-
Notifications
You must be signed in to change notification settings - Fork 128
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
trying to connect to a kubernetes cluster created with tools/operator using java SDK #304
Comments
// public static boolean USE_PROFILE = true;
public static boolean USE_PROFILE = false;
public static String BUILD_DIR = "build/fabric-000";
public static String CRYPTO_DIR = BUILD_DIR + "/crypto-config";
public static String ORG1_PEER = CRYPTO_DIR + "/peerOrganizations/org1";
public static String ORG1_ORDERER = CRYPTO_DIR + "/ordererOrganizations/ordererorg1";
public static String ORG1_CA_CERT = ORG1_PEER + "/ca/ca.org1-cert.pem";
// public static String ORG1_CA_CERT =ORG1_ORDERER+"/ca/ca.ordererorg1-cert.pem";
public static String ORG1_CONNECTION_PROFILE = "connection-profile/connection_profile_org1.yaml";
// public static String ORG1_SERVER_CERT = "orderers/orderer0-ordererorg1.ordererorg1/tls/server.crt";
private static NetworkConfig networkConfig;
public static void main(String[] args) throws Exception {
File yamlFile = Paths.get(BUILD_DIR, ORG1_CONNECTION_PROFILE).toFile();
networkConfig = NetworkConfig.fromYamlFile(yamlFile);
networkConfig.getOrdererNames().forEach(ordererName -> {
try {
System.out.println("orderer: " + ordererName);
Properties ordererProperties = networkConfig.getOrdererProperties(ordererName);
Properties testProp = getEndPointProperties("orderer", ordererName);
ordererProperties.setProperty("clientCertFile", testProp.getProperty("clientCertFile"));
ordererProperties.setProperty("clientKeyFile", testProp.getProperty("clientKeyFile"));
networkConfig.setOrdererProperties(ordererName, ordererProperties);
} catch (InvalidArgumentException e) {
throw new RuntimeException(e);
}
});
networkConfig.getPeerNames().forEach(peerName -> {
try {
System.out.println("peer: " + peerName);
Properties peerProperties = networkConfig.getPeerProperties(peerName);
Properties testProp = getEndPointProperties("peer", peerName);
peerProperties.setProperty("clientCertFile", testProp.getProperty("clientCertFile"));
peerProperties.setProperty("clientKeyFile", testProp.getProperty("clientKeyFile"));
networkConfig.setPeerProperties(peerName, peerProperties);
} catch (InvalidArgumentException e) {
throw new RuntimeException(e);
}
});
HFCAClient hfcaClient;
if (USE_PROFILE) {
//Check if we get access to defined CAs!
NetworkConfig.OrgInfo org = networkConfig.getOrganizationInfo("org1");
NetworkConfig.CAInfo caInfo = org.getCertificateAuthorities().get(0);
Properties caProps = caInfo.getProperties();
hfcaClient = HFCAClient.createNewInstance(caInfo);
CryptoSuite cryptoSuite = CryptoSuiteFactory.getDefault().getCryptoSuite();
hfcaClient.setCryptoSuite(cryptoSuite);
caProps.put("allowAllHostNames", "true");
System.out.println("hfcaClient CAName:" + hfcaClient.getCAName());
// props.put("pemBytes", (byte[]) pemBytes);
// Object pemBytes = caProps.get("pemBytes");
// if (!(pemBytes instanceof byte[])) {
// throw new RuntimeException("Expecting bytes in pemBytes");
// }
} else {
File pemFile = Paths.get(ORG1_CA_CERT).toFile();
if (!pemFile.exists()) {
throw new RuntimeException(String.format("Missing pem file Could not find at location: %s", pemFile.getAbsolutePath()));
}
Properties props = new Properties();
props.put("allowAllHostNames", "true");
props.put("pemFile", pemFile.getAbsolutePath());
hfcaClient = HFCAClient.createNewInstance("https://localhost:7054", props);
CryptoSuite cryptoSuite = CryptoSuiteFactory.getDefault().getCryptoSuite();
hfcaClient.setCryptoSuite(cryptoSuite);
}
HFCAInfo info = hfcaClient.info(); //makes actual REST call.
System.out.println("info CAName:" + info.getCAName());
// Collection<NetworkConfig.UserInfo> registrars = caInfo.getRegistrars();
// NetworkConfig.UserInfo registrar = registrars.iterator().next();
// registrar.setEnrollment(hfcaClient.enroll(registrar.getName(), registrar.getEnrollSecret()));
} in both cases (when i enable using the profile or when i use the pem file directly i get this :
|
@mbwhite Im not sure what Any chance you can provide some insight here, as I don't think it's an actual issue with the network we generate from the I'll end by saying I've never actually used the Java SDK, so my insight here is limited. |
@bestbeforetoday might be the best placed if I'm honest from a client SDK perspective. @ymolists to clarify were you deploying Fabric into K8S using your own deployments? |
Thank Matthew. He is using our Fabric-Test tool to deploy the network. I know interacting with the network with the Node SDK works with no caveats, but I've never used the Java SDK for anything. |
@mbwhite as @Iindluni said am using fabric-test/tools/operator to deploy the cluster on k8s. i observed the following on the ca-org1 pod
it seems like the container is not able to load the ca cert file and defaulting to use the tls cert instead. ? After i noticed that i changed my above java code to use the tls cert instead of the ca cert i was using and voila ! here is where i used the the tls certs in the new code I checked the cert saved in the connection profile by the fabric-test tool is using the ca cert not the tls cert ? that section of the code is failing for now. |
I am super new to fabric. Can someone please point me to how i would go about connecting a java app using the fabric java SDK ? I can contribute a sample app as a PR if that would be something people can use.
I am trying to make sense of this fabric-samples java project. I noticed the operator generates connection profiles and ca certs for all orgs. However its not clicking how my client can talk to the cluster stood up by the operator using those generated files.
Can anyone help ?
The text was updated successfully, but these errors were encountered: