minifabric
minifabric copied to clipboard
hyperledger-labs
minifab for k8s doesn't support fabric version 1.4.x
main reason is:
k8s consideration in playbooks/ops/certgen/*.yaml and netup/k8stemplates lacks care about certgen/renamekeyfile.yaml which involved when fabric version < 2.0
minifab up -i 1.4.4 -s couchdb -e true
Using spec file: /mnt/minifabric/spec.yaml
Minifab Execution Context:
FABRIC_RELEASE=1.4.4
CHANNEL_NAME=mychannel
PEER_DATABASE_TYPE=couchdb
CHAINCODE_LANGUAGE=go
CHAINCODE_NAME=simple
CHAINCODE_VERSION=1.0
CHAINCODE_INIT_REQUIRED=true
CHAINCODE_PARAMETERS="init","a","200","b","300"
CHAINCODE_PRIVATE=false
CHAINCODE_POLICY=
TRANSIENT_DATA=
BLOCK_NUMBER=newest
EXPOSE_ENDPOINTS=true
CURRENT_ORG=org0.example.com
HOST_ADDRESSES=xxx.xxx.xxx.xxx
WORKING_DIRECTORY: /mnt/minifabric
........
# Preparing for the following operations: *********************
verify options, download images, generate certificates, start network, network status, channel create, channel join, anchor update, profile generation, cc install, cc instantiate, discover
..................
# Running operation: ******************************************
verify options
.
# Running operation: ******************************************
download images
....
# Running operation: ******************************************
generate certificates
........................................[WARNING]: Unable to find '/home/vars/keyfiles/ordererOrganizations/example.com
/users/[email protected]/msp/keystore/priv_sk' in expected paths (use -vvvvv to
see paths)
..................[WARNING]: Unable to find '/home/vars/keyfiles/ordererOrganizations/example.com
/orderers/orderer1.example.com/msp/keystore/priv_sk' in expected paths (use
-vvvvv to see paths)
..................[WARNING]: Unable to find '/home/vars/keyfiles/ordererOrganizations/example.com
/orderers/orderer2.example.com/msp/keystore/priv_sk' in expected paths (use
-vvvvv to see paths)
..................[WARNING]: Unable to find '/home/vars/keyfiles/ordererOrganizations/example.com
/orderers/orderer3.example.com/msp/keystore/priv_sk' in expected paths (use
-vvvvv to see paths)
.............................................[WARNING]: Unable to find '/home/vars/keyfiles/peerOrganizations/org0.example.c
om/users/[email protected]/msp/keystore/priv_sk' in expected paths (use
-vvvvv to see paths)
after some investigation, current implementaion has many path re-mapping and lots of partial certs uploading to k8s. it is tough to maintain.
I also found an issue related certs in fabric 2.x peer on k8s. TLS Client handshake error detected periodically. it may have certs missmatch in somewhere even fabric 2.x seems working fine on k8s.
anyway, fixing certs may resolve this issue.
I have some news...
- good news: I succeeded to setup fabric 1.4.8 and fabric 2.3.2 on k8s
- bad news: I failed to setup fabric 1.4.7 and older since dependency docker image (fabric-ccenv:latest) is removed from dockerhub.
- I'm not sure the reason fabric 1.4.4 passed in CI test and docker case.
sample patch against commit 2e5e1ebf009694b2394d71341f4e0688d2fed6ff is: fab14_supports_k8s.zip
The above patch worked with fabric 1.4.8 and PR-ed as #266 but rejected because of performance concerns for un-archiving in containers.
the basic idea of the above patch were:
- upload and download certs with correct file name ( fabric 1.4 series needs renaming private key path by playbooks/ops/certgen/renamekeyfile.yaml )
- set environment valuables which lacked in k8s case comparing docker case ( playbooks/ops/netup/k8stemplates/allnodes.j2 <= playbooks/ops/netup/templates/*env.j2 )
I am pretty sure the issue is because the private key name was using a hash method. Docker setup does that already, k8s can do the same. I vaguely remember it was using the cert to do a hash then use the hash as the private key file name, which was really really unnecessary in the first place. I am totally ok to leave it out, just indicates that 1.4.x is not supported by minifabric on k8s env.
