search

ecsoya / fabric-demo

Spring Fabric Demo
20 stars 10 forks source link

UNAVAILABLE: Unable to resolve host peer1.org2.example.com #2

Open dwusiq opened 4 years ago

dwusiq commented 4 years ago

不好意思 ,我又碰到新的问题了。服务启动后可以正常访问页面数据,但是后台会打印如下日志: Caused by: java.net.UnknownHostException: peer1.org2.example.com at java.net.InetAddress.getAllByName0(InetAddress.java:1280) ~[?:1.8.0_181] at java.net.InetAddress.getAllByName(InetAddress.java:1192) ~[?:1.8.0_181] at java.net.InetAddress.getAllByName(InetAddress.java:1126) ~[?:1.8.0_181] at io.grpc.internal.DnsNameResolver$JdkAddressResolver.resolveAddress(DnsNameResolver.java:640) ~[grpc-core-1.23.0.jar:1.23.0] at io.grpc.internal.DnsNameResolver.resolveAll(DnsNameResolver.java:388) ~[grpc-core-1.23.0.jar:1.23.0] at io.grpc.internal.DnsNameResolver$Resolve.resolveInternal(DnsNameResolver.java:256) ~[grpc-core-1.23.0.jar:1.23.0] at io.grpc.internal.DnsNameResolver$Resolve.run(DnsNameResolver.java:213) ~[grpc-core-1.23.0.jar:1.23.0] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[?:1.8.0_181] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[?:1.8.0_181] ... 1 more 2019-12-20 11:25:43.732 [grpc-default-executor-0] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 421, channel: mychannel, peerName: peer1.org2.example.com:10051, url: grpcs://peer1.org2.example.com:10051}, attempts 101.
2019-12-20 11:25:43.877 [grpc-default-executor-0] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 422, channel: mychannel, peerName: peer0.org1.example.com:7051, url: grpcs://peer0.org1.example.com:7051}, attempts 101. UNAVAILABLE: Unable to resolve host peer0.org1.example.com 2019-12-20 11:25:43.881 [grpc-default-executor-0] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 423, channel: mychannel, peerName: peer0.org2.example.com:9051, url: grpcs://peer0.org2.example.com:9051}, attempts 101. UNAVAILABLE: Unable to resolve host peer0.org2.example.com 2019-12-20 11:25:43.890 [grpc-default-executor-0] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 424, channel: mychannel, peerName: peer1.org1.example.com:8051, url: grpcs://peer1.org1.example.com:8051}, attempts 101. UNAVAILABLE: Unable to resolve host peer1.org1.example.com 2019-12-20 11:26:09.333 [grpc-default-executor-1] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 621, channel: mychannel, peerName: peer1.org2.example.com:10051, url: grpcs://peer1.org2.example.com:10051}, attempts 151. UNAVAILABLE: Unable to resolve host peer1.org2.example.com 2019-12-20 11:26:09.561 [grpc-default-executor-1] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 622, channel: mychannel, peerName: peer1.org1.example.com:8051, url: grpcs://peer1.org1.example.com:8051}, attempts 151. UNAVAILABLE: Unable to resolve host peer1.org1.example.com 2019-12-20 11:26:09.604 [grpc-default-executor-1] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 623, channel: mychannel, peerName: peer0.org1.example.com:7051, url: grpcs://peer0.org1.example.com:7051}, attempts 151. UNAVAILABLE: Unable to resolve host peer0.org1.example.com 2019-12-20 11:26:09.627 [grpc-default-executor-1] WARN PeerEventServiceClient(:) - Received error on PeerEventServiceClient{id: 624, channel: mychannel, peerName: peer0.org2.example.com:9051, url: grpcs://peer0.org2.example.com:9051}, attempts 151. UNAVAILABLE: Unable to resolve host peer0.org2.example.com

ecsoya commented 4 years ago

可能的问题有:

  1. 创建Fabric网络的时候,组织的名称是什么?_Org1,Org2_还是org1,org2,注意大小写。
  2. 创建connection-x.yml文件时,组织的名称是否正确?
  3. 检查一下connection-x.yml文件中的peer节点的名称,注意组织名的大小写。
  4. 检查一下connection-x.yml中关于peers节点的配置: 
    peer0.Org1.example.com:
  url: grpcs://127.0.0.1:7051
  grpcOptions:
     ssl-target-name-override: peer0.Org1.example.com
     grpc.http2.keepalive_time: 15
     request-timeout: 120001
     hostnameOverride: peer0.Org1.example.com
  tlsCACerts:
     pem: |
        -----BEGIN CERTIFICATE-----
        x
        -----END CERTIFICATE-----

    注意: I. peer的名称:peer0.Org1.example.com II. url指定本机或远程的ip地址,在docker中就能查看到具体的ip地址和端口号。 III. hostnameOverride: peer0.Org1.example.com,将url地址和域名进行绑定,这点很重要(因为证书只能颁发给域名,而实际的调用则一般用ip+端口)

dwusiq commented 4 years ago

不好意思啊,上周忙其他项目了,这周有时间又把这事重启了。 从代码断点上看,类似grpcs://peer1.org1.example.com:8051这样的访问路径,是从fabric节点服务器返回的。请问,有没有什么办法可以让服务器返回的访问路径是ip形式的呢,比如:grpcs://10.0.0.1:8051

dwusiq commented 4 years ago

下面是我的配置文件connection-org1.yaml:

name: first-network-org1 version: 1.0.0 client: organization: Org1 connection: timeout: peer: endorser: '300' organizations: Org1: mspid: Org1MSP peers:

peers: peer0.org1.example.com: url: grpcs://10.0.0.1:7051 tlsCACerts: pem: | -----BEGIN CERTIFICATE----- MIICVzCCAf2gAwIBAgIQMzpXxnG26UEf0BpvjPNItDAKBggqhkjOPQQDAjB2MQsw CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy YW5jaXNjbzEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEfMB0GA1UEAxMWdGxz Y2Eub3JnMS5leGFtcGxlLmNvbTAeFw0xOTEyMTkxMzQyMDBaFw0yOTEyMTYxMzQy MDBaMHYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH Ew1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMR8wHQYD VQQDExZ0bHNjYS5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D AQcDQgAE6YDVD/LIPky7+OqDdkYcoamKcCRPrDiCUflDc+SzsnDunbEuTOC+s6JE 6sOKjQmMEmqGhwBvEnPexKmUKYoQWaNtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1Ud JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1Ud DgQiBCDpJnJceq7KSnZKaTt7qxOgF0rjUktXQGU06qr1hXYWjDAKBggqhkjOPQQD AgNIADBFAiEA/lB1+j5l52vg+QIBYmhHl6kN5U46d14NUAfSdlY2i1gCIDYXIiHC vwe2X7vzFa+Bs2J6AKj8HY+Hw1Y5H8CmftU9 -----END CERTIFICATE-----

grpcOptions:
  ssl-target-name-override: peer0.org1.example.com
  hostnameOverride: peer0.org1.example.com

peer1.org1.example.com: url: grpcs://10.0.0.1:8051 tlsCACerts: pem: | -----BEGIN CERTIFICATE----- MIICVzCCAf2gAwIBAgIQMzpXxnG26UEf0BpvjPNItDAKBggqhkjOPQQDAjB2MQsw CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy YW5jaXNjbzEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEfMB0GA1UEAxMWdGxz Y2Eub3JnMS5leGFtcGxlLmNvbTAeFw0xOTEyMTkxMzQyMDBaFw0yOTEyMTYxMzQy MDBaMHYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH Ew1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMR8wHQYD VQQDExZ0bHNjYS5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D AQcDQgAE6YDVD/LIPky7+OqDdkYcoamKcCRPrDiCUflDc+SzsnDunbEuTOC+s6JE 6sOKjQmMEmqGhwBvEnPexKmUKYoQWaNtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1Ud JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1Ud DgQiBCDpJnJceq7KSnZKaTt7qxOgF0rjUktXQGU06qr1hXYWjDAKBggqhkjOPQQD AgNIADBFAiEA/lB1+j5l52vg+QIBYmhHl6kN5U46d14NUAfSdlY2i1gCIDYXIiHC vwe2X7vzFa+Bs2J6AKj8HY+Hw1Y5H8CmftU9 -----END CERTIFICATE-----

grpcOptions:
  ssl-target-name-override: peer1.org1.example.com
  hostnameOverride: peer1.org1.example.com

certificateAuthorities: ca.org1.example.com: url: https://10.0.0.1:7054 caName: ca-org1 tlsCACerts: pem: | -----BEGIN CERTIFICATE----- MIICUDCCAfegAwIBAgIQNqcH9C9wq/hZSnMHnTw/jTAKBggqhkjOPQQDAjBzMQsw CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy YW5jaXNjbzEZMBcGA1UEChMQb3JnMS5leGFtcGxlLmNvbTEcMBoGA1UEAxMTY2Eu b3JnMS5leGFtcGxlLmNvbTAeFw0xOTEyMTkxMzQyMDBaFw0yOTEyMTYxMzQyMDBa MHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T YW4gRnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMRwwGgYDVQQD ExNjYS5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE YxpUj6KTN4kY6NPmpB98GsYIcBxpHUEUBR4aNg+o6oHDC7pyrkVa5ROPQb9wzk1q /msczpP8AftnqvVLXMP556NtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdDgQiBCC9 cfk7gwLHbXC0ZupZPIWcD9X5k4AgPH9xrYfv/6KOgjAKBggqhkjOPQQDAgNHADBE AiAN6TzTX2dDI16PcHrzviHLhZoZjHZsomqZrBB9h8uQjAIgJIJupBvdThaKdWPG u0kiUwZ7Dg7ZTSiJOH6W5U0UmQE= -----END CERTIFICATE-----

httpOptions:
  verify: false
ecsoya commented 4 years ago

1- 由于所有的证书都是颁发给带域名的url的,而我们通常会使用IP来访问,所以必须要配置hostnameOverride属性指定到相关的url。

详细说明可参考文档:https://ecsoya.github.io/fabric/pages/network.html

Theskiteflyingfordream commented 1 year ago

想问下解决了吗,我也是这个问题,感觉是"服务发现"相关的,但是找不到解决办法