In the last step of prod_example it will be good to clean up namespaces as well:

kubectl delete namespace cas cert-manager ingress-controller orderers peers

By default, Helm doesn't seem to enable the incubator repository, which is used in this step.

The suggestion is to add the following line either after helm init or before installing kafka chart:
helm repo add incubator https://kubernetes-charts-incubator.storage.googleapis.com/

i've tried enabling ingress for orderer and peer by updating helm values for ord1.yaml,ord2.yaml and peer1.yaml
ingress: enabled: true annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: "GRPCS" certmanager.k8s.io/cluster-issuer: "letsencrypt-staging" path: / hosts: - host_name tls: - secretName: orderer-tls / peer-tls hosts: - host_name
ingress gets assigned to orderer and peer pods but i am not sure how to generate tls certs and key for them i've tried using
fabric-ca-client enroll -m host_name --enrollment.profile tls -d -u http://peer${NUM}:peer${NUM}_pw@localhost:7054 -M peer${NUM}_MSP
fabric-ca-client enroll -m host_name --enrollment.profile tls -d -u https://ord${NUM}:ord${NUM}_pw@localhost:7054 -M ord${NUM}_MSP
it only generates tlscacerts which contains .pem file. how to get .crt and .key file

Hi, I wonder to know that your hgf-k8s-workshop/prod_example wether is supported by multiple organizations.

Hi There we keep running into different issues regards to tls and ca https control, may i know what's the version of the nignx-ingress, helm, k8s, and cert-manager that you had success with?

Do you have any suggestions (or best practices) to deploy a smart contract ?

• Manually
  • ?
• Using VS code extension
  • Port forwarding
  • Expose via ingress
  • ...

I found "AdminPrincipal: Role.MEMBER"(the Policies is old, appeared in v1.0.0) in configtx.yaml, and I changed the Policies to v1.3.0 in configtx.yaml,as below like these codes:

        # Policies defines the set of policies at this level of the config tree
        # For organization policies, their canonical path is usually
        #   /Channel/<Application|Orderer>/<OrgName>/<PolicyName>

        Policies:
            Readers:
                Type: Signature
                Rule: "OR('OrdererMSP.member')"
            Writers:
                Type: Signature
                Rule: "OR('OrdererMSP.member')"
            Admins:
                Type: Signature
                Rule: "OR('OrdererMSP.admin')"

However,I failed to create the channel, error info:

So, is the Policies always "AdminPrincipal: Role.MEMBER"?
I‘m so confused, I need your responds sincerely. TY

When trying to run the following command:
kubectl exec -n peers $PEER_POD -- peer channel create -o ord1-hlf-ord.orderers.svc.cluster.local:7050 -c mychannel -f /hl_config/channel/mychannel.tx

I'm getting the return:

2019-07-26 20:31:21.144 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized
Error: channel create configuration tx file not found open /hl_config/channel/mychannel.tx: no such file or directory
command terminated with exit code 1

Is anything wrong with my interpretation ?

How do we install chaincode after setting up the network in this manner? The official hyperledger documentation uses a docker CLI container that can access the peers. But I don't see an equivalent pod in this kubernetes setup.

Hi,
I am getting below error while installing chaincode on the peer in this.
Command - kubectl exec $PEER_POD -n peers -- bash -c 'peer chaincode install -n mycc -v 1.0 -p /var/chaincode/'

Error - error getting chaincode code mycc: command : failed with error: "exec: "go": executable file not found in $PATH"
NOTE - I have placed the chaincode in the docker file system
Do I need to install GO in the peer container or machine, please suggest.
Thanks,

Hi,

is is possible to create this same network with RAFT Consensus. Is so can you just tell me the flow, so that i can start with creating the required changes to deploy a RAFT Orderer System.

Hi,
We are getting below " x509: certificate is valid for ingress.local" error while trying to enroll ord-admin on rancher 2.0. The error code is below:

admin@hosts:~/hlf/hgf-k8s-workshop/prod_example$ FABRIC_CA_CLIENT_HOME=./config fabric-ca-client enroll -u https://ord-admin:OrdAdm1nPW@$CA_INGRESS -M ./OrdererMSP
2019/07/03 09:54:35 [INFO] TLS Enabled
2019/07/03 09:54:35 [INFO] generating key: &{A:ecdsa S:256}
2019/07/03 09:54:35 [INFO] encoded CSR
Error: POST failure of request: POST https://k8s.blockchain.iii/enroll
{"hosts":["sysadmin-virtual-machine202"],"certificate_request":"-----BEGIN CERTIFICATE REQUEST-----\nMIIBSDCB8AIBADBVMQsw-----END CERTIFICATE REQUEST-----\n"
,"profile":"","crl_override":"","label":"","NotBefore":"0001-01-01T00:00:00Z","NotAfter":"0001-01-01T00:00:00Z","CAName":""}: 
Post https://k8s.blockchain/enroll: x509: certificate is valid for ingress.local, not k8s.blockchain

Is there any suggestion for this error?

Sorry to trouble you again!
I had followed the hgf-k8s-workshop/dev_example's README.md to make one Orderer and one Peer fabric-network many times, but failed again. Unfortunately, I can't find the key to the trouble. it still threw the same error:

And I run the command "peer channel list" in the peer container, it also threw the same error.

So please give me a hand, and Thank you very much!

I deployed the HLF network to the Kubernetes cluster, have installed a chaincode to peers and instantiated it on the channel.

Currently, I am trying to connect my RESTful api that interacts with a peer using the Fabric Node SDK.
I will be very grateful if you give me any guidance on how to proceed.

Thanks!