CODEWITHSUNDEEP
hyperledger-fabrichyperledgerhyperledger-chaincodehyperledger-fabric-ca
Akshay Sood
Akshay Sood

Reputation: 6776

Shared infrastructure in Hyperledger Fabric

I was checking a use-case if it is possible to share the peers, invoke chaincode functions & perform transactions with different MSPs. This is a use-case where a shared environment will be required for some organizations that are not willing to spend on infrastructure but may want to use the blockchain network running by the network operator.

For example, a network operator with MSP org1 creates a Hyperledger Fabric network. org4 wants to join the network but without any peers. The CA container will be there for this org4. Is it possible for org4 identity to invoke transactions on org1 peers? I tried this actually. Check the logs of the rest client below:

[Service Discovery Turned On]
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - start - org4
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer0.org1.com:7051 - org1
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer1.org1.com:7051 - org1
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer1.networkoperator.com:7051 - networkoperator
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer0.networkoperator.com:7051 - networkoperator
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer0.org2.com:7051 - org2
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer1.org2.com:7051 - org2
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer0.org3.com:7051 - org3
2021-04-02T04:19:27.643Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer1.org3.com:7051 - org3
2021-04-02T04:19:27.643Z - debug: [RoundRobinQueryHandler]: constructor: peers=[]

The above logs show that rest-client tries to match the MSP id with peers

The logs without service discovery:

[Service Discovery Turned Off]
2021-04-02T04:39:11.091Z - debug: [Channel]: _getServiceEndpoints - start - org4
2021-04-02T04:39:11.091Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer0.org1.com - org1
2021-04-02T04:39:11.091Z - debug: [Channel]: _getServiceEndpoints - Endorser mspid not matched, not added peer1.org1.com - org1
2021-04-02T04:39:11.091Z - debug: [RoundRobinQueryHandler]: constructor: peers=[]

In general, these organizations will join the shared infrastructure and when they are ready to use their own infrastructure, they will be migrated to it. In the meantime, they will be invoking chaincode functions through their identities

Upvotes: 1

Views: 137

Answers (2)

Akshay Sood
Akshay Sood

Reputation: 6776

The fabric-sdk was trying to match the invoker's MSP ID with the available endorser's MSP ID which was failing the whole transaction because there's no peer that matches with the invoker's MSP ID. I had to disable the service discovery, add specific peers into the target peer list to make this working.

Some code:

const endorsingPeers = channel.getEndorsers('org1');

if (endorsingPeers.length > 0) transaction = transaction.setEndorsingPeers(endorsingPeers);
    
const response_payloads = await  transaction.evaluate(JSON.stringify(args))

Upvotes: 1

Siva
Siva

Reputation: 768

In such a case, org4 will only user crypto material given to it by the network operator to connect to the network and invoke chaincode. Following does not make sense to me.

Is it possible for org4 identity to invoke transactions on org1 peers?

From my understanding, as long as you have cyrpto material to connect to HLF, and you have the right connection profile in place, the HLF client that org4 runs, would end up posting transaction to all peers, check the simulation result on the HLF client side, and then send the transaction to orderer for it to be comitted onto the peers.

So, in your case we'll have a new user created for org4 to use, and then org4 would use that crypto material to invoke the chaincodes. A transaction submitted by any org will end up getting executed by all participating org's infrastructure, so someone does not want to contribute infra, they'll just use crypto material to connect to HLF network by not addition and reuse existing chaincodes put up on peers.

Upvotes: 0

Related Questions