockchain-automation-framework/issues/614

suvajit-sarkar (Wed, 21 Apr 2021 05:54:23 GMT):
Hi @SoundaryaAyyappan this seems to be a bug, the removal tasks should not happen from the org to be removed (org3 in your case). You can create an issue on the Github board for the same.

SoundaryaAyyappan (Wed, 21 Apr 2021 10:12:16 GMT):
Thanks @suvajit-sarkar. I have opened a github issue here - https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1408

SoundaryaAyyappan (Wed, 21 Apr 2021 10:30:10 GMT):
Hi Everyone, I have deployed a hyperledger fabric network (v2.2.0) with 2 peer orgs (org1 and org2) and 1 orderer org using BAF release v0.8.0.0. The network is deployed in multiple Kubernetes clusters like each peer and orderer org is deployed in separate k8s clusters. The cluster where org2 is deployed is destroyed accidentally. So the peer of org2 has gone unreachable, and hence I have removed it from the channel using the configtxlator tool. Now, in place of removed org2, I tried to add a new org with the same name (org2). The org2 network components got removed as its cluster was deleted, but the vault has the details of org2 which resulted in the failure of the new org addition with the error *"Permission denied: Unable to retrieve vault login token"*. So, I have manually removed the vault auth path, vault crypto, gitops release dir and tried the new org addition again with the same name as org2. This time I am getting *"Missing client token"*. Can anyone pls guide me on how to add an org with the same name as the removed org? Thanks!

arsulegai (Wed, 21 Apr 2021 12:36:53 GMT):
Thanks Suvajit. Looking forward to this feature soon and a new release.

arsulegai (Wed, 21 Apr 2021 12:40:28 GMT):
@SoundaryaAyyappan you will have to run the playbook which adds the service account token access. It is under Hyperledger Fabric, roles > vault_kubernetes

SoundaryaAyyappan (Thu, 22 Apr 2021 06:17:07 GMT):
Ok, thanks. I will try that

arsulegai (Thu, 22 Apr 2021 07:41:44 GMT):
Hi Team, Have you give thoughts on passing custom but static `values.yaml` file as input for overriding default values in the helm charts? That would be a great feature add. An organization willing to customize can maintain their own folder structure outside of BAF. This way the core of BAF would remain intact and any change would not impact either parties.

sownak (Thu, 22 Apr 2021 08:26:05 GMT):
all values can be passed via the helmrelease template updates as that overrides any defaults in `values.yaml`

SivaramKannan (Thu, 22 Apr 2021 11:38:19 GMT):
This would be an awesome feature to add. Recovering orderer from a Kubernetes failure seems notoriously difficult and there is no documentation that really talks about how to do a DR. With this feature, I think all the HA/DR scenarios are covered for HLF with BAF

arsulegai (Thu, 22 Apr 2021 13:23:12 GMT):
Sure, I was looking for an option to add annotations. I guess adding custom tpl file would be a way to do it. I am trying to see if there is easy merge from open source option whenever there is a new release.

sownak (Thu, 22 Apr 2021 14:04:41 GMT):
we can improve the existing helmcharts with additional annotations section and specify them in the helmvalues file

mvaibhav (Thu, 22 Apr 2021 21:13:13 GMT):

Screenshot from 2021-04-23 02-28-05.png

mvaibhav (Thu, 22 Apr 2021 21:13:19 GMT):
I am trying to follow these steps to set up a Hyperledger-Indy DLT network on minikube Steps Link. While running the Execute step, I am getting this error. Can you tell me what might be the cause of this error?

arsulegai (Thu, 22 Apr 2021 21:43:19 GMT):
@sownak appreciate this feature and a release possibly by Friday

SoundaryaAyyappan (Fri, 23 Apr 2021 09:13:07 GMT):
Hi, I have a hyperledger fabric network (v2.2.0) with 3 orgs (org1, org2 and org3) and singlechannel (testchannel) deployed in multiple kubernetes clusters (each peer and orderer org is in separate clusters) using BAF release v0.8.0.0. Installing the chaincode gives me an error "Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: cannot connect to Docker endpoint". Can anyone explain me the cause of the error?

sownak (Fri, 23 Apr 2021 10:31:44 GMT):
as mentioned in the error message, your Vault Address is wrong, it cannot be 0.0.0.0:8200

sownak (Fri, 23 Apr 2021 11:47:24 GMT):
Yes, will be done today. Finishing final tests on addition of orderer org

kenty (Fri, 23 Apr 2021 12:01:25 GMT):
Has joined the channel.

sownak (Fri, 23 Apr 2021 18:42:46 GMT):
#blockchain-automation-framework Release 0.8.1.0 is being made ready.

sownak (Fri, 23 Apr 2021 19:11:06 GMT):
Reelase 0.8.1.0 is complete https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.8.1.0

mvaibhav (Sun, 25 Apr 2021 21:42:11 GMT):
How would I be able to know my vault ip, as I am using 0.0.0.0:8200 to connect to vault on a browser.

mvaibhav (Sun, 25 Apr 2021 21:53:33 GMT):
I am following these steps https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

mvaibhav (Sun, 25 Apr 2021 22:35:26 GMT):
I changed the docker run command to add this `--network=host`, so that docker container will be able to access localhost docker run -it --network=host -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build And the error changed as it is able to access vault now.

mvaibhav (Sun, 25 Apr 2021 22:36:39 GMT):

Screenshot from 2021-04-26 03-49-28.png

sownak (Mon, 26 Apr 2021 07:22:35 GMT):
Again, this is a configuration error on your side as you are not following the steps exactly how we tested.

sownak (Mon, 26 Apr 2021 09:28:47 GMT):
Looks like your vault is not working, the error message says that

SoundaryaAyyappan (Mon, 26 Apr 2021 09:44:15 GMT):
@arsulegai I would like to explain the complete steps that I followed based on your suggestion. I have destroyed the org2 cluster - which has a peer org deployed in it(thus simulated a disaster scenario and the peer org is down now). Then I have manually deleted the vault auth path, vault policy and vault crypto for org3. And removed org3 from the channel manually using configtxlator and jq tools. Now created a new cluster to deploy the removed org2 again. For that, as per your suggestion I have written a new ansible playbook that calls only the roles create/namespace_vaultauth and setup/vault_kubernetes. For the above roles I have given the condition "when: item.org_status == 'new'". So I wrote the network.yaml like org2 has org_status as new and org1 and orderer org as existing. Ran the playbook. The ansible playbook script got completed without any error. But all the components in org2 namespace (ca, peer, peer-cli, install chaincode, approve, joinchannel) got crashed and didn't come up. Checked the logs, facing the same error { "errors": [ "missing client token" ] } ERROR: unable to retrieve vault login token: { "errors": [ "missing client token" ] }

arsulegai (Mon, 26 Apr 2021 09:46:58 GMT):
@SoundaryaAyyappan This DR scenario is currently not available on open source BAF. I will be available soon.

SoundaryaAyyappan (Mon, 26 Apr 2021 11:39:02 GMT):
okay, Thanks

praneel1819 (Mon, 26 Apr 2021 15:42:39 GMT):
Has joined the channel.

mvaibhav (Tue, 27 Apr 2021 06:17:38 GMT):
These are the outputs of vault initialization commands.

mvaibhav (Tue, 27 Apr 2021 06:17:53 GMT):

Screenshot from 2021-04-27 11-43-28.png

mvaibhav (Tue, 27 Apr 2021 06:17:54 GMT):

Screenshot from 2021-04-27 11-43-13.png

mvaibhav (Tue, 27 Apr 2021 06:21:38 GMT):
What is "Your Secret Engine" in this command`vault secrets enable -version=1 -path= kv`

mvaibhav (Tue, 27 Apr 2021 06:22:12 GMT):
I have just passed the path to the project repo `~/project`

mvaibhav (Tue, 27 Apr 2021 06:25:26 GMT):
@SoundaryaAyyappan Is this a proprietary network or something you are experimenting with? Actually, I am asking if I can see your code.

SoundaryaAyyappan (Tue, 27 Apr 2021 06:38:17 GMT):
I am experimenting a disaster recovery scenario like what happens and how to overcome if a cluster where an org deployment done goes down. I have done the steps which I have explained above to simulate the DR scenario.

SoundaryaAyyappan (Tue, 27 Apr 2021 06:38:17 GMT):
@mvaibhav I am experimenting a disaster recovery scenario like what happens and how to overcome if a cluster where an org deployment done goes down. I have done the steps which I have explained above to simulate the DR scenario.

mvaibhav (Tue, 27 Apr 2021 07:48:39 GMT):
No no, I wanted the base code of deploying the fabric network. I am not very familiar with kubernetes and stuff and I thought looking at your code might help me.

mvaibhav (Tue, 27 Apr 2021 07:48:39 GMT):
@SoundaryaAyyappan No no, I wanted the base code of deploying the fabric network. I am not very familiar with Kubernetes and stuff and I thought looking at your code might help me.

sownak (Tue, 27 Apr 2021 08:43:50 GMT):
as you are using "secret" in your network yamk, that path should be "secret"

SoundaryaAyyappan (Tue, 27 Apr 2021 09:25:47 GMT):
Sure @mvaibhav , attaching the network.yaml I have used for deploying the fabric network

SoundaryaAyyappan (Tue, 27 Apr 2021 09:25:47 GMT):
Sure @mvaibhav , refer the network.yaml I have used for deploying the fabric network under https://github.com/SoundaryaA3098/k8s_problem_statement/blob/master/network.yaml

mvaibhav (Tue, 27 Apr 2021 09:27:31 GMT):
But it can be any path, right??

mvaibhav (Tue, 27 Apr 2021 09:35:34 GMT):
Thank you very much @SoundaryaAyyappan Can you also provide me one of the kubernetes config file.

SoundaryaAyyappan (Tue, 27 Apr 2021 09:39:35 GMT):
@mvaibhav Pls find the config file here - https://github.com/SoundaryaA3098/k8s_problem_statement/blob/master/config

mvaibhav (Tue, 27 Apr 2021 09:56:16 GMT):
Thanks.

praneel1819 (Tue, 27 Apr 2021 14:23:25 GMT):
Hi, i am trying to set up Hyperledger Indy network in Azure cloud and wanted to know what is the best way to start ? do we install the prerequisites and execute the network.yaml playbook or can we directly go through site.yaml playbook which tries to set up the environment ? Also, did anyone try to install the Indy network on Azure environment ?

sownak (Tue, 27 Apr 2021 15:06:32 GMT):
You will have to install the pre-requisites and then execute site.yaml as BAF does not create Kubernetes clusters or Vault servers.

sownak (Tue, 27 Apr 2021 15:08:38 GMT):
You can also look at our demo videos athttps://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework

sownak (Tue, 27 Apr 2021 15:08:38 GMT):
You can also look at our demo videos at https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework

praneel1819 (Tue, 27 Apr 2021 15:11:02 GMT):
ok, thank you so much. I installed the prerequisites and running the site.yaml playbook, but getting an error while setting up the default context namespace for kubectl. researching more to find out the root cause.

praneel1819 (Tue, 27 Apr 2021 15:13:20 GMT):
config not found cluster_config\ error: no current context is set

sownak (Tue, 27 Apr 2021 15:14:00 GMT):
looks like error with your kubeconfig file.

praneel1819 (Tue, 27 Apr 2021 15:14:12 GMT):
where is the kubeconfig file located ?

sownak (Tue, 27 Apr 2021 15:14:37 GMT):
you have configured the network.yaml, so, I guess you would know

praneel1819 (Tue, 27 Apr 2021 15:17:44 GMT):
ok, thanks. let me check more. someone else have set up the kubernetes cluster, so unable to find the kubeconfig file

praneel1819 (Tue, 27 Apr 2021 15:20:40 GMT):
in the network.yaml, for K8s, what context do we set ? is it the kubernetes admin ?

praneel1819 (Tue, 27 Apr 2021 15:21:30 GMT):
I am just confused at that part, what would we give for onfig_file and context

sownak (Tue, 27 Apr 2021 15:22:26 GMT):
path to the config file, and the context which is used to connect to the default namespace

praneel1819 (Tue, 27 Apr 2021 15:22:49 GMT):
ok thanks, got more details on demo as well. let me try

roshan13046 (Wed, 28 Apr 2021 06:32:48 GMT):
Can anyone please guide how to write molecule tests for fixing this issue: https://github.com/hyperledger-labs/blockchain-automation-framework/issues/731

sownak (Wed, 28 Apr 2021 08:52:24 GMT):
Great Roshan, start from https://blockchain-automation-framework.readthedocs.io/en/v0.8.1.0/developerguide.html#molecule

sownak (Wed, 28 Apr 2021 12:01:29 GMT):
#blockchain-automation-framework PI Demo tomorrow at 1 pm BST https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

praneel1819 (Thu, 29 Apr 2021 14:06:50 GMT):
Hi Sownak, quick question, would the Azure Kubernetes as service work at all ? or do we need to have Kubernetes cluster installed on the same virtual machine ?

sownak (Thu, 29 Apr 2021 16:00:44 GMT):
AKS is preferred

mvaibhav (Thu, 29 Apr 2021 22:35:50 GMT):
@sownak Is eks supported for Indy?

mvaibhav (Thu, 29 Apr 2021 22:35:50 GMT):
@sownak Is eks(AWS) supported for Indy?

sownak (Fri, 30 Apr 2021 09:29:08 GMT):
yes

sownak (Fri, 30 Apr 2021 09:29:08 GMT):
yes, our test environment is AWS EKS

mvaibhav (Fri, 30 Apr 2021 10:06:16 GMT):
Thanks.

mvaibhav (Fri, 30 Apr 2021 10:09:14 GMT):
@sownak the publicIps parameter in aws in network.yaml file, is it the ip of the ec2 instance of node of the kubernetes cluster.

mvaibhav (Fri, 30 Apr 2021 10:09:14 GMT):
@sownak the publicIps parameter in aws in network.yaml file, is it the ip of the ec2 instance of node of the eks cluster.

mvaibhav (Fri, 30 Apr 2021 10:10:41 GMT):
cloud_provider: aws-baremetal # Currently eks is not supported due to aws_authenticator

mvaibhav (Fri, 30 Apr 2021 10:11:38 GMT):
The above line, what should be the value of cloud_provider if i am using eks for kubernetes cluster.

sownak (Fri, 30 Apr 2021 10:38:09 GMT):
you can use aws

sownak (Fri, 30 Apr 2021 10:38:27 GMT):
the IP is additional Elastic IP for the Indy network

mvaibhav (Sun, 02 May 2021 21:09:58 GMT):
@sownak I am using 1 node in cluster of t3.medium type(2cpus, 4gb memory) ec2 instance, is that enough?

mvaibhav (Mon, 03 May 2021 05:46:03 GMT):
Actually the job authority-trustee-auth-job wasn't able to start so I am guessing it's becuase of hardware.

roshan13046 (Mon, 03 May 2021 07:23:57 GMT):
Hi! Sownak, I am working on the Mentee Proposal for Hyperledger Mentorship Program - BAF Project. Is there any proposal fomat or template that is to followed in mentee application?

SoundaryaAyyappan (Mon, 03 May 2021 07:26:09 GMT):
Hi All, Using BAF release v0.7.0.0, I have deployed a hyperledger fabric network v2.2.0. Tired removal of orgs by making the required configuration changes in network.yaml. The orgs were removed successfully but after the ansible script of BAF ended, the removed orgs' namespaces and the components like ca, ca-tools, peer are getting created again. Since the vault paths, secrets, policies and gitops release dir related to the removed orgs got removed, the components are in crashloopbackoff state. Ideally, the re-creation of namespaces and the components should not have happened right? Is this a bug and can anyone explain me the cause. Thanks!

SoundaryaAyyappan (Mon, 03 May 2021 08:22:47 GMT):

SoundaryaAyyappan - Mon May 03 2021 13:52:35 GMT+0530 (India Standard Time).txt

SoundaryaAyyappan (Mon, 03 May 2021 08:23:21 GMT):
ts=2021-05-03T06:59:57.2473476Z caller=release.go:79 component=release release=anchorpeer-bankemachannel-corg targetNamespace=corg-net resource=corg-net:helmrelease/anchorpeer-bankemachannel-corg helmVersion=v3 info="starting sync run" ts=2021-05-03T06:59:57.277210204Z caller=release.go:79 component=release release=anchorpeer-bankemachannel-vendor targetNamespace=vendor-net resource=vendor-net:helmrelease/anchorpeer-bankemachannel-vendor helmVersion=v3 info="starting sync run" ts=2021-05-03T06:59:57.330993739Z caller=release.go:79 component=release release=corg-net-ca targetNamespace=corg-net resource=corg-net:helmrelease/corg-net-ca helmVersion=v3 info="starting sync run" ts=2021-05-03T06:59:57.340753084Z caller=release.go:79 component=release release=corg-net-ca-tools targetNamespace=corg-net resource=corg-net:helmrelease/corg-net-ca-tools helmVersion=v3 info="starting sync run" ts=2021-05-03T06:59:58.070108558Z caller=release.go:313 component=release release=anchorpeer-bankemachannel-corg targetNamespace=corg-net resource=corg-net:helmrelease/anchorpeer-bankemachannel-corg helmVersion=v3 info="running installation" phase=install ts=2021-05-03T06:59:58.195280462Z caller=release.go:313 component=release release=anchorpeer-bankemachannel-vendor targetNamespace=vendor-net resource=vendor-net:helmrelease/anchorpeer-bankemachannel-vendor helmVersion=v3 info="running installation" phase=install ts=2021-05-03T06:59:58.277372106Z caller=release.go:313 component=release release=corg-net-ca-tools targetNamespace=corg-net resource=corg-net:helmrelease/corg-net-ca-tools helmVersion=v3 info="running installation" phase=install ts=2021-05-03T06:59:58.300555875Z caller=release.go:313 component=release release=corg-net-ca targetNamespace=corg-net resource=corg-net:helmrelease/corg-net-ca helmVersion=v3 info="running installation" phase=install ts=2021-05-03T06:59:58.590730181Z caller=helm.go:69 component=helm version=v3 info="creating 3 resource(s)" targetNamespace=corg-net

SoundaryaAyyappan (Mon, 03 May 2021 08:23:36 GMT):
Attached flux dev and flux dev helm operator logs for reference

mvaibhav (Mon, 03 May 2021 11:47:56 GMT):
@praneel1819 Were you able to create the indy-network successfully?

jagpreet (Tue, 04 May 2021 08:59:43 GMT):
Hi @SoundaryaAyyappan I think the issue is with the org.status not being as "delete" If we dont specify delete, the org components will be removed logically from the fabric network, but the k8s components, vault secrets will stay.

jagpreet (Tue, 04 May 2021 09:00:06 GMT):
Please refer to the [readthedocs guide](https://blockchain-automation-framework.readthedocs.io/en/latest/operations/removing_org_fabric.html) for the same

SoundaryaAyyappan (Tue, 04 May 2021 09:01:24 GMT):
Thanks @jagpreet for your reply! Actually the vault secrets of that particular org got removed, later I tried to re-install the flux, then the issue of recreation was resolved. I followed the same docs for making the network.yaml configuration changes and the org removal was successful

atoulme (Thu, 06 May 2021 20:23:18 GMT):
Has joined the channel.

atoulme (Thu, 06 May 2021 20:28:47 GMT):
hey folks, I'm looking for your next contributor call schedule, any chance you can point me to where it is?

jagpreet (Fri, 07 May 2021 08:35:11 GMT):
Cool

sownak (Fri, 07 May 2021 08:42:54 GMT):

CalendarScreenshot.png

jagpreet (Fri, 07 May 2021 08:45:08 GMT):
https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings

atoulme (Fri, 07 May 2021 16:03:36 GMT):
cool, do you post agenda ahead of time like Besu does?

BrunoVavala (Fri, 07 May 2021 19:02:39 GMT):
ls

atoulme (Sat, 08 May 2021 05:26:23 GMT):
Unfortunately, the next meeting might be early for me (5am). Do you collect minutes or record them?

RafaelAPB (Sat, 08 May 2021 21:41:54 GMT):
Has joined the channel.

RafaelAPB (Sat, 08 May 2021 21:41:55 GMT):
Hello Folks!

RafaelAPB (Sat, 08 May 2021 21:50:06 GMT):
I'm a contributor at Hyperledger Cactus, and I need to be able to automatically add orgs to a Fabric test ledger (imagine 5/6 orgs, each one with 1 or more users). Have you tackled this issue in BAF? Do you have any advice on how can I reproduce your solution in Cactus? Cheers!

sownak (Mon, 10 May 2021 07:12:27 GMT):
We don't have a set agenda other than sprint planning. You can look into our Issues board https://github.com/hyperledger-labs/blockchain-automation-framework/issues and project board https://github.com/hyperledger-labs/blockchain-automation-framework/projects to k ow about what is happening in the next 2 weeks. If you cannot attend the meetings, the best place to discuss is here.

sownak (Mon, 10 May 2021 07:14:38 GMT):
We have ansible playbook which adds orgs/peers automatically. This uses the fabric cli to sign and update the config block, I guess you would have to do the same via a script for Cactus.

RafaelAPB (Mon, 10 May 2021 08:40:45 GMT):
Thanks for your answer, @sownak , I'll take a look onto it

atoulme (Mon, 10 May 2021 22:59:37 GMT):
OK thank you, will go from there

AlfonsoSegovia (Wed, 12 May 2021 20:11:46 GMT):
Has joined the channel.

AlfonsoSegovia (Wed, 12 May 2021 20:11:47 GMT):
Saludos a todos!!!

AlfonsoSegovia (Wed, 12 May 2021 20:11:59 GMT):
Excelente Webinar el de hoy!

SoundaryaAyyappan (Thu, 13 May 2021 09:01:51 GMT):
Hi All, I have a hyperledger fabric network (v2.2.0) deployed using BAF (release v0.8.1.0). I would like to make some steps to make my DR Scenario test to work. The scenario is like, "What if the cluster where the fabric network deployed goes down and how to overcome it?". So as per few documentations, I have tried doing backup of crypto-materials, channel-artifacts, peer data and orderer data and restore the network from the backed up materials in the fabric-samples test-network. There it worked fine. But the same backup and restore, I am really not sure to execute in the network deployed using BAF. So can anyone please guide me on the steps with respect to BAF. Thanks in Advance!

sownak (Thu, 13 May 2021 09:20:33 GMT):
Disaster Recovery should be done in line with Kubernetes Disaster recovery and the relevant tools. BAF does not have specific Disaster Recovery steps, at least not yet, because BAF is not a Disaster Recovery tool. The additional advantage BAF provides is that all your helm configurations are stored in Git. What kind of additional guidance are you looking for?

suvajit-sarkar (Thu, 13 May 2021 09:27:52 GMT):
Adding to @sownak's comment, if you are using BAF you should have a vault server running (HashiCorp Vault) which stores the crypto-materials and other required credentials enabling you to backup or restore when required.

SoundaryaAyyappan (Thu, 13 May 2021 09:37:24 GMT):
Yeah ok. I have a network with 2 peer orgs and an orderer org. And all the crypto-materials and credentials are stored in vault. Now, If I face a situation where my network goes down (i.e, the cluster got crashed due to some issue), is it possible to recover my network which is deployed using BAF?

sownak (Thu, 13 May 2021 09:39:39 GMT):
By using BAF, you want to recover the network? Or are you asking "Is it possible to recover my network (which has been deployed using BAF)?"

SoundaryaAyyappan (Thu, 13 May 2021 09:40:16 GMT):
I am asking "Is it possible to recover my network (which has been deployed using BAF)?"

sownak (Thu, 13 May 2021 09:43:09 GMT):
Ok, then the answer is why not. You should be able to recover such a network by using kubernetes recovery tools. And then you can continue using BAF Playbooks for additional operations (of course with updated kubeconfig/access keys etc).

SoundaryaAyyappan (Thu, 13 May 2021 09:44:51 GMT):
Ok, will try. It would be helpful if you provide any reference links to make my try easier.

sownak (Thu, 13 May 2021 09:46:12 GMT):
You can try https://velero.io/

SoundaryaAyyappan (Thu, 13 May 2021 09:47:05 GMT):
ok, will try and come back to you incase of any query. Thanks

praneel1819 (Thu, 13 May 2021 15:44:37 GMT):
Hi All, Wanted to know if Ubunut 18.0.4 is supported for the BAF which houses Ansible, Vault and other prerequisites.

praneel1819 (Thu, 13 May 2021 15:46:39 GMT):
no, still facing issues while running the network.yaml. as of now stuck while creating the service accounts

sownak (Thu, 13 May 2021 15:48:49 GMT):
should work, our latest baf-build container is ubuntu 18.04

praneel1819 (Thu, 13 May 2021 16:00:55 GMT):
ok, thank you

sownak (Thu, 13 May 2021 16:54:26 GMT):
Please fillow https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html#hyperledger-indy-checks to debug deployment issues

sownak (Thu, 13 May 2021 16:54:26 GMT):
Please follow https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html#hyperledger-indy-checks to debug deployment issues

sownak (Thu, 13 May 2021 16:56:58 GMT):
common checks are https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html#baf-deployment-flowchart

mvaibhav (Thu, 13 May 2021 22:03:50 GMT):
@praneel1819 Are you using the docker to run ansible. Something like this except for the minikube part.

mvaibhav (Thu, 13 May 2021 22:03:59 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html

mvaibhav (Thu, 13 May 2021 22:06:02 GMT):

Screenshot from 2021-05-11 02-38-19.png

mvaibhav (Thu, 13 May 2021 22:08:19 GMT):
I added this line `sudo ln -s /usr/bin/python3 /usr/bin/python` in the install aws cli task and then it worked fine.

mvaibhav (Thu, 13 May 2021 22:08:19 GMT):
I added this line `sudo ln -s /usr/bin/python3.6 /usr/bin/python` in the install aws cli task and then it worked fine.

angelparrales (Mon, 17 May 2021 00:31:54 GMT):
Has joined the channel.

praneel1819 (Mon, 17 May 2021 13:53:30 GMT):
Vaibhav, are you using minikube or AKS to deploy the Indy network ?

sheilman (Tue, 18 May 2021 20:19:02 GMT):
Has joined the channel.

sheilman (Tue, 18 May 2021 20:19:03 GMT):
Hello All! I was following the guide for Running BAF DLT network on Minikube on readthedocs (https://blockchain-automation-framework.readthedocs.io/en/develop/developer/baf_minikube_setup.html) but it looks like support for minikube has been deprecated as of release 0.7.0 (https://github.com/hyperledger-labs/blockchain-automation-framework/releases). Given the deprecation of minikube, what is the suggested path for a (small) local deployment?

mvaibhav (Tue, 18 May 2021 22:45:57 GMT):
I was using minikube but baf is no longer supporting minikube

mvaibhav (Tue, 18 May 2021 22:46:21 GMT):
So, I am now trying EKS (elastic kubernetes service)

suvajit-sarkar (Wed, 19 May 2021 08:38:38 GMT):
You can try local k8s setup like minikube or microk8s or docker-desktop. Minikube should still work, we have only deprecated the support of it

sownak (Wed, 19 May 2021 09:42:02 GMT):
BAF should support minikube as it works on any Kubernetes. It is just that the BAF team would not be able to answer queries related to minikube. You can always use a tag which supported minikube

sheilman (Wed, 19 May 2021 14:35:04 GMT):
The minikube sample config file is missing in master https://github.com/hyperledger-labs/blockchain-automation-framework/tree/master/platforms/hyperledger-fabric/configuration/samples

praneel1819 (Wed, 19 May 2021 16:59:17 GMT):
Sownak, just wanted to check if anyone has actually tried implementing BAF for Indy network on AKS ? if so is there any sample network.yaml file ? also i see that for AWS, the K8s configuration details has cluster_config, does it reference from somewhere or can we give the actual path for the kube config file ? We are having hard time in getting the service accounts created and we are trying to reach out to Microsfot Azure expert to figure out of Kubernetes is causing the issue, but wanted to check with you as well, if anyone has successfully implemented in AKS

sownak (Wed, 19 May 2021 17:01:12 GMT):
I dont think anyone has done Indy on AKS.

sownak (Wed, 19 May 2021 17:03:22 GMT):
`config_file` is the absolute path to Kubernetes config file. Are you not able to get kubeconfig file for AKS? Then how are you running other kubectl commands?

sownak (Wed, 19 May 2021 17:04:37 GMT):
Please check the tag where minikube was supported

sownak (Wed, 19 May 2021 17:08:48 GMT):
default location for kubeconfig is ~/.kube/config

praneel1819 (Wed, 19 May 2021 17:14:15 GMT):
sorry, got stuck in a meeting, i will send those details after my meeting. thanks for responding.

praneel1819 (Wed, 19 May 2021 17:31:25 GMT):
ok, so we got the kubeconfig file path and given the absolute path, so it crosses that step. and fails at creating the service account

praneel1819 (Wed, 19 May 2021 17:31:40 GMT):
the error says, Waiting for serviceaccount authority-authority-trustee-vault-auth to be created

praneel1819 (Wed, 19 May 2021 17:31:51 GMT):
and it keeps on retrying

praneel1819 (Wed, 19 May 2021 17:33:10 GMT):
also what should be the cloud_provider ? Should it be "azure" or "minikube" for kubernetes cluster service ? we have tried both values and stuck at that error

praneel1819 (Wed, 19 May 2021 17:46:39 GMT):
And how exactly do the ambassador ports defined ? i mean do we need to open those inbound ports to our organization ?

sheilman (Wed, 19 May 2021 18:29:01 GMT):
Wouldn't the rest of the code be two releases behind if i were to do that?

mvaibhav (Thu, 20 May 2021 06:31:47 GMT):
@sownak @praneel1819 I have created an issue for the error I am facing while running baf for Hyperledger-Indy. I have mentioned every step or every command that I am running, so maybe you guys can check it once and @sownak you can tell me if I am doing any step wrong? https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1470

sownak (Thu, 20 May 2021 07:08:12 GMT):
You can refer to the sample file and update as per the latest instructions. All those are samples after all.

sownak (Thu, 20 May 2021 07:45:01 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=5oNQEJM3zJeTCoymG) Cloud provider should be azure and as you may have read, for using a new cloud provider you have to add the storageclass template. Also, if you follow the flowchart for debugging, you would know that if the service accounts are not getting created, most probably the flux is not working.

sheilman (Thu, 20 May 2021 13:48:17 GMT):
Thanks! "As per latest instructions", what are you referring to?

sownak (Thu, 20 May 2021 14:02:54 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/operations/fabric_networkyaml.html You can choose the version you want to refer as well

praneel1819 (Thu, 20 May 2021 14:49:05 GMT):
ok, i missed the step for storage class, creating it right now. Also can we have Vault on the same machine as Kubernetes and ansible ? or do we need to have Vault on a separate machine ? just wanted to confirm.

sownak (Thu, 20 May 2021 14:49:51 GMT):
Vault can be anywhere as long it has two way connectivity to the ansible controller as well as Kubernetes cluster

praneel1819 (Thu, 20 May 2021 14:50:56 GMT):
ok

praneel1819 (Thu, 20 May 2021 14:51:11 GMT):
do we have a sample storage class template for azure ?

sownak (Thu, 20 May 2021 14:52:29 GMT):
no, you should be able to find that on Azure site

praneel1819 (Thu, 20 May 2021 14:52:54 GMT):
i see it for fabric, but the values are a bit different for fabric and the aws template for Indy looks different. ok let me check. thanks again

sownak (Thu, 20 May 2021 14:53:43 GMT):
yes, you can use most of the sample from Fabric

praneel1819 (Thu, 20 May 2021 15:14:16 GMT):
do we need to install Ambassador manually or would it be installed from the playbook ? just trying to see from all different perspectives, to see if we are missing anything

praneel1819 (Thu, 20 May 2021 15:14:33 GMT):
we are using just one cluster

sownak (Thu, 20 May 2021 15:15:04 GMT):
Ambassador will be installed by playbook

praneel1819 (Thu, 20 May 2021 15:15:26 GMT):
ok thanks

mvaibhav (Thu, 20 May 2021 20:07:31 GMT):
I don't think you need to explicitly install ambassador.

praneel1819 (Mon, 24 May 2021 14:33:55 GMT):
Sownak, Just wanted to check what exactly are these public IP address in the network.yaml ( publicIps: ["3.221.78.194"]). do we need to open ports to this IP addresses from our organization/system

praneel1819 (Mon, 24 May 2021 14:44:00 GMT):
and all the ports which are provided in stewards and endorser section, would those be created ?

praneel1819 (Mon, 24 May 2021 14:49:30 GMT):
Also, one more question, when the playbook fails in middle, after creating helm and flux, before running again, do we need to delete the stuff which got created in the first run ?

praneel1819 (Mon, 24 May 2021 15:16:07 GMT):
Hi All, Does anyone have an architectural diagram on BAF which showcases on what system is in cloud vs local, like a cloud environment diagram, connectivity between Kubernetes with Vault, Helm, Ansible ? If you have any kind of architectural diagrams, please share.

tkuhrt (Mon, 24 May 2021 15:29:48 GMT):
Not sure what platform you are looking for, but the [Architecture Reference page in the documentation](https://blockchain-automation-framework.readthedocs.io/en/latest/architectureref.html#platform-specific-reference-guides) has links for each platform. Not sure if they provide what you are looking for though.

praneel1819 (Mon, 24 May 2021 15:51:30 GMT):
Thanks for the response. I am looking for Indy network, but as in general for a BAF, like how the Kubernetes is connected with vault and Helm and what would be in cloud vs what would be in local set up kind of details. the page you mentioned has the details of the Organization, but i am looking more of the overall picture.

sownak (Wed, 26 May 2021 06:40:10 GMT):
Cloud environment diagram is to be created as per the project implementation. As per BAF, everything will be on cloud; but a project can have some items on premise as well.

sownak (Wed, 26 May 2021 06:42:31 GMT):
Yes, all ambassador ports need to be opened on the firewall. The publicips will be the public ip of the ambassador and the indy nodes

sownak (Wed, 26 May 2021 06:44:20 GMT):
No need to uninstall helm flux etc, the playbook is idempotent

praneel1819 (Wed, 26 May 2021 13:24:09 GMT):
Thanks Sownak. Your suggestions are definitely helping us and are able to proceed a little further. Also, when we researched on 3.221.78.194, it looks like an AWS server IP, do we need to change that to our azure env local ip address ? or is it something it will be created for ambassador ?

praneel1819 (Wed, 26 May 2021 14:24:54 GMT):
Hi All, we are trying to set up Hyperledger Indy network using BAF in AZURE environment and are stuck at the below error. http://10.1.3.81:8200/v1/authority/trustees/authority-trustee/* there is a policy in the vault which gives read permission but we are getting this permission denied error(403). The actual error from the logs are TASK [check/crypto : Check trustee in vault] ************************************************************************************************************************************************************************* failed: [localhost] (item={'trustee': None, 'name': 'authority-trustee', 'genesis': True, 'server': {'port': 8000, 'ambassador': 15010}}) => {"ansible_loop_var": "trusteeItem", "changed": true, "cmd": "vault kv get -field=did authority/trustees/authority-trustee/identity/public", "delta": "0:00:00.036916", "end": "2021-05-25 20:47:03.481176", "failed_when_result": true, "msg": "non-zero return code", "rc": 2, "start": "2021-05-25 20:47:03.444260", "stderr": "Error reading authority/trustees/authority-trustee/identity/public: Error making API request.\n\nURL: GET http://10.1.3.81:8200/v1/authority/trustees/authority-trustee/identity/public\nCode: 403. Errors:\n\n* 1 error occurred:\n\t* permission denied", "stderr_lines": ["Error reading authority/trustees/authority-trustee/identity/public: Error making API request.", "", "URL: GET http://10.1.3.81:8200/v1/authority/trustees/authority-trustee/identity/public", "Code: 403. Errors:", "", "* 1 error occurred:", "\t* permission denied"], "stdout": "", "stdout_lines": [], "trusteeItem": {"genesis": true, "name": "authority-trustee", "server": {"ambassador": 15010, "port": 8000}, "trustee": null}}

praneel1819 (Wed, 26 May 2021 14:25:18 GMT):
Can someone help me understand what this error is and where it got stuck

praneel1819 (Wed, 26 May 2021 15:06:37 GMT):
Also, at this link https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/shared/configuration/roles/setup/ambassador/tasks/main.yaml, it has references of AWS kind of hardcoded. I was wondering, if BAF is cloud agnostic, the AWS references should be only in network.yaml file. Do we have anything similar for AZURE ? How do we get the elastic ip for AZURE?

sownak (Wed, 26 May 2021 17:44:53 GMT):
Indy uses static IP and does not work with domain name. Providing static ip to load balancers is different for different cloud environments, so to provide static ip to azure load balancer you would have to make code changes. We always appreciate code submissions for other cloud platforms as testing with all platforms is not possible for a small team

praneel1819 (Wed, 26 May 2021 19:14:08 GMT):
Question 1: is Ambassador mandatory irrespective of which cloud we are using?

praneel1819 (Wed, 26 May 2021 19:14:43 GMT):
Question 2: did you see the error, is it related to Ambassador not being installed or is that to do with something else ?

praneel1819 (Wed, 26 May 2021 19:16:51 GMT):
Question 3: what exactly is external_url_suffix: indy.blockchaincloudpoc.com ? do we need to create an external url ? and what is this used for ?

sownak (Wed, 26 May 2021 21:13:52 GMT):
Yes, ambassador is the only way kubernetes services are exposed outside the cluster. If using BAF, ambassador is mandatory as it acts as the reverse proxy.

sownak (Wed, 26 May 2021 21:14:14 GMT):
The error is because of Vault connectivity, not because of ambassaodr

sownak (Wed, 26 May 2021 21:15:20 GMT):
The URL can be ignored for Indy unless you want to install any application as well. That URL is used for the acme-Alice demo

sownak (Wed, 26 May 2021 21:17:45 GMT):
All IPs in our samples are samples.. They are to be changed as per your environment obviously

sheilman (Thu, 27 May 2021 18:00:20 GMT):
Where in the code is are the pods deployed? The namespace "supplychain-net" is empty so i think the pods are not being deployed in the ansible code.

garyanti (Thu, 27 May 2021 21:18:45 GMT):
Has joined the channel.

garyanti (Thu, 27 May 2021 21:18:46 GMT):
Sownak, are you sure it's a connectivity issue and not a permissions issue? I would think it would throw a 404 if it was a connectiveuty error. I am seeing policies and roles being created in the vault. What communication is occurring and between what components when it's trying to create the Authority keys? Is it K8 to vault? Anisble PB to vault?

sownak (Fri, 28 May 2021 06:11:55 GMT):
It is k8s to Vault. In that case check if the access on Vault is right. Did you recreate your kubernetes cluster after Vault policies were created?

sownak (Fri, 28 May 2021 06:12:40 GMT):
All code is in the charts folder for each platform

sheilman (Fri, 28 May 2021 15:44:57 GMT):
The values file is empty. Does that get populated on run?

sownak (Fri, 28 May 2021 18:04:34 GMT):
All value files are generated as helm release files in the releases directory for each platform. Although it depends on what path you have given in the gitops section of network.yaml

lcvalves (Sun, 30 May 2021 18:17:40 GMT):
Has joined the channel.

mvaibhav (Mon, 31 May 2021 05:41:58 GMT):
@sownak I have updated the error I am getting while running BAF on github https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1470. Can you please tell me a probable reason and solution for this.

sownak (Mon, 31 May 2021 06:55:27 GMT):
Looks like your kubernetes cluster is not able to support more volumes. Please check eks documentation on limit on number of pvcs created for a particular ec2 machine type. It is not a BAF error, it is eks configuration error.

mvaibhav (Mon, 31 May 2021 10:58:30 GMT):
Okay, thanks.

garyanti (Tue, 01 Jun 2021 13:58:45 GMT):
We haven't recreated the K8s cluster. We have run the playbook with the "reset" parameter a couple times. Is that what you mean? Does the reset clear old entries in the vault?

sownak (Tue, 01 Jun 2021 14:04:04 GMT):
yes, it does

sownak (Tue, 01 Jun 2021 14:04:57 GMT):
Please welcome @roshan13046 for the Summer Internship 2021. Roshan will be working on Hyperledger Besu Clique consensus

garyanti (Tue, 01 Jun 2021 19:16:05 GMT):
So we ran the playbook with the reset again and checked the vault. It removed the authority secret engine and all the policies. I did see entries left behind under the Access>Authentication Methods section and I manually removed those hoping that was the cause but we got the same error. We have the root token defined in our network.yaml. I'm not sure what level of permission the process in the K8 cluster is using when trying to access the vault. Is what ever is happening in this step trying to use the Ambassador port 8000 to talk back to the Vault? Is it using a different communication path that the jobs that create all the policies? I have some log output, I'll attach them to this feed. Also would you be willing to join us on a call to go over our environment? We've been struggling to get this working for about a month.

garyanti (Tue, 01 Jun 2021 19:20:46 GMT):

06-01-2021 Log output.txt

garyanti (Tue, 01 Jun 2021 19:24:47 GMT):
The other question I have is we set the secret_path: "secret" and I don't see anything being created under the "secret" secret engine. It created a new secret engine called "authority"

mvaibhav (Tue, 01 Jun 2021 20:26:23 GMT):
@sownak I am creating the eks cluster using this command `eksctl create cluster --name test-cluster --version 1.19 --region ap-south-1 --nodegroup-name linux-nodes --node-type t3.medium --nodes 1`. Is it the right way and right parameters to create the cluster for Indy network on BAF. I am thinking maybe the right parameters here will resolve the PVC error.

mvaibhav (Tue, 01 Jun 2021 20:28:16 GMT):
Also, I am just using the config file created by this command, and also I am not making any changes in the cluster manually. So, Can you point me towards the right way to create an eks cluster for BAF.

sownak (Wed, 02 Jun 2021 10:07:48 GMT):
check if this helps https://stackoverflow.com/questions/51946393/kubernetes-pod-warning-1-nodes-had-volume-node-affinity-conflict/55514852#55514852

sownak (Wed, 02 Jun 2021 10:11:00 GMT):
dont think secret path is used in Indy

sownak (Wed, 02 Jun 2021 10:12:47 GMT):
I see you have vault url as 10.1.3.81:8200 . Are you able to access vault using this URL from the pods on Kubernetes? It is a private URL.

roshan13046 (Wed, 02 Jun 2021 12:17:35 GMT):
Thanks! for onboarding me.

garyanti (Wed, 02 Jun 2021 13:34:33 GMT):
It is a private URL for vault. I installed Vault on the same machine as where we are running the Ansible playbook. There is connectivity between the Vnet that Kubernetes is on and the vault. Should the vault have a public IP address and be accessible from the internet? Do the pods want to communicate with the vault via the internet?

sownak (Wed, 02 Jun 2021 13:43:30 GMT):
vault should be accessible from the Kubernetes cluster. You may want to check it works by creating a alpine pod on the kUbernetes and connecting to Vault after logging in to that pod.

garyanti (Wed, 02 Jun 2021 14:01:31 GMT):
I'm not familiar with what an Alpine pod is. If the flux jobs that create the policies in the vault are working would that indicate there is communication between Kubernetes and the vault? Can you send me more info on Alpine pods?

sownak (Wed, 02 Jun 2021 14:05:18 GMT):
for example you can create a new pod with image nginx:1.16.0 and execute vault commands from there. If other jobs were successful , that does mean that connectivity is there. Are you sure the IP address of Vault did not change between the two jobs?

sownak (Wed, 02 Jun 2021 15:23:30 GMT):
We do have our sprint planning session on next Monday, you can join and if there is time we can discuss the issue.

garyanti (Wed, 02 Jun 2021 15:31:54 GMT):
Ok thanks. I will try adding a pod to test connectivity and will join your Sprint on Monday. Where is the call info? Or can you send it to me at antigiovannigp@cvshealth.com

sownak (Wed, 02 Jun 2021 16:32:54 GMT):
https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings Monday 7th 12pm GMT

garyanti (Wed, 02 Jun 2021 18:13:50 GMT):
Thanks, I confirmed communication between the K8 Cluster and the vault. root@aks-agentpool-29151264-vmss000002:/# curl http://10.1.3.81:8200/v1/sys/init {"initialized":true}

sownak (Thu, 03 Jun 2021 08:49:16 GMT):
Can you send the network.yaml after removing credentials, but leaving everything else ?

mvaibhav (Thu, 03 Jun 2021 13:54:19 GMT):
Thanks, it helped. I was providing the wrong value of zone in the network.yaml file.

garyanti (Thu, 03 Jun 2021 14:11:50 GMT):

network-indyv3.jpg

praneel1819 (Thu, 03 Jun 2021 14:16:08 GMT):
after downloading it, please rename it to .yaml

sownak (Thu, 03 Jun 2021 14:19:08 GMT):
this looks ok, are you using root token in network-indyv3.yaml for the vault?

garyanti (Thu, 03 Jun 2021 14:21:35 GMT):
Yes, we are.

sownak (Thu, 03 Jun 2021 14:40:41 GMT):
Ok. This looks like the token has expired by the time the request was made, can you check the "Generated Token's Initial TTL" for the role. Was there a gap between the execution of `TASK [check/k8_component : Store token]` and `TASK [check/crypto : Check trustee in vault]`?

sownak (Thu, 03 Jun 2021 14:45:42 GMT):
In that case you may have to increase the ttl via the chart file `platforms/hyperledger-indy/charts/indy-auth-job/templates/job.yaml`

praneel1819 (Thu, 03 Jun 2021 15:19:37 GMT):
currently the value for ttl is 3600, we are trying to change it to 10000 and run again

garyanti (Mon, 07 Jun 2021 20:31:28 GMT):
Hi Sownak. We tried changing the TTL value and it has now caused the process to fail a lot sooner. I put the setting back to 3600 and now we're failing when it tries to setup this section. This was working before. TASK [setup/vault_kubernetes : Check if policy exists] ****************************************************************************************** fatal: [localhost]: FAILED! => {"changed": true, "cmd": "vault policy read partner-admin-rw\n", "delta": "0:00:00.032892", "end": "2021-06-07 20:27:02.566881", "msg": "non-zero return code", "rc": 2, "start": "2021-06-07 20:27:02.533989", "stderr": "No policy named: partner-admin-rw", "stderr_lines": ["No policy named: partner-admin-rw"], "stdout": "", "stdout_lines": []}

garyanti (Mon, 07 Jun 2021 20:32:12 GMT):
Is there anyway to have someone like yourself spend some time with us to review our env and help get this working?

indranil32 (Tue, 08 Jun 2021 07:51:46 GMT):
Has joined the channel.

rk-tpl (Tue, 08 Jun 2021 19:12:21 GMT):
Has joined the channel.

rk-tpl (Tue, 08 Jun 2021 19:12:21 GMT):
I've been chasing this `error validating ReadSet` when altering anchor-peers error to the ends of the earth and I think this "blockchain-automation-framework" project looks to be the only Production Grade operations humans I can find on Github / Public Internet... from this Issue history, it looks like you all might have actually FIXED it too... https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1297#issuecomment-787803501 but I can't quite determine the exact line(s) of code involved in the fix. I think it has to do with the system-channel vs "other / application channels", which is a hunch I had earlier as well. I'm trying desperately to cook up some amount of "peer/org/network admin" tooling and `configtxgen` and `configtxlator` aren't really sufficient alone... something needs to be a little "semantically aware" of the blockchain and the Transaction data, `compute_update` doesn't perform the entire "update".

rk-tpl (Tue, 08 Jun 2021 19:12:21 GMT):
I've been chasing this `error validating ReadSet` when altering anchor-peers error to the ends of the earth and I think this "blockchain-automation-framework" project looks to be the only Production Grade _hyperledger-fabric_ Operations Humans I can find on Github / Public Internet... from this Issue history, it looks like you all might have actually FIXED it too... https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1297#issuecomment-787803501 but I can't quite determine the exact line(s) of code involved in the fix. I think it has to do with the system-channel vs "other / application channels", which is a hunch I had earlier as well. I'm trying desperately to cook up some amount of "peer/org/network admin" tooling and `configtxgen` and `configtxlator` aren't really sufficient alone... something needs to be a little "semantically aware" of the blockchain and the Transaction data, `compute_update` doesn't perform the entire "update".

sownak (Wed, 09 Jun 2021 08:40:01 GMT):
That is correct analysis. This error happens when the syschannel is not updated correctly, and syschannel should be updated. You can check the PR files https://github.com/hyperledger-labs/blockchain-automation-framework/pull/1343/files if there is any information you can look for. We have automated the process of adding new peers in BAF

RahulPrakash12 (Wed, 09 Jun 2021 11:53:18 GMT):
Has joined the channel.

RahulPrakash12 (Wed, 09 Jun 2021 11:56:11 GMT):
Hey All - Just joining here. Thanks to Sownak and Suvajit for directing me here !!

suvajit-sarkar (Thu, 10 Jun 2021 08:02:30 GMT):
Welcome :)

suvajit-sarkar (Thu, 10 Jun 2021 08:10:38 GMT):
Hi All, Please join the PI Demo today at 12 pm GMT https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 The topics for the session are as follows - 1. Release 0.9.0 draft discussion; focusing on some major upcoming changes. 2. Demo on automated addition of validator node for HL Besu.

sownak (Thu, 10 Jun 2021 14:52:32 GMT):
Seems the policies are not getting created correctly. regarding the support question, I guess your Leadership is talking to ours.

SoundaryaAyyappan (Fri, 11 Jun 2021 09:27:10 GMT):
Hi Everyone, Currently I am testing a Disaster Recovery Scenario - Restoring a whole hyperledger fabric network using the kubernetes recovery tool - Velero. Consider my network has 1 orderer organization (3 orderers) and 2 peer organizations (with 2 peers [peer0, peer1] each). The orderer organization and the peer org with one peer are deployed in Cluster A. The second peer in each peer org is deployed in Cluster B. I am able to successfully restore the fabric network deployed in Cluster A in an another new cluster (Cluster C) and network deployed in Cluster B is restored in another cluster (Cluster D). Though the channel height is same in all the peers after the restoration, when I tested invoke, out of 4 peers, only 3 peers got updated with the new data (peer1 of org1 is not committed with the new block). The peer1 of org1 has channel height as 12, but the actual height is 13 which is observed correctly in other peers (peer0org1, peer0org2, peer1org2). So I did scale down the statefulset of peer1org1, then scaled up. While coming up, I can see in the peer logs that 14th block got committed to this peer. Then I checked the channel height from peer1 org1, it got updated and the result is 13. Then I tested 3 invokes, those invoked data got updated in all the peers. But can anyone explain me the cause of why the non-sync of data happened in a peer after restoration?

SoundaryaAyyappan (Fri, 11 Jun 2021 09:27:10 GMT):
Hi Everyone, Currently I am testing a Disaster Recovery Scenario - Restoring a whole hyperledger fabric network using the kubernetes recovery tool - Velero. Consider my network has 1 orderer organization (3 orderers) and 2 peer organizations (with 2 peers [peer0, peer1] each). The orderer organization and the peer org with one peer are deployed in Cluster A. The second peer in each peer org is deployed in Cluster B. The version of fabric is v2.2.0 and the baf release used is v0.8.1.0. I am able to successfully restore the fabric network deployed in Cluster A in an another new cluster (Cluster C) and network deployed in Cluster B is restored in another cluster (Cluster D). Though the channel height is same in all the peers after the restoration, when I tested invoke, out of 4 peers, only 3 peers got updated with the new data (peer1 of org1 is not committed with the new block). The peer1 of org1 has channel height as 12, but the actual height is 13 which is observed correctly in other peers (peer0org1, peer0org2, peer1org2). So I did scale down the statefulset of peer1org1, then scaled up. While coming up, I can see in the peer logs that 14th block got committed to this peer. Then I checked the channel height from peer1 org1, it got updated and the result is 13. Then I tested 3 invokes, those invoked data got updated in all the peers. But can anyone explain me the cause of why the non-sync of data happened in a peer after restoration?

sownak (Fri, 11 Jun 2021 10:13:09 GMT):
@SoundaryaAyyappan Thanks for trying the DR out and letting us know it worked. As to the non-sync of data, that seems more of a fabric question and BAF issue. You can try posting on the fabric channels

sownak (Fri, 11 Jun 2021 10:13:09 GMT):
@SoundaryaAyyappan Thanks for trying the DR out and letting us know it worked. As to the non-sync of data, that seems more of a fabric question rather than a BAF issue. You can try posting on the fabric channels

SoundaryaAyyappan (Fri, 11 Jun 2021 10:17:06 GMT):
@sownak Ok, Thanks. Posted on fabric channel.

SivaramKannan (Fri, 11 Jun 2021 14:42:18 GMT):
I have not found instances where fabric DR has been successfully done. Even IBM platform only offers only HA if I am not wrong.

mvaibhav (Mon, 14 Jun 2021 21:40:51 GMT):
Just an update, this error is due to version mismatch between kubectl and kubernetes. So, I ran minikube with kubernetes version 1.20.2 and chnaged the version of kubectl everywhere in the BAF code from 1.16.13 to 1.20.0. This solved the error.

mgCepeda (Thu, 17 Jun 2021 08:06:05 GMT):
Has joined the channel.

roshan13046 (Fri, 18 Jun 2021 13:53:34 GMT):
Hi Everyone. I am refering BAF doc for setting up prerequisites for running BAF. Can anyone please tell which network.yaml file below lines are talking about? NOTE: The Blockchain Automation Framework recommends use of private docker registry for production use. The username/password for the docker registry can be provided in a network.yaml file so that the Kubernetes cluster can access the registry. BAF Doc Link: https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#docker-images

roshan13046 (Fri, 18 Jun 2021 13:53:34 GMT):
Hi Everyone. I am referring BAF doc for configuring up prerequisites for running BAF. Can anyone please tell which network.yaml file below lines is talking about? NOTE: The Blockchain Automation Framework recommends the use of a private docker registry for production use. The username/password for the docker registry can be provided in a network.yaml file so that the Kubernetes cluster can access the registry. BAF Doc Link: https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#docker-images

sownak (Fri, 18 Jun 2021 13:56:51 GMT):
any network.yaml from samples folder

roshan13046 (Fri, 18 Jun 2021 13:59:46 GMT):
is it this one : https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-besu/configuration/samples/network-besu.yaml

sownak (Fri, 18 Jun 2021 14:00:07 GMT):
yes

roshan13046 (Fri, 18 Jun 2021 14:10:34 GMT):
Do I need to follow this step as well, I was skipping this one. For Corda Enterprise, the docker images should be built and put in a private docker registry. Please follow these instructions to build docker images for Corda Enterprise. Link:https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#docker-images

roshan13046 (Fri, 18 Jun 2021 14:10:34 GMT):
Do I need to follow this step as well? I was skipping this one. For Corda Enterprise, the docker images should be built and put in a private docker registry. Please follow these instructions to build docker images for Corda Enterprise. Link:https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html#docker-images

sownak (Fri, 18 Jun 2021 16:53:35 GMT):
No, you are not doing Corda Enterprise, you are doing Besu

roshan13046 (Sat, 19 Jun 2021 08:38:47 GMT):
Do I have to replace the docker, vault, git credentitals with my login, password and other credentials in below file?: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-besu/configuration/samples/network-besu.yaml

roshan13046 (Sat, 19 Jun 2021 08:41:26 GMT):
I am setting and configuring BAF. Do I have to replace the docker, vault, git credentitals with my login, password and other credentials in below file?: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-besu/configuration/samples/network-besu.yaml

roshan13046 (Sat, 19 Jun 2021 08:41:26 GMT):
I am setting and configuring BAF. Do I have to replace the docker, vault, git credentials with my login, password, and other credentials in the below file? Can anyone please answer? File Link: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/hyperledger-besu/configuration/samples/network-besu.yaml

sownak (Sat, 19 Jun 2021 18:24:57 GMT):
yes

alvaropicazo (Mon, 21 Jun 2021 07:27:21 GMT):
Hi @roshan13046 . Just copy the sample network to a different path to where you have the BAF source code, and modify it depending on your needs. Of course you will need to specify your own vault/git creds as well as define which cloud provider you are using and its own credentials.

alvaropicazo (Mon, 21 Jun 2021 07:27:21 GMT):
Hi @roshan13046 . Just copy the sample network to a different path where you have the BAF source code, and modify it depending on your needs. Of course you will need to specify your own vault/git creds as well as define which cloud provider you are using and its own credentials.

suvajit-sarkar (Mon, 21 Jun 2021 10:06:46 GMT):
Hi All, Feel free to join the Sprint planning today (21st June) 12pm-1pm GMT https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

roshan13046 (Tue, 22 Jun 2021 14:45:41 GMT):
I am configuring the https://github.com/Roshan13046/blockchain-automation-framework/blob/master/platforms/shared/configuration/kubernetes-env-setup.yaml

roshan13046 (Tue, 22 Jun 2021 15:27:47 GMT):
After configuring the network.yml file with the required values. I am running the command: ansible-playbook platforms/shared/configuration/site.yaml -e "@./build/network.yaml" Shows Error: ansible-playbook : The term 'ansible-playbook' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:1 + ansible-playbook platforms/shared/configuration/site.yaml -e "@./buil ... + ~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (ansible-playbook:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException

zandercreations (Fri, 25 Jun 2021 11:30:06 GMT):
Has joined the channel.

zandercreations (Fri, 25 Jun 2021 11:30:07 GMT):
Hi is the Blockchain Automation Framework Besu clique consensus available yet??

sownak (Fri, 25 Jun 2021 13:19:35 GMT):
It is part of the Hyperledger Summer internship program. You can also contributed if you want to.

zandercreations (Sat, 26 Jun 2021 18:07:43 GMT):
Yea I can help with that

zandercreations (Sat, 26 Jun 2021 18:08:03 GMT):

Clipboard - June 26, 2021 2:07 PM

zandercreations (Sat, 26 Jun 2021 18:12:46 GMT):
After running the the `ansible-playbook platforms/shared/configuration/site.yaml -e "@./build/network.yaml"` for Besu I cant finish due to openshift issues when I uninstall openshift `pip3 uninstall openshift` it tells me I need to install openshift When I install openshift `pip3 install openshift` I get the error above

zandercreations (Sat, 26 Jun 2021 18:15:56 GMT):
not sure if this link is relevant or not https://docs.ansible.com/ansible/2.8/modules/oc_module.html

zandercreations (Mon, 28 Jun 2021 06:48:56 GMT):
Hello so I was able to get passed the error above but then I ran into more errors for clusterrolebinding

zandercreations (Mon, 28 Jun 2021 06:48:56 GMT):
Hello so I was able to get passed the error above but then I ran into more errors for clusterrolebinding. This ansible task just retrys 20 times and errors out and stops the process Any advice on troubleshooting would be helpfull Thanks

zandercreations (Mon, 28 Jun 2021 06:48:59 GMT):

Clipboard - June 28, 2021 2:48 AM

zandercreations (Mon, 28 Jun 2021 06:49:43 GMT):
Im using k3s from rancher as my k8s cluster

sownak (Mon, 28 Jun 2021 08:25:44 GMT):
You can follow https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html to verify what may be wrong

suvajit-sarkar (Mon, 28 Jun 2021 08:33:47 GMT):
Looks like a environment setup issue

suvajit-sarkar (Mon, 28 Jun 2021 08:33:47 GMT):
Looks like a environment setup issue, you can try using baf-build docker image for use help from it

dcad (Mon, 28 Jun 2021 12:21:09 GMT):
Has joined the channel.

zandercreations (Mon, 28 Jun 2021 12:59:48 GMT):
Ok thanks I will try that

zandercreations (Mon, 28 Jun 2021 13:00:22 GMT):
Thanks this is my first time seeing this page

arsulegai (Tue, 29 Jun 2021 12:48:21 GMT):
Hi team, Have you tried running BAF in a proxy environment, where K8s worker nodes are behind a proxy?

roshan13046 (Wed, 30 Jun 2021 04:34:45 GMT):
PS C:\Windows\system32> docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build Starting build process... Adding env variables... Running the playbook... ansible-playbook [core 2.11.1] config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/dist-packages/ansible ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.5 (default, May 27 2021, 13:30:53) [GCC 9.3.0] jinja version = 3.0.1 libyaml = True No config file found; using defaults [WARNING]: * Failed to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners with script plugin: Unable to retrieve file contents Could not find or access '/home/blockchain-automation- framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option [WARNING]: * Failed to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners with yaml plugin: Unable to retrieve file contents Could not find or access '/home/blockchain-automation- framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option [WARNING]: * Failed to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners with ini plugin: Unable to retrieve file contents Could not find or access '/home/blockchain-automation- framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option [WARNING]: Unable to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners as an inventory source [WARNING]: Unable to parse /home/blockchain-automation-framework/platforms/shared/inventory as an inventory source [WARNING]: No inventory was parsed, only implicit localhost is available ERROR! Unable to retrieve file contents Could not find or access '/home/blockchain-automation-framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option What am I going wrong? Please share any fix. Doc: https://blockchain-automation-framework.readthedocs.io/en/develop/developer/baf_minikube_setup.html#execute Thanks!

roshan13046 (Wed, 30 Jun 2021 04:34:45 GMT):
PS C:\Windows\system32> docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build Starting build process... Adding env variables... Running the playbook... ansible-playbook [core 2.11.1] config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/dist-packages/ansible ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.5 (default, May 27 2021, 13:30:53) [GCC 9.3.0] jinja version = 3.0.1 libyaml = True No config file found; using defaults [WARNING]: * Failed to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners with script plugin: Unable to retrieve file contents Could not find or access '/home/blockchain-automation- framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option [WARNING]: * Failed to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners with yaml plugin: Unable to retrieve file contents Could not find or access '/home/blockchain-automation- framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option [WARNING]: * Failed to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners with ini plugin: Unable to retrieve file contents Could not find or access '/home/blockchain-automation- framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option [WARNING]: Unable to parse /home/blockchain-automation-framework/platforms/shared/inventory/ansible_provisioners as an inventory source [WARNING]: Unable to parse /home/blockchain-automation-framework/platforms/shared/inventory as an inventory source [WARNING]: No inventory was parsed, only implicit localhost is available ERROR! Unable to retrieve file contents Could not find or access '/home/blockchain-automation-framework/build/network.yaml' on the Ansible Controller. If you are using a module and expect the file to exist on the remote, see the remote_src option What is going wrong? Please share any fixes. Doc: https://blockchain-automation-framework.readthedocs.io/en/develop/developer/baf_minikube_setup.html#execute Thanks!

sownak (Wed, 30 Jun 2021 09:02:14 GMT):
This is windows env and looks like you have not mounted the volume correctly on virtualbox

sownak (Wed, 30 Jun 2021 09:03:08 GMT):
We haven't come across a scenario/client with those requirements yet.

arsulegai (Wed, 30 Jun 2021 09:03:46 GMT):
Bummer

roshan13046 (Wed, 30 Jun 2021 10:12:07 GMT):

Screenshot (32).png

sownak (Wed, 30 Jun 2021 10:14:33 GMT):
looks like because the mount point is empty it is getting a default mount, you will have to specify the mount point and then modify the docker command accordingly

roshan13046 (Wed, 30 Jun 2021 10:24:56 GMT):
docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build ...what will be the execution command after chaning the mount point? . My mount point is /mount

roshan13046 (Wed, 30 Jun 2021 10:24:56 GMT):
Command: docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build ...what will be the execution command after chaning the mount point? My mount point is /mount

sownak (Wed, 30 Jun 2021 10:25:55 GMT):
you have to login to the machine and check if it has been mounted on /mount/home/

roshan13046 (Wed, 30 Jun 2021 11:16:08 GMT):

Screenshot (34).png

sownak (Wed, 30 Jun 2021 11:36:11 GMT):
then it should work

roshan13046 (Wed, 30 Jun 2021 12:10:20 GMT):

Screenshot (38).png

roshan13046 (Wed, 30 Jun 2021 12:10:26 GMT):

Screenshot (37).png

sownak (Wed, 30 Jun 2021 12:10:56 GMT):
yes, looks like it is working but you have wrong network.yaml

roshan13046 (Wed, 30 Jun 2021 12:13:32 GMT):
The ERROR : TASK [setup/kubectl : Changing the current context namespace to default] *********************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/kubectl/tasks/main.yaml:61 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=cluster_config kubectl config set-context --current --namespace=default\n", "delta": "0:00:00.092830", "end": "2021-06-30 11:58:47.253543", "msg": "non-zero return code", "rc": 1, "start": "2021-06-30 11:58:47.160713", "stderr": "W0630 11:58:47.249677 283 loader.go:223] Config not found: cluster_config\nerror: no current context is set", "stderr_lines": ["W0630 11:58:47.249677 283 loader.go:223] Config not found: cluster_config", "error: no current context is set"], "stdout": "", "stdout_lines": []} PLAY RECAP ************************************************************************************************************************************************************************************* localhost : ok=8 changed=5 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 ...... File: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/shared/configuration/roles/setup/kubectl/tasks/main.yaml

roshan13046 (Wed, 30 Jun 2021 12:13:32 GMT):
The ERROR : TASK [setup/kubectl : Changing the current context namespace to default] *********************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/kubectl/tasks/main.yaml:61 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=cluster_config kubectl config set-context --current --namespace=default\n", "delta": "0:00:00.092830", "end": "2021-06-30 11:58:47.253543", "msg": "non-zero return code", "rc": 1, "start": "2021-06-30 11:58:47.160713", "stderr": "W0630 11:58:47.249677 283 loader.go:223] Config not found: cluster_config\nerror: no current context is set", "stderr_lines": ["W0630 11:58:47.249677 283 loader.go:223] Config not found: cluster_config", "error: no current context is set"], "stdout": "", "stdout_lines": []} PLAY RECAP ************************************************************************************************************************************************************************************* localhost : ok=8 changed=5 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 ...... File at line no 61: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/shared/configuration/roles/setup/kubectl/tasks/main.yaml

sownak (Wed, 30 Jun 2021 12:26:56 GMT):
loader.go:223] Config not found: cluster_config", "error: no current context is set"], "stdout": "", "stdout_lines": []}

roshan13046 (Wed, 30 Jun 2021 12:27:50 GMT):
what is expected to be done?

sownak (Wed, 30 Jun 2021 12:28:33 GMT):
use correct network.yaml. Have you followed https://blockchain-automation-framework.readthedocs.io/en/latest/operations/besu_networkyaml.html ?

sownak (Wed, 30 Jun 2021 12:29:31 GMT):
or even https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html#edit-the-configuration-file ?

mwklein (Wed, 30 Jun 2021 15:58:59 GMT):
Worth noting that proxies may not be supported by all the DLT platforms supported by BAF. It isn't just a BAF thing.

arsulegai (Wed, 30 Jun 2021 16:01:54 GMT):
Sure, thanks for bringing that point up @mwklein . Agree, I am evaluating through blind trial/error if it makes sense to add a feature flag in BAF.

sheilman (Wed, 30 Jun 2021 18:11:20 GMT):
How do you update BAF code from the BAF repo once it's been forked to your own github account? I had a lapse in time and I'm trying to figure out how to get the latest BAF code into my project.

suvajit-sarkar (Thu, 01 Jul 2021 06:26:44 GMT):
That's a git specific question but, here is a way you can do that, from your local repo master branch - 1. Add remote, call it upstream for example - `git remote add upstream https://github.com/hyperledger-labs/blockchain-automation-framework.git` 2. Sync with the remote upstream `git fetch upstream` `git merge upstream` `git push`

suvajit-sarkar (Thu, 01 Jul 2021 06:26:44 GMT):
That's a git specific question but, here is a way you can do that. From your local repo branch - 1. Add remote, call it upstream for example - `git remote add upstream https://github.com/hyperledger-labs/blockchain-automation-framework.git` 2. Sync with the remote upstream `git fetch upstream` `git merge upstream` `git push`

sownak (Thu, 01 Jul 2021 08:21:13 GMT):
https://docs.github.com/en/github/collaborating-with-pull-requests/working-with-forks/syncing-a-fork

roshan13046 (Thu, 01 Jul 2021 15:34:54 GMT):
Sownak, yesterday I fixed the issue of network.yaml file. It was working after executing the execution command : docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build. But today after executing once again It shows an ERROR: Unable to find image 'hyperledgerlabs/baf-build:latest' locally latest: Pulling from hyperledgerlabs/baf-build c549ccf8d472: Pulling fs layer b873e6898deb: Pulling fs layer 74cf0f3dc095: Pulling fs layer fc676e3f0b8a: Pulling fs layer 0f1201550b04: Pulling fs layer 2fb86dbe94f7: Pulling fs layer d802693791d8: Pulling fs layer 55d81230b246: Pulling fs layer ad776f5136d2: Pulling fs layer 757176ebac5f: Pulling fs layer c63cf7acb50f: Pulling fs layer f975dc259db1: Pulling fs layer docker: open /mnt/sda1/var/lib/docker/tmp/GetImageBlob239409027: input/output error.

roshan13046 (Thu, 01 Jul 2021 15:34:54 GMT):
Hi! Sownak,I fixed the issue of network.yaml file. It was working after executing the execution command : docker run -it -v /blockchain-automation-framework:/home/blockchain-automation-framework/ hyperledgerlabs/baf-build. But today after executing once again It shows an ERROR: Unable to find image 'hyperledgerlabs/baf-build:latest' locally latest: Pulling from hyperledgerlabs/baf-build c549ccf8d472: Pulling fs layer b873e6898deb: Pulling fs layer 74cf0f3dc095: Pulling fs layer fc676e3f0b8a: Pulling fs layer 0f1201550b04: Pulling fs layer 2fb86dbe94f7: Pulling fs layer d802693791d8: Pulling fs layer 55d81230b246: Pulling fs layer ad776f5136d2: Pulling fs layer 757176ebac5f: Pulling fs layer c63cf7acb50f: Pulling fs layer f975dc259db1: Pulling fs layer docker: open /mnt/sda1/var/lib/docker/tmp/GetImageBlob239409027: input/output error.

roshan13046 (Thu, 01 Jul 2021 15:36:50 GMT):

Screenshot (40).png

sownak (Thu, 01 Jul 2021 15:38:11 GMT):
Firstly your vault is not running

sownak (Thu, 01 Jul 2021 15:39:10 GMT):
secondly, looks like your docker engine has an error

roshan13046 (Thu, 01 Jul 2021 15:41:57 GMT):

Screenshot (41).png

sownak (Thu, 01 Jul 2021 15:42:28 GMT):
you can do docker pull hyperledger-labs/baf-build:latest

sownak (Thu, 01 Jul 2021 15:42:35 GMT):
and then try execute the command

roshan13046 (Thu, 01 Jul 2021 15:43:22 GMT):
Into the powershell. or into the default machine command line?

sownak (Thu, 01 Jul 2021 15:43:34 GMT):
in powershell

roshan13046 (Thu, 01 Jul 2021 15:50:32 GMT):
Is the image name correct? Error response from daemon: pull access denied for hyperledger-labs/baf-build, repository does not exist or may require 'docker login': denied: requested access to the resource is denied

roshan13046 (Thu, 01 Jul 2021 15:50:46 GMT):
docker pull hyperledger-labs/baf-build:latest

roshan13046 (Thu, 01 Jul 2021 15:51:42 GMT):
I am already loggedIn into the docker.

sheilman (Thu, 01 Jul 2021 16:08:03 GMT):
Thank you @suvajit-sarkar and @sownak I was unfamiliar with this!

sownak (Thu, 01 Jul 2021 16:08:25 GMT):
just hyperledgerlabs

roshan13046 (Thu, 01 Jul 2021 16:19:44 GMT):
Command got executed wth ERROR: PS C:\Windows\system32> docker pull hyperledgerlabs/baf-build:latest latest: Pulling from hyperledgerlabs/baf-build c549ccf8d472: Pulling fs layer b873e6898deb: Pulling fs layer 74cf0f3dc095: Pulling fs layer fc676e3f0b8a: Pulling fs layer 0f1201550b04: Pulling fs layer 2fb86dbe94f7: Pulling fs layer d802693791d8: Pulling fs layer 55d81230b246: Pulling fs layer ad776f5136d2: Pulling fs layer 757176ebac5f: Pulling fs layer c63cf7acb50f: Pulling fs layer f975dc259db1: Pulling fs layer open /mnt/sda1/var/lib/docker/tmp/GetImageBlob618211292: input/output error

sownak (Thu, 01 Jul 2021 16:21:02 GMT):
Please check your diskspace, again this is not a BAF issue, it is a docker issue

sownak (Fri, 02 Jul 2021 10:35:51 GMT):
BAF Release 0.9.0.0 is complete https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.9.0.0

sheilman (Fri, 02 Jul 2021 15:58:52 GMT):
I have been troubleshooting this alongside my colleague. We cannot figure out what `/path` the code is trying to access and getting Permission Denied. `TASK [create/crypto/peer : Create the peer certificate directory if it does not exist] ************************************* task path: /home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/peer.yaml:22 ESTABLISH LOCAL CONNECTION FOR USER: pmillwee EXEC /bin/sh -c 'echo ~pmillwee && sleep 0' EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /home/pmillwee/.ansible/tmp"&& mkdir "echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739" && echo ansible-tmp-1625142057.43-24053-75273181915739="echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739" ) && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/file.py PUT /home/pmillwee/.ansible/tmp/ansible-local-31366gPNLsU/tmp5Cbuj_ TO /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py EXEC /bin/sh -c 'chmod u+x /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/ /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py && sleep 0' EXEC /bin/sh -c '/usr/bin/python3 /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/ > /dev/null 2>&1 && sleep 0' fatal: [localhost]: FAILED! => { "changed": false, "invocation": { "module_args": { "_diff_peek": null, "_original_basename": null, "access_time": null, "access_time_format": "%Y%m%d%H%M.%S", "attributes": null, "backup": null, "content": null, "delimiter": null, "directory_mode": null, "follow": true, "force": false, "group": null, "mode": null, "modification_time": null, "modification_time_format": "%Y%m%d%H%M.%S", "owner": null, "path": "/path", "recurse": false, "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "directory", "unsafe_writes": null } }, "msg": "There was an issue creating /path as requested: [Errno 13] Permission denied: b'/path'", "path": "/path" } `

sheilman (Fri, 02 Jul 2021 15:58:52 GMT):
I have been troubleshooting this alongside my colleague. We cannot figure out what `/path` the code is trying to access and getting Permission Denied. ` TASK [create/crypto/peer : Create the peer certificate directory if it does not exist] ************************************* task path: /home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/peer.yaml:22 ESTABLISH LOCAL CONNECTION FOR USER: pmillwee EXEC /bin/sh -c 'echo ~pmillwee && sleep 0' EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /home/pmillwee/.ansible/tmp"&& mkdir "echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739" && echo ansible-tmp-1625142057.43-24053-75273181915739="echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739" ) && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/file.py PUT /home/pmillwee/.ansible/tmp/ansible-local-31366gPNLsU/tmp5Cbuj_ TO /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py EXEC /bin/sh -c 'chmod u+x /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/ /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py && sleep 0' EXEC /bin/sh -c '/usr/bin/python3 /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/ > /dev/null 2>&1 && sleep 0' fatal: [localhost]: FAILED! => { "changed": false, "invocation": { "module_args": { "_diff_peek": null, "_original_basename": null, "access_time": null, "access_time_format": "%Y%m%d%H%M.%S", "attributes": null, "backup": null, "content": null, "delimiter": null, "directory_mode": null, "follow": true, "force": false, "group": null, "mode": null, "modification_time": null, "modification_time_format": "%Y%m%d%H%M.%S", "owner": null, "path": "/path", "recurse": false, "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "directory", "unsafe_writes": null } }, "msg": "There was an issue creating /path as requested: [Errno 13] Permission denied: b'/path'", "path": "/path" } `

sheilman (Fri, 02 Jul 2021 15:58:52 GMT):
I have been troubleshooting this alongside my colleague. We cannot figure out what `/path` the code is trying to access and getting Permission Denied. ``` TASK [create/crypto/peer : Create the peer certificate directory if it does not exist] ************************************* task path: /home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/roles/create/crypto/peer/tasks/peer.yaml:22 ESTABLISH LOCAL CONNECTION FOR USER: pmillwee EXEC /bin/sh -c 'echo ~pmillwee && sleep 0' EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /home/pmillwee/.ansible/tmp"&& mkdir "echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739" && echo ansible-tmp-1625142057.43-24053-75273181915739="echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739" ) && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/file.py PUT /home/pmillwee/.ansible/tmp/ansible-local-31366gPNLsU/tmp5Cbuj_ TO /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py EXEC /bin/sh -c 'chmod u+x /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/ /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py && sleep 0' EXEC /bin/sh -c '/usr/bin/python3 /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/AnsiballZ_file.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /home/pmillwee/.ansible/tmp/ansible-tmp-1625142057.43-24053-75273181915739/ > /dev/null 2>&1 && sleep 0' fatal: [localhost]: FAILED! => { "changed": false, "invocation": { "module_args": { "_diff_peek": null, "_original_basename": null, "access_time": null, "access_time_format": "%Y%m%d%H%M.%S", "attributes": null, "backup": null, "content": null, "delimiter": null, "directory_mode": null, "follow": true, "force": false, "group": null, "mode": null, "modification_time": null, "modification_time_format": "%Y%m%d%H%M.%S", "owner": null, "path": "/path", "recurse": false, "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "state": "directory", "unsafe_writes": null } }, "msg": "There was an issue creating /path as requested: [Errno 13] Permission denied: b'/path'", "path": "/path" } ```

suvajit-sarkar (Mon, 05 Jul 2021 06:51:14 GMT):
Hi All, Please feel free to join our sprint planning today at 12pm GMT : https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 We will also discussion on the latest release and the roadmap.

angela.alagbe (Mon, 05 Jul 2021 08:43:38 GMT):
Has joined the channel.

angela.alagbe (Mon, 05 Jul 2021 08:47:01 GMT):
Hi @sheilman I think the issue is either because the peer certificate path (`org.services.peers.certificate`) is inaccessible or the directory path doesn't exist.

sheilman (Tue, 06 Jul 2021 14:18:52 GMT):
Thank you. I replaced the path with `/home/pmillwee/blossom-private/build/ca.crt` ie the full bath to the `ca.crt`. is that correct?

sheilman (Tue, 06 Jul 2021 18:18:45 GMT):
Which chaincode sample is recommended to use for testing infrastructure deployment since fabcar has been deprecated?

sheilman (Tue, 06 Jul 2021 19:51:13 GMT):
I tried abstore but am getting the same/similar error that I did with fabcar: ```YAML TASK [/home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Job installchaincode-peer0-abstore-2 in carrier-net] *** task path: /home/pmillwee/blossom-private/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:5 ESTABLISH LOCAL CONNECTION FOR USER: pmillwee EXEC /bin/sh -c 'echo ~pmillwee && sleep 0' EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/pmillwee/.ansible/tmp `"&& mkdir "` echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899 `" && echo ansible-tmp-1625599994.1-26066-175195507522899="` echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899 `" ) && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/clustering/k8s/k8s_info.py PUT /home/pmillwee/.ansible/tmp/ansible-local-31532RvXMhL/tmprl93pg TO /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899/AnsiballZ_k8s_info.py EXEC /bin/sh -c 'chmod u+x /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899/ /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899/AnsiballZ_k8s_info.py && sleep 0' EXEC /bin/sh -c '/usr/bin/python3 /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899/AnsiballZ_k8s_info.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /home/pmillwee/.ansible/tmp/ansible-tmp-1625599994.1-26066-175195507522899/ > /dev/null 2>&1 && sleep 0' FAILED - RETRYING: Wait for Job installchaincode-peer0-abstore-2 in carrier-net (20 retries left).Result was: { "attempts": 1, "changed": false, "invocation": { "module_args": { "api_key": null, "api_version": "v1", "ca_cert": null, "client_cert": null, "client_key": null, "context": "arn:aws:eks:us-east-1:657685093141:cluster/blossom1-east1", "field_selectors": [ "status.phase=Succeeded" ], "host": null, "kind": "Pod", "kubeconfig": "/home/pmillwee/blossom-private/build/kube.config", "label_selectors": [ "app = installchaincode-peer0-abstore-2" ], "name": null, "namespace": "carrier-net", "password": null, "proxy": null, "username": null, "validate_certs": null } }, "resources": [], "retries": 21 } ```

sheilman (Tue, 06 Jul 2021 21:42:50 GMT):
I also tried https://github.com/hyperledger/fabric-samples/tree/main/asset-transfer-basic/chaincode-go ```YAML TASK [/home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Job installchaincode-peer0-asset-transfer-basic-2 in carrier-net] *** task path: /home/pmillwee/blossom-private/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:5 ESTABLISH LOCAL CONNECTION FOR USER: pmillwee EXEC /bin/sh -c 'echo ~pmillwee && sleep 0' EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/pmillwee/.ansible/tmp `"&& mkdir "` echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532 `" && echo ansible-tmp-1625605848.96-21008-266780283257532="` echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532 `" ) && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/clustering/k8s/k8s_info.py PUT /home/pmillwee/.ansible/tmp/ansible-local-26271wIn4Ie/tmpkK1qJP TO /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532/AnsiballZ_k8s_info.py EXEC /bin/sh -c 'chmod u+x /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532/ /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532/AnsiballZ_k8s_info.py && sleep 0' EXEC /bin/sh -c '/usr/bin/python3 /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532/AnsiballZ_k8s_info.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /home/pmillwee/.ansible/tmp/ansible-tmp-1625605848.96-21008-266780283257532/ > /dev/null 2>&1 && sleep 0' FAILED - RETRYING: Wait for Job installchaincode-peer0-asset-transfer-basic-2 in carrier-net (20 retries left).Result was: { "attempts": 1, "changed": false, "invocation": { "module_args": { "api_key": null, "api_version": "v1", "ca_cert": null, "client_cert": null, "client_key": null, "context": "arn:aws:eks:us-east-1:657685093141:cluster/blossom1-east1", "field_selectors": [ "status.phase=Succeeded" ], "host": null, "kind": "Pod", "kubeconfig": "/home/pmillwee/blossom-private/build/kube.config", "label_selectors": [ "app = installchaincode-peer0-asset-transfer-basic-2" ], "name": null, "namespace": "carrier-net", "password": null, "proxy": null, "username": null, "validate_certs": null } }, "resources": [], "retries": 21 } ```

alvaropicazo (Wed, 07 Jul 2021 07:58:57 GMT):
Yep that's correct. I personally prefer to have the certificates a bit more organised as I may have multiple peers in my network. As an example, for my organization called carrier, I have *two* peers. So the certificates would be located in: /home/alvaro/build/certificates/carrier/peer0/ca.crt for peer0, and /home/alvaro/build/certificates/carrier/peer1/ca.crt for peer1

alvaropicazo (Wed, 07 Jul 2021 08:11:51 GMT):
I personally feel pretty confortable using the chaincode we have in `examples/supplychain-app/fabric/chaincode_rest_server/chaincode/ ` . Could you please check that everything is set up correctly in the chaincode section (under services.peers) from your network.yaml?

alvaropicazo (Wed, 07 Jul 2021 08:34:40 GMT):

Clipboard - July 7, 2021 10:34 AM

sheilman (Wed, 07 Jul 2021 15:18:42 GMT):
@alvaropicazo can you paste that code as text?

sheilman (Wed, 07 Jul 2021 15:18:49 GMT):
I'll try that chaincode instead

sheilman (Wed, 07 Jul 2021 17:01:25 GMT):
Me again! I've come across this a couple times and either it resolves itself or another error takes precedent. I have notes on the error but not the solve. I checked, and didn't see that I had posted this previously. I thought this was an issue with the peer, orderer, or uri addresses being internal or external and have tried different combinations of them to troubleshooting. This is the error I am stuck on: ``` YAML TASK [/home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Pod ca in supplychain-net] *** task path: /home/pmillwee/blossom-private/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:36 ESTABLISH LOCAL CONNECTION FOR USER: pmillwee EXEC /bin/sh -c 'echo ~pmillwee && sleep 0' EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/pmillwee/.ansible/tmp `"&& mkdir "` echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749 `" && echo ansible-tmp-1625676751.98-19774-57996463390749="` echo /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749 `" ) && sleep 0' Using module file /usr/lib/python2.7/site-packages/ansible/modules/clustering/k8s/k8s_info.py PUT /home/pmillwee/.ansible/tmp/ansible-local-16931JhLl2c/tmpo_uCFb TO /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749/AnsiballZ_k8s_info.py EXEC /bin/sh -c 'chmod u+x /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749/ /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749/AnsiballZ_k8s_info.py && sleep 0' EXEC /bin/sh -c '/usr/bin/python3 /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749/AnsiballZ_k8s_info.py && sleep 0' EXEC /bin/sh -c 'rm -f -r /home/pmillwee/.ansible/tmp/ansible-tmp-1625676751.98-19774-57996463390749/ > /dev/null 2>&1 && sleep 0' FAILED - RETRYING: Wait for Pod ca in supplychain-net (20 retries left).Result was: { "attempts": 1, "changed": false, "invocation": { "module_args": { "api_key": null, "api_version": "v1", "ca_cert": null, "client_cert": null, "client_key": null, "context": "arn:aws:eks:us-east-1:657685093141:cluster/blossom1-east1", "field_selectors": [ "status.phase=Running" ], "host": null, "kind": "Pod", "kubeconfig": "/home/pmillwee/blossom-private/build/kube.config", "label_selectors": [ "name = ca" ], "name": null, "namespace": "supplychain-net", "password": null, "proxy": null, "username": null, "validate_certs": null } }, "resources": [], "retries": 21 } ```

alvaropicazo (Thu, 08 Jul 2021 08:26:44 GMT):
` chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "cmd" #The main directory where chaincode is needed to be placed repository: username: "alvaropicazo" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/alvaropicazo/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode`

alvaropicazo (Thu, 08 Jul 2021 08:27:20 GMT):
~ chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "cmd" #The main directory where chaincode is needed to be placed repository: username: "alvaropicazo" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/alvaropicazo/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode~

alvaropicazo (Thu, 08 Jul 2021 08:29:47 GMT):
` chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "cmd" #The main directory where chaincode is needed to be placed repository: username: "alvaropicazo" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/alvaropicazo/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode`

alvaropicazo (Thu, 08 Jul 2021 08:36:48 GMT):
`hi`

alvaropicazo (Thu, 08 Jul 2021 08:37:10 GMT):
`YAML`

alvaropicazo (Thu, 08 Jul 2021 08:37:23 GMT):
`YAML chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "cmd" #The main directory where chaincode is needed to be placed repository: username: "alvaropicazo" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/alvaropicazo/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode`

alvaropicazo (Thu, 08 Jul 2021 08:40:27 GMT):
This log does not give too much information about the error. What I suggest to do is to clean the network by running the reset-network.yaml file and try to deploy it again. If you are still getting stuck at this point, try to check the logs of the pod or by describing the pod you can get more information about what is failing.

alvaropicazo (Thu, 08 Jul 2021 08:49:25 GMT):
Btw check the `ca_data.url` field from your network.yaml, the issue could be there, but first try to reset it and deploy it again.

alvaropicazo (Thu, 08 Jul 2021 08:54:42 GMT):
``` chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "cmd" #The main directory where chaincode is needed to be placed repository: username: "alvaropicazo" # Git Service user who has rights to check-in in all branches password: "" url: "github.com/alvaropicazo/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode/" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode ```

sheilman (Thu, 08 Jul 2021 15:31:33 GMT):
ok let me try the reset first. I'm looking at the pods in Rancher and the `flux-helm-operator` is showing a red x under "Ready". I will see if the network reset fixes that.

sheilman (Thu, 08 Jul 2021 15:31:48 GMT):
The log i pasted is the ansible output with `-vvv`.

sheilman (Thu, 08 Jul 2021 15:43:00 GMT):
Is `reset-network.yaml` only for Corda? I am running Fabric

sheilman (Thu, 08 Jul 2021 16:17:00 GMT):
When i run the network reset, shouldn't the Pods for Flux be removed from the K8S cluster? I ran site.yml with reset=true then ran reset-network.yaml per readme instructions.

zandercreations (Fri, 09 Jul 2021 03:59:35 GMT):

Clipboard - July 8, 2021 11:59 PM

zandercreations (Fri, 09 Jul 2021 04:16:24 GMT):
This url seems to be forbidden https://bintray.com/hyperledger-org/besu-repo/download_file?file_path=besu-21.1.1.tar.gz

zandercreations (Fri, 09 Jul 2021 04:16:24 GMT):
This url seems to be forbidden https://bintray.com/hyperledger-org/besu-repo/download_file?file_path=besu-21.1.1.tar.gz when you try to curl

zandercreations (Fri, 09 Jul 2021 04:18:26 GMT):
I'm using the latest release v0.9.0.0 If this is a bug let me know so I can revert back to the previous version

sownak (Fri, 09 Jul 2021 08:03:40 GMT):
running site.yaml with reset=true is same as running reset-network. What you have to look into is the logs of the flux pod. Please follow this https://blockchain-automation-framework.readthedocs.io/en/develop/operations/baf_verify.html

sownak (Fri, 09 Jul 2021 08:05:57 GMT):
This is because Besu has deprecated bintray and all binaries are now available on github releases. You have to change the path yourself, or download besu binaries manually and place them in ~/bin/besu. This fix has been done in vaultv2 branch

sownak (Fri, 09 Jul 2021 08:08:37 GMT):
check https://github.com/hyperledger-labs/blockchain-automation-framework/pull/1566/files#diff-8fbaf360f4db05ae1171366ee0444ed973fe1890ab5f3536cc8306e0d10adbce for reference

hoang-innomizetech (Fri, 09 Jul 2021 08:38:17 GMT):
Has joined the channel.

hoang-innomizetech (Fri, 09 Jul 2021 08:38:18 GMT):
Hi all, I am new the BAF, I have been trying to deploy the default network to K8S and currently I am getting retry timeout for CA pods. CA pods have been created but it cannot be started in K8S. Has anyone faced this issue before? How can I know why CA pods cannot be started? `TASK [Create CA tools for each organization] ********************************************************************************************************************************* TASK [waiting for the CA server to be created in supplychain-net] ************************************************************************************************************ TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Pod ca in supplychain-net] *** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Check for {{ job_title }} job on {{ component_name }}] *** skipping: [localhost] => {"changed": false, "skip_reason": "Conditional result was False"} TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Pod ca in supplychain-net] *** `

sownak (Fri, 09 Jul 2021 09:34:20 GMT):
What do you mean by created but not started? Can you share the logs of your CA pods?

hoang-innomizetech (Fri, 09 Jul 2021 09:45:20 GMT):
I cannot be started

hoang-innomizetech (Fri, 09 Jul 2021 09:45:24 GMT):

Clipboard - July 9, 2021 4:45 PM

hoang-innomizetech (Fri, 09 Jul 2021 09:45:37 GMT):
I am trying to see what CD pods cannot be started

hoang-innomizetech (Fri, 09 Jul 2021 09:53:23 GMT):

Clipboard - July 9, 2021 4:53 PM

hoang-innomizetech (Fri, 09 Jul 2021 09:53:28 GMT):
I am trying to get logs from kube

sownak (Fri, 09 Jul 2021 09:57:01 GMT):
You have to follow the debugging guide which talks about each step. This looks like configuration issue, you will have to describe the pod to look at the events on the pod

hoang-innomizetech (Fri, 09 Jul 2021 10:16:50 GMT):
where I can find the debugging guide?

hoang-innomizetech (Fri, 09 Jul 2021 10:16:58 GMT):
Sorry, I am new to BAF.

sownak (Fri, 09 Jul 2021 10:58:32 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html

hoang-innomizetech (Fri, 09 Jul 2021 11:03:45 GMT):
thank you . In regarding the Vault server, can this work with Dev server and v1.7.3 instead of v1.7.1 (per documented)?

hoang-innomizetech (Fri, 09 Jul 2021 11:04:08 GMT):
We are getting error from vault server { "errors": [ "invalid role name \"vault-role\"" ] } ERROR: unable to retrieve vault login token: { "errors": [ "invalid role name \"vault-role\"" ]

sownak (Fri, 09 Jul 2021 11:05:51 GMT):
Vault servers should be accessible from both Kubernetes cluster and Ansible controller

sownak (Fri, 09 Jul 2021 11:06:09 GMT):
and this seems your vault role has not been created

sownak (Fri, 09 Jul 2021 11:06:32 GMT):
Vault version is fine

hoang-innomizetech (Fri, 09 Jul 2021 11:06:36 GMT):
I reviewed that page (baf-verify.html) but unfortunately, I cannot figure out why the CA pods cannot be started (not ready)

hoang-innomizetech (Fri, 09 Jul 2021 11:07:01 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=cZGyYfDkerW49A8zY) The secrets have been created successfully

hoang-innomizetech (Fri, 09 Jul 2021 11:08:02 GMT):

Clipboard - July 9, 2021 6:07 PM

sownak (Fri, 09 Jul 2021 11:08:37 GMT):
what have you passed as vault_addr in network.yaml?

sownak (Fri, 09 Jul 2021 11:09:12 GMT):
for CA pods, do `kubectl describe pod -n `

hoang-innomizetech (Fri, 09 Jul 2021 11:09:41 GMT):
vault: url: "http://our vault server ipd:8200/"

sownak (Fri, 09 Jul 2021 11:10:58 GMT):
is that IP reachable from Kuberetes cluster?

hoang-innomizetech (Fri, 09 Jul 2021 11:11:23 GMT):
yes

hoang-innomizetech (Fri, 09 Jul 2021 11:11:32 GMT):
this is on the cloud and able to access from kube cluster

hoang-innomizetech (Fri, 09 Jul 2021 11:11:55 GMT):

Clipboard - July 9, 2021 6:11 PM

sownak (Fri, 09 Jul 2021 11:12:54 GMT):
then check logs of flux as well. In your last logs I saw errors as to the git push itself not working

hoang-innomizetech (Fri, 09 Jul 2021 11:13:19 GMT):
yes, I have fixed the flux and it should work now. but it now stuck at CA pods

sownak (Fri, 09 Jul 2021 11:13:52 GMT):
what other auth methods are there?

hoang-innomizetech (Fri, 09 Jul 2021 11:16:58 GMT):
sorry which auth method you are mentioning?

sownak (Fri, 09 Jul 2021 11:17:40 GMT):
on your Vault frontend, can you check what other Policies and Access are there?

hoang-innomizetech (Fri, 09 Jul 2021 11:18:17 GMT):

Clipboard - July 9, 2021 6:18 PM

hoang-innomizetech (Fri, 09 Jul 2021 11:19:06 GMT):

Clipboard - July 9, 2021 6:19 PM

sownak (Fri, 09 Jul 2021 11:19:40 GMT):
that looks fine. Whats the output of kubectl describe pod?

hoang-innomizetech (Fri, 09 Jul 2021 11:19:41 GMT):
I don't see role inside each access for each org

hoang-innomizetech (Fri, 09 Jul 2021 11:19:42 GMT):

Clipboard - July 9, 2021 6:19 PM

hoang-innomizetech (Fri, 09 Jul 2021 11:20:39 GMT):

ca-pod.txt

sownak (Fri, 09 Jul 2021 11:21:29 GMT):
'0/3 nodes are available: 3 pod has unbound immediate PersistentVolumeClaims.'

sownak (Fri, 09 Jul 2021 11:21:46 GMT):
Your pods are not able to provision PVCs

hoang-innomizetech (Fri, 09 Jul 2021 11:22:18 GMT):
yes, i that log but I cannot understand why

sownak (Fri, 09 Jul 2021 11:22:36 GMT):
which cloud provider?

hoang-innomizetech (Fri, 09 Jul 2021 11:23:02 GMT):
I am using minikube

hoang-innomizetech (Fri, 09 Jul 2021 11:23:14 GMT):
the created my cluster using VM (virtualbox)

hoang-innomizetech (Fri, 09 Jul 2021 11:23:30 GMT):
https://github.com/LocusInnovations/k8s-vagrant-virtualbox

sownak (Fri, 09 Jul 2021 11:24:56 GMT):
that error says that respective pvc are not created, looks like a Kubernetes issue. you can search for that error on google and solve it

hoang-innomizetech (Fri, 09 Jul 2021 11:28:53 GMT):
do you think because I am running kube locally using VM causes this issue?

sownak (Fri, 09 Jul 2021 11:30:10 GMT):
Maybe the storageclass is wrong. We have tested with minikube on virtualbox only, and currently not supporting minikube issues

hoang-innomizetech (Fri, 09 Jul 2021 11:36:16 GMT):
https://github.com/innomizetech/blockchain-automation-framework/tree/develop/platforms/hyperledger-fabric/releases/dev

hoang-innomizetech (Fri, 09 Jul 2021 11:36:35 GMT):
can you have a look at the release folder (develop branch) and see if you can see issues?

sownak (Fri, 09 Jul 2021 11:37:17 GMT):
can you check `kubectl get sc`?

hoang-innomizetech (Fri, 09 Jul 2021 11:38:00 GMT):

Clipboard - July 9, 2021 6:37 PM

sownak (Fri, 09 Jul 2021 11:38:51 GMT):
kubectl get pvc -A and then describe one of the pvc

hoang-innomizetech (Fri, 09 Jul 2021 11:39:23 GMT):

Clipboard - July 9, 2021 6:39 PM

hoang-innomizetech (Fri, 09 Jul 2021 11:39:26 GMT):
It is pending

sownak (Fri, 09 Jul 2021 11:39:37 GMT):
yes thats the issue

sownak (Fri, 09 Jul 2021 11:39:43 GMT):
so describe one of that

hoang-innomizetech (Fri, 09 Jul 2021 11:40:53 GMT):

Clipboard - July 9, 2021 6:40 PM

hoang-innomizetech (Fri, 09 Jul 2021 11:41:16 GMT):
it is waiting for creation

sownak (Fri, 09 Jul 2021 11:41:46 GMT):
looks like your minikube does not have pvc creation powers

sownak (Fri, 09 Jul 2021 11:41:59 GMT):
you will have to search this out

hoang-innomizetech (Fri, 09 Jul 2021 11:45:02 GMT):
maybe I am not using minikuke, I installed k8s cluster with one master and 2 nodes using vagrant https://github.com/LocusInnovations/k8s-vagrant-virtualbox

hoang-innomizetech (Fri, 09 Jul 2021 11:45:13 GMT):
cloud_provider: minikube # Options: aws, azure, gcp, digitalocean, minikube

hoang-innomizetech (Fri, 09 Jul 2021 11:45:31 GMT):
did we test with k8s cluster , i don't see we have an issue

sownak (Fri, 09 Jul 2021 11:45:57 GMT):
we test with manages services only

hoang-innomizetech (Fri, 09 Jul 2021 11:46:44 GMT):
well, could you please have a quick test on vm I have provided

hoang-innomizetech (Fri, 09 Jul 2021 11:46:49 GMT):
and run the playbook?

sownak (Fri, 09 Jul 2021 11:49:41 GMT):
We do not maintain vagrant vms. Most likely you have to create a new storageclass template so that it works with Vagrant

hoang-innomizetech (Fri, 09 Jul 2021 11:51:07 GMT):
No, I just wanted to know whether we have plan to test with customized kube cluster instead of managed service or minikube

hoang-innomizetech (Fri, 09 Jul 2021 11:51:25 GMT):
because we're already created our cluster so we will not use managed services

sownak (Fri, 09 Jul 2021 11:58:45 GMT):
No, we do not have plans for that ourselves. You can contribute back to the opensource community when you are able to make those changes

hoang-innomizetech (Fri, 09 Jul 2021 15:53:09 GMT):
Now I am running with minikube and got error with CA again (Init:CrashLoopBackOff) Based on the verify step I run this command: `kubectl logs ca-68bf85dcbf-q56w7 -c certificates-init -n carrier-net` But I got error `error: container certificates-init is not valid for pod ca-68bf85dcbf-q56w7`

hoang-innomizetech (Fri, 09 Jul 2021 15:58:21 GMT):
I changed to `kubectl logs ca-68bf85dcbf-q56w7 -c ca-certs-init -n carrier-net`

hoang-innomizetech (Fri, 09 Jul 2021 15:58:42 GMT):
Getting secrets from Vault Server: http://VAULT_ADDR:8200/ { "errors": [] } ERROR: unable to retrieve vault login token: { "errors": [] }

zandercreations (Fri, 09 Jul 2021 16:52:12 GMT):
Thanks I was able to get the BAF-BESU running

zandercreations (Fri, 09 Jul 2021 16:52:12 GMT):
Thanks I was able to get the BAF-BESU running because of this fix

zandercreations (Fri, 09 Jul 2021 16:57:27 GMT):
I will work on getting the clique consensus working on my end

zandercreations (Fri, 09 Jul 2021 17:57:05 GMT):
How do I acess the rpc and ws endpoints

zandercreations (Fri, 09 Jul 2021 17:57:05 GMT):
How do I access the rpc and ws endpoints

zandercreations (Fri, 09 Jul 2021 17:57:32 GMT):
I need them so I can connect to my Blockscout block explorer

zandercreations (Fri, 09 Jul 2021 17:58:20 GMT):
I essentially want to follow this page to test the endpoints https://besu.hyperledger.org/en/21.1.1/HowTo/Interact/APIs/Using-JSON-RPC-API/#websockets

zandercreations (Fri, 09 Jul 2021 17:59:07 GMT):
How do I access the rpc and ws endpoints after I have deployed the BAF to EKS I need them so I can connect to my Blockscout block explorer. I essentially want to follow this page to test the endpoints https://besu.hyperledger.org/en/21.1.1/HowTo/Interact/APIs/Using-JSON-RPC-API/#websockets

hoang-innomizetech (Sat, 10 Jul 2021 06:17:11 GMT):
I am running BAF deployment with minikube and vault 1.7.1 but I am getting error with CA pods. When I run this command: `kubectl logs ca-5d8945994f-qr4mr -c ca-certs-init -n warehouse-net` I got this error `{ "errors": [ "claim \"iss\" is invalid" ] } ERROR: unable to retrieve vault login token: { "errors": [ "claim \"iss\" is invalid" ] } ` The iss I got the the jwt token is `https://kubernetes.default.svc.cluster.local` and it different to the default iss.

hoang-innomizetech (Sat, 10 Jul 2021 06:17:21 GMT):

Clipboard - July 10, 2021 1:17 PM

hoang-innomizetech (Sat, 10 Jul 2021 06:17:58 GMT):

vault auth method configuration

hoang-innomizetech (Sat, 10 Jul 2021 06:19:11 GMT):

pods

hoang-innomizetech (Sat, 10 Jul 2021 06:22:10 GMT):
When I update auth method config in vault, I got this error `{"errors":["permission denied"]}`

MaBak (Sat, 10 Jul 2021 14:19:28 GMT):
Hi Is there any information available about companies using BAF in production?

Vgkmanju (Mon, 12 Jul 2021 06:58:37 GMT):
Hi all, In kubernetes version 1.18.14, we had hyperledger fabric 2.2 setup using BAF. I am upgrading all the deployed chaincodes using external chaincode launcher. Till thursday (july 8 2021), I was able to do install chaincode using external chaincode launcher. But now when I am trying to install chaincode in the peer cli pod, I got the following error: Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: platform builder failed: Failed to generate a Dockerfile: Unknown chaincodeType: EXTERNAL I checked the externalbuilder path. I have all the 3 scripts (detect, build, release) with execution permission. In the core.yaml file also contains externalbuilder. Can anyone please suggest how to resolve this? Why this happened?

suvajit-sarkar (Mon, 12 Jul 2021 07:54:54 GMT):
As BAF is open-sourced we don't know the actual no. of companies that are using it in production. But some of those we are aware of include an International Media company, an European Transport company, an Asian Airport Authority, a US based Finance company, a Retail Giant, Asia's leading healthcare company.

suvajit-sarkar (Mon, 12 Jul 2021 07:55:28 GMT):
As BAF is open-sourced we don't know the actual no. of companies that are using it in production. But some of those we are aware of include an International Media company, an European Transport company, an Asian Airport Authority, a US based Finance company, a Retail Giant, Asia's leading healthcare company.

sheilman (Mon, 12 Jul 2021 21:39:14 GMT):
To re-run the site.yaml playbook after a failure, do you run the same command again or is there another playbook?

sheilman (Mon, 12 Jul 2021 22:19:24 GMT):
This error says it is looking for a pod in the namespace "supply-chain.net". BUT, looking in Rancher there is NO namepace with that name. Does that mean a previous playbook isn't working?

jagpreet (Tue, 13 Jul 2021 08:38:47 GMT):
Hi @hoang-innomizetech Can you confirm whether your kubernetes cluster can access vault via the vault-url you have provided in the network.yaml?

hoang-innomizetech (Wed, 14 Jul 2021 03:32:47 GMT):
Yes, vault server is accessible

hoang-innomizetech (Wed, 14 Jul 2021 03:33:09 GMT):
you can see we are facing different issues when starting CA pods (see above message)

hoang-innomizetech (Wed, 14 Jul 2021 05:10:19 GMT):
I have fixed the above error but now I am getting another error

hoang-innomizetech (Wed, 14 Jul 2021 05:10:22 GMT):

Clipboard - July 14, 2021 12:10 PM

sheilman (Wed, 14 Jul 2021 16:25:56 GMT):
@sownak does running site.yaml with reset=true reset secret engines and Access Authentication methods in Vault?

sheilman (Wed, 14 Jul 2021 16:25:56 GMT):
@sownak does running site.yaml with reset=true affect Hashicorp Vualt? ie will it delete secret engines and Access Authentication methods in Vault?

hoang-innomizetech (Thu, 15 Jul 2021 04:26:53 GMT):
I am getting this error when viewing the logs of peer pods ` 2021-07-15 04:15:43.762 UTC [msp] getPemMaterialFromDir -> WARN 001 Failed reading file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt: no pem content for file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt 2021-07-15 04:15:43.763 UTC [main] InitCmd -> ERRO 002 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/crypto/msp: Setup error: nil conf reference `

hoang-innomizetech (Thu, 15 Jul 2021 04:26:53 GMT):
I am getting this error when viewing the logs of peer pods `2021-07-15 04:15:43.762 UTC [msp] getPemMaterialFromDir -> WARN 001 Failed reading file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt: no pem content for file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt 2021-07-15 04:15:43.763 UTC [main] InitCmd -> ERRO 002 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/crypto/msp: Setup error: nil conf reference`

hoang-innomizetech (Thu, 15 Jul 2021 04:26:53 GMT):
I am getting this error when viewing the logs of peer pods 2021-07-15 04:15:43.762 UTC [msp] getPemMaterialFromDir -> WARN 001 Failed reading file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt: no pem content for file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt 2021-07-15 04:15:43.763 UTC [main] InitCmd -> ERRO 002 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/crypto/msp: Setup error: nil conf reference

hoang-innomizetech (Thu, 15 Jul 2021 04:26:53 GMT):
I am getting this error when viewing the logs of peer pods when deploying sample network network-fabricv2-raft.yaml 2021-07-15 04:15:43.762 UTC [msp] getPemMaterialFromDir -> WARN 001 Failed reading file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt: no pem content for file /etc/hyperledger/fabric/crypto/msp/signcerts/server.crt 2021-07-15 04:15:43.763 UTC [main] InitCmd -> ERRO 002 Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/crypto/msp: Setup error: nil conf reference

hoang-innomizetech (Thu, 15 Jul 2021 04:33:09 GMT):

Clipboard - July 15, 2021 11:33 AM

hoang-innomizetech (Thu, 15 Jul 2021 04:33:20 GMT):
There is only one peer is running

jagpreet (Thu, 15 Jul 2021 08:32:57 GMT):

Clipboard - July 15, 2021 2:02 PM

jagpreet (Thu, 15 Jul 2021 08:33:18 GMT):
Hi @hoang-innomizetech I think you forgot to change the path here (network.organization.services.peer.certificate)

hoang-innomizetech (Thu, 15 Jul 2021 09:28:32 GMT):
yeah, I have fixed it by commenting that

hoang-innomizetech (Thu, 15 Jul 2021 09:28:58 GMT):
# certificate: "/path/ca.crt" # certificate path for peer

hoang-innomizetech (Thu, 15 Jul 2021 09:29:12 GMT):
I think we will generate ca cert if we not specify right>

hoang-innomizetech (Thu, 15 Jul 2021 09:29:52 GMT):
I think the MOUNT_PATH variable is wrong on the deployment file

hoang-innomizetech (Thu, 15 Jul 2021 09:29:53 GMT):
- name: MOUNT_PATH value: /secret

hoang-innomizetech (Thu, 15 Jul 2021 09:30:06 GMT):
it should be /var/hyperledger/orderer/crypto

hoang-innomizetech (Thu, 15 Jul 2021 09:32:30 GMT):
https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1569

sheilman (Thu, 15 Jul 2021 16:02:27 GMT):
Does running site.yaml with reset=true affect Hashicorp Vualt? ie will it delete secret engines and Access Authentication methods in Vault?

suvajit-sarkar (Fri, 16 Jul 2021 08:09:51 GMT):
Nope. Hashicorp Vault is a prerequisite to BAF. Installation or removal of vault server is not done by BAF

suvajit-sarkar (Fri, 16 Jul 2021 08:09:51 GMT):
Nope. Hashicorp Vault is a prerequisite to BAF. Installation or removal of *vault server* is not done by BAF

suvajit-sarkar (Fri, 16 Jul 2021 08:13:37 GMT):
Upcoming scrum ceremonies - \Open Sprint Planning - 18th July - 12.00pm GMT\ \Open Release Demo - 22nd July - 12.00pm GMT\ Feel free to join the ceremonies on zoom channel - https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Fri, 16 Jul 2021 08:13:37 GMT):
Upcoming scrum ceremonies - \bullet Open Sprint Planning - 18th July - 12.00pm GMT \Open Release Demo - 22nd July - 12.00pm GMT\ Feel free to join the ceremonies on zoom channel - https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Fri, 16 Jul 2021 08:13:37 GMT):
Upcoming scrum ceremonies - *Open Sprint Planning - 18th July - 12.00pm GMT Open Release Demo - 22nd July - 12.00pm GMT* Feel free to join the ceremonies on zoom channel - https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

suvajit-sarkar (Fri, 16 Jul 2021 08:13:37 GMT):
Upcoming scrum ceremonies - *Open Sprint Planning - 18th July - 12.00pm GMT* *Open Release Demo - 22nd July - 12.00pm GMT* Feel free to join the ceremonies on zoom channel - https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

hoang-innomizetech (Sat, 17 Jul 2021 05:19:53 GMT):
Hi all, Can someone tell me the detail of the DNS record we need to map (e.g. Route53). can we use sub-domain i..e org1.hlf.mydomain.com (hlf.mydomain.com is my subdomain and it will map the the public DNS of ALB created by haproxy ingress controller). In BAF, HAProxy Ingress does the same thing as Ambassador does i.e. it routes traffic amongst multiple K8s clusters. For each K8s cluster, an HAProxy Ingress Loadbalancer Service will be created to sit inside it. A user has to manually use a DNS server (e.g. AWS Route53) to map the public IP of the HAProxy Service to a DNS name for each cluster. Optionally, you can configure External-DNS on the cluster and map the routes automatically. Automatic updation of routes via External DNS is supported from BAF 0.3.0.0 onwards.

hoang-innomizetech (Mon, 19 Jul 2021 01:57:03 GMT):
Hi, After some days trying to deploy HLF with BAF, I have been able to deploy the sample raft network, but when I try to add another org to that network, I am getting this error `Error: got unexpected status: BAD_REQUEST -- error applying config update to existing channel 'allchannel': error authorizing update: ConfigUpdate for channel '' but envelope for channel 'allchannel'", "command terminated with exit code 1` when running this task `TASK [setup/config_block/sign_and_update : updating the channel with the new configuration block] `

jagpreet (Mon, 19 Jul 2021 08:42:57 GMT):
Hi @hoang-innomizetech The /secret path is fine, I have explained the flow in the issue you created [here](https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1569#issuecomment-882249886)

jagpreet (Mon, 19 Jul 2021 08:48:21 GMT):
Hi @hoang-innomizetech Can you take a latest pull of the code, because this issue seems to be fixed?

hoang-innomizetech (Mon, 19 Jul 2021 08:55:11 GMT):
Yes, i am using the latest develop branch. Could you please let me know which specific commit that have fixed this issue so that I can double check?

jagpreet (Mon, 19 Jul 2021 10:18:04 GMT):
I dont think we should be commenting that field. Please fill in that path with the details mentioned above.

jagpreet (Mon, 19 Jul 2021 10:18:33 GMT):
Can you try the master branch code?

jagpreet (Mon, 19 Jul 2021 10:19:47 GMT):
You can also refer to the [guide](https://blockchain-automation-framework.readthedocs.io/en/latest/operations/adding_new_org_fabric.html) incase, if you missed out something.

hoang-innomizetech (Mon, 19 Jul 2021 10:26:29 GMT):
yes, i followed exact the guide

hoang-innomizetech (Mon, 19 Jul 2021 10:31:32 GMT):
I am trying on develop and i fixed some issues when running with K8S v1.19 and ansible 2.11.2 and jinja 3.0.1 (template issue - indentfirst=true)

hoang-innomizetech (Mon, 19 Jul 2021 10:31:43 GMT):
should develop is the latest one?

jagpreet (Mon, 19 Jul 2021 10:32:08 GMT):
Develop branch holds the experimental code, master branch holds the stable code.

hoang-innomizetech (Mon, 19 Jul 2021 10:37:43 GMT):
the master code will not work since we are testing on K8S v1.19

hoang-innomizetech (Mon, 19 Jul 2021 10:38:11 GMT):
for example, use apiVersion: rbac.authorization.k8s.io/v1beta1 will throw error

hoang-innomizetech (Mon, 19 Jul 2021 10:38:23 GMT):
for v1.19 we should use apiVersion: rbac.authorization.k8s.io/v1

hoang-innomizetech (Mon, 19 Jul 2021 10:42:03 GMT):
I also faced some issues when deploying haproxy ingress, I have to fix the missing ConfigMap and also increase version to v0.13.0-beta.2 to make it works with K8S v1.19 https://github.com/jcmoraisjr/haproxy-ingress

hoang-innomizetech (Tue, 20 Jul 2021 16:00:31 GMT):
I have tried, but I really don't know what should be the value for prop

hoang-innomizetech (Tue, 20 Jul 2021 16:01:21 GMT):
I can deploy the network with commented prop, but it failed at commit chaincode

hoang-innomizetech (Tue, 20 Jul 2021 16:02:22 GMT):
It failed at this task - name: Copy organization level certificates for orgs {{ organization.name }} on this file platforms/hyperledger-fabric/configuration/roles/create/chaincode/commit/tasks/write.yaml

hoang-innomizetech (Tue, 20 Jul 2021 16:02:22 GMT):
It failed at this task `- name: Copy organization level certificates for orgs {{ organization.name }}` on this file `platforms/hyperledger-fabric/configuration/roles/create/chaincode/commit/tasks/write.yaml`

hoang-innomizetech (Tue, 20 Jul 2021 16:02:22 GMT):
It failed at this task `Create the peer certificate directory if it does not exist` on this file `platforms/hyperledger-fabric/configuration/roles/create/chaincode/commit/tasks/write.yaml`

hoang-innomizetech (Tue, 20 Jul 2021 16:06:43 GMT):
Based on the ansible code, it looks like this is a directory not file. Really confused

hoang-innomizetech (Tue, 20 Jul 2021 16:10:04 GMT):
can you please let me know what should be the right value for the certificate path?

sheilman (Wed, 21 Jul 2021 17:58:24 GMT):
can someone send me documentation link for why there are two Hashicorp Vaults? There is a local installaion in the prerequisite then a pod that get's deployed.

jvdacasin (Thu, 22 Jul 2021 07:18:50 GMT):
Hello team, I am deploying BAF using r3-corda and encountered this error in minikube storageclass creation: TASK [/home/blockchain-automation-framework/platforms/r3-corda/configuration/../../shared/configuration/roles/check/k8_component : Wait for StorageClass minikubestorageclass] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/check/k8_component/tasks/main.yaml:17 redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info FAILED - RETRYING: Wait for StorageClass minikubestorageclass (20 retries left). It seemed that the storageclass creation fails: Do you know where can I look further to fix the issue?

alvaropicazo (Thu, 22 Jul 2021 08:40:39 GMT):
There are multiple ways you can deploy vault (locally, on a pod, etc). You can use anyone of the ways, as per your convenience.

jagpreet (Thu, 22 Jul 2021 11:53:27 GMT):
Hi @jvdacasin We have dropped support for minikube based deployments. Although this seems to be a storage class issue, my guess here is that, maybe the storageclass template is itself changed for newer minikube versions. Anyway, you can have a look at the minikube storageclass template we use [here](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/master/platforms/r3-corda/configuration/roles/create/k8_component/templates/mini_storageclass.tpl)

sheilman (Thu, 22 Jul 2021 15:58:02 GMT):
Can you send me documentation to read more about this? i'm working off an installation another developer deployed and am trying to deconflict the two Vaults that are running.

sheilman (Thu, 22 Jul 2021 16:04:18 GMT):
I'm trying to understand what this vault is vs the vault that is described in the prerequisites https://github.com/sheilman16/blockchain-automation-framework/blob/master/platforms/shared/configuration/roles/setup/vault/tasks/main.yaml

mwklein (Thu, 22 Jul 2021 23:54:48 GMT):
BAF can use one instance of Hashicorp Vault or many. How many instances of Hashicorp Vault are deployed is not a concern of BAF... just that the service exists. Why another developer deployed two instances of Vault is a mystery best answered by that developer.

mwklein (Thu, 22 Jul 2021 23:58:13 GMT):
The ansible role for Vault is confirming the Hashicorp Vault client is installed (and will install if not available). It does not deploy a Hashicorp Vault instance.

jvdacasin (Fri, 23 Jul 2021 02:16:16 GMT):
Thanks Jagpreet as always!!

hoang-innomizetech (Fri, 23 Jul 2021 03:38:36 GMT):
@jagpreet I have used master and able to deploy network, then I still got the same error as above when adding new org to the network

hoang-innomizetech (Fri, 23 Jul 2021 04:36:15 GMT):

Clipboard - July 23, 2021 11:36 AM

hoang-innomizetech (Fri, 23 Jul 2021 04:36:34 GMT):
I think this is because of missing `channel_id` in the json file

tkuhrt (Fri, 23 Jul 2021 17:08:28 GMT):
As we begin exploring bringing Blockchain Automation Framework to a top-level project within Hyperledger, we have created an [initial draft of a proposal](https://bit.ly/BAF-hip). We would like to request your comments on this draft so that we can improve it prior to submitting to the TSC for review. In addition, if you are interested in being a sponsor of Blockchain Automation Framework, please reach out to me or create a PR against [my add-baf-hip branch](https://github.com/tkuhrt/hyperledger-hip/tree/add-baf-hip) (don't forget to include your DCO signoff -s in your git commit).

arsulegai (Fri, 23 Jul 2021 19:17:42 GMT):
Great to see this coming, thanks for posting.

sheilman (Fri, 23 Jul 2021 21:45:35 GMT):
I pulled updates from the BAF repo and am now getting errors related to NPM. File `network-schema-validator.yaml` line 10 is throwing an error "Failed to find required executable npm in paths:". Using -vvv output i see that python is using `get_bin_path`.

suvajit-sarkar (Mon, 26 Jul 2021 08:39:14 GMT):
npm is a prerequisite now for the initial network yaml validation. Please have a look at the docker file for reference https://github.com/hyperledger-labs/blockchain-automation-framework/blob/develop/Dockerfile

amarnadh (Mon, 26 Jul 2021 10:53:36 GMT):
Has joined the channel.

jagpreet (Tue, 27 Jul 2021 08:36:34 GMT):
So, if you an org.name as carrier and peer.name as peer0 and the path to BAF is /home/abc/blockchain-automation-framework, then the certificate path can be /home/abc/blockchain-automation-framework/build/carrier/peer0/ca.crt

amarnadh (Tue, 27 Jul 2021 09:13:39 GMT):
Regarding docker section in network.yaml file, docker hub url is https://hub.docker.com/u/hyperledgerlabs and not "index.docker.io/hyperledgerlabs".. So the first url is to be used in the network.yaml file? (i) for fabric, since no custom images are used , its not necessary to provide the credentials, hence Can I leave them blank? (ii) do we need to change this : uri: orderer1.org1ambassador.blockchaincloudpoc.com:8443 (in orderer, peer/gossip address in peers as well ) to something else ? if so what should we replace it with ? I am new to the whole tech.. please help

sownak (Tue, 27 Jul 2021 13:43:51 GMT):
no, second url. 1. You will still need credentials, cannot leave them blank, can be wrong. 2. If you are using a single cluster, the addresses needs to be cluster internal address

ankitm123 (Tue, 27 Jul 2021 18:55:38 GMT):
Has joined the channel.

navachaitanya (Wed, 28 Jul 2021 08:33:42 GMT):
Has joined the channel.

mohana.a (Wed, 28 Jul 2021 10:47:04 GMT):
TASK [create/chaincode/commit : Copy organization level certificates for orgs org1] ********************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/chaincode/commit/tasks/write.yaml:3 redirecting filter ansible.builtin.json_query to community.general.json_query redirecting filter ansible.builtin.json_query to community.general.json_query redirecting filter ansible.builtin.json_query to community.general.json_query redirecting filter ansible.builtin.json_query to community.general.json_query redirecting filter ansible.builtin.json_query to community.general.json_query redirecting filter ansible.builtin.json_query to community.general.json_query fatal: [localhost]: FAILED! => { "msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'certificate'\n\nThe error appears to be in '/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/chaincode/commit/tasks/write.yaml': line 3, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# This task writes the certificates of all the approving organizations to the vault so that the creator organization can use it to commit.\n- name: Copy organization level certificates for orgs {{ organization.name }}\n ^ here\nWe could be wrong, but this one looks like it might be an issue with\nmissing quotes. Always quote template expression brackets when they\nstart a value. For instance:\n\n with_items:\n - {{ foo }}\n\nShould be written as:\n\n with_items:\n - \"{{ foo }}\"\n" } I am working on chaincode deployment using BAF V0.9.0.0 in Fabric Network V2.2. I face the above issue while committing the chaincode in the channel. Can anyone suggest a solution?

sownak (Wed, 28 Jul 2021 11:00:10 GMT):
Looks like your peers.certificate path is missing

SoundaryaAyyappan (Wed, 28 Jul 2021 11:03:23 GMT):
I have a hyperledger fabric network (v2.2.0) deployed using baf release v0.7.0.0. The network components runs with the external_url xyz.com, but now I am in need of changing the external_url to abc.com. Is there any possibilities to change the external_url_suffix of the network components, without destroying and re-creating the network? Thanks in Advance!

sownak (Wed, 28 Jul 2021 11:06:08 GMT):
No, the URLs are included in your genesis file as well as the certificates, so it would not be possible to change them. A Blockchain network should not change DNS names.

SoundaryaAyyappan (Wed, 28 Jul 2021 11:06:33 GMT):
Ok, thanks.

sownak (Wed, 28 Jul 2021 12:57:11 GMT):
Hello all, if anyone is interested in being a sponsor of Blockchain Automation Framework which will become a top-level project, please get in touch with me. You do not have to actively contribute to code, you can just be an user, or only contribute to issues/bugs. This will help us provide a long term support plan for BAF.

ankitm123 (Wed, 28 Jul 2021 13:23:45 GMT):
Sponsoring means financially sponsoring it? I would like to contribute to the project, but not financially (may be by working on the issues/bugs)

sownak (Wed, 28 Jul 2021 13:42:29 GMT):
no, sponsoring does not mean financial sponsoring. It is about supporting BAF as a top level project and contribute towards usage/code or just new feature requests

ankitm123 (Wed, 28 Jul 2021 13:43:05 GMT):
ok, then I am intetested! Count me in!

sownak (Wed, 28 Jul 2021 13:45:09 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=M4hWFCpWTXhNeQSFq) @ankitm123 you can follow the guidance here or send me your details like for Tracy it is "Tracy Kuhrt, Associate Director, Blockchain and Multiparty Systems Architecture at Accenture, TSC Vice Chair (tracy.a.kuhrt@accenture.com)"

navachaitanya (Wed, 28 Jul 2021 14:01:50 GMT):
I'm getting this error in vault, I have followed the steps in the documentation auth.kubernetes.auth_kubernetes_0b34c47f: login unauthorized due to: lookup failed: service account unauthorized; this could mean it has been deleted or recreated with a new token

sownak (Wed, 28 Jul 2021 14:54:58 GMT):
As the error message says, "service account unauthorized; this could mean it has been deleted or recreated with a new token". You may have to reset and run again

sheilman (Wed, 28 Jul 2021 16:01:01 GMT):
Do you just install it? I don't see it on here which is what i refer back to - https://blockchain-automation-framework.readthedocs.io/en/latest/operations/configure_prerequisites.html

amarnadh (Thu, 29 Jul 2021 05:15:03 GMT):
Me too!

suvajit-sarkar (Thu, 29 Jul 2021 08:36:48 GMT):
yes, npm needs to be installed in the ansible controller machine.

sownak (Thu, 29 Jul 2021 09:04:56 GMT):
Please send me your details like send me your details like for Tracy it is "Tracy Kuhrt, Associate Director, Blockchain and Multiparty Systems Architecture at Accenture, TSC Vice Chair (tracy.a.kuhrt@accenture.com)"

amarnadh (Thu, 29 Jul 2021 14:00:27 GMT):
warehouse-net ca-75876f499d-jmw2p 0/1 Pending 0 0s carrier-net ca-685448dc5b-gqp58 0/1 Pending 0 0s supplychain-net ca-5fd4d7d6f4-klhqw 0/1 Pending 0 0s supplychain-net ca-5fd4d7d6f4-klhqw 0/1 Pending 0 0s manufacturer-net ca-66b8bd7b8b-cxn5r 0/1 Terminating 0 0s manufacturer-net ca-66b8bd7b8b-cxn5r 0/1 Terminating 0 0s warehouse-net ca-75876f499d-jmw2p 0/1 Terminating 0 0s warehouse-net ca-75876f499d-jmw2p 0/1 Terminating 0 0s carrier-net ca-685448dc5b-gqp58 0/1 Terminating 0 0s carrier-net ca-685448dc5b-gqp58 0/1 Terminating 0 0s supplychain-net ca-5fd4d7d6f4-klhqw 0/1 Terminating 0 1s supplychain-net ca-5fd4d7d6f4-klhqw 0/1 Terminating 0 1s while running baf, the pods for orgs get created and terminated . What could be the issue

sownak (Thu, 29 Jul 2021 14:10:00 GMT):
It can be anything from lack of memory on cluster to wrong cluster configuration. Please check Kubernetes cluster logs.

ankitm123 (Thu, 29 Jul 2021 14:13:53 GMT):
also good to describe the pods before they terminate, it should give u the events, which might help in debugging

amarnadh (Thu, 29 Jul 2021 16:47:03 GMT):
@sownak My flux-dev pods and ingess-controller pods are up and running. But from ca-tools onwards the pods are showing the error. That should mean that the kubernetes cluster configuration should be proper.. right?

amarnadh (Thu, 29 Jul 2021 16:47:48 GMT):
@ankitm123 I tried that, but it gives : kubectl describe ca-7d777c8796-xmspk -n supp lychain-net error: the server doesn't have a resource type "ca-7d777c8796-xmspk"

ankitm123 (Thu, 29 Jul 2021 16:49:01 GMT):
missing pod, should be: `kubectl describe pod ca-7d777c8796-xmspk -n supplychain-net`

amarnadh (Thu, 29 Jul 2021 17:16:21 GMT):
@ankitm123 kubectl describe pods ca-75876f499d-6xn4w -n warehouse-net Error from server (NotFound): pods "ca-75876f499d-6xn4w" not found

amarnadh (Thu, 29 Jul 2021 17:16:43 GMT):
warehouse-net ca-75876f499d-6xn4w 0/1 Pending 0 0s warehouse-net ca-75876f499d-6xn4w 0/1 Terminating 0 0s warehouse-net ca-75876f499d-6xn4w 0/1 Terminating 0 0s

ankitm123 (Thu, 29 Jul 2021 17:18:44 GMT):
It has terminated already (hence not found), are u using `kubectl get pods -w` to watch the pods in the cluster (the same pod moves from pending to terminating it seems very fast)?

ankitm123 (Thu, 29 Jul 2021 17:18:44 GMT):
It has terminated already (hence not found), are u using `kubectl get pods -n warehouse-net -w` to watch the pods in the cluster (the same pod moves from pending to terminating it seems very fast)?

amarnadh (Thu, 29 Jul 2021 17:19:13 GMT):
yes. Its pending and terminating almost together

amarnadh (Thu, 29 Jul 2021 17:20:39 GMT):
flux-dev flux-dev-memcached-5c556ff5cb-qtzjx 1/1 Running 0 2s flux-dev flux-dev-688469f6fd-2zdbr 0/1 Running 0 3s flux-dev flux-dev-helm-operator-64f9dcc457-h2k2x 0/1 Running 0 2s flux-dev flux-dev-helm-operator-64f9dcc457-h2k2x 1/1 Running 0 2s flux-dev flux-dev-688469f6fd-2zdbr 1/1 Running 0 40s but the flux pods are running. along with ingress-controller .. that should mean my kubernetes configuration is proper.. right?

amarnadh (Thu, 29 Jul 2021 17:23:49 GMT):
FAILED - RETRYING: Wait for Pod ca in supplychain-net (2 retries left). FAILED - RETRYING: Wait for Pod ca in supplychain-net (1 retries left). fatal: [localhost]: FAILED! => {"api_found": true, "attempts": 20, "changed": false, "resources": []}

ankitm123 (Thu, 29 Jul 2021 17:26:47 GMT):
ok, I will check the ca pod template tonight to see what might be wrong ... but the logs basically say that since CA pod is not coming up, other pods can't come up :thinking_face:

amarnadh (Thu, 29 Jul 2021 17:27:27 GMT):
Is there a clue that what configuration error could have led to this

amarnadh (Thu, 29 Jul 2021 17:29:46 GMT):
I checked gitops section, its working, vault log : core: enabled credential backend: path=devsupplychain-net-auth/ type=kubernetes core: enabled credential backend: path=devmanufacturer-net-auth/ type=kubernetes core: enabled credential backend: path=devcarrier-net-auth/ type=kubernetes core: enabled credential backend: path=devstore-net-auth/ type=kubernetes core: enabled credential backend: path=devwarehouse-net-auth/ type=kubernetes That looks fine too ? No other pre req is missing right? And cluster seem to work for flux pods and ingress.

amarnadh (Fri, 30 Jul 2021 11:50:01 GMT):
Getting secrets from Vault Server: http://vault-adrr:8200 { "errors": [ "claim \"iss\" is invalid" ] } ERROR: unable to retrieve vault login token: { "errors": [ "claim \"iss\" is invalid" ] } This is causing my supplychain-net, manufacturer-net ... pods to init:Crashloopbackoff, init:error... Any suggestions? Note: in the previous steps, the certificates are cpoied to vault, I checked them using vault read secrets/path/

amarnadh (Fri, 30 Jul 2021 11:50:01 GMT):
Getting secrets from Vault Server: http://vault-adrr:8200 { "errors": [ "claim \"iss\" is invalid" ] } ERROR: unable to retrieve vault login token: { "errors": [ "claim \"iss\" is invalid" ] } This is causing my supplychain-net, manufacturer-net ... pods to init:Crashloopbackoff, init:error... Any suggestions? Note: in the previous steps, the certificates are copied to vault, I checked them using vault read secrets/path/

amarnadh (Fri, 30 Jul 2021 11:50:01 GMT):
Getting secrets from Vault Server: http://vault-adrr:8200 { "errors": [ "claim \"iss\" is invalid" ] } ERROR: unable to retrieve vault login token: { "errors": [ "claim \"iss\" is invalid" ] } This is causing my supplychain-net, manufacturer-net ... pods to init:Crashloopbackoff, init:error... Any suggestions? Note: in the previous steps, the certificates are copied to vault, I checked them using vault read secrets/path/ 2. Can someone give an example of what can be given for external_url_suffix for single cluster ? and what can we give as peeraddress:port

sheilman (Mon, 02 Aug 2021 03:09:28 GMT):

Clipboard - August 1, 2021 11:09 PM

sheilman (Mon, 02 Aug 2021 03:09:39 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=Maa6JBxjAEkfmpX3R) Shouldn't the network reset also delete the haproxy pods?

amarnadh (Mon, 02 Aug 2021 06:57:00 GMT):
kubectl logs ca-66b8b3fb8b-5hdmq -c ca-certs-init -n manufacturer-net Getting secrets from Vault Server: http://172.51.12.144:8200 { "errors": [ "claim \"iss\" is invalid" ] } ERROR: unable to retrieve vault login token: { "errors": [ "claim \"iss\" is invalid" ] } can someone pls tell why this error is occuring

amarnadh (Mon, 02 Aug 2021 06:57:00 GMT):
kubectl logs ca-66b8b3fb8b-5hdmq -c ca-certs-init -n manufacturer-net Getting secrets from Vault Server: http://IP:8200 { "errors": [ "claim \"iss\" is invalid" ] } ERROR: unable to retrieve vault login token: { "errors": [ "claim \"iss\" is invalid" ] } can someone pls tell why this error is occuring

sownak (Mon, 02 Aug 2021 08:10:53 GMT):
no, network reset does not delete HAProxy pods because haproxy is a pre-requisite. You can delete them manually if you want to.

jagpreet (Mon, 02 Aug 2021 08:48:19 GMT):
Hi @amarnadh external_url_suffix is a domain name which needs to be purchased and mapped to the load balancer url of ambassador/haproxy (haproxy for fabric and ambassador for other platforms). Regarding the vault URL, is the http://vault-addr:8200 accessible from kubernetes cluster? (most likely this seems to be an issue) I am not sure where you want to mention `peeraddress:port` in the network.yaml. Can you specify the section of network.yaml where you need this (For example network.organizations.services.peer.address)

amarnadh (Mon, 02 Aug 2021 08:50:06 GMT):
If I dnt posses an external_url_suffix, I shall leave the section blank ?

amarnadh (Mon, 02 Aug 2021 08:50:06 GMT):
If I dnt posses an external_url_suffix, I shall leave the section blank ? @jagpreet

amarnadh (Mon, 02 Aug 2021 08:51:22 GMT):
type: anchor # This can be anchor/nonanchor. Atleast one peer should be anchor peer. gossippeeraddress: peer0.carrier-net:7051 # Internal Address of the other peer in same Org for gossip, same peer if there is only one peer peerAddress: peer0.carrier-net.test.com:7051 # External URI of the peer cli: enabled In this section, what can I provide for the address, incase I am using single cluster, with 2 nodes

jagpreet (Mon, 02 Aug 2021 08:52:40 GMT):
No, you cannot leave the external_url_suffix as blank. If you dont have the domain name purchased or mapped to haproxy, you need to change the urls to internal k8's service URL's. In that case, you can refer to this [network.yaml](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/hyperledger-fabric/configuration/samples/network-proxy-none.yaml)

suvajit-sarkar (Mon, 02 Aug 2021 10:30:31 GMT):
Hi All, Open Sprint Planning - 2nd Aug - 12.00pm GMT Feel free to join the ceremonies on zoom channel - https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

raychan11111 (Mon, 02 Aug 2021 15:48:33 GMT):
Has joined the channel.

amarnadh (Tue, 03 Aug 2021 04:21:52 GMT):
Failed to pull image "nginx:1.16.0": rpc error: code = Unknown desc = Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit What can be done to reslolve this issue

jagpreet (Tue, 03 Aug 2021 08:34:14 GMT):
This is a purposefully inserted error from docker itself. You can read more about the rate-limiting on their [website](https://www.docker.com/increase-rate-limits). The only easy solution is to give it a couple of hours to get resolved.

sownak (Tue, 03 Aug 2021 09:10:58 GMT):
Or you can use your own private docker registry

sownak (Tue, 03 Aug 2021 09:17:53 GMT):
looks like you have issue similar to this https://discuss.hashicorp.com/t/errors-claim-iss-is-invalid/26225

sownak (Tue, 03 Aug 2021 09:19:13 GMT):
was this issue resolved? If yes, please let everyone know the solution in case someone faces the same issue

amarnadh (Tue, 03 Aug 2021 09:21:04 GMT):
The sudden creation and termination of pods happened as I didnt provide an "external_dns_suffix"

amarnadh (Tue, 03 Aug 2021 09:21:35 GMT):
But after providing the same it started giving init:crashbackloop etc.. Possibly due to failed vault authentication

SoundaryaAyyappan (Tue, 03 Aug 2021 09:31:41 GMT):
Using BAF release v0.9.0.0, I am trying to add new peer to the existing org. The peer has come up and joined the channel without any issue. But when I checked the channel height in the new peer, it is different from the peer which is already running. For eg, if the actual channel height shown by the existing peer is 4, the new peer showing it as 1. Can anyone please explain the cause for this? Thanks in Advance. Attaching the screenshots of the results of "peer channel getinfo command from the existing peer and the new peer below.

SoundaryaAyyappan (Tue, 03 Aug 2021 09:31:41 GMT):
Using BAF release v0.9.0.0, I am trying to add new peer to the existing org in a hyperledger fabric network (v2.2.0). The peer has come up and joined the channel without any issue. But when I checked the channel height in the new peer, it is different from the peer which is already running. For eg, if the actual channel height shown by the existing peer is 4, the new peer showing it as 1. Can anyone please explain the cause for this? Thanks in Advance. Attaching the screenshots of the results of "peer channel getinfo command from the existing peer and the new peer below.

SoundaryaAyyappan (Tue, 03 Aug 2021 09:32:00 GMT):

Screenshot from 2021-08-03 15-00-22.png

SoundaryaAyyappan (Tue, 03 Aug 2021 09:32:33 GMT):

Screenshot from 2021-08-03 15-00-22.png

SoundaryaAyyappan (Tue, 03 Aug 2021 09:32:41 GMT):

Screenshot from 2021-08-03 15-01-01.png

sownak (Tue, 03 Aug 2021 10:02:50 GMT):
We have generally seen issues with Fabric 2.2.0, maybe retry with 2.2.2

amarnadh (Tue, 03 Aug 2021 11:50:54 GMT):
How to deploy Vault pod and expose it as loadbalancer

sownak (Tue, 03 Aug 2021 12:47:39 GMT):
A google search gives me this https://learn.hashicorp.com/tutorials/vault/kubernetes-raft-deployment-guide?in=vault/kubernetes

amarnadh (Tue, 03 Aug 2021 15:57:03 GMT):
Thanks. But I already tried this

unnati (Wed, 04 Aug 2021 06:55:59 GMT):
Has joined the channel.

amarnadh (Thu, 05 Aug 2021 05:24:46 GMT):
If I need to use a private docker registry ( say aws ecr), then link will be that of the private registry, username and password will be aws_access_key and aws_secret_key ?

amarnadh (Thu, 05 Aug 2021 05:24:46 GMT):
If I need to use a private docker registry ( say aws ecr), then link will be that of the private registry domain, username and password will be aws_access_key and aws_secret_key ?

amarnadh (Thu, 05 Aug 2021 05:24:46 GMT):
If I need to use a private docker registry ( say aws ecr) for hyperledgr fabric (is it possible ?), then link will be that of the private registry domain, username and password will be aws_access_key and aws_secret_key ? Fabric component Fabric image tag kafka 0.4.18 zookeeper 0.4.18 couchDB 0.4.18 orderer 1.4.8 peer 1.4.8 ca 1.4.4 Is this the only images required for running fabric using private docker registry ?

jagpreet (Thu, 05 Aug 2021 08:33:55 GMT):
If you use your own private registry, then you can use the `network.docker` section to fill in those credentials.

jagpreet (Thu, 05 Aug 2021 08:33:56 GMT):

Clipboard - August 5, 2021 2:03 PM

sownak (Thu, 05 Aug 2021 08:35:55 GMT):
AWS ECR does not allow username password for the docker registry, the access has to be managed via AWS IAM roles. This is not in scope of BAF though, you can get help from AWS Support if you are unsure on how to do this.

jagpreet (Thu, 05 Aug 2021 08:43:09 GMT):
We need 3 more images apart from these ones 1. [alpine-image](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/shared/images/alpine-utils.Dockerfile) 2. hyperledger/fabric-tools:2.2.2 (If you use 2.2.2 fabric version) 3. hyperledger/fabric-ccenv:2.2.2 (if you use 2.2.2 fabric version)

sownak (Thu, 05 Aug 2021 08:55:10 GMT):
maybe this will be more helpful https://learn.hashicorp.com/collections/vault/kubernetes

SoundaryaAyyappan (Thu, 05 Aug 2021 10:11:17 GMT):
Thanks @sownak. With fabric v2.2.2, the sync is happening properly in the new peer

amarnadh (Thu, 05 Aug 2021 10:35:12 GMT):
My playbook failed at : FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (5 retries left). FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (4 retries left). FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (3 retries left). Chaincode data: chaincode: name: "my_cc" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "user" # Git Service user who has rights to check-in in all branches password: "ghp_token" url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode

amarnadh (Thu, 05 Aug 2021 10:35:12 GMT):
My playbook failed at : FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (5 retries left). FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (4 retries left). FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (3 retries left). Chaincode data: chaincode: name: "my_cc" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "user" # Git Service user who has rights to check-in in all branches password: "token" url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode

amarnadh (Thu, 05 Aug 2021 10:35:12 GMT):
1. My playbook failed at : FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (5 retries left). FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (4 retries left). FAILED - RETRYING: Wait for Job installchaincode-peer0-my_cc-1 in carrier-net (3 retries left). 2. Chaincode data: chaincode: name: "my_cc" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "user" # Git Service user who has rights to check-in in all branches password: "token" url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode 3. If I dnt own a DNS. what can be provided in extermal_dns_suffix?

amarnadh (Thu, 05 Aug 2021 10:38:48 GMT):

Kube pods.jpg

sownak (Thu, 05 Aug 2021 13:30:37 GMT):
you are trying to install my_cc but the repository you have specified (BAF repo) does not have a my_cc chaincode, hence it is failing. If you are using proxy=none, external_dns_suffix can be just example.com

sownak (Thu, 05 Aug 2021 13:31:00 GMT):
As your network is running, you can do the chaincode deployment manually via a peer CLI

sownak (Thu, 05 Aug 2021 13:31:55 GMT):
seems you have not used proxy=none because i can see the HAproxy pods

amarnadh (Thu, 05 Aug 2021 14:51:46 GMT):
@sownak Is this the path to be used : github.com/chaincode/supplychain/cmd

amarnadh (Thu, 05 Aug 2021 14:51:57 GMT):
or the local path ?

sheilman (Thu, 05 Aug 2021 18:40:24 GMT):
What is the CA within Fabric? Is that Vault or a K8S pod that BAF deploys? I am forever stuck on this step. The namespace exists but no pods are there and I'm struggling to pinpoint the problem. It does not line up with any of the options in the Fabric troubleshooting guide (chat I can see). `TASK [/home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Pod ca in supplychain-net] *** task path: /home/pmillwee/blossom-private/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:36`

sheilman (Thu, 05 Aug 2021 18:40:24 GMT):
What is the CA within Fabric? Is that Vault or a K8S pod that BAF deploys? I am forever stuck on this step. The namespace exists but no pods are there and I'm struggling to pinpoint the problem. It does not line up with any of the options in the Fabric troubleshooting guide (chat I can see). ``` yaml TASK [/home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/helm_component : Wait for Pod ca in supplychain-net] *** task path: /home/pmillwee/blossom-private/platforms/shared/configuration/roles/check/helm_component/tasks/main.yaml:36```

tkuhrt (Thu, 05 Aug 2021 20:51:41 GMT):
A couple of links that might be useful * https://blockchain-automation-framework.readthedocs.io/en/main/architectureref.html#certificate-authority-ca * https://hyperledger-fabric.readthedocs.io/en/latest/identity/identity.html#certificate-authorities It looks like the message is telling you that the ca K8S Pod has not yet been created. I am not completely familiar with what BAF installs for Fabric by default. Looking at the code, it looks like it does deploy CA though. You might want to check your logs for the deployment of your Fabric network to see if something went wrong.

sownak (Fri, 06 Aug 2021 08:28:15 GMT):
Please use the horizontal scrollbar in the Table F

sheilman (Fri, 06 Aug 2021 13:56:38 GMT):
So, the problem is that BAF is _not_ deploying the CA. Using kubectl commands, the namespace for `supplychain-net` exists but there are NO pods being created. `TASK [waiting for the CA server to be created in supplychain-net] ************** task path: /home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/roles/create/ca-tools/tasks/main.yaml:6 redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info`

sheilman (Fri, 06 Aug 2021 13:56:38 GMT):
So, the problem is that BAF is _not_ deploying the CA. Using kubectl commands, the namespace for `supplychain-net` exists but there are NO pods being created. ``` YAML TASK [waiting for the CA server to be created in supplychain-net] ************** task path: /home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/roles/create/ca-tools/tasks/main.yaml:6 redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info```

sheilman (Fri, 06 Aug 2021 13:56:38 GMT):
So, the problem is that BAF is _not_ deploying the CA. Using kubectl commands, the namespace for `supplychain-net` exists but there are NO pods being created. ``` TASK [waiting for the CA server to be created in supplychain-net] ************** task path: /home/pmillwee/blossom-private/platforms/hyperledger-fabric/configuration/roles/create/ca-tools/tasks/main.yaml:6 redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info```

sownak (Fri, 06 Aug 2021 14:01:47 GMT):
how are you checking the ca pods are not getting created?

sheilman (Mon, 09 Aug 2021 15:21:09 GMT):
Through kubectl command: ```> kubectl get pods -n supplychain-net No resources found in supplychain-net namespace.```

amarnadh (Tue, 10 Aug 2021 03:45:48 GMT):
After chaincode installation, approvechaincode pods are giving init:crashloopbackoff , with no errors in logs nor the describe pods. For fabric 2.2.0.. Why could this be happening

angela.alagbe (Tue, 10 Aug 2021 08:41:38 GMT):
Hi @amarnadh try checking your init container logs specifically by using the command `kubectl logs [name of the pod] -n [namespace] -c certificates-init`

sownak (Tue, 10 Aug 2021 08:52:02 GMT):
Please check flux logs

MarioSavard (Fri, 13 Aug 2021 14:55:38 GMT):
Has joined the channel.

MarioSavard (Fri, 13 Aug 2021 14:55:39 GMT):
Hello, I was wondering if anyone could help me understanding this. We are attempting to deploy using baf. We are mostly done but the commit sequence. In blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/chaincode/commit/tasks/write.yaml, (v.0.8.1.0) , the peers.certificate was complaining to be empty. We added a certificate attribute in the network configuration under "peers" and added an hardcoded path. However, when commiting, it seems to write in Vault the same certificate for both org (manufacturer-net and carrier-net). When we hack the vault and put the right certificate for each org, it seems to work. What should we put in the network definition under "peers.certificate" for it to work?

sownak (Sat, 14 Aug 2021 07:41:33 GMT):
Each peers.certificate should be a unique path where the certificate will be stored when the peers are created or updated.

amarnadh (Mon, 16 Aug 2021 07:20:53 GMT):
Error: could not assemble transaction, err proposal response was not successful, error code 500, msg cannot get package for chaincode (supplychain:1) Logs for instantiatechaincode-peer0-supplychain-1-zqm8k shows the above error. The chaincode is shown as successfuly installed. chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1.0" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "usern" # Git Service user who has rights to check-in in all branches password: "ghp_token url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode My chaincode section

amarnadh (Mon, 16 Aug 2021 07:20:53 GMT):
Error: could not assemble transaction, err proposal response was not successful, error code 500, msg cannot get package for chaincode (supplychain:1) Logs for instantiatechaincode-peer0-supplychain-1-zqm8k shows the above error. The chaincode is shown as successfuly installed. chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "usern" # Git Service user who has rights to check-in in all branches password: "ghp_token url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode My chaincode section Why could this be happening

amarnadh (Mon, 16 Aug 2021 07:20:53 GMT):
Error: could not assemble transaction, err proposal response was not successful, error code 500, msg cannot get package for chaincode (supplychain:1) Logs for instantiatechaincode-peer0-supplychain-1-zqm8k shows the above error. The chaincode was shown as successfuly installed. chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "usern" # Git Service user who has rights to check-in in all branches password: "ghp_token url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode My chaincode section Why could this be happening

amarnadh (Mon, 16 Aug 2021 07:20:53 GMT):
Error: could not assemble transaction, err proposal response was not successful, error code 500, msg cannot get package for chaincode (supplychain:1) Logs for instantiatechaincode-peer0-supplychain-1-zqm8k shows the above error. The chaincode was shown as successfuly installed: carrier-net installchaincode-peer0-supplychain-1-5rt4v 0/1 Completed 0 8m56s chaincode: name: "supplychain" #This has to be replaced with the name of the chaincode version: "1" #This has to be replaced with the version of the chaincode maindirectory: "/home/ubuntu/baf/blockchain-automation-framework/examples/supplychain-app/fabric/chaincode_rest_server/chaincode/supplychain/cmd" #The main directory where chaincode is needed to be placed lang: "golang" # The language in which the chaincode is written ( golang/java/node ) repository: username: "usern" # Git Service user who has rights to check-in in all branches password: "ghp_token url: "github.com/user/blockchain-automation-framework.git" branch: develop path: "examples/supplychain-app/fabric/chaincode_rest_server/chaincode" #The path to the chaincode arguments: '\"init\",\"\"' #Arguments to be passed along with the chaincode parameters endorsements: "" #Endorsements (if any) provided along with the chaincode My chaincode section Why could this be happening

sownak (Mon, 16 Aug 2021 08:53:25 GMT):
check logs of installchaincode container, dont think the chaincode was actually installed

aditya.21991 (Mon, 16 Aug 2021 09:46:57 GMT):
Has joined the channel.

aditya.21991 (Mon, 16 Aug 2021 09:46:57 GMT):
Hi Team, I am deploying the BAF setup with quorum on Azure . We have setup 3 organizations. Most of the services are created and running but we see the error message below while checking the logs of quorum. I am not able to find out why this is happeing and would apprciate if someone can help me in figuring out what this error message means and what has to be done to resolve it.

aditya.21991 (Mon, 16 Aug 2021 09:47:12 GMT):

Clipboard - August 16, 2021 10:47 AM

aditya.21991 (Mon, 16 Aug 2021 09:48:08 GMT):

Clipboard - August 16, 2021 10:47 AM

aditya.21991 (Mon, 16 Hi I am trying to setup quorum blockchain TRACE[08-16|09:17:45.092] Accepted connection TRACE[08-16|09:17:45.103] Accepted connection TRACE[08-16|09:17:45.106] Failed RLPx handshake TRACE[08-16|09:17:45.143] Failed RLPx handshake TRACE[08-16|09:17:45.429] Accepted connection TRACE[08-16|09:17:45.824] Failed RLPx handshake TRACE[08-16|09:17:46.111] Accepted connection TRACE[08-16|09:17:46.144] Accepted connection TRACE[08-16|09:17:46.833] Accepted connection TRACE[08-16|09:17:47.663] Failed RLPx handshake TRACE[08-16|09:17:48.675] Accepted connection TRACE[08-16|09:17:48.790] Failed RLPx handshake TRACE[08-16|09:17:48.839] Failed RLPx handshake TRACE[08-16|09:17:49.742] Failed RLPx handshake TRACE[08-16|09:17:49.809] Accepted connection TRACE[08-16|09:17:49.840] Accepted connection TRACE[08-16|09:17:50.092] Failed RLPx handshake TRACE[08-16|09:17:50.104] Failed RLPx handshake TRACE[08-16|09:17:50.429] Failed RLPx handshake Aug 2021 09:52:47 GMT):
network using BAF with three organizations in place on azure . Most of the services are up and running but the logs of quorum container gives me below error. I need to understand what this means and what needsto be done to resolve this. Can someone please help on this. We are using ambassador . 10.244.2.13 is my node ip and 10.244.3.8 ,10.244.9.11 and 10.244.2.12 is my ambassador pod ips. addr=10.244.9.11:37300 addr=10.244.2.12:39534 addr=10.244.3.8:32890 conn=inbound err="read tcp 10.244.2.13:21000->10.244.3.8:32890: i/o timeout" addr=10.244.3.8:32892 conn=inbound err="read tcp 10.244.2.13:21000->10.244.3.8:32892: i/o timeout" addr=10.244.3.8:32988 addr=10.244.9.11:37200 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37200: i/o timeout" addr=10.244.2.12:39560 addr=10.244.2.12:39562 addr=10.244.9.11:37320 addr=10.244.2.12:39476 conn=inbound err="read tcp 10.244.2.13:21000->10.244.2.12:39476: i/o timeout" addr=10.244.2.12:39604 addr=10.244.9.11:37254 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37254: i/o timeout" addr=10.244.9.11:37258 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37258: i/o timeout" addr=10.244.2.12:39522 conn=inbound err="read tcp 10.244.2.13:21000->10.244.2.12:39522: i/o timeout" addr=10.244.3.8:33072 addr=10.244.2.12:39618 addr=10.244.9.11:37300 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37300: i/o timeout" addr=10.244.2.12:39534 conn=inbound err="read tcp 10.244.2.13:21000->10.244.2.12:39534: i/o timeout" addr=10.244.3.8:32988 conn=inbound err="read tcp 10.244.2.13:21000->10.244.3.8:32988: i/o timeout"

aditya.21991 (Mon, 16 Aug 2021 09:52:47 GMT):
Hi I am trying to setup quorum blockchain network using BAF with three organizations in place on azure . Most of the services are up and running but the logs of quorum container gives me below error. I need to understand what this means and what needsto be done to resolve this. Can someone please help on this. We are using ambassador . 10.244.2.13 is my node ip and 10.244.3.8 ,10.244.9.11 and 10.244.2.12 is my ambassador pod ips. This is happeing on the quorum container for all my three organizations. TRACE[08-16|09:17:45.092] Accepted connection addr=10.244.9.11:37300 TRACE[08-16|09:17:45.103] Accepted connection addr=10.244.2.12:39534 TRACE[08-16|09:17:45.106] Failed RLPx handshake addr=10.244.3.8:32890 conn=inbound err="read tcp 10.244.2.13:21000->10.244.3.8:32890: i/o timeout" TRACE[08-16|09:17:45.143] Failed RLPx handshake addr=10.244.3.8:32892 conn=inbound err="read tcp 10.244.2.13:21000->10.244.3.8:32892: i/o timeout" TRACE[08-16|09:17:45.429] Accepted connection addr=10.244.3.8:32988 TRACE[08-16|09:17:45.824] Failed RLPx handshake addr=10.244.9.11:37200 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37200: i/o timeout" TRACE[08-16|09:17:46.111] Accepted connection addr=10.244.2.12:39560 TRACE[08-16|09:17:46.144] Accepted connection addr=10.244.2.12:39562 TRACE[08-16|09:17:46.833] Accepted connection addr=10.244.9.11:37320 TRACE[08-16|09:17:47.663] Failed RLPx handshake addr=10.244.2.12:39476 conn=inbound err="read tcp 10.244.2.13:21000->10.244.2.12:39476: i/o timeout" TRACE[08-16|09:17:48.675] Accepted connection addr=10.244.2.12:39604 TRACE[08-16|09:17:48.790] Failed RLPx handshake addr=10.244.9.11:37254 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37254: i/o timeout" TRACE[08-16|09:17:48.839] Failed RLPx handshake addr=10.244.9.11:37258 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37258: i/o timeout" TRACE[08-16|09:17:49.742] Failed RLPx handshake addr=10.244.2.12:39522 conn=inbound err="read tcp 10.244.2.13:21000->10.244.2.12:39522: i/o timeout" TRACE[08-16|09:17:49.809] Accepted connection addr=10.244.3.8:33072 TRACE[08-16|09:17:49.840] Accepted connection addr=10.244.2.12:39618 TRACE[08-16|09:17:50.092] Failed RLPx handshake addr=10.244.9.11:37300 conn=inbound err="read tcp 10.244.2.13:21000->10.244.9.11:37300: i/o timeout" TRACE[08-16|09:17:50.104] Failed RLPx handshake addr=10.244.2.12:39534 conn=inbound err="read tcp 10.244.2.13:21000->10.244.2.12:39534: i/o timeout" TRACE[08-16|09:17:50.429] Failed RLPx handshake addr=10.244.3.8:32988 conn=inbound err="read tcp 10.244.2.13:21000->10.244.3.8:32988: i/o timeout"

sownak (Mon, 16 Aug 2021 11:15:21 GMT):
When using BAF, you have to use either full external DNS, or Kubernetes internal DNS. IPs change in a Kubernetes network and that seems to be the problem here

sownak (Mon, 16 Aug 2021 11:15:21 GMT):
When using BAF or Kubernetes, you have to use either full external DNS, or Kubernetes internal DNS. IPs change in a Kubernetes network and that seems to be the problem here

aditya.21991 (Mon, 16 Aug 2021 11:19:44 GMT):
@sownak Can you please confirm what you mean by this , because we are using external DNS with ambassador ip exposed ton internal load balancer

sownak (Mon, 16 Aug 2021 11:21:31 GMT):
ok, in that case there may be some security group rules that is preventing the connections. i/o timeout is the error message as you can see

sownak (Mon, 16 Aug 2021 11:27:11 GMT):
You can check this for some issue for debugging yourselves https://github.com/ConsenSys/quorum/issues/879

sownak (Mon, 16 Aug 2021 11:27:11 GMT):
You can check this for some issue for debugging yourself https://github.com/ConsenSys/quorum/issues/879

aditya.21991 (Mon, 16 Aug 2021 11:46:12 GMT):
the security group is open with default rules of vnet inbound and open outbound, is there any specific port of configuration expected here?

amarnadh (Mon, 16 Aug 2021 11:55:54 GMT):
@sownak The chaincode got installed successfully. But now, the approve-chaincode/instantiate-chaincode pod is not coming up. the playbook tries exhausted at FAILED - RETRYING: Wait for Job installchaincode-peer0-supplychain-1.0 in carrier-net (1 retries left).

amarnadh (Mon, 16 Aug 2021 11:56:44 GMT):
Installed chaincodes on peer: Package ID: supplychain_1:a9ebee2d4cad7bc79686dacd5c68afd5c1b22c6383c42b27253c0cbd3adc66b8, Label: supplychain_1

sownak (Mon, 16 Aug 2021 12:33:56 GMT):
no, did you try the options in the github issue

sownak (Mon, 16 Aug 2021 12:36:04 GMT):
Did you use the same network.yaml to install and instantiate?

amarnadh (Mon, 16 Aug 2021 12:36:26 GMT):
yes

amarnadh (Mon, 16 Aug 2021 12:36:55 GMT):
I am just running the normal site.yaml with populated fields

amarnadh (Mon, 16 Aug 2021 12:36:55 GMT):
I am just running the normal site.yaml with populated fields in network.yaml

sownak (Mon, 16 Aug 2021 12:37:55 GMT):
If the network is already up and it is fabric 2.2 then you can directly use chaincode-ops playbook

amarnadh (Mon, 16 Aug 2021 12:38:32 GMT):
I tried that. Still the playbook stops after exhausted tries at installchaincode for a peer

amarnadh (Mon, 16 Aug 2021 12:38:46 GMT):
although in the logs it says chaincode is installed

sownak (Mon, 16 Aug 2021 12:39:29 GMT):
is it Fabric 2.2.2?

amarnadh (Mon, 16 Aug 2021 12:39:45 GMT):
tried both 2.2.2 nd 1.4.8

sownak (Mon, 16 Aug 2021 12:40:17 GMT):
why will you try both? You can either have a 2.2.2 network or a 1.4.8 network, not both

amarnadh (Mon, 16 Aug 2021 12:40:36 GMT):
Means I tried 2.2.2 first. then reset the network and then tried in 1.4.8

amarnadh (Mon, 16 Aug 2021 12:41:02 GMT):
To check if the approve/instantite chaincode pod comes up or not

sownak (Mon, 16 Aug 2021 12:41:29 GMT):
what is your chaincode.version 1 or 1.0?

amarnadh (Mon, 16 Aug 2021 12:41:41 GMT):
1

amarnadh (Mon, 16 Aug 2021 12:41:48 GMT):
should it be 1.-

amarnadh (Mon, 16 Aug 2021 12:41:50 GMT):
1.0

amarnadh (Mon, 16 Aug 2021 12:41:52 GMT):
?

sownak (Mon, 16 Aug 2021 12:42:35 GMT):
no, as I said, seems you installed with version: 1, but the next steps are using 1.0 and thats why ansible is not able to find the already completed job

sownak (Mon, 16 Aug 2021 12:43:03 GMT):
whats the output of `kubectl get pods -A`

sownak (Mon, 16 Aug 2021 12:43:21 GMT):
Please share screenshots

amarnadh (Mon, 16 Aug 2021 12:44:32 GMT):

baf-16-08.jpg

sownak (Mon, 16 Aug 2021 12:46:20 GMT):
1. so install chaincode is complete on carrier but not on manufacturer, did you check why?

sownak (Mon, 16 Aug 2021 12:48:22 GMT):
2. On carrier it has the name installchaincode-peer0-supplychain-1- then why in your ansible task is it looking for installchaincode-peer0-supplychain-1.0?

amarnadh (Mon, 16 Aug 2021 12:48:54 GMT):
Hmm. That's wierd. let me check once again

sownak (Mon, 16 Aug 2021 12:48:55 GMT):
chaincode.version must be 1 and not 1.0

sownak (Mon, 16 Aug 2021 12:49:15 GMT):
it just picks up from peer.chaincode.version

amarnadh (Mon, 16 Aug 2021 12:49:38 GMT):
got that.

amarnadh (Tue, 17 Aug 2021 11:20:48 GMT):
@sownak This worked. But it commit chaincode : fatal: [localhost]: FAILED! => {"changed": false, "msg": "AnsibleUndefinedVariable: {{ item.endorsers }}: 'dict object' has no attribute 'endorsers'"}

amarnadh (Tue, 17 Aug 2021 11:20:48 GMT):
@sownak This worked. But in commit chaincode : fatal: [localhost]: FAILED! => {"changed": false, "msg": "AnsibleUndefinedVariable: {{ item.endorsers }}: 'dict object' has no attribute 'endorsers'"}

amarnadh (Tue, 17 Aug 2021 11:20:58 GMT):
In network.yaml there is no fields for endorsers

sownak (Tue, 17 Aug 2021 11:23:59 GMT):
platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml

amarnadh (Tue, 17 Aug 2021 11:24:08 GMT):
Also in a previous error, it showed {{ peers.certificate }} , peers had no certificate it was fixed by changing peers to organization.ca_data.certifcate

amarnadh (Tue, 17 Aug 2021 11:25:53 GMT):
Ok Got it thanks. Single solution to both issues

suryalanka (Tue, 17 Aug 2021 22:10:56 GMT):
Has joined the channel.

amarnadh (Wed, 18 Aug 2021 06:14:40 GMT):
@sownak Thanks for all the help. The network ran and deployed supplychain app. May I know what exactly needs to be filled in SupplychainDemo_fabric.postman_environment.json . for all orgs running in single cluster. I tried giving ip:port didnot work

sownak (Wed, 18 Aug 2021 09:45:51 GMT):
if you do not have a external DNS/IP then you have to run the postman scripts from within a Pod

suryalanka (Wed, 18 Aug 2021 12:47:29 GMT):
Hi all, When I am deploying hyperledger fabric using BAF, ordering service is failing to elect leader with error `authentication handshake failed: x509: certificate is valid for ingress.local, not orderer1.ordererorg-net.ordererorg.xxxxxxxxxx.com`

suryalanka (Wed, 18 Aug 2021 12:47:29 GMT):
Hi all, When I am deploying hyperledger fabric using BAF, ordering service is failing to elect leader since the communication between orderers is failing with error `authentication handshake failed: x509: certificate is valid for ingress.local, not orderer1.ordererorg-net.ordererorg.xxxxxxxxxx.com`

sownak (Wed, 18 Aug 2021 13:39:39 GMT):
What ingress service are you using?

suryalanka (Wed, 18 Aug 2021 13:40:01 GMT):
haproxy

sownak (Wed, 18 Aug 2021 13:40:51 GMT):
then there seems to be problem with ssl-handshake

suryalanka (Wed, 18 Aug 2021 13:41:50 GMT):
yes any idea on how to fix it?

sownak (Wed, 18 Aug 2021 13:42:27 GMT):
have you changed anything in BAF code?

suryalanka (Wed, 18 Aug 2021 13:45:36 GMT):
nothing

suryalanka (Wed, 18 Aug 2021 13:45:36 GMT):
no... updated just the network.yaml and fixed indentfirst to first...

sownak (Wed, 18 Aug 2021 14:00:04 GMT):
do you have an external DNS?

suryalanka (Wed, 18 Aug 2021 14:00:17 GMT):
yes

sownak (Wed, 18 Aug 2021 14:00:45 GMT):
and all the mappings are correct?

suryalanka (Wed, 18 Aug 2021 14:01:41 GMT):
yes able to get cainfo from ca and also able to ping from orderer to other

sownak (Wed, 18 Aug 2021 14:02:17 GMT):
ok, then not too sure. We have seen this problem happen when the certificates are not correct

sownak (Wed, 18 Aug 2021 14:02:17 GMT):
ok, then not too sure. We have seen this problem happen when the certificates are not correctly generated. That error basically means when orderer1 is connecting, it is using a local certificate and not the actual certificate

sownak (Wed, 18 Aug 2021 14:03:22 GMT):
check that you have haproxy settings to ssl-passthorugh

suryalanka (Wed, 18 Aug 2021 14:05:54 GMT):
yes it has

suryalanka (Wed, 18 Aug 2021 14:06:06 GMT):
i even deployed haproxy using baf

hiroyukihonda (Thu, 19 Aug 2021 01:14:49 GMT):
Has joined the channel.

hiroyukihonda (Thu, 19 Aug 2021 01:14:49 GMT):
Hi, let me ask you a question about BAF. (I'm sorry if the place to ask a question is wrong.) I referred to the roadmap below, but Quorum's "Private Transaction" feature seems to be under development, as described as "Implement private transactions". https://blockchain-automation-framework.readthedocs.io/en/main/roadmap.html#platforms Since Transaction Manager uses tessera, I think Private Transaction is effective. Is this correct?

alvaropicazo (Thu, 19 Aug 2021 08:30:36 GMT):
Yes that is correct. The idea is to use Tessera (that is already being used when a quorum network is deployed) for private transactions. We are currently working on the deployment of smart contracts to see if private transactions can be done or we need to make some adjustments in the tessera nodes helm charts.

alvaropicazo (Thu, 19 Aug 2021 08:30:36 GMT):
Yes that is correct. The idea is to use Tessera (that is already being used when a quorum network is deployed) for private transactions as well. We are currently working on the deployment of smart contracts to see if private transactions can be done or we need to make some adjustments in the tessera nodes helm charts.

kaveri (Thu, 19 Aug 2021 08:33:10 GMT):
Has joined the channel.

sownak (Thu, 19 Aug 2021 09:09:29 GMT):
The roadmap refers to trying our example app with private transactions; you are right that private transactions are enabled via Tessera but we have not tested them using the sample use case

hiroyukihonda (Thu, 19 Aug 2021 11:22:36 GMT):
Thank you for your reply! In the case where Tessera is specified as the Transaction manager, Private transaction is used, but it has not been confirmed as a sample application yet.

sownak (Thu, 19 Aug 2021 11:23:24 GMT):
correct, if your application is already capable of private transactions, then it will work

aditya.21991 (Thu, 19 Aug 2021 17:41:07 GMT):
@sownak i tried the options in the document but the issue still exists

aditya.21991 (Thu, 19 Aug 2021 17:49:33 GMT):
Hi, In the BAF configuration that I am using for my organization I donot want to use the internal CA to generate my certificates and use the certificated for nodes created by or org CA separately for which i have crt and key file. What configuration do I need to modify inorder to use the pre created certificates for my nodes?

hiroyukihonda (Thu, 19 Aug 2021 23:57:56 GMT):
@sownak Thank you!

mwklein (Fri, 20 Aug 2021 00:10:16 GMT):
I'm not sure about the specifics, but at a high-level you will place the certificates generated by your org CAs in the same paths within Vault that would be auto-generated by BAF.

jagpreet (Fri, 20 Aug 2021 08:42:25 GMT):
Hi @aditya.21991 (Assuming you are trying to deploy Hyperledger Fabric using BAF) In BAF, if the certificates are already in the vault, then BAF doesn't create the required certificates as mentioned by @mwklein You can have a look on the vault paths, where these certificates are kept https://blockchain-automation-framework.readthedocs.io/en/latest/architectureref/certificates_path_list_fabric.html

jagpreet (Fri, 20 Aug 2021 08:42:25 GMT):
Hi @aditya.21991 (Assuming you are trying to deploy Hyperledger Fabric using BAF) In BAF, if the certificates are already in the vault, then BAF doesn't create the required certificates as mentioned by @mwklein You can have a look on the vault paths, where [these certificates](https://blockchain-automation-framework.readthedocs.io/en/latest/architectureref/certificates_path_list_fabric.html) are kept

sownak (Fri, 20 Aug 2021 13:05:19 GMT):
If you are using a external DNS provider, you can connect to the WS or rpc ports from anywhere, otherwise you have to connect from within the cluster

aditya.21991 (Mon, 23 Aug 2021 16:10:55 GMT):
i am using quorum , so replacing the ambassador.crt file and ambassador.key file hsould be enough to achieve this?

jagpreet (Tue, 24 Aug 2021 08:53:25 GMT):
Hi @aditya.21991 Yes, I think that is it, we need. Please make sure that the public/private key pair is created as per the [ambassador certificate task](https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/quorum/configuration/roles/create/certificates/ambassador/tasks/nested_main.yaml)

SoundaryaAyyappan (Tue, 24 Aug 2021 11:17:18 GMT):
I am using BAF v0.9.0.0 to deploy hyperledger fabric network v2.2.0. My network.yaml has the configuration for 9 channels and 19 orgs. At the task TASK [create/genesis : Write genesis block to Vault] - getting the error ""stderr": "/bin/sh: 1: vault: Argument list too long", "stderr_lines": ["/bin/sh: 1: vault: Argument list too long"]". Can anyone explain me the cause and a way to resolve it? Thanks!

jagpreet (Wed, 25 Aug 2021 08:54:17 GMT):
I think the issue lies with the cat command not able to handle the big genesis file [here](https://github.com/jagpreetsinghsasan/blockchain-automation-framework/blob/cf3b9ef90b5408af8b5d40f319d0c89e177824df/platforms/hyperledger-fabric/configuration/roles/create/genesis/tasks/main.yaml#L23) So to reproduce the same error, can you go to your build folder (once the ansible playbook fails), and tell us the size of genesis.block.base64 file?

SoundaryaAyyappan (Wed, 25 Aug 2021 13:23:21 GMT):
@jagpreet I reproduced the same error, after the ansible playbook failed, I checked the size of genesis.block.base64 file. It is about 185K.

j-s (Wed, 25 Aug 2021 14:46:04 GMT):
Has joined the channel.

NimiCorp (Wed, 25 Aug 2021 20:55:37 GMT):
Has joined the channel.

ashishspg (Thu, 26 Aug 2021 05:24:32 GMT):
Has joined the channel.

ashishspg (Thu, 26 Aug 2021 05:24:32 GMT):
I am running the latest baf-build docker image but getting below yaml validation error for network-fabricv2-raft.yaml from main branch

ashishspg (Thu, 26 Aug 2021 05:25:16 GMT):
instancePath: '/network', schemaPath: '#/properties/network/allOf/0/if', keyword: 'if', params: { failingKeyword: 'then' }, message: 'must match "then" schema' }

ashishspg (Thu, 26 Aug 2021 06:28:36 GMT):
Pls note that the yaml has not been changed and is exactly as in the main branch, still getting the validation error

alvaropicazo (Thu, 26 Aug 2021 09:27:38 GMT):
Hi @ashishspg , for the moment I would suggest to comment it out from site.yaml, in platforms/shared/configuration , line 8 and 9, so you don't get stucked at that point for now. Will have a deeper look on that.

suvajit-sarkar (Mon, 30 Aug 2021 04:56:32 GMT):
Hi All, Please free to join the sprint planning on 31st Aug 12:00 pm (GMT) on below zoom link https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 Please note that the date is changed for this occurrence only.

roshan13046 (Tue, 31 Aug 2021 05:24:28 GMT):
Should I raise a PR for this issue?: https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1295

angela.alagbe (Tue, 31 Aug 2021 08:01:33 GMT):
Hi @roshan13046 , once you are sure that you are done with the task assigned then yes raise a PR

jagpreet (Tue, 31 Aug 2021 09:28:45 GMT):
Thanks for recreating the error. I have created an issue in this regard on Blockchain Automation Framework github issue board. You can refer and track the issue progress [here](https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1642). Your contribution on the same, is highly appreciated.

SoundaryaAyyappan (Wed, 01 Sep 2021 05:07:19 GMT):
Thanks @jagpreet

angela.alagbe (Wed, 01 Sep 2021 08:41:29 GMT):
Hi @suryalanka , we will need some more details on your setup

suvajit-sarkar (Thu, 02 Sep 2021 11:23:13 GMT):
Hi All, Please free feel to join the PI Demo today (2nd Sep) at 12pm GMT on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 Agenda as follows - 1. Code walk through of Ansible decoupling PR 2. Discussion on Flux v2 upgrade in BAF

MarioSavard (Thu, 02 Sep 2021 12:33:32 GMT):
I have a high level question about deploying a consortium. For instance, let say I have 2 organizations. In example network.yaml, all information for both organization are their (token, password, etc). In real life, I guess this is not something you want. So how do you deploy for each organization only their components without having a single "administrator" deploying for all organizations? Do you need to create 1 network.yaml for each organization? if so, what is common and what is different for each organization in this file? The documentation clearly mention that each organization should deploy their component but I haven't seen any example of splitted network.yaml file for each organization. I understand that it is simpler for the stake of example but not sure how to split them for a real case scenario where each organization would deploy their own stack on their own cluster.

sownak (Thu, 02 Sep 2021 13:38:05 GMT):
Ideally, the process will differ for different DLT platforms, for example, for Corda, one organization must run the CENM part and then every other organization will join using the details shared from the CENM org. For Fabric, the base network has to be done by a single administrator, and then each org can go on and add new peers.

sownak (Thu, 02 Sep 2021 13:39:35 GMT):
The split network examples can be taken from add-org samples. Everything that is outside the `organization` tag is common for each org, especially the network_services section

mwklein (Thu, 02 Sep 2021 16:04:14 GMT):
For purposes of clarity, in a true production implementation we would expect multiple network.yaml files... one for each organization that is independently running the various services and nodes of the network. As mentioned by @sownak above, how this actual takes shape depends on the details of the consortium design, the necessary services of the selected DLT platform, and who will be operating these services. The idea behind BAF is that it can handle any/all of these scenarios. This flexibility does come with a trade-off of greater responsibility of BAF users/operators to understand the complexities of these underlying DLT platforms.

MarioSavard (Thu, 02 Sep 2021 17:41:42 GMT):
thank you both of you for your answers. I will deep dive into these details to better understand what in the game in a production level scenario. I have read some documentation about it but still attempting to align with the technology side of it.

SoundaryaAyyappan (Fri, 03 Sep 2021 04:59:11 GMT):
Hi All, using BAF release v0.9.0.0, I am trying to setup a hyperledger fabric network (v2.2.0). My network configuration has 6 channels and 13 orgs. All the tasks till createchannel job came up successfully. Also the tx files used for anchor peer updation were generated by BAF. But the joinchannel job and anchor peer updation jobs are not even coming up for the first org itself. So for the remaining orgs, these jobs are failing. Can anyone please let me know if there is a limitation in number of channels and orgs that I should configure in network.yaml, so that all the jobs work fine? Thanks.

SoundaryaAyyappan (Fri, 03 Sep 2021 04:59:11 GMT):
Hi All, using BAF release v0.9.0.0, I am trying to setup a hyperledger fabric network (v2.2.0). My network configuration has 6 channels and 13 orgs. All the tasks till createchannel job came up successfully. Also the tx files used for anchor peer updation were generated by BAF. But the joinchannel job and anchor peer updation jobs are not even coming up for the first org itself. So for the remaining orgs, these jobs are failing. I tested with 2 channels, all the jobs like createchannel, joinchannel, anchor peer updation were done without any issue. Can anyone please let me know if there is a limitation in number of channels and orgs that I should configure in network.yaml, so that all the jobs work fine? Thanks.

jagpreet (Fri, 03 Sep 2021 08:45:29 GMT):
Can you refer to the troubleshooting steps as mentioned [here](https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html) (Table F, Section F4)

nkaramolegos (Fri, 03 Sep 2021 15:53:22 GMT):
Has joined the channel.

nkaramolegos (Fri, 03 Sep 2021 15:53:23 GMT):
Has anybody deploy HLF 2.2 for production using blockchain automation framework?

sownak (Mon, 06 Sep 2021 08:22:38 GMT):
Is the question regarding a production use case only, or are you looking for help on some specific issue?

nkaramolegos (Mon, 06 Sep 2021 08:31:11 GMT):
I want to deploy a network with M orgs in one channel to multiple hosts. Also, I want to add an other channel and orgs to this in order to extend my network

sownak (Mon, 06 Sep 2021 08:33:51 GMT):
if that is the only question, it has been done for a few production systems, not necessarily with Fabric 2.2, but when using BAF, the versions do not matter much. Also, BAF deploys on existing Kubernetes cluster(s)

nkaramolegos (Mon, 06 Sep 2021 08:37:56 GMT):
Also, what I gain with BAF? What is the difference with cell?

nkaramolegos (Mon, 06 Sep 2021 08:37:56 GMT):
Also, what I gain with BAF? What is the difference with cello?

sownak (Mon, 06 Sep 2021 09:00:03 GMT):
Key concepts: https://blockchain-automation-framework.readthedocs.io/en/latest/keyconcepts.html Fabric operations: https://blockchain-automation-framework.readthedocs.io/en/latest/operationalguide.html#fabric-operations BAF supports multiple Blockchain platforms including Fabric 2.2.2 and 1.4.x

nkaramolegos (Mon, 06 Sep 2021 12:22:03 GMT):
In a nutshell is BAF the right tool/framework to deploy my network to multiple hosts and update the chaincodes, or the network configuration? (channels, numbers of orgs etc)

sownak (Mon, 06 Sep 2021 12:29:14 GMT):
That is something that you will have to decide on, we can only give you details of what BAF can or cannot do. We do not have the complete context to make the product choice for you.

nkaramolegos (Mon, 06 Sep 2021 12:32:36 GMT):
I understand but I am new to fabric and also new to tools like k8s. The concept is that we will create a single channel consortium with some orgs which will validate the smart contracts. Each time a new customer logs in to our platform we have to create a new channel with some new orgs with an other chaincode. This process we will like to be as much as automatic can be. Also, we want to update the chaincode to each channel

sownak (Tue, 07 Sep 2021 09:43:41 GMT):
You should be able to use BAF for all those things. BAF is an operations tool, so will be good for an operator to understand Ansible and Kubernetes before using BAF.

nkaramolegos (Tue, 07 Sep 2021 10:10:41 GMT):
As I can see the deployment can take place to cloud service providers. If I would like to deploy the network to my infrastructure (e.g 3 hosts) how easy is that?

sownak (Tue, 07 Sep 2021 10:11:47 GMT):
BAF works on Kubernetes, so of your infrastructure has Kubernetes, it will work. If you don't have Kubernetes, it wont.

nkaramolegos (Tue, 07 Sep 2021 10:12:59 GMT):
Of course I will deploy firstly the k8s. Ok I have to study. Thank you for your time.

sownak (Tue, 07 Sep 2021 10:13:39 GMT):
We recommend using Managed Kubernetes services from different cloud providers

nkaramolegos (Tue, 07 Sep 2021 10:15:20 GMT):
Such as?

sownak (Tue, 07 Sep 2021 10:28:45 GMT):
AWS EKS, Google GKE, Azure AKS

nkaramolegos (Wed, 08 Sep 2021 09:56:28 GMT):
In the section of adding a new channel I see the following note "NOTE: Do not try to add a new organization as a part of this operation. Use only existing organization for new channel addition." Thus, If I had to deploy a network with orgA and orgB (with 2 peers each one) to channelA and after sometime I want to extend my network and add a new channelB with orgC and orgD (and 2 new peers each one) should I firstly create the channelB and then create the orgsC and orgD?

sownak (Wed, 08 Sep 2021 10:29:42 GMT):
no, the other way. First create the organisations and then create the channels.

nkaramolegos (Wed, 08 Sep 2021 10:34:58 GMT):
yes, I was confused to the description. The summary is that the extension of the network with the one or the other way is supported. Nice job. Also, the extension of the network does have a limit on channel numbers or orgs? Or the limit is the k8s cluster capabilities?

sownak (Wed, 08 Sep 2021 10:37:07 GMT):
That you have to test as per your use-case and find out, the code is not stress-tested.

nkaramolegos (Wed, 08 Sep 2021 11:07:40 GMT):
hmm ok. If there is problem, always there is the choice for deployment to another k8s cluster

sownak (Wed, 08 Sep 2021 11:07:56 GMT):
yes, or scale up the cluster

nkaramolegos (Wed, 08 Sep 2021 13:35:03 GMT):
For HLF 2.2.x which version of fabric-ca is supported? Also, should the deployment of chaincode to be in Go-lang?

sownak (Wed, 08 Sep 2021 13:56:23 GMT):
ca version is 1.4.8, our sample chaincode is go, but I guess other community members have use java chaincode

nkaramolegos (Wed, 08 Sep 2021 13:57:42 GMT):
I assume that the language does not change something to the BAF scripts

j-s (Wed, 08 Sep 2021 21:41:51 GMT):
Hi, is there a specific resource for generating/creating the connection profile that a client can use to connect to the Fabric network, when it's up and running?

j-s (Wed, 08 Sep 2021 21:41:51 GMT):
Hi, is there a specific resource for *generating/creating* the *connection profile* that a client can use to connect to the Fabric network, when it's up and running?

j-s (Wed, 08 Sep 2021 21:41:51 GMT):
Hi, is there a specific resource for *generating/creating* the *connection profile* that a client can use to connect to the *Fabric* network using blockchain-automation-framework, when it's up and running?

j-s (Wed, 08 Sep 2021 21:49:20 GMT):
I tried making one based on details from my network but maybe I did it wrong. I'm getting this error meaning I can't connect to the peer, though I can assume the role of the created admin and create new users (implying I can connect to the CA, I think)... ``` [0] 2021-09-08T18:27:52.460Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: < ... >, connected:false, connectAttempted:true [0] 2021-09-08T18:27:52.460Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server < ... > timeout:3000 [0] 2021-09-08T18:27:52.461Z - info: [NetworkConfig]: buildPeer - Unable to connect to the endorser < ... > due to Error: Failed to connect before the deadline on Endorser- name: < ... >, connected:false, connectAttempted:true [0] at checkState (< ... >/node_modules/@grpc/grpc-js/build/src/client.js:73:26) [0] at Timeout._onTimeout < ... >node_modules/@grpc/grpc-js/build/src/channel.js:382:17) [0] at listOnTimeout (internal/timers.js:557:17) [0] at processTimers (internal/timers.js:500:7) { [0] connectFailed: true [0] } < ... > [0] 2021-09-08T18:27:55.469Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Discoverer- name: < ... >, connected:false, connectAttempted:true [0] 2021-09-08T18:27:55.469Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server < ... > timeout:3000 [0] 2021-09-08T18:27:55.469Z - error: [ServiceEndpoint]: ServiceEndpoint < ... > reset connection failed :: Error: Failed to connect before the deadline on Discoverer- name: < ... >, connected:false, connectAttempted:true [0] 2021-09-08T18:27:55.469Z - error: [DiscoveryService]: send[< ... >] - no discovery results [0] Failed to evaluate transaction: Error: DiscoveryService has failed to return results ```

sownak (Thu, 09 Sep 2021 08:38:57 GMT):
check our example fabric restserver code. We have a helm chart example here examples/supplychain-app/charts/fabric-restserver/templates/configmap.yaml

nkaramolegos (Thu, 09 Sep 2021 13:15:04 GMT):
Is there any demo for the fablic client application as shown here https://github.com/hyperledger-labs/blockchain-automation-framework/tree/main/examples/supplychain-app/fabric/express_nodeJs

nkaramolegos (Thu, 09 Sep 2021 13:26:33 GMT):
Also, does the BAF manage and operate blockchains efficiently and automatically? (e.g when a pod has a problem or somehow something went wrong)? Or is just for deployment

sownak (Thu, 09 Sep 2021 15:23:58 GMT):
If by demo you mean a permanently working solution which is available always, then no. You are free to use the code to deploy the application in your own environment.

sownak (Thu, 09 Sep 2021 15:26:25 GMT):
BAF is a deployment tool, it is not a monitoring tool. You will be using other generic monitoring tools for that purpose. Kubernetes provides some amount of backup and restore by default, but if you need more advanced system you will have to look into other Kubernetes backup and restore toolsets.

nkaramolegos (Fri, 10 Sep 2021 07:13:25 GMT):
So if a pod is dead there is no mechanism for get over it?

nkaramolegos (Fri, 10 Sep 2021 07:14:14 GMT):
No, I mean a video with the example application running

sownak (Fri, 10 Sep 2021 08:19:44 GMT):
Have you used Kubernetes before? Kubernetes is supposed to take care of dead pods themselves, that is why you use Kubernetes orchestration instead of managing containers yourself

sownak (Fri, 10 Sep 2021 08:22:41 GMT):
You can find videos here https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework+lab and youtube playlist https://www.youtube.com/playlist?list=PLxjlD8kRvTIiThGQvRvEQP364-xp5AijF

nkaramolegos (Fri, 10 Sep 2021 08:24:56 GMT):
hmm, so it can recover if fails. I think that it is good for start. I am not expert to develop my own operator for now. Thanks

gameprofits (Sat, 11 Sep 2021 03:08:01 GMT):
Has joined the channel.

gameprofits (Sat, 11 Sep 2021 03:08:01 GMT):
well its pretty late, lol

gameprofits (Sat, 11 Sep 2021 15:32:26 GMT):
:woo:

suvajit-sarkar (Mon, 13 Sep 2021 04:36:59 GMT):
Hi All, Please free to join the sprint planning today (13th Sep 12:00 pm GMT) on below zoom link https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

roshan13046 (Mon, 13 Sep 2021 14:56:08 GMT):
Hi, Suvajit. I missed todays session. Can I get the recorded session of todays sprint planning?

suvajit-sarkar (Mon, 13 Sep 2021 15:00:31 GMT):
Sorry Roshan, the planning sessions are not recorded. You can have a look at the project board for current issues we would be working on.

Paolo Marin (Wed, 15 Sep 2021 05:15:17 GMT):
Has joined the channel.

Paolo Marin (Wed, 15 Sep 2021 05:15:18 GMT):
I have missed the call, is there any recording avaiavle?

mukulverm4 (Wed, 15 Sep 2021 09:44:49 GMT):
Has joined the channel.

mukulverm4 (Wed, 15 Sep 2021 09:44:50 GMT):
Hi team, first of all, thank you for your contribution to open source with such an important project. I was trying out BAF for Hyperledger Fabric, it works for single-host deployment, but my aim is multi-host deployment. I went through the documentation and was not able to find a definitive guide on how to deploy for multi-host. I tried to set up by playing around with the configuration file for each organization but did not make much progress. The issue is that as per the deploy-network playbook the 'configtx.yaml' file contains the definition for each org that is taken from the 'organizations' key in the configuration file (Task - Adding organization patch to configtx.yaml), but if the aim is multi host deployment, the file should ideally contain only one organization definition. So, I am confused about how the 'configtx.yaml' will get the org definition. Can someone please help me? Maybe point me to the right documentation on multi-host deployment if I have missed anything. Thanks in advance.

sownak (Thu, 16 Sep 2021 08:22:18 GMT):
BAF deploys on multiple Kubernetes clusters (each org has their own cluster and git details). But for a Fabric network to start, the genesis file has to be generated by the consortium, so, for genesis, all orgs which are part of the genesis should be in a single network.yaml. After the genesis is complete, you can onboard new members by sharing your orderer public keys and details. This is a governance issue and not a technical problem which BAF can solve.

sownak (Thu, 16 Sep 2021 08:23:52 GMT):
Check this discussion https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=o438LdbXHZcp68LQv

MarioSavard (Thu, 16 Sep 2021 15:43:16 GMT):
Recalling from that thread and from that sentence I found on the BAF: "Supports heterogeneous deployments in a multi-cloud, multi-owner model where each node is completely owned and managed by separate organizations" ... We succesfully managed to deploy 2 organisations using the same network.yaml file. Then, we attempted to deploy a third one that would simulate independency using a different network.yaml. From the discussion we had, we kept all the network node which include the channel and all other parameters. In the organizations section, we kept only the new organizations. When triggering the deployment, we had multiple issue complaining about unknow, undefined organizations. We ended up adding all organizations to the network.yaml file. Also, it seems that simple description was not enough because of the schema, we had to add cluster information, github information which are supposed to be private. My question is about the current state of the BAF. Is anybody ever tried to achieve an independent deployment like this or this is the actual target expected to be reached version 1.0.0 ? I'm not actually complaining on anything but just trying to figure out how to achieve the featured capabilities I pasted above. Thanks.

sownak (Thu, 16 Sep 2021 16:21:08 GMT):
For Fabric, each new Org has to be accepted by the existing orgs, sign and share the configtx update. So, it has to be done by someone who has access to all orgs, otherwise it is a manual process of signing the update and sending it to another admin for signing. You may want to look at Fabric Operations console if you want that kind of independence (even that is in beta stage)

amarnadh (Fri, 17 Sep 2021 05:50:09 GMT):
While trying to install Javascript chaincode in HLF in Kubernetes (eks) , I am getting the following error : Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image build failed: docker build failed: Error returned from build: npm ERR! code EAI_AGAIN npm ERR! errno EAI_AGAIN npm ERR! request to https://registry.npmjs.org/fabric-contract-api/-/fabric-contract-api-2.2.0.tgz failed, reason: getaddrinfo EAI_AGAIN registry.npmjs.org Can someone please help with this. The same network works fine when golang chaincode is used.

sownak (Fri, 17 Sep 2021 08:51:31 GMT):
Looks like an npm error.

amarnadh (Mon, 20 Sep 2021 05:33:56 GMT):
Is it possible to deploy 2 or more HLF networks (Each network having multiple clusters as Orgs) using BAF at the same time using 1 ansibe host ?

amarnadh (Mon, 20 Sep 2021 05:33:56 GMT):
Is it possible to deploy 2 or more HLF networks (Each network having multiple clusters as Orgs) using BAF at the same time using 1 ansibe host ? Context of qstn : When Kubectl context changes each time for 1 network and If the context changes again for another cluster, wont this affect the running playbook

sownak (Mon, 20 Sep 2021 07:31:42 GMT):
We have never tried it. You may try and check. But most likely you will still need to have two separate git clones and branches for two separate networks otherwise git checkin will keep conflicting.

NavaL3 (Tue, 21 Sep 2021 06:44:54 GMT):
Has joined the channel.

NavaL3 (Tue, 21 Sep 2021 06:44:55 GMT):
can anyone provide the sample fabric network-conf.yaml file for minikube

NavaL3 (Tue, 21 Sep 2021 06:45:14 GMT):
?

nkaramolegos (Tue, 21 Sep 2021 09:03:33 GMT):
I would like to have it too. In which operating system did you build your minikube k8s cluster?

NavaL3 (Tue, 21 Sep 2021 09:04:22 GMT):
ubuntu-18.04

nkaramolegos (Tue, 21 Sep 2021 10:45:27 GMT):
me too ubuntu 20.04, and what instructions did you follow to deploy the k8s cluster

nkaramolegos (Tue, 21 Sep 2021 10:45:27 GMT):
me too ubuntu 20.04, and what instructions did you follow to deploy the k8s cluster?

NavaL3 (Tue, 21 Sep 2021 11:35:16 GMT):
by referring the official documentation

NavaL3 (Tue, 21 Sep 2021 11:35:40 GMT):
of minikube... can you provide the sample file ?

nkaramolegos (Tue, 21 Sep 2021 14:03:26 GMT):
I don't have it. I am trying to understand what is going on

JonathanScialpi (Tue, 21 Sep 2021 17:44:30 GMT):
Has joined the channel.

JonathanScialpi (Tue, 21 Sep 2021 17:44:30 GMT):
I think you have to use use this one: https://github.com/JonathanScialpi/blockchain-automation-framework/blob/main/platforms/hyperledger-indy/configuration/samples/network-minikube.yaml

JonathanScialpi (Tue, 21 Sep 2021 17:44:30 GMT):
I think you have to use use this one: https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/hyperledger-indy/configuration/samples/network-minikube.yaml

JonathanScialpi (Tue, 21 Sep 2021 17:45:10 GMT):
Hi, I am getting a docker error when trying to run BAF via minikube: Starting build process... Adding env variables... Validatin network yaml error: Cannot find schema '/home/blockchain-automation-framework/platforms/network-schema.json'

JonathanScialpi (Tue, 21 Sep 2021 17:45:29 GMT):
Anyone know how to fix or suggestions?

JonathanScialpi (Tue, 21 Sep 2021 17:47:57 GMT):
Followed this guide: https://blockchain-automation-framework.readthedocs.io/en/latest/developer/baf_minikube_setup.html I used hyperledger-indy/configuration/samples/network-minikube.yaml

NavaL3 (Tue, 21 Sep 2021 18:24:23 GMT):
TASK [/root/BAF/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/check/k8_component : Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding] *** FAILED - RETRYING: Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding (20 retries left) Anyone tell this issue ?

NavaL3 (Tue, 21 Sep 2021 19:16:52 GMT):
thanks @JonathanScialpi

suvajit-sarkar (Wed, 22 Sep 2021 08:50:40 GMT):
if you are using baf-build to deploy, ensure that the repo is mounted properly in the docker container

nkaramolegos (Wed, 22 Sep 2021 08:55:55 GMT):
Note that this files is for indy

sownak (Wed, 22 Sep 2021 10:01:58 GMT):
Waiting for creation of something on Kubernetes is not an issue

sownak (Wed, 22 Sep 2021 10:03:47 GMT):
Our core team have stopped supporting minikube deployments, but you should have examples already as mentioned above, or you can also check proxy-none sample network.yamls

NavaL3 (Wed, 22 Sep 2021 11:28:46 GMT):
FAILED - RETRYING: Wait for ServiceAccount baf-authority-authority-trustee-vault-auth (1 retries left). fatal: [localhost]: FAILED! => {"api_found": true, "attempts": 20, "changed": false, "resources": []}

NavaL3 (Wed, 22 Sep 2021 11:29:12 GMT):
ansible playbook execution failed after 20 retries....

sownak (Wed, 22 Sep 2021 11:29:59 GMT):
Then you have to follow https://blockchain-automation-framework.readthedocs.io/en/latest/operations/baf_verify.html

JonathanScialpi (Wed, 22 Sep 2021 15:11:11 GMT):
can you be a little more specific? how can I trouble shoot this? Do I check the dockerfile? What should the path match?

JonathanScialpi (Wed, 22 Sep 2021 15:11:17 GMT):
thank you

pvrbharg (Wed, 22 Sep 2021 19:41:54 GMT):
Has joined the channel.

pvrbharg (Wed, 22 Sep 2021 19:42:21 GMT):
Has left the channel.

pvrbharg (Wed, 22 Sep 2021 19:44:01 GMT):
Has joined the channel.

pvrbharg (Wed, 22 Sep 2021 19:55:30 GMT):
@sownak @JonathanScialpi @suvajit-sarkar I am newbie to BAF and trying to find out if there is a suggested version of BAF that I need to get started. Should it work if I try to install BAF on a single node, single cluster laptop hosted K8S cluster that has control and data plane on one laptop? [Taint]. I am looking for a bootstrap learning. Also does it need a LB or Ingress Controller and this link does not work. https://www.getambassador.io/docs/latest/about/why-ambassador/. What should I use instead of HA Proxy? FORWARD THANKING YOU!

angela.alagbe (Thu, 23 Sep 2021 08:49:08 GMT):
As network-schema.json is within our BAF repo, the issue could be because the mount path to the BAF repo in your dockerfiles is not correct so ensure that you are running this command ``docker run -v $(pwd):/home/blockchain-automation-framework/ baf-build`` from the root directory. The last check you could do is to try checking your container by doing an exec into it and doing ls to check the path of your BAF repository

angela.alagbe (Thu, 23 Sep 2021 08:49:08 GMT):
As network-schema.json is within our BAF repo, the issue could be because the mount path to the BAF repo in your dockerfiles is not correct. Ensure that you are running this command `docker run -v $(pwd):/home/blockchain-automation-framework/ baf-build` from the root directory. The last check you could do is to try checking your container by doing an exec into it and doing ls to check the path of your BAF repository

suvajit-sarkar (Thu, 23 Sep 2021 08:52:12 GMT):
https://wiki.hyperledger.org/display/labs/Blockchain+Automation+Framework+lab try the BAF deployment path

NavaL3 (Thu, 23 Sep 2021 10:18:07 GMT):
Hello @sownak, TASK [setup/flux : Checking if the namespace flux-local already exists] ****************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/flux/tasks/main.yaml:2 redirecting (type: modules) ansible.builtin.k8s_info to kubernetes.core.k8s_info fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get client due to HTTPSConnectionPool(host='192.168.49.2', port=8443): Max retries exceeded with url: /version (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 110] Connection timed out'))"}

NavaL3 (Thu, 23 Sep 2021 10:18:53 GMT):
im facing issue while installa BAF on minikube

NavaL3 (Thu, 23 Sep 2021 10:19:21 GMT):
can you please help here? Eagerly waiting for you response.

NavaL3 (Thu, 23 Sep 2021 10:20:43 GMT):
i tried to install pip3 install -Iv kubernetes==11.0.0 pip3 install -Iv openshift==0.11

NavaL3 (Thu, 23 Sep 2021 10:20:56 GMT):
but seems its failed...

NavaL3 (Thu, 23 Sep 2021 10:21:31 GMT):
Referring : https://blockchain-automation-framework.readthedocs.io/en/develop/developer/baf_minikube_setup.html

pvrbharg (Thu, 23 Sep 2021 11:47:46 GMT):
@suvajit-sarkar Thank you for your guidance and I would update us here - as to what I find. Best wishes.

JonathanScialpi (Thu, 23 Sep 2021 18:20:21 GMT):
what should we put for cloud_provider in the network.yaml if our cloud provider is IBM_Coud

JonathanScialpi (Thu, 23 Sep 2021 18:20:21 GMT):
what should we put for cloud_provider in the network.yaml if our cloud provider is IBM Coud

JonathanScialpi (Thu, 23 Sep 2021 18:24:54 GMT):

Screen Shot 2021-09-23 at 2.24.38 PM.png

JonathanScialpi (Thu, 23 Sep 2021 19:51:47 GMT):
Also, if we are using ssh connection to gitops, what do we put for the "optional" password? Just comment out the field totally?

pvrbharg (Thu, 23 Sep 2021 20:24:53 GMT):
@sownak @suvajit-sarkar @JonathanScialpi I have two questions. How do I set up an instance on my local laptop if I do not have access to a cloud instance? How do I configure if I want to try setting up an instance on a free 30 days account on IBM cloud? As Jonathan indicates - there is no config param for IBM Cloud deployment. IBM Cloud give an instance of KS free for 30 days - to test run the tool and learn from. Also the wiki video talks about kafka consensus - that is pretty dated and I am looking for Raft and more current release versions of HLF like 2.2.3 or above. Can you please help? FORWARD THANKING YOU!

nkaramolegos (Fri, 24 Sep 2021 07:44:41 GMT):
How the client application has acces to the BC network? Lets say that the application is running to my laptop. How can I configure it?

nkaramolegos (Fri, 24 Sep 2021 07:44:41 GMT):
How the client application has access to the BC network? Lets say that the application is running to my laptop. How can I configure it?

kaveri (Fri, 24 Sep 2021 08:37:13 GMT):
Hi @JonathanScialpi , yes you can comment out the password field for ssh.

kaveri (Fri, 24 Sep 2021 08:37:13 GMT):
Hi @JonathanScialpi , yes you can comment out the password field for ssh. It is required for https connection, for which you can use your github personal access token.

sownak (Fri, 24 Sep 2021 08:44:44 GMT):
If there is a Kubernetes platform deployed on IBM Cloud, then BAF will deploy your network there; you would have to add appropriate storageclass because that is the main difference between cloud platforms. How to add storageclass is here https://blockchain-automation-framework.readthedocs.io/en/latest/operations/adding_new_storageclass.html

sownak (Fri, 24 Sep 2021 08:46:07 GMT):
you will use a SDK/API to connect to the Blockchain network. You can see examples in our examples directory.

nkaramolegos (Fri, 24 Sep 2021 08:46:29 GMT):
Do you have a doc on that?

sownak (Fri, 24 Sep 2021 08:46:58 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/example/supplychain.html

sownak (Fri, 24 Sep 2021 08:47:28 GMT):
and as you are working with Fabric, Fabric-examples have much better examples on how to configure rest api

sownak (Fri, 24 Sep 2021 08:49:27 GMT):
Although our core team does not support minikube queries, here it seems your minikube Kubernetes IP has changed but your kubeconfig is referring to old minikube IP

sownak (Fri, 24 Sep 2021 08:51:59 GMT):
Also, if you are using baf-build container, you dont need to install kubernetes or openshift on your own machine

sownak (Fri, 24 Sep 2021 09:01:03 GMT):
For supporting a new cloud-provider, the main change that you will have to do is create a storageclass template. And then change the network.yaml accordingly. See PR for digitalocean https://github.com/hyperledger-labs/blockchain-automation-framework/pull/1260/files

nkaramolegos (Fri, 24 Sep 2021 09:01:57 GMT):
Ok, so I would not have problem with that. Do I have to install HLF to the laptop running the client or due to the rest api the only thing that I need is API calls? Somehow, I have to configure the users of the app

sownak (Fri, 24 Sep 2021 09:11:17 GMT):
HLF is a blockchain platform, so, it has to be deployed on something before you can use it. It can be your laptop but you will have to create a blockchain network (multiple peers/orderers) and then connect to one peer from your application

NavaL3 (Sat, 25 Sep 2021 05:34:41 GMT):
ok

NavaL3 (Sun, 26 Sep 2021 11:31:44 GMT):
TASK [create/ca-server : Copy the crypto material to Vault] ****************************************************************************************** task path: /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/roles/create/ca-server/tasks/main.yaml:55 fatal: [localhost]: FAILED! => {"changed": false, "cmd": "vault write secret/crypto/ordererOrganizations/supplychain-net/ca ca.supplychain-net-cert.pem=\"$(cat \"./build/crypto-config/ordererOrganizations/supplychain-net/ca/ca.supplychain-net-cert.pem\")\" supplychain-net-CA.key=\"$(cat \"./build/crypto-config/ordererOrganizations/supplychain-net/ca/supplychain-net-CA.key\")\"\n", "delta": "0:00:00.109985", "end": "2021-09-26 16:54:15.350589", "msg": "non-zero return code", "rc": 2, "start": "2021-09-26 16:54:15.240604", "stderr": "Error writing data to secret/crypto/ordererOrganizations/supplychain-net/ca: Error making API request.\n\nURL: PUT http://192.168.43.55:8200/v1/secret/crypto/ordererOrganizations/supplychain-net/ca\nCode: 404. Errors:\n\n* no handler for route 'secret/crypto/ordererOrganizations/supplychain-net/ca'", "stderr_lines": ["Error writing data to secret/crypto/ordererOrganizations/supplychain-net/ca: Error making API request.", "", "URL: PUT http://192.168.43.55:8200/v1/secret/crypto/ordererOrganizations/supplychain-net/ca", "Code: 404. Errors:", "", "* no handler for route 'secret/crypto/ordererOrganizations/supplychain-net/ca'"], "stdout": "", "stdout_lines": []} PLAY RECAP ******************************************************************************************************************************************* localhost : ok=118 changed=42 unreachable=0 failed=1 skipped=182 rescued=0 ignored=3

NavaL3 (Sun, 26 Sep 2021 11:32:31 GMT):
Facing this issue.... anybody can help me here ??

suvajit-sarkar (Mon, 27 Sep 2021 06:59:16 GMT):
Hi All, Please free to join the sprint planning today (27th Sep 12:00 pm GMT) on below zoom link https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

sownak (Mon, 27 Sep 2021 08:40:36 GMT):
most likely you have not enabled secret engine with path as "secret"

nkaramolegos (Tue, 28 Sep 2021 08:16:31 GMT):
@pvrbharg Do you make it?

NavaL3 (Thu, 30 Sep 2021 06:13:15 GMT):
@sownak ,

NavaL3 (Thu, 30 Sep 2021 06:13:24 GMT):
TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/helm_lint : Run helm lint] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/helm_lint/tasks/main.yaml:36 changed: [localhost] => {"changed": true, "cmd": "helm lint -f \"./build/test/manufacturer-net-ca.yaml\" \"/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../platforms/hyperledger-fabric/charts/ca\"\n", "delta": "0:00:00.088083", "end": "2021-09-30 11:29:49.452461", "msg": "", "rc": 0, "start": "2021-09-30 11:29:49.364378", "stderr": "coalesce.go:200: warning: cannot overwrite table with non table for service (map[])\ncoalesce.go:200: warning: cannot overwrite table with non table for service (map[])\ncoalesce.go:200: warning: cannot overwrite table with non table for service (map[])", "stderr_lines": ["coalesce.go:200: warning: cannot overwrite table with non table for service (map[])", "coalesce.go:200: warning: cannot overwrite table with non table for service (map[])", "coalesce.go:200: warning: cannot overwrite table with non table for service (map[])"], "stdout": "==> Linting /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../platforms/hyperledger-fabric/charts/ca\n[INFO] Chart.yaml: icon is recommended\n\n1 chart(s) linted, 0 chart(s) failed", "stdout_lines": ["==> Linting /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../platforms/hyperledger-fabric/charts/ca", "[INFO] Chart.yaml: icon is recommended", "", "1 chart(s) linted, 0 chart(s) failed"]} Please help here....

NavaL3 (Thu, 30 Sep 2021 06:14:23 GMT):
TASK [/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../shared/configuration/roles/helm_lint : Run helm lint] *** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/helm_lint/tasks/main.yaml:36 changed: [localhost] => {"changed": true, "cmd": "helm lint -f \"./build/test/manufacturer-net-ca.yaml\" \"/home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../platforms/hyperledger-fabric/charts/ca\"\n", "delta": "0:00:00.088083", "end": "2021-09-30 11:29:49.452461", "msg": "", "rc": 0, "start": "2021-09-30 11:29:49.364378", "stderr": "coalesce.go:200: warning: cannot overwrite table with non table for service (map[])\ncoalesce.go:200: warning: cannot overwrite table with non table for service (map[])\ncoalesce.go:200: warning: cannot overwrite table with non table for service (map[])", "stderr_lines": ["coalesce.go:200: warning: cannot overwrite table with non table for service (map[])", "coalesce.go:200: warning: cannot overwrite table with non table for service (map[])", "coalesce.go:200: warning: cannot overwrite table with non table for service (map[])"], "stdout": "==> Linting /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../platforms/hyperledger-fabric/charts/ca\n[INFO] Chart.yaml: icon is recommended\n\n1 chart(s) linted, 0 chart(s) failed", "stdout_lines": ["==> Linting /home/blockchain-automation-framework/platforms/hyperledger-fabric/configuration/../../../platforms/hyperledger-fabric/charts/ca", "[INFO] Chart.yaml: icon is recommended", "", "1 chart(s) linted, 0 chart(s) failed"]}

NavaL3 (Thu, 30 Sep 2021 06:14:47 GMT):
Anybody knows ??? Whats the issue.???

NavaL3 (Thu, 30 Sep 2021 06:15:07 GMT):
CA pods are not getting connecting

NavaL3 (Thu, 30 Sep 2021 06:15:07 GMT):
CA pods are not creating in cluster...

kaveri (Thu, 30 Sep 2021 08:24:06 GMT):
Hi @NavaL3 Did your process failed at this step? If yes, then there might be some syntax error in the chart that failed (hyperledger-fabric/charts/ca). If not, you can ignore the 'icon recommendation warning' as that is optional, as per Helm Documentation: icon: A URL to an SVG or PNG image to be used as an icon (optional). https://helm.sh/docs/topics/charts/#the-chartyaml-file

kaveri (Thu, 30 Sep 2021 08:33:47 GMT):
Hi @NavaL3 Did your process failed at this step? If yes, then there might be some syntax error in the chart that failed (hyperledger-fabric/charts/ca). If not, you can ignore the 'icon recommendation warning' as that is optional, as per Helm Documentation: icon: A URL to an SVG or PNG image to be used as an icon (optional). https://helm.sh/docs/topics/charts/#the-chartyaml-file

kaveri (Thu, 30 Sep 2021 08:33:47 GMT):
Hi @NavaL3 Did your process fail at this step? If yes, then there might be some syntax error in the chart that failed (hyperledger-fabric/charts/ca). If not, you can ignore the 'icon recommendation warning' as that is optional, as per Helm Documentation: icon: A URL to an SVG or PNG image to be used as an icon (optional). https://helm.sh/docs/topics/charts/#the-chartyaml-file

sownak (Thu, 30 Sep 2021 12:21:55 GMT):
The first google search with the error message leads me to this https://github.com/helm/helm/issues/7902. Looks like an issue with the helm version you have, maybe try upgrade your helm version

jagpreet (Fri, 01 Oct 2021 08:38:14 GMT):
Yes, our current helm version is v3.6.2

gameprofits (Fri, 01 Oct 2021 21:20:00 GMT):
mate thatlooks like some sorta database bug with the helm chart installing,

NavaL3 (Mon, 04 Oct 2021 06:35:20 GMT):
i got same issue while downgrade helm version to 3.2.4

Vgkmanju (Fri, 08 Oct 2021 09:15:49 GMT):
Hi All, We are using Azure kubernetes cluster 1.20.9. In that we created hyperledger fabric 2.2.0 network with 2orgs and 1 peer for each org using BAF. I have enabled external builder launcher in peer pods. After packaging the chaincode, when i trying to install chaincode in the peer, I got the following error `Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: cannot connect to Docker endpoint ` Can anyone suggest how to resolve this? and while installation( it contains only connection.json(servicer name, cert) and metadata.json(chaincode type as external, and label) file) does the peer needs docker?

Vgkmanju (Fri, 08 Oct 2021 09:15:49 GMT):
Hi All, We are using Azure kubernetes cluster 1.20.9. In that we created hyperledger fabric 2.2.0 network with 2orgs and 1 peer for each org using BAF. I have enabled external builder launcher in peer pods. After packaging the chaincode, when i trying to install chaincode in the peer, I got the following error `Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: cannot connect to Docker endpoint` Can anyone suggest how to resolve this? and while installation( it contains only connection.json(servicer name, cert) and metadata.json(chaincode type as external, and label) file) does the peer needs docker?

Vgkmanju (Fri, 08 Oct 2021 10:54:47 GMT):
Issue resolved. I gave permission to external builder script files (build, detect, release)

hiroyukihonda (Mon, 11 Oct 2021 03:47:00 GMT):
https://blockchain-automation-framework.readthedocs.io/en/main/keyConcepts/vault.html?highlight=consul#securing-rpc-communication-with-tls-encryption >The recomended tool for vault certificate management is Consul. According to the blockchain-automation-framework documentation, Consul is recommended for TLS communication with Vault. In this case, is it supposed that the features of Consul Connect will be used? Or is it another feature?

suvajit-sarkar (Mon, 11 Oct 2021 04:29:02 GMT):
Hi All, Please free to join the sprint planning today (11th Oct 12:00 pm GMT) on below zoom link https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

sownak (Mon, 11 Oct 2021 08:25:51 GMT):
That will depend on how you set up your Vault and Consul. BAF only needs a Vault URL and a root token; the root token can be decommissioned after the initial set up is complete

suvajit-sarkar (Thu, 14 Oct 2021 09:47:14 GMT):
Hi All, Please free feel to join the PI Demo today (14th Oct) at 12pm GMT on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 We would be demoing the *Hyperledger Labs fabric-operations-console integration with BAF deployed HL Fabric network*

arsulegai (Wed, 20 Oct 2021 06:19:55 GMT):
@sownak any idea why in few cases we have `PersistentVolumeClaim` resource file but in few cases we have `volumeClaimTemplates`?

arsulegai (Wed, 20 Oct 2021 06:31:00 GMT):
If it is not intentional, I would like to propose and make it uniform.

SoundaryaAyyappan (Wed, 20 Oct 2021 07:53:28 GMT):
While deploying a hyperledger fabric network v2.2.0 using BAF release v.7.0.0, getting error while creating value file for orderer. Attaching the error screenshot. Can anyone pls guide me to solve the issue? Thanks in Advance!

SoundaryaAyyappan (Wed, 20 Oct 2021 07:53:39 GMT):

Screenshot from 2021-10-20 13-22-34.png

arsulegai (Wed, 20 Oct 2021 08:11:01 GMT):
@SoundaryaAyyappan I think depending on the version of Ansible, you may need to use either `indent` or `indentfirst` in the script.

SoundaryaAyyappan (Wed, 20 Oct 2021 08:14:39 GMT):
Thanks @arsulegai for your response. In the orderernode.tpl script, it is like {{ genesis | indent(width=6, indentfirst=True) }}. Can you pls confirm if I need to change it to false?

arsulegai (Wed, 20 Oct 2021 08:29:51 GMT):
From the error message, it appears to be like `indentfirst` is not an expected keyword. I remember facing similar issue, fixed in one of our working branch.

arsulegai (Wed, 20 Oct 2021 08:29:56 GMT):
Change it to `indent`

SoundaryaAyyappan (Wed, 20 Oct 2021 08:34:20 GMT):
{{ genesis | indent(width=6, indent=True) }} - Does it look right

arsulegai (Wed, 20 Oct 2021 08:35:54 GMT):
Yes, it's in the library that you have installed.

arsulegai (Wed, 20 Oct 2021 08:35:54 GMT):
Yes, the issue is in the library that you have installed. i.e. You are in advanced version which has deprecated `indentfirst`.

jagpreet (Wed, 20 Oct 2021 08:45:10 GMT):
For `StatefulSets`, its better to use `volumeClaimTemplates` so that each replica has a unique pvc attached to it. I am not sure if `PersistentVolumeClaims` will work with the `StatefulSets`

arsulegai (Wed, 20 Oct 2021 08:46:36 GMT):
In case of Hyperledger Fabric, peers have `PersistentVolumeClaims` whereas orderers have `volumeClaimTemplates`.

SoundaryaAyyappan (Wed, 20 Oct 2021 08:51:22 GMT):
okay, but I have a query. Usually I run the ansible-playbook cmd from the docker container built using the image hyperledgerlabs/baf-build. Previously I didn't see the mentioned error. Anyway the ansible version is same when we use the hyperledgerlabs/baf-build image all the time right.

jagpreet (Wed, 20 Oct 2021 08:53:10 GMT):
Yes, then this can be changed to make them both `volumeClaimTemplates`

jagpreet (Wed, 20 Oct 2021 08:57:49 GMT):
@arsulegai Thanks for finding this out. Can you create an issue mentioning the same, on the [Blockchain Automation Framework GH issue board](https://github.com/hyperledger-labs/blockchain-automation-framework)? Your contribution towards the same is highly appreciated :)

SoundaryaAyyappan (Wed, 20 Oct 2021 09:10:23 GMT):
Also, I changed like {{ genesis | indent(width=6, indent=True) }} . Still getting the error

SoundaryaAyyappan (Wed, 20 Oct 2021 09:10:44 GMT):

Screenshot from 2021-10-20 14-40-30.png

arsulegai (Wed, 20 Oct 2021 09:37:06 GMT):
Done

arsulegai (Wed, 20 Oct 2021 09:38:54 GMT):
Jinja2 3.0.1 version has this update. `{{ something | indent(width=6, first=True) }}` has worked for us.

SoundaryaAyyappan (Wed, 20 Oct 2021 09:41:04 GMT):
Ok, let me try {{ genesis | indent(width=6),first=True }}

arsulegai (Wed, 20 Oct 2021 09:43:00 GMT):
If it doesn't work, you need to check the version compatibility. You can increase log verbosity.

SoundaryaAyyappan (Wed, 20 Oct 2021 09:47:03 GMT):
yeah ok

suvajit-sarkar (Wed, 20 Oct 2021 10:00:01 GMT):
Hi All, BAF release 0.10.0 is ready. You can find the changelog in the below link https://github.com/hyperledger-labs/blockchain-automation-framework/releases/tag/v0.10.0.0

SoundaryaAyyappan (Wed, 20 Oct 2021 12:53:22 GMT):
@arsulegai Like you said, I checked for the jinja version, it is v3.0.2. So changed indentfirst to first. It worked. Thanks!

arsulegai (Wed, 20 Oct 2021 15:50:38 GMT):
Awesom! Happy it helped

hiroyukihonda (Thu, 21 Oct 2021 07:10:35 GMT):
validator

weihong.ou (Thu, 21 Oct 2021 18:03:59 GMT):
Has joined the channel.

hiroyukihonda (Fri, 22 Oct 2021 11:44:02 GMT):
Hi, Currently I'm trying BAF v0.10.0.0. * platform: Quorum * consensus: Raft * transaction manager: Tessera So I realized that I can specify `validator` and` member` for `organization.services.peers.peer.type` in network.yaml. Would you please check the following? 1. What is the difference between `validator` and` member`? Also, if you have any documentation, please let me know. 2. When `validator` is specified, the Pod/Container of Tessera was not created. Is this correct?

sownak (Fri, 22 Oct 2021 13:59:03 GMT):
@hiroyukihonda thanks for using BAF and letting us know. Please note there is an open bug on release 0.10 for quorum : https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1703 and validators are only applicable for IBFT not for RAFT.

hiroyukihonda (Sat, 23 Oct 2021 02:45:28 GMT):
@sownak Thank you for reply.　I understand that in the case of raft, we need to specify `member` for type. Let me ask you more questions. *1. Error when executing BAF* An error occurs when getting the kv of the vault in `quorum/configuration/roles/create/tessera/tasks/nested_enode_data.yaml` below. https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/quorum/configuration/roles/create/tessera/tasks/nested_enode_data.yaml#L20 In the 1st loop (member/validator_main.yaml : 1st org), KV exists in the path of `org1/crypto/org1-peer/quorum`, so it succeeds. But in the 2nd loop (member/validator_main.yaml : 2nd org), `[org1]/crypto/org2-peer/quorum` I think it will fail because KV does not exist in the path. ( KV exists in [org2]/crypto/org2-peer/quorum`.) Perhaps the `org.name` in the above file should be `org1.name`. * 2. quorum node does not start * quorum log below. `DEBUG[10-21|12:08:37.690] Failed to decode keystore key path=/etc/quorum/qdata/dd/keystore/keystore_1 err="invalid character 'i' looking for beginning of value"`

hiroyukihonda (Sat, 23 Oct 2021 02:45:28 GMT):
@sownak Thank you for reply.　I understand that in the case of raft, we need to specify `member` for type. Let me ask you more questions. *1. Error when executing BAF* An error occurs when getting the kv of the vault in `quorum/configuration/roles/create/tessera/tasks/nested_enode_data.yaml` below. https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/quorum/configuration/roles/create/tessera/tasks/nested_enode_data.yaml#L20 In the 1st loop (member/validator_main.yaml : 1st org), KV exists in the path of `org1/crypto/org1-peer/quorum`, so it succeeds. But in the 2nd loop (member/validator_main.yaml : 2nd org), `[org1]/crypto/org2-peer/quorum` I think it will fail because KV does not exist in the path. ( KV exists in [org2]/crypto/org2-peer/quorum`.) Perhaps the `org.name` in the above file should be `org1.name`. *2. quorum node does not start* quorum log below. `DEBUG[10-21|12:08:37.690] Failed to decode keystore key path=/etc/quorum/qdata/dd/keystore/keystore_1 err="invalid character 'i' looking for beginning of value"` The vault contains the raw json, so `base64 -d` may not be needed. Below is the part. https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/quorum/charts/node_quorum_validator/templates/deployment.yaml#L111

hiroyukihonda (Sat, 23 Oct 2021 02:45:28 GMT):
@sownak Thank you for reply.　I understand that in the case of raft, we need to specify `member` for type. Let me ask you more questions. *1. Error when executing BAF* An error occurs when getting the kv of the vault in `quorum/configuration/roles/create/tessera/tasks/nested_enode_data.yaml` below. https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/quorum/configuration/roles/create/tessera/tasks/nested_enode_data.yaml#L20 In the 1st loop (member/validator_main.yaml : 1st org), KV exists in the path of `org1/crypto/org1-peer/quorum`, so it succeeds. But in the 2nd loop (member/validator_main.yaml : 2nd org), `[org1]/crypto/org2-peer/quorum` I think it will fail because KV does not exist in the path. ( KV exists in [org2]/crypto/org2-peer/quorum`.) Perhaps the `org.name` in the above file should be `org1.name`. *2. quorum node does not start* quorum log below. `DEBUG[10-21|12:08:37.690] Failed to decode keystore key path=/etc/quorum/qdata/dd/keystore/keystore_1 err="invalid character 'i' looking for beginning of value"` The vault contains the raw json, so `base64 -d` may not be needed. Below is the part. https://github.com/hyperledger-labs/blockchain-automation-framework/blob/main/platforms/quorum/charts/node_quorum_validator/templates/deployment.yaml#L111 I'm sorry if I made a mistake in the settings, but please check it.

suvajit-sarkar (Mon, 25 Oct 2021 07:48:45 GMT):
Agreed on both the points will create bug to resolve these. If you have the solution ready, it will be great if you can create a PR

suvajit-sarkar (Tue, 26 Oct 2021 08:45:34 GMT):
Bug create for the same https://github.com/hyperledger-labs/blockchain-automation-framework/issues/1721

SoundaryaAyyappan (Sat, 30 Oct 2021 05:39:41 GMT):
I am trying to add a new org to the hyperledger fabric network (v2.2.0) using BAF release v0.9.0.0. Getting the below error which I haven't observed previously. Attaching the screenshot of the error below. Can anyone please guide me to solve the issue? Thanks.

SoundaryaAyyappan (Sat, 30 Oct 2021 05:39:48 GMT):

Screenshot from 2021-10-30 11-07-49.png

sownak (Mon, 01 Nov 2021 16:32:34 GMT):
#blockchain-automation-framework I have just merged a big PR which adds copyright info to all code and readme files. In case you have created any file and/or updated, please go ahead and add your name to the copyright. Going forward please use the template for all new files.

sownak (Mon, 01 Nov 2021 17:06:33 GMT):
This is in preparation for BAF being proposed as a top-level project.

sownak (Thu, 04 Nov 2021 16:22:39 GMT):
Hello Everyone, happy to share the good news. BAF has been accepted by TSC unanimously as a top level project. Request participants/users/sponsors to suggest new name for the product. here are some guidelines https://docs.google.com/document/d/1P__qAcWL-CYHZGozKpS8WCyQ3brTpBweFfUwYzEZD0w/edit

Bobbijn (Thu, 04 Nov 2021 19:17:14 GMT):
Congratulations on becoming a top level project!. I would like to extend an invitation for your team to give a short presentation to the Learning Materials Working Group so we may help spread the word. We have time at our November 29th meeting. Let me know if that works. By the way if you are taking ideas for a name, I think SPROUT would be a great one. Bobbi Muscara

Bobbijn (Thu, 04 Nov 2021 19:18:03 GMT):
:seedling:

sownak (Fri, 05 Nov 2021 09:23:11 GMT):
All suggestions welcome :)

nkaramolegos (Fri, 05 Nov 2021 13:38:33 GMT):
What is a top-level project?

sownak (Fri, 05 Nov 2021 15:41:12 GMT):
Like Hyperledger Fabric, Hyperledger Indy

nkaramolegos (Mon, 08 Nov 2021 10:05:48 GMT):
I want to deploy network with M orgs (an org can be in different cluster but for start I will use one kind cluster for all). Also, I need one more org as orderer org. All these M+1 orgs will be part of all the channels. A new channel will be added after request and all these orgs have to join the channel with a new chaincode. Finally, I would like to update the chaincode of the channel via request and more important I want to have access to these channel using only - one - SDK gateway client. Can I do that using BAF? PS: I need all the TLS and ECerts CA to be deployed

nkaramolegos (Mon, 08 Nov 2021 10:05:48 GMT):
I want to deploy network with M orgs (an org can be in different cluster but for start I will use one kind cluster for all). Also, I need one more org as orderer org. All these M+1 orgs will be part of all the channels. A new channel will be added after request and all these orgs have to join the channel with a new chaincode. Finally, I would like to update the chaincode of the channels after a specific request and more important I want to have access to these channel using only - one - SDK gateway client. Can I do that using BAF? PS: I need all the TLS and ECerts CA to be deployed

sownak (Mon, 08 Nov 2021 16:00:03 GMT):
Yes, everything is standard feature in BAF. Except single client.

sownak (Mon, 08 Nov 2021 16:00:03 GMT):
Yes, everything is standard feature in BAF. Except single client. In BAF, when you deploy a restserver, it will only use the specific Org User details to connect. If you want to connect to all peers from a single restserver, you have to gather all user certificates and update the fabricconnection.yaml yourself, BAF will not do it.

nkaramolegos (Tue, 09 Nov 2021 12:05:57 GMT):
so I have to build my connection profile file by myself for the network configuration? Why the BAF does not produce that? What is the alternative to single client for the given use case in order to be compatible with the BAF logic?

sownak (Tue, 09 Nov 2021 12:15:50 GMT):
BAF is created for Production networks where different organizations are never ever going to share their credentials with each other. Alternative is to create your own rest-server and copy the certificates from Vault manually.

nkaramolegos (Tue, 09 Nov 2021 12:51:00 GMT):
I am not sure that you understand my question, I probably did not put it correctly. Let me explain again, I don't want to use one fabric sdk client for all the organization. I would like to use one client (belonging for example to org1) to have access to all the channel where the org1 participate (i.e all the channels)

sownak (Tue, 09 Nov 2021 12:54:47 GMT):
Even for that you have to create your own connection profile. Example can be found in `examples/supplychain-app/charts/fabric-restserver/templates/configmap.yaml` file, but as this is an example, the channel information is hard-coded. But it should be possible if you edit this file with your additional channels, or update the helm template to iterate on a list of channels.

nkaramolegos (Tue, 09 Nov 2021 12:55:39 GMT):
Ok, thanks. I will take a look

nkaramolegos (Tue, 09 Nov 2021 12:55:55 GMT):
I understand that in some way BAF can support that

jvdacasin (Wed, 10 Nov 2021 03:29:41 GMT):
Hello team, I am about to deploy BAF on a Kubernetes instance for a DEV Environment. My question is what is the minimum cluster parameters needed for best working optimized environment. I will be using 2 nodes and am not sure about the instance types. In my local machine, BAF takes about 15-20GB of storage and takes about most of my 8GB RAM. Just asking what would be the best minimum specs for a BAF DEV environment, given there'll be devs who will connect to it and deploy chaincodes after BAF is deployed.

ffabregas (Wed, 10 Nov 2021 04:01:10 GMT):
Has joined the channel.

ffabregas (Wed, 10 Nov 2021 04:01:11 GMT):
Hi Team, We will be deploying Vault for a BAF cluster in AWS. Is there a dedicated storage needed for its vault? If yes, what would be the best storage for a DEV environment? S3 or RDS? Thanks.

jagpreet (Wed, 10 Nov 2021 09:00:07 GMT):
Hello @jvdacasin Thanks for using Blockchain Automation Framework Yes, for local deployments, it will use up all the 8GB of ram (minikube) I will get back to you on this soon.

jagpreet (Wed, 10 Nov 2021 09:11:47 GMT):
Hi @ffabregas This is a Hashicorp Vault question. RDS cannot be used as it is not a relational database. The choice to go without a dedicated storage, or to use S3 or other storage medium, is dependent on your usecase and requirements.

jvdacasin (Wed, 10 Nov 2021 09:23:18 GMT):
Thanks Jagpreet as always! Will wait for the confirmation, because we will be deploying BAF on an AWS Kubernetes Cluster, and we need an idea what's the minimum specification it can work for cloud. (1 node for the main platform and 1 node for a Business Unit) If you have further clarifications needed please let us know.

jagpreet (Wed, 10 Nov 2021 09:43:45 GMT):
Hi @jvdacasin I think 2 t2.large instances are good to start with, for dev environment.

sownak (Wed, 10 Nov 2021 09:51:05 GMT):
I would like to correct some of statements made by @jvdacasin . BAF does not use 15-20GB storage and 8GB RAM, it is your Kubernetes Cluster that is using 15-20GB Storage and 8GB RAM. BAF is a deployment tool and it's size is same as the size of the Repo, the additional storage that BAF needs is respective to the tools like ansible, jq, vault client that it will use. So the statement that 'BAF uses 8GB RAM or 15GB storage' is wrong

jvdacasin (Wed, 10 Nov 2021 10:16:53 GMT):
Alright, thanks team. what I meant there was, if we will have same configurations we have done in the Cluster like the ansible, vault, etc. and the same expected results will be deployed (We will be using Fabric).

sownak (Wed, 10 Nov 2021 10:19:15 GMT):
As @jagpreet mentioned, you can start with two worker nodes and if things don't work, increase the number of nodes, or decrease if your worker nodes are not used 100%. That is why we use cloud computing.

jvdacasin (Wed, 10 Nov 2021 10:27:13 GMT):
Thanks Sownak! Jagpreet!

nkaramolegos (Wed, 10 Nov 2021 16:31:55 GMT):
So by studying the helm charts and the configmap yaml I understand that each time a new channel is added the application have to stop running in order to parse the new configmap.yaml file (with the new channel) and make the client to connect to the additional new channel. Correct? PS: I am not sure if the networks stop too.

sownak (Wed, 10 Nov 2021 16:33:31 GMT):
Only the client. The network will not be affected if you restart your rest-server

arsulegai (Mon, 15 Nov 2021 11:35:35 GMT):
Hi, has anybody had an issue with scaling the CouchDB PVC scaling? @sownak @suvajit-sarkar

arsulegai (Mon, 15 Nov 2021 11:35:35 GMT):
Hi, has anybody had an issue with scaling the CouchDB PVC? @sownak @suvajit-sarkar

nkaramolegos (Tue, 16 Nov 2021 13:17:44 GMT):
I am back. I studies BAF and I saw that I can create channels after the network has started and can add existing orgs to a channel without affect the other already running channels. So far so good. I think that I am correct. However, I have not seen anything about the identities in the wallet. Ideally, as I have mentioned before, I would like to use a client belonging to org1 i.e register a user to org1 who can have multiple identities. Each identity of the user will be used for each of the channels. So using ID1 can have access to channel0 and not channel1 etc. Something like that https://hyperledger-fabric.readthedocs.io/fa/latest/developapps/wallet.html Can I do that?

sownak (Tue, 16 Nov 2021 17:32:37 GMT):
Vote for our toplevel project name https://www.smartsurvey.co.uk/s/VC3YIG/

sownak (Wed, 17 Nov 2021 09:11:15 GMT):
I do not think BAF supports this. If you are able update BAF to support this then please submit a PR with the changes. It will be a great feature.

sownak (Wed, 17 Nov 2021 09:12:21 GMT):
dont think anyone reported any issue with that.

sownak (Wed, 17 Nov 2021 09:14:31 GMT):
User identities and roles are supported by the new `manage-user-certificate.yaml` playbook available in the develop branch.

jvdacasin (Wed, 17 Nov 2021 10:34:30 GMT):

Clipboard - November 17, 2021 5:48 PM

jvdacasin (Wed, 17 Nov 2021 10:37:22 GMT):

Docker Image from BAF

jvdacasin (Wed, 17 Nov 2021 10:38:00 GMT):
this is giving us an error during our run

jvdacasin (Wed, 17 Nov 2021 10:38:00 GMT):
this is giving us an error during our run, maybe there's a new image for it

jvdacasin (Wed, 17 Nov 2021 10:38:52 GMT):

network.yaml

sownak (Wed, 17 Nov 2021 11:51:11 GMT):
The browser link is https://hub.docker.com/repository/docker/hyperledgerlabs/baf-build That is the docker hub index, it may have changed, so please google

jvdacasin (Wed, 17 Nov 2021 11:51:22 GMT):

here's the sample error on our logs

sownak (Wed, 17 Nov 2021 11:52:14 GMT):
That is not a "docker hub error"

jvdacasin (Wed, 17 Nov 2021 11:54:02 GMT):

Here's our cluster role binding error

jvdacasin (Wed, 17 Nov 2021 11:54:53 GMT):

Latest events

jvdacasin (Wed, 17 Nov 2021 11:55:18 GMT):
Alright.. can you kindly shed some light Sownak? Thank you

sownak (Wed, 17 Nov 2021 11:55:45 GMT):
[ ](https://chat.hyperledger.org/channel/blockchain-automation-framework?msg=TBfbxpY9WH9vMXePn) This error means there are errors with your Vault connectivity or authentication. If docker image was a problem, the container would not have started.

ayham (Wed, 17 Nov 2021 14:54:43 GMT):
Hi all, I'm using BAF to deploy a HLF blockchain. I'm hoping that someone can clarify something for me please :) Is it possible to declare more than one orderer organization in the configuration file? In the supplied samples I can only recognize the definition of one orderer organization (supplychain). And in the channel declaration part of the configuration file, where it says orderer, the passed value is a single value, not a list https://github.com/hyperledger-labs/blockchain-automation-framework/blob/88a876a2f135c7d2180f1653a20f49d994cb3fa7/platforms/hyperledger-fabric/configuration/samples/network-fabricv2.yaml#L58 What I want is to have 2 orderers that come from 2 different ordering organizations (supplychain1 and supplychain2 for example) and each of those 2 orderers is serving one of 2 endorser organizations with peer1.org1 and peer2.org. Is this possible? Thanks in advance

priamv (Thu, 18 Nov 2021 00:19:53 GMT):
Has joined the channel.

jvdacasin (Thu, 18 Nov 2021 09:30:55 GMT):
@sownak thanks, this was resolved already. We had an extra / at end of our vault configuration on the network.yaml Thanks!

akoita (Thu, 18 Nov 2021 09:31:26 GMT):
Has joined the channel.

jvdacasin (Thu, 18 Nov 2021 14:23:33 GMT):

ca.crt error

jvdacasin (Thu, 18 Nov 2021 14:23:48 GMT):
Hi team, Just curious about this files on the build folder because currently on our BAF run we're getting some quite errors about copying tls ca.crt, In minikube, there is a ca.crt file that needs to be generated to the build folder as a prerequisite. *cp ~/.minikube/ca.crt build/* Is this the same case in AWS EKS? In AWS we can find this ca.crt explicitly indicated on the *config* file found in ~/.kube/config. We're thinking if this shall be manually put on the folder of /home/blockchain-automation-framework/build before the shell script run Any confirmation pls?

jvdacasin (Thu, 18 Nov 2021 14:23:48 GMT):
Hi team, Just curious about this files on the build folder because currently on our BAF run we're getting some quite errors about copying tls ca.crt, In minikube, there is a ca.crt file that needs to be manually put to the build folder as a prerequisite. *cp ~/.minikube/ca.crt build/* Is this the same case in AWS EKS? In AWS we can find this ca.crt explicitly indicated on the *config* file found in ~/.kube/config. We're thinking if this shall be manually put on the folder of /home/blockchain-automation-framework/build before the shell script run, too. Any confirmation pls?

jvdacasin (Thu, 18 Nov 2021 14:24:41 GMT):

ca.crt error

jvdacasin (Thu, 18 Nov 2021 14:24:44 GMT):
here's the screenshot of our error. We think we're almost finish on the run

AshokkumarMdx (Thu, 18 Nov 2021 17:51:49 GMT):
Has joined the channel.

AshokkumarMdx (Thu, 18 Nov 2021 17:51:50 GMT):
HI I am getting error while running docker image for fabric https://blockchain-automation-framework.readthedocs.io/en/latest/developer/docker-build.html docker run -it -v $(pwd):/home/blockchain-automation-framework/ hyperledgerlabs/baf-build TASK [setup/kubectl : Changing the current context namespace to default] ******************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/kubectl/tasks/main.yaml:61 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=cluster_config kubectl config use-context cluster_context\nKUBECONFIG=cluster_config kubectl config set-context --current --namespace=default\n", "delta": "0:00:00.122098", "end": "2021-11-18 16:20:51.082244", "msg": "non-zero return code", "rc": 1, "start": "2021-11-18 16:20:50.960146", "stderr": "W1118 16:20:51.021214 526 loader.go:223] Config not found: cluster_config\nerror: no context exists with the name: \"cluster_context\"\nW1118 16:20:51.079808 531 loader.go:223] Config not found: cluster_config\nerror: no current context is set", "stderr_lines": ["W1118 16:20:51.021214 526 loader.go:223] Config not found: cluster_config", "error: no context exists with the name: \"cluster_context\"", "W1118 16:20:51.079808 531 loader.go:223] Config not found: cluster_config", "error: no current context is set"], "stdout": "", "stdout_lines": []} pls help

kaveri (Fri, 19 Nov 2021 08:20:18 GMT):
Hi Ashok, there's likely an error in your _kube config file_. Could you please check if your kube config file has correct context name and namespace? Also, if you could check the path to this file in your network configuration under *k8s*?

kaveri (Fri, 19 Nov 2021 08:20:18 GMT):
Hi Ashok, there's likely an error in your _kube config file_ . Could you please check if your kube config file has correct context name and namespace? Also, if you could check the path to this file in your network configuration under *k8s*?

kaveri (Fri, 19 Nov 2021 08:20:18 GMT):
Hi Ashok, there's likely an error in your _kube config file_ . Could you please check if your kube config file has correct context name, current context and namespace? Also, if you could check the path to this file in your network configuration under *k8s*?

kaveri (Fri, 19 Nov 2021 08:20:18 GMT):
Hi Ashok, there's likely an error in your _kube config file_ . Could you please check if your kube config file has correct *context name* , *current context* and *namespace* ? Also, if you could check the path to this file in your network configuration under *k8s*?

sownak (Fri, 19 Nov 2021 10:29:29 GMT):
With current features in BAF for Fabric, this is possible only when you add a new orderer organization after the genesis network has been set up. Please check the Fabric Operations Guides here https://blockchain-automation-framework.readthedocs.io/en/latest/operationalguide.html#fabric-operations

hoang-tranviet (Fri, 19 Nov 2021 11:25:36 GMT):
Thank you for your answer. This is a bit unfortunate since having orderers on different organizations is essential for a meaningful and realistic blockchain deployment. I also wonder if an organization could only be of either `orderer type` or `peer type`. Could we have an organization that consists of both orderers and peers?

sownak (Fri, 19 Nov 2021 11:49:58 GMT):
We will definitely appreciate if you can submit a PR with the requested changes. For an org to support both peers and orderers, they have to be logically separated in the network.yaml, you can use the same CA though.

AshokkumarMdx (Fri, 19 Nov 2021 13:04:47 GMT):
Thank you Kaveri for your quick response, Will check as per your suggestion.

ayham (Fri, 19 Nov 2021 15:39:56 GMT):
Thanks a lot for your answer :)

nkaramolegos (Mon, 22 Nov 2021 14:36:14 GMT):
So what is the state of the dev branch? What should I change/add in order to support the aforementioned functionality?

sownak (Mon, 22 Nov 2021 14:37:25 GMT):
dev branch has the latest code, which has not been released as a release yet. so you can raise a PR on dev branch

nkaramolegos (Mon, 22 Nov 2021 15:36:09 GMT):
No, I meant what exactly is missing so I can construct it. Maybe a brief description of the steps

sownak (Mon, 22 Nov 2021 16:54:19 GMT):
For starters, you can create an issue on BAF for your story "I would like to use a client belonging to org1 i.e register a user to org1 who can have multiple identities. Each identity of the user will be used for each of the channels. So using ID1 can have access to channel0 and not channel1 etc. " Then You can add the manual steps on how to do it. After that you pr anyone from the community can discuss automation of those steps.

AshokkumarMdx (Mon, 22 Nov 2021 19:59:53 GMT):
HI Kaveri,

AshokkumarMdx (Mon, 22 Nov 2021 20:02:59 GMT):
Updated kube config file as you suggested apiVersion: v1 contexts: - context: cluster: revenuebaf namespace: default user: clusterUser_rsg-hlf_revenuebaf name: revenuebaf current-context: revenuebaf Still got the following error TASK [setup/kubectl : Changing the current context namespace to default] ******************************************************************************************************************** task path: /home/blockchain-automation-framework/platforms/shared/configuration/roles/setup/kubectl/tasks/main.yaml:61 fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=~/.kube/config kubectl config use-context revenuebaf\nKUBECONFIG=~/.kube/config kubectl config set-context --current --namespace=default\n", "delta": "0:00:00.112443", "end": "2021-11-22 19:51:03.161520", "msg": "non-zero return code", "rc": 1, "start": "2021-11-22 19:51:03.049077", "stderr": "W1122 19:51:03.101122 538 loader.go:223] Config not found: /root/.kube/config\nerror: no context exists with the name: \"revenuebaf\"\nW1122 19:51:03.159093 543 loader.go:223] Config not found: /root/.kube/config\nerror: no current context is set", "stderr_lines": ["W1122 19:51:03.101122 538 loader.go:223] Config not found: /root/.kube/config", "error: no context exists with the name: \"revenuebaf\"", "W1122 19:51:03.159093 543 loader.go:223] Config not found: /root/.kube/config", "error: no current context is set"], "stdout": "", "stdout_lines": []}

kaveri (Tue, 23 Nov 2021 09:51:54 GMT):
Hi Ashok, thanks for trying out the suggestions. Could you please confirm if your K8s config file is in build folder in the root directory of your repo? Here's the link for your reference ``` https://blockchain-automation-framework.readthedocs.io/en/latest/developer/docker-build.html#running-the-docker-and-provisioning-script ```

kaveri (Tue, 23 Nov 2021 09:51:54 GMT):
Hi Ashok, thanks for trying out the suggestions. Could you please confirm if your K8s config file is in build folder in the root directory of your repo? Here's the link for your reference: https://blockchain-automation-framework.readthedocs.io/en/latest/developer/docker-build.html#running-the-docker-and-provisioning-script ``` ```

kaveri (Tue, 23 Nov 2021 09:51:54 GMT):
Hi Ashok, thanks for trying out the suggestions. Could you please confirm if your K8s config file is in build folder in the root directory of your repo? Here's the link for your reference: https://blockchain-automation-framework.readthedocs.io/en/latest/developer/docker-build.html#running-the-docker-and-provisioning-script

AshokkumarMdx (Tue, 23 Nov 2021 20:05:49 GMT):

Bafconfig .jpg

AshokkumarMdx (Tue, 23 Nov 2021 20:06:05 GMT):
fatal: [localhost]: FAILED! => {"changed": true, "cmd": "KUBECONFIG=~/.kube/config kubectl config use-context revenuebaf\nKUBECONFIG=~/.kube/config kubectl config set-context --current --namespace=default\n", "delta": "0:00:00.101220", "end": "2021-11-23 20:05:30.665486", "msg": "non-zero return code", "rc": 1, "start": "2021-11-23 20:05:30.564266", "stderr": "W1123 20:05:30.612385 536 loader.go:223] Config not found: /root/.kube/config\nerror: no context exists with the name: \"revenuebaf\"\nW1123 20:05:30.663731 541 loader.go:223] Config not found: /root/.kube/config\nerror: no current context is set", "stderr_lines": ["W1123 20:05:30.612385 536 loader.go:223] Config not found: /root/.kube/config", "error: no context exists with the name: \"revenuebaf\"", "W1123 20:05:30.663731 541 loader.go:223] Config not found: /root/.kube/config", "error: no current context is set"], "stdout": "", "stdout_lines": []}

suvajit-sarkar (Wed, 24 Nov 2021 06:25:11 GMT):
in the error its looking from kube config file in root folder, you need to change the network.yaml file to point it to config file in which you have put in the build folder

suvajit-sarkar (Wed, 24 Nov 2021 06:25:11 GMT):
in the error its looking from kube config file in root folder, you need to change the network.yaml file k8s config_file path to point it to the config file in which you have put in the build folder

suvajit-sarkar (Wed, 24 Nov 2021 06:25:11 GMT):
in the error its looking from kube config file in root folder, you need to change the network.yaml file's k8s.config_file value to the path of config file in which you have put in the build folder

suvajit-sarkar (Wed, 24 Nov 2021 06:25:11 GMT):
in the error its looking from kube config file in root kube default folder, you need to change the network.yaml file's k8s.config_file value to the path of config file, which you have put in the build folder

SoundaryaAyyappan (Wed, 24 Nov 2021 13:21:09 GMT):
Using BAF release v0.9.0.0, I am trying to add a new org in hyperledger fabric network (Fabric v2.2.0). Till the git push of the ca server files, everything works good. But the CA Server Pod has not come up. So, I tried re-installing the flux. Then after 20 minutes, the CA Server pod got created. Now the same latency is observed in CA-Tools Pods. Can anyone explain me the reason of this latency?

sownak (Wed, 24 Nov 2021 16:08:42 GMT):
What do you mean by latency?

SoundaryaAyyappan (Thu, 25 Nov 2021 05:18:23 GMT):
I meant the time taken for the pods to get deployed is taking about 20-25 mins after the value files for CA, Peer got pushed to the github repo

sownak (Thu, 25 Nov 2021 09:17:56 GMT):
You have to check the Flux logs and the Kubernetes logs for that. BAF does not have any control over that. The default Flux sync wait time is 2 minutes in BAF.

jimthematrix (Mon, 29 Nov 2021 00:46:32 GMT):
Has joined the channel.

krishnabayanna (Wed, 01 Dec 2021 12:43:56 GMT):
Has joined the channel.

krishnabayanna (Wed, 01 Dec 2021 12:43:57 GMT):
Please let me know is Docker toolbox is Mandatory for BAF , is Docker Desktop works fine ? Docker toolbox is depreicated from Docker community now. Please let me @ earliest.

kaveri (Wed, 01 Dec 2021 16:07:37 GMT):
Hi Krishna, Docker Desktop is indeed the recommendation for Mac and Windows, and should work fine for BAF. Toolbox isn't mandatory.

sownak (Mon, 06 Dec 2021 10:31:37 GMT):
Hello All, today's sprint planning is cancelled because of holidays and leaves.

ksinkar (Tue, 07 Dec 2021 03:55:37 GMT):
Has joined the channel.

rjones (Wed, 08 Dec 2021 16:34:28 GMT):
Room name changed to: bevel by rjones

tkuhrt (Wed, 08 Dec 2021 16:59:56 GMT):
Discussion on Hyperledger Bevel

tkuhrt (Wed, 08 Dec 2021 16:59:56 GMT):
https://github.com/hyperledger/bevel

Vgkmanju (Tue, 14 Dec 2021 17:02:54 GMT):
Hi all, Currently I am implementing (hyperledger fabric 2.2) chaincode deployment as external service in kubernetes cluster by manually login to peercli pod and run all the install, approve, commit, init invoke operations. I went through BAF codebase, it has chaincode deployment without external service. Is there any way to automate (hyperledger fabric 2.2.x) chaincode deployment as external service in kubernetes cluster?

jagpreet (Wed, 15 Dec 2021 08:39:52 GMT):
Hello @Vgkmanju Thanks for checking out Bevel codebase. We are currently working on incorporating external chanincode. Here's the [issue](https://github.com/hyperledger/bevel/issues/1523) for the same.

Vgkmanju (Thu, 16 Dec 2021 05:06:16 GMT):
Hi, thanks for your response.

SeanBohan (Fri, 17 Dec 2021 19:57:57 GMT):
Has joined the channel.

Gowtham_Paramasivam (Sat, 18 Dec 2021 06:17:07 GMT):
Has joined the channel.

knagware9 (Mon, 20 Dec 2021 03:51:43 GMT):
@sownak Hi Sownak, Do you have some information about using Bavel in kubernetes cluster deployed in private cloud env.? I mean Kubernetes cluster created using KUbeadm .

hiroyukihonda (Mon, 20 Dec 2021 10:03:16 GMT):
Hi, Let me ask you some questions. * About GitOps(flux) in Bevel I think Bevel's primary purpose is to build a DLT environment that is compatible with various Blockchain Platforms securely and quickly.I recognize that GitOps (flux) will be used in the process, but is there any merit in using GitOps (flux) once the environment is built? Basically, I think the DLT environment doesn't generate as much CD as the application. * What to do if the Bevel version goes up If the version of Bevel goes up and there is a change in the configuration of K8s resources, is there any best practice expected for the version upgrade?

angela.alagbe (Tue, 21 Dec 2021 08:49:06 GMT):
Hi @hiroyukihonda, flux is meant to be used for development environment to make sure the state of your kubernetes clusters matches what is in your config file so if you are working in the production environment then the flux won't be needed anymore.

jagpreet (Wed, 22 Dec 2021 07:07:06 GMT):
Hi @knagware9 You can use Bevel in private k8's clusters as well. All you have to do is modify the storageclass as mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass.html)

jagpreet (Wed, 22 Dec 2021 07:07:06 GMT):
Hi @knagware9 You can use Bevel in private k8's clusters as well. You have to modify the storageclass as mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass.html)

jagpreet (Wed, 22 Dec 2021 09:41:57 GMT):
[GitOps(flux) in Bevel] Yes, there are scenarios where flux is being used once the `initial` network is setup. There are situations where we need to add new organizations, remove existing ones, add peers, create channels (specific to Hyperledger Fabric) and similar operations. You can refer to the [operations guide](https://hyperledger-bevel.readthedocs.io/en/latest/operationalguide.html) for the list of operations you can perform.

jagpreet (Wed, 22 Dec 2021 09:41:57 GMT):
[GitOps(flux) in Bevel] Yes, there are scenarios where flux is being used once the `initial` network is setup. There are situations where we need flux, like where we want to add new organizations, remove existing ones, add peers, create channels (specific to Hyperledger Fabric) and similar operations. You can refer to the [operations guide](https://hyperledger-bevel.readthedocs.io/en/latest/operationalguide.html) for the list of operations you can perform.

jagpreet (Wed, 22 Dec 2021 09:46:09 GMT):
[Bevel version] Bevel version upgrades can include configurational changes, bugfixes & enhancements, version upgrades (one or more of them), thus there is no clear way of upgrading the versions as there is no clear way of the version upgrades/bugfixes for the underlying technologies. Any community discussions/suggestions, around the same, is really helpful.

jagpreet (Wed, 22 Dec 2021 09:46:09 GMT):
[Bevel version] Bevel version upgrades can include configurational changes, bugfixes & enhancements, version upgrades (one or more of them). Thus there is no clear way of upgrading the versions as there is no clear way of the version upgrades/bugfixes for the underlying technologies. Any community discussions/suggestions, around the same, is really helpful.

knagware9 (Wed, 22 Dec 2021 17:29:01 GMT):
Okay Thanks @jagpreet

hiroyukihonda (Fri, 24 Dec 2021 04:58:05 GMT):
@jagpreet Thanks a lot for your answer :smiley: I find it difficult to upgrade Bevel. I imagine that the procedure will be as follows. 1. Add a peer to the organization with the new Bevel version. 2. Wait for the ledger data to propagate to the new Peer node. 3. Remove an existing Peer created with an older Bevel version.

Anthony022 (Sun, 26 Dec 2021 05:37:04 GMT):
Has joined the channel.

Anthony022 (Sun, 26 Dec 2021 05:37:04 GMT):
Hola, hay un curso para implementar hyperledger bevel?

Anthony022 (Sun, 26 Dec 2021 23:15:29 GMT):
Hola,

Anthony022 (Sun, 26 Dec 2021 23:17:45 GMT):
Hola, soy nuevo en el despliegue de HF en Bevel, habra algun curso para tener mas informacion sobre esto?

Anthony022 (Sun, 26 Dec 2021 23:18:28 GMT):
Hi, I am new to HF deployment in Bevel, is there a course to learn more about it?

jagpreet (Mon, 27 Dec 2021 08:36:44 GMT):
@hiroyukihonda yes, that solution is perfectly fine, but only when upgradation of Bevel version doesn't involve upgradation of Fabric version itself. Because, there can be scenarios where we will see Fabric version upgrade as well, with the Bevel upgrade. In those scenarios, we should be checking Fabric documentation on incrementing the version.

jagpreet (Mon, 27 Dec 2021 08:38:52 GMT):
@Anthony022 Thanks for showing interest in Hyperledger Bevel. You can refer to our [developer guide](https://hyperledger-bevel.readthedocs.io/en/latest/developerguide/#) for in-depth tutorials on Fabric deployment using Bevel.

vinodhini (Thu, 30 Dec 2021 11:47:39 GMT):
Has joined the channel.

vinodhini (Thu, 30 Dec 2021 11:47:39 GMT):
Hi How to install Bevel in our system?

sownak (Mon, 03 Jan 2022 05:15:55 GMT):
Hello @vinodhini , thanks for your interest in Bevel. Bevel is not an installable, Bevel is a tool to deploy DLT platforms. You can read about the details on how to use Bevel at https://hyperledger-bevel.readthedocs.io/en/latest/

mateokurti (Wed, 05 Jan 2022 15:57:37 GMT):
Has joined the channel.

gaurav471 (Wed, 05 Jan 2022 21:30:33 GMT):
Has joined the channel.

gaurav471 (Wed, 05 Jan 2022 21:30:34 GMT):
Hi @sownak I see, Bevel is supporting fabric 2.2.2. What is the plan for latest release of Fabric 2.4.x. I am planning to use bevel, but having this extra thought.

Mahadevan 3 (Wed, 05 Jan 2022 21:43:54 GMT):
Has joined the channel.

tkuhrt (Wed, 05 Jan 2022 22:04:15 GMT):
I am not sure what the plan is to support 2.4.x; however, I would note that: "v2.2 is the current LTS releases with patch releases quarterly. v1.4 LTS went end of support in April 2021. Production users are encouraged to use v2.2, users who want to try new features are encouraged to use v2.3 and v2.4.0-alpha and provide feedback." So for production, the Fabric community recommends sticking with the v2.2.x line

tkuhrt (Wed, 05 Jan 2022 22:05:10 GMT):
I am sure the Bevel community would appreciate any PRs that might help advance the support for other versions of Fabric

gaurav471 (Wed, 05 Jan 2022 22:06:46 GMT):
Thank you @tkuhrt. We are developing our application using fabric 2.2 only. But we are liking some features of 2.4. So I was asking.

gaurav471 (Wed, 05 Jan 2022 22:07:08 GMT):
We are sticking with 2.2, so likely to use it.

tkuhrt (Wed, 05 Jan 2022 22:09:12 GMT):
I did find [this issue](https://github.com/hyperledger/bevel/issues/1765), which is a spike for Explore and investigate ongoing version upgrade for HL Fabric network. It does not mention 2.4.x though so not sure if I am reading the issue correctly.

jagpreet (Thu, 06 Jan 2022 08:55:57 GMT):
Yes @tkuhrt , we are currently sticking to the Hyperledger Fabric LTS release which is v2.2. Once Hyperledger Fabric announces the next LTS release, its highly appreciable for any community PRs to extend the support for more versions. Currently we support Hyperledger Fabric v2.2.2 and [this issue](https://github.com/hyperledger/bevel/issues/1765) targets the upgradation to next v2.2.x

jagpreet (Thu, 06 Jan 2022 08:55:57 GMT):
Yes @tkuhrt , we are currently sticking to the Hyperledger Fabric LTS release which is v2.2. Once Hyperledger Fabric announces the next LTS release, its highly appreciable for community PRs to extend the support for more versions. Currently we support Hyperledger Fabric v2.2.2 and [this issue](https://github.com/hyperledger/bevel/issues/1765) targets the upgradation to next v2.2.x

jagpreet (Thu, 06 Jan 2022 08:55:57 GMT):
Yes @tkuhrt , we are currently sticking to the Hyperledger Fabric LTS release which is v2.2. Once Hyperledger Fabric announces the next LTS release, its highly appreciable for community PRs to extend the support for more versions. Currently we support Hyperledger Fabric v2.2.2 and [this issue](https://github.com/hyperledger/bevel/issues/1765) targets the ongoing version upgrade

SoundaryaAyyappan (Thu, 06 Jan 2022 10:43:16 GMT):
Hi Everyone, I need to clarify a doubt regarding the upgradation of Bevel version. Say I have deployed a hyperledger fabric network (v2.2.0) using BAF release v0.7.0.0. Now, is it possible to merge the latest BAF release (v0.10.0.0) with the branch created out of v0.7 and use the latest release features? Can anyone clarify this?

mwklein (Thu, 06 Jan 2022 15:03:10 GMT):
For minor releases, the approach mentioned will likely work, but is not directly tested/supported (we always welcome contributions!). The community is currently investigating in-place upgrades, starting with Fabric as outlined in this spike: https://github.com/hyperledger/bevel/issues/1765

tkuhrt (Thu, 06 Jan 2022 16:12:02 GMT):
Based on the [Hyperledger Release Taxonomy](https://tsc.hyperledger.org/release-taxonomy.html), all projects should be using either [semver](https://semver.org/) or [calver](https://calver.org/). I believe that Bevel uses semver, which would Given a version number MAJOR.MINOR.PATCH, increment the: - MAJOR version when you make incompatible API changes, - MINOR version when you add functionality in a backwards compatible manner, and - PATCH version when you make backwards compatible bug fixes. Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format. Someone contributing to Bevel should comment on backward compatibility though.

tkuhrt (Thu, 06 Jan 2022 16:12:02 GMT):
Based on the [Hyperledger Release Taxonomy](https://tsc.hyperledger.org/release-taxonomy.html), all projects should be using either [semver](https://semver.org/) or [calver](https://calver.org/). I believe that Bevel uses semver, which would mean that given a version number MAJOR.MINOR.PATCH, increment the: - MAJOR version when you make incompatible API changes, - MINOR version when you add functionality in a backwards compatible manner, and - PATCH version when you make backwards compatible bug fixes. Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format. Someone contributing to Bevel should comment on backward compatibility though.

Harsh_Vekariya (Fri, 07 Jan 2022 07:23:52 GMT):
Has joined the channel.

mateokurti (Wed, 12 Jan 2022 09:08:39 GMT):
Hi everyone! I have a question. How does Hyperledger Bevel deals with the Dynamic IPs of Kubernetes for nodes (in the case of Indy Node)?

ricardoruano (Thu, 13 Jan 2022 22:06:52 GMT):
Has joined the channel.

ricardoruano (Thu, 13 Jan 2022 22:06:53 GMT):
Hi everyone

suvajit-sarkar (Mon, 17 Jan 2022 09:37:14 GMT):
Hi All, the sprint planning is cancelled today because of unforeseeable leaves

suvajit-sarkar (Mon, 17 Jan 2022 09:44:14 GMT):
It uses TCP Network Load Balancer with a fixed IP address

ricardoruano (Tue, 18 Jan 2022 05:40:19 GMT):
Hi team, have a great day for everyone, please help me, I'm very confused with the ansible_provisioners file, I have an EKS cluster with 2 nodes (35.172.116.1 and 34.231.180.117), and another cluster in Linode also with 2 nodes (45.79.105.169 and 173.255.240.145), each cluster for each organization in the network for HFabric. I don't know if I need to declare the IPs corresponding to the nodes in the cluster or the external IP of the cluster, Can you help me?

ricardoruano (Tue, 18 Jan 2022 05:44:29 GMT):
or Where I can find more examples of ansible_provisioners for bevel installation with Hfabric?

jagpreet (Tue, 18 Jan 2022 09:28:16 GMT):
Hi @ricardoruano Thanks for using Hyperledger Bevel. There are 2 issues you have mentioned, One, related to IP's of the cluster worker nodes And second related to `ansible_provisioners` [Second query] Answering this prior to the first one, as this will make the explaination of the second query more clearer. We are not using ansible to create resources over the cluster. Thus, `ansible_provisioners` can just point to the localhost. Ansible, in our case, is just templatizing the value files of the required entities and configuration of certain resources like Flux (which is responsible for deployment of resources over the cluster) You can find sample `ansible_provisioners` file [here](https://github.com/hyperledger/bevel/blob/main/platforms/shared/inventory/ansible_provisioners). You can use this exact one for your usecase too, as ansible wont play a role in multi-cluster deployment, but will only generate value files and configure resources such as flux. [First query] If you check the `network.organization` section of [sample network.yaml](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml), you will see a subsection `cloud_provider` and `aws` (this is optional and only for EKS). That information is sufficient enough to do the deployments over the respective cluster. For linode, you might have to add an extra storage class option as per the guide mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass/)

jagpreet (Tue, 18 Jan 2022 09:28:16 GMT):
Hi @ricardoruano Thanks for using Hyperledger Bevel. There are 2 issues you have mentioned, One, related to IP's of the cluster worker nodes And second related to `ansible_provisioners` [Second query] Answering this prior to the first one, as this will make the explaination of the second query more clearer. We are not using ansible to create resources over the cluster. Thus, `ansible_provisioners` can just point to the localhost. Ansible, in our case, is just templatizing the value files of the required entities and configuration of certain resources like Flux (which is responsible for deployment of resources over the cluster) You can find sample `ansible_provisioners` file [here](https://github.com/hyperledger/bevel/blob/main/platforms/shared/inventory/ansible_provisioners). You can use this exact one for your usecase too, as ansible wont play a role in multi-cluster deployment, but will only generate value files and configure resources such as flux. [First query] If you check the `network.organization` section of [sample network.yaml](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml), you will see a subsection `cloud_provider` and `aws` (this is optional and only for EKS). That information is sufficient enough to do the deployments over the respective cluster, along with the `external_dns_suffix` which will be different for each cluster. For linode, you might have to add an extra storage class option as per the guide mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass/)

jagpreet (Tue, 18 Jan 2022 09:28:16 GMT):
Hi @ricardoruano Thanks for using Hyperledger Bevel. There are 2 issues you have mentioned, One, related to IP's of the cluster worker nodes And second related to `ansible_provisioners` [Second query] Answering this prior to the first one, as this will make the explaination of the second query more clearer. We are not using ansible to create resources over the cluster. Thus, `ansible_provisioners` can just point to the localhost. Ansible, in our case, is just templatizing the value files of the required entities and configuration of certain resources like Flux (which is responsible for deployment of resources over the cluster) You can find sample `ansible_provisioners` file [here](https://github.com/hyperledger/bevel/blob/main/platforms/shared/inventory/ansible_provisioners). You can use this exact one for your usecase too, as ansible wont play a role in multi-cluster deployment, but will only generate value files and configure resources such as flux. [First query] If you check the `network.organization` section of [sample network.yaml](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml), you will see a subsection `cloud_provider` and `aws` (this is optional and only for EKS). That information is sufficient enough to do the deployments over the respective cluster, along with the `external_dns_suffix` which will be different for each cluster. For linode, you need to add an extra storage class option as per the guide mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass/)

jagpreet (Tue, 18 Jan 2022 09:28:16 GMT):
Hi @ricardoruano Thanks for using Hyperledger Bevel. There are 2 issues you have mentioned, One, related to IP's of the cluster worker nodes And second related to `ansible_provisioners` [Second query] Answering this prior to the first one, as this will make the explaination of the second query more clearer. We are not using ansible to create resources over the cluster. Thus, `ansible_provisioners` can just point to the localhost. Ansible, in our case, is just templatizing the value files of the required entities and configuration of certain resources like Flux (which is responsible for deployment of resources over the cluster) You can find sample `ansible_provisioners` file [here](https://github.com/hyperledger/bevel/blob/main/platforms/shared/inventory/ansible_provisioners). You can use this exact one for your usecase too, as ansible wont play a role in multi-cluster deployment, but will only generate value files and configure resources such as flux. [First query] If you check the `network.organization` section of [sample network.yaml](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml), you will see a subsection `cloud_provider` and `aws` (this is optional and only for EKS). That information is sufficient enough to do the deployments over the respective cluster, along with the `external_dns_suffix` which will be different for each cluster. For linode, you need to add an extra storage class option as per the guide mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass/) Additionally, you will also have to change the `organization.gitops.release_dir` for each of the cluster. Flux syncs and deploys entities by polling this path of the specified branch of the specified repository. So for organizations in different clusters, `gitops.url`-`gitops.branch`-gitops.release_dir` should be different (just changing the release_dir will work too)

jagpreet (Tue, 18 Jan 2022 09:28:16 GMT):
Hi @ricardoruano Thanks for using Hyperledger Bevel. There are 2 issues you have mentioned, One, related to IP's of the cluster worker nodes And second related to `ansible_provisioners` [Second query] Answering this prior to the first one, as this will make the explaination of the second query more clearer. We are not using ansible to create resources over the cluster. Thus, `ansible_provisioners` can just point to the localhost. Ansible, in our case, is just templatizing the value files of the required entities and configuration of certain resources like Flux (which is responsible for deployment of resources over the cluster) You can find sample `ansible_provisioners` file [here](https://github.com/hyperledger/bevel/blob/main/platforms/shared/inventory/ansible_provisioners). You can use this exact one for your usecase too, as ansible wont play a role in multi-cluster deployment, but will only generate value files and configure resources such as flux. [First query] If you check the `network.organization` section of [sample network.yaml](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml), you will see a subsection `cloud_provider` and `aws` (this is optional and only for EKS). That information is sufficient enough to do the deployments over the respective cluster, along with the `external_dns_suffix` which will be different for each cluster. For linode, you need to add an extra storage class option as per the guide mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass/) Additionally, you will also have to change the `organization.gitops.release_dir` for each of the cluster. Flux syncs and deploys entities by polling this path of the specified branch of the specified repository. So for organizations in different clusters, `gitops.url`-`gitops.branch`-`gitops.release_dir` should be different (just changing the release_dir will work too)

jagpreet (Tue, 18 Jan 2022 09:31:24 GMT):
Let us know, if you need any further clarification around the same.

ricardoruano (Wed, 19 Jan 2022 05:14:31 GMT):
Hi, @jagpreet thanks so much for your response. Ok, according to your instruction Bevel uses Flux, and in this sense not is necessary any particular configuration for an ansible host file, Now it works for me because only I copied the content of the ansible host sample https://github.com/hyperledger/bevel/blob/main/platforms/shared/inventory/ansible_provisioners in my /etc/ansible/hosts

ricardoruano (Wed, 19 Jan 2022 05:18:10 GMT):
also now I'm going to configure the extra storage class for my Linode environment, I'm very interested in using Bevel outside the typical clouds

ricardoruano (Wed, 19 Jan 2022 05:18:21 GMT):
I promise to tell you about the progress

BrunoVavala (Wed, 19 Jan 2022 17:08:33 GMT):
Has left the channel.

ffabregas (Thu, 20 Jan 2022 04:02:12 GMT):
Hi Team, have a great day to everyone. Could you please help me guide through on running BEVEL in EKS? Do you have some documentations that I can follow? Thanks in advance!

jagpreet (Thu, 20 Jan 2022 08:37:30 GMT):
Thanks for using Bevel. It will be good to see the Linode storageclass and thus the compatibility with the respective cloud provider. Bevel deployments happen on K8's environment, which is almost abstracted from the cloud provider layer (except for the constrains mentioned above)

jagpreet (Thu, 20 Jan 2022 09:34:16 GMT):
Hi @ffabregas Thanks for showing interest in Hyperledger Bevel. Once the [pre-requisites](https://blockchain-automation-framework.readthedocs.io/en/latest/prerequisites.html) are met, you can setup Bevel similarly to how you have setup it locally (as per our conversation). There will be minor changes like `network.env.proxy` will NOT be none and `network.organization.cloud_provider` will be aws followed by putting the specific information about the cloud provider in the network.yaml For reference, you can refer to this [sample network.yaml](https://github.com/hyperledger/bevel/blob/main/platforms/hyperledger-fabric/configuration/samples/network-fabricv2-raft.yaml) and follow the guide mentioned [here](https://hyperledger-bevel.readthedocs.io/en/latest/developerguide/#quickstart-guides), specifically the `Developer Prerequisites` section and `DLT Blockchain Network deployment using docker build` section.

ffabregas (Fri, 21 Jan 2022 03:36:05 GMT):

Clipboard - January 21, 2022 11:36 AM

ffabregas (Fri, 21 Jan 2022 03:36:11 GMT):
Thanks for this @jagpreet . By the way, is this the correct ansible configuration for Bevel?

jagpreet (Fri, 21 Jan 2022 08:32:57 GMT):
Yes

ffabregas (Mon, 24 Jan 2022 06:27:18 GMT):
Hi @jagpreet, just want to follow up a question, after installing all the required pre-requisites, what next actions should I do to setup Bevel in AWS? Per checking in https://hyperledger-bevel.readthedocs.io/en/latest/developerguide/#quickstart-guides, it seems that this is the steps to setup Bevel in local environment.?

jagpreet (Mon, 24 Jan 2022 08:35:26 GMT):
Hi @ffabregas Yes the above link can be used to setup Bevel on EKS (AWS) Specifically this [link](https://hyperledger-bevel.readthedocs.io/en/latest/developer/docker-build/)

sichen (Tue, 25 Jan 2022 00:26:57 GMT):
Has joined the channel.

sichen (Tue, 25 Jan 2022 00:30:18 GMT):
Hello Bevel team. Nice to meet everybody!

sichen (Tue, 25 Jan 2022 00:31:10 GMT):
I'm from the Climate SIG, where we've been developing Fabric applications to measure, record, and tokenize carbon emissions.

sichen (Tue, 25 Jan 2022 00:33:17 GMT):
When we tried to deploy our Fabric application to production, it was very hard. So we're hoping that Bevel could help us with this. We'd like a tool that could add (and remove) peers and nodes from different cloud providers and deploy updated chain code easily across the network.

sichen (Tue, 25 Jan 2022 00:33:57 GMT):
Would Bevel be able to do this? If so what would we need to do to set up our application for Bevel? Thanks

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. [ Add peers & nodes ] Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/] (for non-orderers) and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) (for orderer organizations) [ Removal of peers and nodes] To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. [ Upgrade chaincode ] You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. [ Setting up Hyperledger Fabric network using Hyperledger Bevel] You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. [ Add peers & nodes ] Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/] (for non-orderers) and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) (for orderer organizations) [ Removal of peers and nodes ] To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. [ Upgrade chaincode ] You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. [ Setting up Hyperledger Fabric network using Hyperledger Bevel ] You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. [ `Add peers & nodes` ] Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/] (for non-orderers) and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) (for orderer organizations) [ Removal of peers and nodes ] To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. [ Upgrade chaincode ] You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. [ Setting up Hyperledger Fabric network using Hyperledger Bevel ] You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. `[ Add peers & nodes ]` Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/] (for non-orderers) and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) (for orderer organizations) [ Removal of peers and nodes ] To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. [ Upgrade chaincode ] You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. [ Setting up Hyperledger Fabric network using Hyperledger Bevel ] You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. `[ Add peers & nodes ]` Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/] (for non-orderers) and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) (for orderer organizations) `[ Removal of peers and nodes ]` To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. `[ Upgrade chaincode ]` You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. `[ Setting up Hyperledger Fabric network using Hyperledger Bevel ]` You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. `[ Add peers & nodes ]` Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/] for non-orderers and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) for orderer organizations `[ Removal of peers and nodes ]` To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. `[ Upgrade chaincode ]` You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. `[ Setting up Hyperledger Fabric network using Hyperledger Bevel ]` You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. `[ Add peers & nodes ]` Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/) for non-orderers and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) for orderer organizations `[ Removal of peers and nodes ]` To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. `[ Upgrade chaincode ]` You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. `[ Setting up Hyperledger Fabric network using Hyperledger Bevel ]` You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice using Hyperledger Bevel

jagpreet (Tue, 25 Jan 2022 09:38:37 GMT):
Hi @sichen Thanks for exploring Hyperledger Bevel. `[ Add peers & nodes ]` Yes, these features are supported by Hyperledger Bevel. To add peers, you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_peer_fabric/) To add nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_org_fabric/) for non-orderers and [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_ordererorg_fabric/) for orderer organizations `[ Removal of peers and nodes ]` To remove nodes (organizations), you can refer to [this guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/removing_org_fabric/) Removal on peer feature is not currently implemented and we would encourage community contribution for the same. `[ Upgrade chaincode ]` You can refer to the guide [mentioned here](https://hyperledger-bevel.readthedocs.io/en/latest/operations/upgrading_chaincode/) for upgrading the chaincode. `[ Setting up Hyperledger Fabric network using Hyperledger Bevel ]` You can start with the [getting started guide](https://hyperledger-bevel.readthedocs.io/en/latest/gettingstarted/#) which will help you in deploying the platform (Hyperledger Fabric in this case) of your choice supported by Hyperledger Bevel

rlnrajesh (Tue, 25 Jan 2022 14:11:39 GMT):
Has joined the channel.

sbohanlf (Tue, 25 Jan 2022 15:16:19 GMT):
Has joined the channel.

sownak (Tue, 25 Jan 2022 17:13:12 GMT):
#bevel The welcome call is scheduled on 1st February 2 pm GMT/BST. Please join for introduction and suggestions. https://lists.hyperledger.org/g/bevel/ics/invite.ics?eventid=1406115

sajidhz1 (Wed, 26 Jan 2022 09:34:17 GMT):
Hi Everyone! does anyone know if hyperledger bevel support will support chaincode as a external service in Hyperledger fabric anytime soon ?

sownak (Wed, 26 Jan 2022 10:29:30 GMT):
Yes, soon. There is an open and in-progress issue https://github.com/hyperledger/bevel/issues/1284 You may want to add your comments there.

sajidhz1 (Thu, 27 Jan 2022 02:17:28 GMT):
yup, saw this and the Jira ticket linked to this. is there any PR or a branch that I can refer to, for any ongoing work ? thanks

sajidhz1 (Thu, 27 Jan 2022 02:17:28 GMT):
yup, saw this and the Jira ticket linked to this. is there any PR or a branch that I can refer for any ongoing work ? thanks

sownak (Thu, 27 Jan 2022 10:53:19 GMT):
@arsulegai Do we have any updates on this?

arsulegai (Thu, 27 Jan 2022 15:24:10 GMT):
@weihong.ou let's get this open sourced soon.

sajidhz1 (Fri, 28 Jan 2022 06:16:36 GMT):
Hi @arsulegai thanks for getting in touch! do you have any rough timelines in mind for this feature to be opensourced?

davidwboswell (Fri, 28 Jan 2022 15:37:04 GMT):
sownak

Mahadevan 3 (Fri, 28 Jan 2022 19:29:13 GMT):
Hi, I am looking at installing Hyperledger Indy in Kubernetes. I have a question on the node IP address in indy-pool-genesis. {"reqSignature":{},"txn":{"data":{"data":{"alias":"provider-steward-1","blskey":"","blskey_pop":"","client_ip":"3.221.78.194","client_port":19712,"node_ip":"3.221.78.194","node_port":19711,"services":["VALIDATOR"]} Is the IP the internal cluster IP address of the nodeport service? Can that IP be exposed outside the k8s cluster when external nodes are added to the network?

Mahadevan 3 (Fri, 28 Jan 2022 19:29:13 GMT):
Hi, I am looking at installing Hyperledger Indy in a multi node Kubernetes cluster. I have a question on the node IP address in indy-pool-genesis. {"reqSignature":{},"txn":{"data":{"data":{"alias":"provider-steward-1","blskey":"","blskey_pop":"","client_ip":"3.221.78.194","client_port":19712,"node_ip":"3.221.78.194","node_port":19711,"services":["VALIDATOR"]} Is the IP the internal cluster IP address of the nodeport service? Can that IP be exposed outside the k8s cluster when external nodes are added to the network?

suvajit-sarkar (Mon, 31 Jan 2022 04:09:22 GMT):
Hi all, Please feel free to join the Sprint Planning today (January 31st) at 1pm GMT on https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

sownak (Mon, 31 Jan 2022 12:12:22 GMT):
This is a Kubernetes question, I think it won't be accessible unless you create a public endpoint (this is applicable for all Kubernetes internal IPs).

Mahadevan 3 (Mon, 31 Jan 2022 14:33:43 GMT):
Thanks @sownak We are creating a network load balancer in AWS but the IP addresses are assigned by AWS which can change. Sorry, this could be a AWS/k8s question. Do you have any thoughts on how a public static IP can be created for the pool? Thanks.

sownak (Mon, 31 Jan 2022 14:35:25 GMT):
For Indy, Bevel creates AWS network load balancer by using the static IPs provided in the network.yaml. You need to just get the static ips created on AWS and add them in the network.yaml

sownak (Mon, 31 Jan 2022 18:14:57 GMT):
of course it works only with AWS EKS cluster

Mahadevan 3 (Mon, 31 Jan 2022 18:24:47 GMT):
Ok. Thanks @sownak

divyabhanu (Tue, 01 Feb 2022 08:36:48 GMT):
Has joined the channel.

arsulegai (Tue, 01 Feb 2022 10:58:36 GMT):
@sownak a design choice/tricky one to implement at present. But wanted to hear your thoughts. For storing Vault values, the uniqueness at present is on network name and env variables. How about making it based on network ID (let the admin maintain ID mapping to name and env)?

arsulegai (Tue, 01 Feb 2022 10:58:36 GMT):
@sownak a design choice/tricky one to implement at present. But wanted to hear your thoughts. For storing Vault values, the uniqueness at present is on network name, org name and env variables. How about making it based on network ID (let the admin maintain ID mapping to name and env)?

TejaSurisetty (Wed, 02 Feb 2022 06:45:29 GMT):
Has joined the channel.

santmukh (Wed, 02 Feb 2022 08:21:13 GMT):
Has joined the channel.

Anthony022 (Sun, 06 Feb 2022 00:24:47 GMT):
Hello, I am new to H. Bevel, and I have tried to implement a Fabric network following the recommendations for installation and configuration of the requirements indicated in the documentation, however in the configuration phase of H.Fabric I have had problems understanding the parameters, could you recommend a course or can you advise me, thanks in advance for the answers.

Anthony022 (Sun, 06 Feb 2022 00:41:46 GMT):
Greetings, I am new to H. Bevel and I have a difficulty, I have managed to install and configure the requirements as indicated in the documentation, but when configuring hyperledger fabric, it is complicated, I could recommend any material, tutorial, or advice, thank you in advance for your help.

sajidhz1 (Mon, 07 Feb 2022 08:32:56 GMT):
Hi Everyone, I have successfully deployed a hyperldger fabric network and created a channel between two organisations using bevel standard configurations and policies but when I try to execute the remove-org playbook I get the below error error authorizing update: error validating DeltaSet: policy for [Group] /Channel/Application not satisfied: implicit policy evaluation failed - 1 sub-policies were satisfied, but this policy requires 2 of the 'Admins' sub-policies to be satisfied does anyone know what could be the issue ?

sajidhz1 (Tue, 08 Feb 2022 01:33:21 GMT):
found the reason, so based on network policy settings both the organisation has to sign the channel configuration update. had to comment the below line in setup/config_block/sign_and_update line 60

jagpreet (Tue, 08 Feb 2022 08:45:22 GMT):
Hi @sajidhz1 Thanks for the investigation. Your above scenario seems valid and indeed the default policy is for both the organizations to sign the updated channel block difference. Can you open up an issue on [Hyperledger Bevel GH issue board](https://github.com/hyperledger/bevel/issues), so that this issue is tracked, investigated and addressed ?

devg (Tue, 08 Feb 2022 12:05:55 GMT):
Has joined the channel.

khushalkunjir (Wed, 09 Feb 2022 06:42:19 GMT):
Has joined the channel.

khushalkunjir (Wed, 09 Feb 2022 06:42:20 GMT):
Hi Everyone, We are trying to use bevel for fabric platform, Can you please help me to find video material or tutorials that will help me to go through? Thank you, Khushal S. Kunjir

sownak (Wed, 09 Feb 2022 15:49:23 GMT):
#bevel Code Walkthrough and Demo sessions have been scheduled for APAC and EU zones. Check and subscribe here https://lists.hyperledger.org/g/bevel/calendar

joseucarvajal (Thu, 10 Feb 2022 01:01:14 GMT):
Has joined the channel.

joseucarvajal (Thu, 10 Feb 2022 01:01:15 GMT):
Hi everyone In our company we are currently trying to deploy the sample Bevel network on the Google Cloud Managed Kubernetes Cluster GKE. Has anyone tried this before?, any reference or documentation?, Thanks in advance.

Anthony022 (Thu, 10 Feb 2022 06:44:31 GMT):
Good morning, I am new to H. Bevel and Blockchain Development, and I have a question about the design of the blockchain network when working with organizations and is as follows, when designing a blockchain network, each organization has members that compose it, can be interpreted that the members of the organization form a subnetwork blockchain, and also, I am trying to implement a system with blockchain for the issuance of professional degree where only the university would participate for this version, is it ok to use H. Fabric or what Hyperledger project do you recommend me, after these two queries, thank you very much for your response.

jagpreet (Thu, 10 Feb 2022 10:26:43 GMT):
Hi @joseucarvajal Thanks for using Hyperledger Bevel. Before answering the cloud k8's question, I would like to mention is that Hyperledger Bevel is an automation framework which can be used to deploy various blockchain platforms like Hyperledger Fabric, Indy, Besu, R3 Corda etc.. To deploy these platforms via Bevel over GKE, the major change will be in adding the GKE storage class template. You can refer to this [guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/adding_new_storageclass.html) to add the custom storage class for the GKE. Feel free to reply to this chat thread, if there are anymore queries.

sownak (Thu, 10 Feb 2022 10:45:48 GMT):
Welcome to Bevel channel. As for your usecase, if there is only one participant in the blockchain you do not need Blockchain, you can use a distributed database instead.

surabhi17 (Thu, 10 Feb 2022 11:10:45 GMT):
Has joined the channel.

mohana.a (Thu, 10 Feb 2022 13:41:40 GMT):
Hi, I had set up a hyperledger fabric network (v2.2) with few orgs a year back in a kubernetes cluster using Hyperledger Bevel. Each org has its own CA and TLSCA servers running with TLS enabled. The age of the pods are about 365 days. Peer and orderer pods are in crashloopbackoff state because the Fabric-CA certificates got expired. The peer pods are crashing with the following error, "Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/fabric/msp: signing identity expired 24h ago" Can some one tell me how do i renew certificates or solve this issue and what are the changes to be done to the existing Channel and chaincodes. Thanks in advance.

sownak (Thu, 10 Feb 2022 16:33:14 GMT):
maybe check this https://stackoverflow.com/questions/59525641/what-happens-when-certificates-got-renewed-in-hyperledger-fabric/59535662

tkuhrt (Thu, 10 Feb 2022 19:50:54 GMT):
You might want to consider #aries and #indy if you are looking to issue a verifiable credential.

Anthony022 (Fri, 11 Feb 2022 05:18:19 GMT):
[ ](https://chat.hyperledger.org/channel/bevel?msg=cZraaKssPsmxoxg4o) With H. indy and Aries, is it possible to have the credential stamped by 2 organizations, for example the university and the ministry of education?

Anthony022 (Fri, 11 Feb 2022 05:18:37 GMT):
With H. indy and Arie, is it possible to have the credential stamped by 2 organizations, for example the university and the ministry of education?

Anthony022 (Fri, 11 Feb 2022 05:19:01 GMT):
With H. indy and Aries, is it possible to have the credential stamped by 2 organizations, for example the university and the ministry of education?

sownak (Fri, 11 Feb 2022 10:06:29 GMT):
Yes. You should be able to design your Indy network in that way.

sownak (Fri, 11 Feb 2022 10:17:15 GMT):
#bevel #bevel-contributors All of Hyperledger chat is moving to Discord, Find us here https://discord.gg/Cuhfywf9eY

Anthony022 (Fri, 11 Feb 2022 18:56:21 GMT):
thank you all for your recommendations

mohana.a (Tue, 15 Feb 2022 06:47:43 GMT):
Hi, I had set up a hyperledger fabric network (v2.2) with few orgs a year back in a kubernetes cluster using Hyperledger Bevel. We use CA certificates generated by Bevel scripts. CA certificates will expire next month. Can some one tell me how do i renew certificates or solve this issue and what are the changes to be done to the existing Channel and chaincodes. Thanks in advance.

jagpreet (Wed, 16 Feb 2022 10:34:13 GMT):
You can refer to this https://chat.hyperledger.org/channel/bevel?msg=8yncHvHZ89YxjFCkh

SayyadNayyaroddeen (Mon, 21 Feb 2022 18:06:40 GMT):
Has joined the channel.

SayyadNayyaroddeen (Mon, 21 Feb 2022 18:06:41 GMT):
I am on Ubuntu, I am getting this error mesage ```Wait for ClusterRoleBinding supplychain-net-role-tokenreview-binding```` post this ansible script is stoping

SayyadNayyaroddeen (Mon, 21 Feb 2022 18:07:56 GMT):

error1232.png

SayyadNayyaroddeen (Mon, 21 Feb 2022 18:08:15 GMT):
Can anyone help?

SayyadNayyaroddeen (Mon, 21 Feb 2022 18:12:08 GMT):
https://blockchain-automation-framework.readthedocs.io/en/latest/operations/setting_dlt.html

SayyadNayyaroddeen (Mon, 21 Feb 2022 18:12:31 GMT):
ansible-playbook platforms/shared/configuration/site.yaml -e "@./build/network.yaml"

jagpreet (Tue, 22 Feb 2022 10:18:53 GMT):
Hi @SayyadNayyaroddeen Thanks for using Hyperledger Bevel. There seems to be an issue with either `git push` or flux not setup properly. You can refer to the [troubleshooting guide](https://hyperledger-bevel.readthedocs.io/en/latest/operations/bevel_verify.html) for more information

SayyadNayyaroddeen (Tue, 22 Feb 2022 11:49:48 GMT):
thank you for the reply

SayyadNayyaroddeen (Tue, 22 Feb 2022 11:49:51 GMT):
let me check

sajidhz1 (Fri, 25 Feb 2022 13:33:44 GMT):
Hi good afternoon,

sajidhz1 (Fri, 25 Feb 2022 13:40:12 GMT):
Hi Team, has anyone managed to successfully configure CORE_CHAINCODE_EXTERNALBUILDERS env variable in a k8s config map

sajidhz1 (Fri, 25 Feb 2022 13:40:12 GMT):
Hi Team, has anyone managed to successfully configure CORE_CHAINCODE_EXTERNALBUILDERS env variable in a k8s config map ?

sajidhz1 (Fri, 25 Feb 2022 13:40:12 GMT):
Hi Team, has anyone managed to successfully configure CORE_CHAINCODE_EXTERNALBUILDERS env variable in a k8s config map ? background : I am trying to enable external builders for an existing peer or can anyone suggest any other approach, based on documentation I understand that core.yaml should be present at "peer node start"

sajidhz1 (Mon, 28 Feb 2022 15:13:28 GMT):
managed to resolve this, mounted the core yaml and external builders as configmaps and it worked

kaveri (Tue, 01 Mar 2022 09:34:51 GMT):
Hi @sajidhz1 Glad you found the fix. Please note that all of Hyperledger chat support channels are moved to Discord. https://discord.gg/hyperledger

sownak (Fri, 04 Mar 2022 09:46:06 GMT):
Please note that all of Hyperledger chat support channels are moved to Discord. https://discord.gg/hyperledger

rjones (Wed, 23 Mar 2022 17:35:02 GMT):