peer channel create - evaluation failed only 0 policies were satisfied Hyperledger Fabric

Question

I am running Hyperledger Fabric v1.2. I have an orderer, ca, kafka, and peers running on different servers. The certs are generated and placed into their respective places on the server and then I generate the genesis block and channel tx file and then start the orderer and peers.

However, when I create the channel using the following command, I get the follow messages at the bottom of the orderer log.

./peer channel create -o orderer1.example.com:7050 -c mychannel -f /etc/hyperledger/fabric/channels/mychannel.tx 

Everything up to that point seems to be ok and work properly.

2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a5 0xc42000e740 identity 0 does not satisfy principal: the identity is a member of a different MSP (expected SampleOrg, got SampleOrgMSP)
2018-08-21 19:25:30.957 UTC [cauthdsl] func2 -> DEBU 1a6 0xc42000e740 principal evaluation fails
2018-08-21 19:25:30.957 UTC [cauthdsl] func1 -> DEBU 1a7 0xc42000e740 gate 1534879530956937482 evaluation fails
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a8 Signature set did not satisfy policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1a9 == Done Evaluating *cauthdsl.policy Policy /Channel/Application/SampleOrg/Admins
2018-08-21 19:25:30.957 UTC [policies] func1 -> DEBU 1aa Evaluation Failed: Only 0 policies were satisfied, but needed 1 of [ SampleOrg.Admins ]
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ab Signature set did not satisfy policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [policies] Evaluate -> DEBU 1ac == Done Evaluating *policies.implicitMetaPolicy Policy /Channel/Application/ChannelCreationPolicy
2018-08-21 19:25:30.957 UTC [orderer/common/broadcast] Handle -> WARN 1ad [channel: mychannel] Rejecting broadcast of config message from xxx.xxx.xxx.xxx:1234 because of error: error authorizing update: error validating DeltaSet: policy for [Group]  /Channel/Application not satisfied: Failed to reach implicit threshold of 1 sub-policies, required 1 remaining
2018-08-21 19:25:30.957 UTC [orderer/common/server] func1 -> DEBU 1ae Closing Broadcast stream
2018-08-21 19:25:30.959 UTC [grpc] Printf -> DEBU 1af transport: http2Server.HandleStreams failed to read frame: read tcp xxx.xxx.xxx.xxx:7050->xxx.xxx.xxx.xxx:1234: read: connection reset by peer
2018-08-21 19:25:30.959 UTC [common/deliver] Handle -> WARN 1b0 Error reading from xxx.xxx.xxx.xxx:1234: rpc error: code = Canceled desc = context canceled
2018-08-21 19:25:30.959 UTC [orderer/common/server] func1 -> DEBU 1b1 Closing Deliver stream

I'm thinking it is something in the way the policies are declared in the configtx file for the orderer but I'm not sure.

Sections in configtx.yaml

Organizations:
    - &SampleOrdererOrg
        Name: SampleOrdererOrg
        ID: SampleOrdererMSP
        MSPDir: /etc/hyperledger/orderer1/msp
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrdererOrg.admin')"


    - &SampleOrg
        Name: SampleOrg
        ID: SampleOrgMSP
        MSPDir: /etc/hyperledger/org/msp/
        Policies: &SampleOrgPolicies
            Readers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Writers:
                Type: Signature
                Rule: "OR('SampleOrg.member')"
            Admins:
                Type: Signature
                Rule: "OR('SampleOrg.admin')"
        AnchorPeers:
            - Host: peer1.example.com
              Port: 7051
            - Host: peer2.example.com
              Port: 7051
            - Host: peer3.example.com
              Port: 7051



Profiles:
    SampleKafkaDev:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            OrdererType: kafka
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - <<: *SampleOrg
                  Policies:
                      <<: *SampleOrgPolicies
                      Admins:
                          Type: Signature
                          Rule: "OR('SampleOrg.member')"
        Consortiums:
            SampleConsortium:
                Organizations:
                    - <<: *SampleOrg
                      Policies:
                          <<: *SampleOrgPolicies
                          Admins:
                              Type: Signature
                              Rule: "OR('SampleOrg.member')"

    MyChannel:
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *SampleOrg

Answer 1

Seems like the creation of the genesis block was giving me problems in addition to the fixes that @Sergey Balashevich recommended. I was generating it with the following command: ./configtxgen -profile MyChannel -channelID mychannel -outputCreateChannelTx configtx/channel.tx. This resulted in a channel being created and prevented me from completing the peer channel create command.

Answer 2

As far as I remember, the Rule in policy configuration expects that ID will be provided, in your example the name is used.

Just try to update all rules in your configuration in the following way :

Policies:
   <<: *SampleOrgPolicies
   Admins:
       Type: Signature
       Rule: "OR('SampleOrgMSP.member')"

(use SampleOrgMSP instead of SampleOrg, SampleOrdererMSP instead of SampleOrdererOrg, etc)

Updated:

Step 2:

"peer" loads configuration from "core.yaml", usually this file is located here "/etc/hyperledger/fabric/". In this file try to find property "localMspId: SampleOrg" and replace SampleOrg with your Orderer MSP Id

Step 3:

Channel can be created only once. In order to verify that channel exists we can try to join it from one of peers:

• verify that environment variable CORE_PEER_ADDRESS is configured correcly, export CORE_PEER_ADDRESS=peer0.org1.example.com:7051
• peer channel join -b /opt/gopath/src/github.com/hyperledger/fabric/peer/mychannel.block
• now you can check that peer has information about channel peer channel getinfo -c mychannel