Releases: hyperledger/fabric
v2.4.0
v2.4.0 Release Notes - November 29, 2021
New features
Fabric Gateway
Fabric Gateway is a new service running on peer nodes that manages transaction submission and processing for client applications, with the following benefits:
- Simplifies client applications and SDKs - Your client application can simply delegate transaction submission to a trusted peer. There is no need for your application to open connections to peer nodes and ordering service nodes from other organizations.
- Fabric Gateway manages collection of transaction endorsements from other organizations and submission to ordering service on behalf of client applications.
- Fabric Gateway has intelligence to determine what endorsements are required for a given transaction, even if your solution utilizes a combination of chaincode-level endorsement policies, private data collection endorsement policies, and state-based endorsement policies.
New lightweight Gateway SDKs (v1.0.0) are available for Node, Java, and Go. The SDKs support flexible application patterns:
- You can utilize the high level programming model similar to prior SDK versions, allowing your application to simply call a single SubmitTransaction() function.
- More advanced applications can leverage the gateway's individual Endorse, Submit, and CommitStatus services for transaction submission, and the Evaluate service for queries.
- You can delegate transaction endorsement entirely to the gateway, or if needed, specify the endorsing organizations and the gateway will utilize a peer from each organization.
For more information, see the Fabric Gateway documentation topic.
Unjoin a channel from a peer
The new command peer node unjoin
enables an administrator to remove (unjoin) a channel from a peer.
The peer must be stopped when the command is executed so that channel artifacts can be cleaned up.
The channel's blockchain, state database, and associated entries will be removed from the peer.
When the peer is restarted it will no longer receive blocks for the channel.
For more information, see the peer node command reference.
Calculate package ID of a packaged chaincode
You can calculate the package ID from a packaged chaincode without installing the chaincode on peers using the new peer lifecycle chaincode calculatepackageid
command.
This command will be useful, for example, in the following cases:
- When multiple chaincode packages with the same label name are installed, it is possible to identify which ID corresponds to which package later.
- To check whether a particular chaincode package is installed or not without installing that package.
For more information, see the peer lifecycle command reference.
Improvements
peer and orderer - Implement legacy name constraints verification for Go 1.15 and above
These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 and above due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.
peer and orderer - Default log record format improvements
Expanded the width of the log record sequence number to a minimum of four characters,
moved the log sequence number and log level to the left,
and added bold formatting to the function name.
These changes keep the fixed-width columns together at the left
and add a visual break between the logging module name and log message text.
peer - New configuration option to disable gossip block forwarding
If all peers in an organization explicitly set "peer.deliveryclient.blockGossipEnabled" to false,
no peer in the organization gossips blocks to any other peer in that organization.
Use this setting when all peers pull blocks from ordering service. For more
information see deprecation announcement below: FAB-15317: Block dissemination via gossip is deprecated.
orderer - Return transaction forwarding result back to the client synchronously
With this improvement a Raft follower waits for the transaction to be forwarded to the Raft leader,
and returns the result (success or failure) back to the client accordingly.
Prior to this improvement, the Raft follower returned success after enqueueing it into the message queue,
which might have resulted in the transaction being dropped but a success being returned to the client.
Application clients should still monitor transaction commit events, since the Raft leader is not guaranteed
to deliver the transaction into a block in exception scenarios, but this improvement avoids
transactions from being dropped when there are connection issues between a Raft follower and Raft leader.
peer - Ability to override core.yaml chaincode.externalBuilders via environment variable
Since chaincode.externalBuilders is an array, it previously was not possible to set via environment variable override.
It is now possible to override chaincode.externalBuilders using an environment variable
using the format CORE_CHAINCODE_EXTERNALBUILDERS=[{name: x, path: dir1}, {name: y, path: dir2}]
.
peer and orderer - Make gRPC maximum message size configurable
This improvement makes gRPC maximum message size configurable in peer and orderer.
Previously the maximum message size was hardcoded to 100 megabytes.
Since all nodes should be consistent it is recommended to keep
the default value of 100 megabytes for MaxRecvMsgSize & MaxSendMsgSize.
The value can be configured if needed however.
Configure in peer core.yaml with peer.maxRecvMsgSize
and peer.maxSendMsgSize
.
Configure in orderer orderer.yaml with General.MaxRecvMsgSize
and General.MaxSendMsgSize
.
Fixes
All fixes as of v2.3.3 are included in v2.4.0. Additionally, the following fix is made in v2.4.0.
orderer - Fix bug when an orderer crashes at channel creation
This fix handles a scenario where an ordering service node crashes during channel creation.
Previously the ordering service node would attempt to re-create the channel upon next startup,
resulting in a panic with the following error:
"Error creating chain support: error creating consenter for channel: failed to restore persisted raft data: failed to create or read WAL: failed to open WAL: fileutil: file already locked".
Dependencies
Fabric v2.4.0 has been tested with the following dependencies:
- Go 1.16.7
- CouchDB v3.1.1
Fabric docker images on dockerhub utilize Alpine 3.14.
Deprecations (new)
Ordering service system channel is deprecated
v2.3 introduced the ability to manage an ordering service without a system channel.
Managing an ordering service without a system channel has privacy, scalability,
and operational benefits. The use of a system channel is deprecated and may be removed in a future release.
For information about removal of the system channel, see the Create a channel without system channel documentation.
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certific...
v2.3.3
v2.3.3 Release Notes - September 8, 2021
Improvements
peer - New configuration option to disable gossip block forwarding
If all peers in an organization explicitly set peer.deliveryclient.blockGossipEnabled
to false,
no peer in the organization gossips blocks to any other peer in that organization.
Use this setting when all peers pull blocks from ordering service. For more
information see deprecation announcement below: FAB-15317: Block dissemination via gossip is deprecated.
orderer - [FAB-18484] Return transaction forwarding result back to the client synchronously
With this improvement a Raft follower waits for the transaction to be forwarded to the Raft leader,
and returns the result (success or failure) back to the client accordingly.
Prior to this improvement, the Raft follower returned success after enqueueing it into the message queue,
which might have resulted in the transaction being dropped but a success being returned to the client.
Application clients should still monitor transaction commit events, since the Raft leader is not guaranteed
to deliver the transaction into a block in exception scenarios, but this improvement avoids
transactions from being dropped when there are connection issues between a Raft follower and Raft leader.
peer and orderer - Make gRPC maximum message size configurable
This improvement makes gRPC maximum message size configurable in peer and orderer.
Previously the maximum message size was hardcoded to 100 megabytes.
Since all nodes should be consistent it is recommended to keep
the default value of 100 megabytes for MaxRecvMsgSize & MaxSendMsgSize.
The value can be configured if needed however.
Configure in peer core.yaml with peer.maxRecvMsgSize
and peer.maxSendMsgSize
.
Configure in orderer orderer.yaml with General.MaxRecvMsgSize
and General.MaxSendMsgSize
.
Fixes
orderer - [FAB-18521] Consenters' metadata is not replicated while OSN catches up with snapshot
If an ordering service node crashes while replicating blocks from another ordering service,
the consenters metadata will not be available and the ordering service node will not be
able to reconnect to the consenter set upon restart. This fix ensures that an ordering
service node that is replicating blocks persists the consenters metadata so that it
can reconnect to the consenter set.
Dependencies
Fabric v2.3.3 has been tested with the following dependencies:
- Go 1.16.7
- CouchDB v3.1.1
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
peer.deliveryclient.blockGossipEnabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
- 9955302 Release commit for v2.3.3 (#2903)
- b5eb7f0 Fixed a typo in private_data_tutorial
- 5be686f Update Go to v1.16.7 and alpine to 3.14 (release-2.3) (#2874)
- 0ebd9cf platform/golang: loosen assertion for Go 1.16.2 (#2480)
- c5c1acc deps: bump testify (release-2.3) (#2885) [ #2336 ]
- cf3470b Update x509.CertPool equality checks (#2879)
- 67d3523 Clean up Go modules (#2875)
- 758735b Stop spamming for wait channel acquirement in orderer integration test
- 497d3ab Options for GRPC message size configurable
- cc88dfa Change name of comm msg size default consts
See More
- 8956c06 Refactor max message sizes in comm client config
- befdaee FAB18529 added nil check in channel header parsing
- c1b298d Fix small doc errors (#2816)
- 9815a7a Update private data docs - remove SDK reference (#2770)
- 1294920 Additional documentation for implicit private data collections
- b7463be [FAB-18521] Replicate block metadata with block while OSN catching up (#2762)
- 90673b7 Added a possibility to override chaincode.externalBuilders via env variable (#2643)
- 43ef319 [FAB-18509] Stop panic of collection index path is wrong (#2726) (#2745)
- 6727a63 Updated enrollUser function in write_first_app Doc (#2713)
- f0f16f4 Update docs to clarify that an implicit collection can not have an index
- 98b6523 docker network net_test -> fabric_test
- 56e2f83 Fixed grammatical errors
- ca1cf22 [Doc-Update] + What is a commercial paper section
- 5c5b7a5 Fix a typo in CouchDB tutorial
- f424e95 Fix typo
- c74cbb4 Fix peerchaincode.md as well
- a089501 Add explanation of
--ctor
JSON string - f20421a Clarify orderers seeing the transaction data
- 3f743a9 Mandate TLS 1.2 or higher in fabhttp package
- f7eefee Clarify "identity expired" error messages (#2685) (#2686)
- f91d82f Fix spelling mistakes in the Github Contributions page
- ef9b3f1 [FAB-18484] Return transaction forwarding result back to the client synchronously
- 981a4e8 Link fixes detailed in FAB-18494
- a07a105 Update ordererplan.md
- 6eccd4...
v2.2.4
v2.2.4 Release Notes - September 8, 2021
Improvements
peer - New configuration option to disable gossip block forwarding
If all peers in an organization explicitly set peer.deliveryclient.blockGossipEnabled
to false,
no peer in the organization gossips blocks to any other peer in that organization.
Use this setting when all peers pull blocks from ordering service. For more
information see deprecation announcement below: FAB-15317: Block dissemination via gossip is deprecated.
orderer - [FAB-18484] Return transaction forwarding result back to the client synchronously
With this improvement a Raft follower waits for the transaction to be forwarded to the Raft leader,
and returns the result (success or failure) back to the client accordingly.
Prior to this improvement, the Raft follower returned success after enqueueing it into the message queue,
which might have resulted in the transaction being dropped but a success being returned to the client.
Application clients should still monitor transaction commit events, since the Raft leader is not guaranteed
to deliver the transaction into a block in exception scenarios, but this improvement avoids
transactions from being dropped when there are connection issues between a Raft follower and Raft leader.
peer and orderer - Make gRPC maximum message size configurable
This improvement makes gRPC maximum message size configurable in peer and orderer.
Previously the maximum message size was hardcoded to 100 megabytes.
Since all nodes should be consistent it is recommended to keep
the default value of 100 megabytes for MaxRecvMsgSize & MaxSendMsgSize.
The value can be configured if needed however.
Configure in peer core.yaml with peer.maxRecvMsgSize
and peer.maxSendMsgSize
.
Configure in orderer orderer.yaml with General.MaxRecvMsgSize
and General.MaxSendMsgSize
.
Dependencies
Fabric v2.2.4 has been tested with the following dependencies:
- Go 1.16.7
- CouchDB v3.1.1
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
peer.deliveryclient.blockGossipEnabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
- 263ca9e Release commit for v2.2.4 (#2901)
- 029e6ed Fixed a typo in private_data_tutorial
- 1eedcff Update Go to v1.16.7 and alpine to 3.14 (release-2.2)
- 851f838 Fix process termination waits in health tests (#2889)
- e6a6a61 platform/golang: loosen assertion for Go 1.16.2 (release-2.2)
- ba2a9f1 deps: bump testify (release-2.2) (#2886) [ #2336 ]
- 50064c8 Update x509.CertPool equality checks (#2880)
- f441ba2 Change name of test network docker network in 2.2
- 859c7d5 Clean up Go modules (release-2.2) (#2876)
- 07ac9f5 Stop spamming for wait channel acquirement in orderer integration test
See More
- b076bd7 Options for GRPC message size configurable
- c91b546 Change name of comm msg size default consts
- da9e1bd Refactor max message sizes in comm client config
- fbf7b93 FAB18529 added nil check in channel header parsing
- 9a6b351 Additional documentation for implicit private data collections
- 8fd2ad8 [FAB-18509] Stop panic of collection index path is wrong (#2726) (#2744)
- 62c68d1 Updated enrollUser function in write_first_app Doc (#2713)
- a0dcb5c Update docs to clarify that an implicit collection can not have an index
- 2f7fd17 Fixed grammatical errors
- f36fe03 [Doc-Update] + What is a commercial paper section
- 8b1d355 Fix a typo in CouchDB tutorial
- 4c77749 Fix typo
- f3f170f Fix peerchaincode.md as well
- 30a0931 Add explanation of
--ctor
JSON string - b926247 Clarify orderers seeing the transaction data
- f4feedb Cherry pick deploy CC fixes into release-2.2
- 68bc522 Clarify "identity expired" error messages (#2685) (#2688)
- 3a69034 Fix spelling mistakes in the Github Contributions page
- ccecf10 [FAB-18484] Return transaction forwarding result back to the client synchronously
- 7e61944 [FAB-18487] Update broken link in 2.2 branch
- 186d9bf Typo fix in peer deployment guide in main (#2660)
- 31e41ce Update private_data_tutorial.rst
- 4cb453e Fix jq commands in create channel tutorial (#2662)
- 8851da3 Back port 2023 - skip empty ledge and 2635 - RetrieveBlockByNumber (#2648) [ #2023, #2635 ]
- cc50451 Clarify doc for readset validations (#2647) (#2655)
- 3548215 Update secured_private_asset_transfer_tutorial.md
- 56b3689 [FAB-18479] Log error if orderer can't forward SubmitRequest to Raft leader
- dd7e921 fix duplicate entry in code snippet
- 7871c26 Optionally disable gossip block forwarding (...
v2.4.0-beta
v2.4.0-beta Release Notes - August 12, 2021
New features
[FABGW-1] Fabric Gateway
The Hyperledger Fabric v2.4.0 Beta contains the new Fabric Gateway feature.
The Fabric Gateway is a new component that will implement much of the high-level 'gateway' programming model in the Fabric peer,
enabling the removal of much of the transaction submission and query logic from client applications, and shifting it to a common gateway component running within the Fabric peer.
The various client SDKs can therefore be slimmer, more consistent, and require less maintenance.
The Fabric Gateway will also simplify the administrative overhead of running a Fabric network because client applications
will be able to connect and submit transactions via a single network port rather than the current situation where ports
have to be opened from a client application to multiple peers across potentially multiple organizations.
The Fabric Gateway is delivered along with slim SDKs in the https://github.com/hyperledger/fabric-gateway repository.
Check out the client application samples.
[FAB-11334] Unjoin a channel from a peer
The new command peer node unjoin
enables an administrator to remove (unjoin) a channel from a peer.
The peer must be stopped when the command is executed so that channel artifacts can be cleaned up.
The channel's blockchain, state database, and associated entries will be removed from the peer.
When the peer is restarted it will no longer receive blocks for the channel.
Improvements
peer and orderer - Implement legacy name constraints verification for Go 1.15
These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.
peer and orderer - Default log record format improvements
Expanded the width of the log record sequence number to a minimum of four characters,
moved the log sequence number and log level to the left,
and added bold formatting to the function name.
These changes keep the fixed-width columns together at the left
and add a visual break between the logging module name and log message text.
peer - New configuration option to disable gossip block forwarding
If all peers in an organization explicitly set "peer.deliveryclient.blockGossipEnabled" to false,
no peer in the organization gossips blocks to any other peer in that organization.
Use this setting when all peers pull blocks from ordering service. For more
information see deprecation announcement below: FAB-15317: Block dissemination via gossip is deprecated.
orderer - [FAB-18484] Return transaction forwarding result back to the client synchronously
With this improvement a Raft follower waits for the transaction to be forwarded to the Raft leader,
and returns the result (success or failure) back to the client accordingly.
Prior to this improvement, the Raft follower returned success after enqueueing it into the message queue,
which might have resulted in the transaction being dropped but a success being returned to the client.
Application clients should still monitor transaction commit events, since the Raft leader is not guaranteed
to deliver the transaction into a block in exception scenarios, but this improvement avoids
transactions from being dropped when there are connection issues between a Raft follower and Raft leader.
peer - Ability to override core.yaml chaincode.externalBuilders via environment variable
Since chaincode.externalBuilders is an array, it previously was not possible to set via environment variable override.
It is now possible to override chaincode.externalBuilders using an environment variable
using the format CORE_CHAINCODE_EXTERNALBUILDERS=[{name: x, path: dir1}, {name: y, path: dir2}]
.
Fixes
All fixes as of v2.3.2 are included in v2.4.0-beta. Additionally, the following fixes are made in v2.4.0-beta.
orderer - [FAB-18521] Consenters' metadata is not replicated while OSN catches up with snapshot
If an ordering service node crashes while replicating blocks from another ordering service,
the consenters metadata will not be available and the ordering service node will not be
able to reconnect to the consenter set upon restart. This fix ensures that an ordering
service node that is replicating blocks persists the consenters metadata so that it
can reconnect to the consenter set.
Dependencies
Fabric v2.4.0-alpha has been tested with the following dependencies:
- Go 1.15.7
- CouchDB v3.1.1
- Alpine images 3.13
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node and not gossip blocks by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
peer.deliveryclient.blockGossipEnabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
v2.3.2
v2.3.2 Release Notes - April 23, 2021
Improvements
peer and orderer - Implement legacy name constraints verification for Go 1.15
These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.
Fixes
FAB-18427: orderer - Report correct reason of stream abort in orderer cluster
This commit fixes a bug that makes the cluster communication infrastructure
always report an "aborted" reason after a stream terminates.
FAB-18424: peer - Ledger snapshot request submission with special value "blockNumber 0"
If a ledger snapshot request is submitted with the special value "blockNumber 0", peer is expected to translate the request to last committed block.
This patch fixes the issue where, it may happen sometimes that the request is translated to block number 1 instead of last committed block.
This leads to the situation where no snapshot gets generated, including any future snapshot requests.
If you have ever used this special value, we encourage you to check the list of pending snapshots requests with peer snapshot listpending
.
If you notice one or more pending requests that are for the the block numbers lower than the latest committed block, cancel such requests with peer snapshot cancelrequest
to enable the further snapshot requests to be processed.
FAB-18304: peer and orderer - Fix leveldb manifest corruption
This fix updates the version of goleveldb. The prior version of goleveldb had a bug which
could cause manifest corruption in crash scenarios, especially in disk full crash scenarios.
With a corrupted goleveldb database, the peer or orderer would fail to start with error
"panic: Error opening leveldb: leveldb: manifest corrupted".
Dependencies
Fabric v2.3.2 has been tested with the following dependencies:
- Go 1.15.7
- CouchDB v3.1.1
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
- 0022e8f v2.3.2 release commit
- 248a220 Improve snapshot dir error message (#2530)
- 25f6612 Document ledger.snapshots.rootDir
- ce16177 Cherry pick removing duplicate word (#2524)
- 5de1d02 Add Security Model topic to docs
- 13ef1e1 Fix link in
international_languages.md
- b2c8d23 Fix old or incorrect contents in the doc build instruction
- f246243 integration: PKCS#11 SKI to CKA_ID mapping test
- 871d325 pkcs11: Add SKI to CKA_ID mapping for BCCSP [ #11 ]
- 0fb8e5a This commit upgrades goleveldb. This upgraded version includes a fix for [ #2463 ]
See More
- 70c1d11 Fix images in network concept and upload new diagrams power point
- 2e9e732 Prepare for next release v2.3.2
- fd84e78 Fix bug in snapshot request submission
- 90db11d Report correct reason of stream abort in orderer cluster
- 1524fc9 Log stream total lifetime
- 8543389 corrected organization labels
- c61883e corrected Org1 text in Org2 box to Org2
- b156d91 Update build to use Go 1.15
- c4d4f79 Implement legacy name constraints verification
- a873a87 Add test to assert on name constraint behavior
- 230aa0e deps: bump github.com/pkg/errors
- 15e3f94 Re-encode ECDSA CRL signature during MSP setup
- 4e91e45 Add test to exercise signature validation change
- 8fb1a81 Adjust etcdraft error assertions for go 1.15
- 47b0bb6 Replace test cert fixtures with generated certs
- ce2cf21 Set SKI, support multi hosts, add Signer to CA
- 932e077 Fix typos in a "Developing Applications" doc
- d19dd32 Update documentation to include Go SDK
- df59561 Fix broken link in orderer deployment guide
- b2d6db6 Test network works with Docker Desktop version 2.5.0.1
- 1562d7e Update AZP Service Connection Name
- 7ad69c7 Add Create a channel tutorial without a system channel and using test network
- 2f69b42 Release commit for v2.3.1
- 17b7e4f Add peer log message for failure to invoke chaincode (#2339)
- fc63fcd Test network does not work with latest Docker
- 8dc9930 Minor updates related to documentation for commands and more osnadmin updates (release-2.3) (#2322)
- c29420c Rename --channel-id to --channelID in osadmin
- 410ba71...
v2.2.3
v2.2.3 Release Notes - April 23, 2021
Improvements
peer and orderer - Implement legacy name constraints verification for Go 1.15
These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.
Fixes
FAB-18427: orderer - Report correct reason of stream abort in orderer cluster
This commit fixes a bug that makes the cluster communication infrastructure
always report an "aborted" reason after a stream terminates.
FAB-18304: peer and orderer - Fix leveldb manifest corruption
This fix updates the version of goleveldb. The prior version of goleveldb had a bug which
could cause manifest corruption in crash scenarios, especially in disk full crash scenarios.
With a corrupted goleveldb database, the peer or orderer would fail to start with error
"panic: Error opening leveldb: leveldb: manifest corrupted".
Dependencies
Fabric v2.2.3 has been tested with the following dependencies:
- Go 1.15.7
- CouchDB v3.1.1
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
- 94ace65 v2.2.3 release commit
- d272122 Cherry pick removing duplicate word (#2523)
- 222fbc8 Add Security Model topic to docs
- 8116872 Fix link in
international_languages.md
- 496c5f5 integration: PKCS#11 SKI to CKA_ID mapping test
- d2d031e pkcs11: Add SKI to CKA_ID mapping for BCCSP [ #11 ]
- 7214be7 Prevent race that occurs after test timeout
- 6adcbce integration: backport chaincode_server_test
- 8843223 Back-fill tests for externalbuilder.Duration
- 796f760 This commit upgrades goleveldb. This upgraded version includes a fix for [ #2463 ]
See More
- fae13c3 Report correct reason of stream abort in orderer cluster
- 2b2e154 Log stream total lifetime
- 100a7e7 corrected organization labels
- 6320aed corrected Org1 text in Org2 box to Org2
- 8d0645b Update build to use Go 1.15
- 6cb530b Change string cast of int value to rune cast
- d539244 Directives are in comment text instead of groups
- a1b4d2d Implement legacy name constraints verification
- 4321503 Add test to assert on name constraint behavior
- 880914c Re-encode ECDSA CRL signature during MSP setup
- 8883d71 Add test to exercise signature validation change
- cb3c87b deps: bump github.com/pkg/errors
- f635afd Adjust etcdraft error assertions for go 1.15
- 5f19a00 Replace test cert fixtures with generated certs
- aa7ad4f Set SKI, support multi hosts, add Signer to CA
- 684e255 Fix typos in a "Developing Applications" doc
- 358cba7 Update AZP Service Connection Name
- 913d2ab Prepare for next release v2.2.3 (#2347)
- eb2b1ea Add peer log message for failure to invoke chaincode (#2339)
- 0583c22 Add test newtork download instructions to create a channel tutorial
- bebb75f v2.2.2 release commit
- a80c772 Add release notes for v2.2.2 (#2232)
- 1de0825 Fix the issue of Nil/Zero-length-byte-array value (#2310)
- e5ecdef Remove system channel from Test Network tutorial
- c25eb86 [FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678)
- a861c00 cherry pick test network doc chaincode deployment fix
- 10c7839 Remove unreachable and unnecessary code in gossip membership (#2295)
- 6805515 Orderer deployment tutorial update
- fba5d90 [doc] fix broken link
- 48bad48 [FAB-18170] Endorsement policy page discusses NodeSDK
- ee8fcfc [FAB-18392] Clarify scope and limitations of test network
- 90326b8 [FAB-18252] Documentation should reference Java chaincode support
- 813be7f Remove anchor peers from configtx.yaml tutorial (#2257)
- 11526cf Cherry pick org3 edits to release-2.2 branch (#2256)
- 5953056 Split command in "add an org to network" tutorial
- 91d9621 Add more details to logging specification examples
- 7b1dbf1 Update ...
v1.4.12
v1.4.12 Release Notes - April 23, 2021
Fixes
FAB-18304: peer and orderer - Fix leveldb manifest corruption
This fix updates the version of goleveldb. The prior version of goleveldb had a bug which
could cause manifest corruption in crash scenarios, especially in disk full crash scenarios.
With a corrupted goleveldb database, the peer or orderer would fail to start with error
"panic: Error opening leveldb: leveldb: manifest corrupted".
Dependencies
Fabric v1.4.12 has been tested with the following dependencies:
- Go 1.14.12
- Fabric baseimage 0.4.22
- CouchDB v2.3.1
Changes, Known Issues, and Workarounds
FAB-12134: Same chaincode source receiving fingerprint mismatch error -
Chaincode installed in different ways may result in "chaincode fingerprint
mismatch data mismatch" error upon instantiation. This may happen when
installing chaincode by using different SDKs. To workaround the problem,
package the chaincode prior to installation and instantiation, by using
the "peer chaincode package" command.
Known Vulnerabilities
FAB-8664: Peer should detect and react when its org has been removed
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in a future release.
Resolved Vulnerabilities
None.
Deprecations (existing)
The following functions are deprecated and are targeted for removal in a future release.
Support for automatically vendoring the chaincode shim into user chaincodes
The fabric-ccenv image which is used to build chaincode, currently includes
the github.com/hyperledger/fabric/core/chaincode/shim ("shim") package.
This is convenient, as it provides the ability to package chaincode
without the need to include the "shim". However, this may cause issues in future
releases (and/or when trying to use packages which are included by the "shim").
In order to avoid any issues, users are advised to manually vendor the "shim"
package with their chaincode prior to using the peer CLI for packaging and/or
for installing chaincode.
Support removed in v2.0. For more details see FAB-5177.
Support for CAR chaincode package format
Support for packaging chaincode using the CAR format will be removed in
a future release.
Support removed in v2.0. For more details see FAB-14720.
Support for invoking system chaincodes from user chaincodes.
System chaincodes, for example QSCC, are intended to be invoked by
a client rather than by a user chaincode. Invoking from a user chaincode
may cause deadlocks.
Support removed in v2.0. For more details see FAB-15285.
Support for user chaincodes to utilize the chaincode shim's logger via NewLogger()
Chaincodes that used the shim's NewLogger() will need to shift to their own preferred
logging mechanism.
Support removed in v2.0. For more details see FAB-15366.
Support for peer's Admin service
The peer's Admin service exposes APIs such as GetLogSpec() and SetLogSpec().
Instead of using these services, utilize the HTTP operations service that was
introduced in v1.4.0.
Support removed in v2.0. For more details see FAB-15390.
Support for specifying orderer endpoints at the global level in channel configuration.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of
an organization instead.
For more details see FAB-7559.
The 'Solo' consensus type is deprecated.
With the introduction of Raft-based ordering service in v1.4.1, it is possible
to deploy a single-node (non-production) or multi-node
Raft-based ordering service with no external dependencies.
For single-node (non-production) ordering services, utilize Raft-based ordering
service with a single node instead of Solo ordering service.
For more details see FAB-15754.
The 'Kafka' consensus type is deprecated
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
fabric-couchdb docker image no longer updated, maintained, or published
The fabric-couchdb docker image will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
Change log
For the full list of changes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/release-1.4/CHANGELOG.md#v1412
Changes:
- 56c2b12 v1.4.12 release commit
- d276ee1 pkcs11: backport integration test to release-1.4
- c810dca This commit upgrades goleveldb. This upgraded version includes a fix for [ #2463 ]
- 16123fe Update Docker Publish Script
- 77facb4 Release v1.4.11 commit
- b6822cb Report correct reason of stream abort in orderer cluster
- 4db2091 Log stream total lifetime
- a7f2b15 deps: overrides to use go1.14 branches
- 999051d Remvoe mockery from standard gotool targets
- f15b2b4 Prepare for next release v1.4.11
See More
- 59d406a Update AZP Service Connection Name
- e3d4a0a Update image filter used by integration tests
- a7e659d Pin npm to latest-6 for compatibility with node 8
- 7d1ee82 v1.4.10 release commit
- adfdd61 Add v1.4.10 release notes
- 3813607 Fix the issue of Nil/Zero-length-byte-array value (#2312)
- e95a134 Remove unreachable and unnecessary code in gossip membership (#2296)
- 51a3a52 [FAB-17039] CherryPick: Skip retrieving pvtdata from transient store when txid is missing (bp #2183) (#2203)
- 746b7e9 [FAB-18323] CherryPick: remove ephemeral from BCCSP SW options (#1553)
- 25d99ba Update endorsementpolicies.md
- 7004000 Bump Go to 1.14.12
- 2dbf8d6 Bump version of golang.org/x/tools
- e876e64 [FAB-13370] increase go env timeout from 10s to 1m
- 1d7b876 Increase Eventually Timeout
- a25b63f Prepare for go 1.14 (#755)
- b5a12de Log TLS hanshake duration
- 56d7b84 Deduplicate orderer server TLS root CAs (#2030)
- cf344b5 FAB-18244 single node catches up with snapshot (#2022)
- 83c833c [FAB-18270] Disable debug of CouchDB response body
- 75f9fe7 [FAB-18265] Always Use DummyKeystore For PKCS11 BCCSP Provider
- a40f9d2 Allow tick interval override via orderer.yaml
- db1abf6 Always Finalize the PKCS11 FindObject Operation (#1978)
- df50dea Update devmode doc to note TLS must be disabled (release-1.4)
- 4af8308 Prepare for next release v1.4.10
- da55272 Release commit for v1.4.9
- 5146a9f Remove No Longer Relevant Release Note
- 4924294 Update release notes with FAB-18250
- 56a81f7 [FAB-18250] Check Error Before Returning Session to Pool (#1938)
- 17e171b Remove escc and vscc from list of system chaincodes
- 2d63281 Remove GetSessionInfo Call
- 4f1e340 Add release notes for v1.4.9
- 40abeec [FAB-18237] always update stateInfo message upon chaincode update (#1915)
- 693cae5 Clarify tlsHandshakeTimeShift CLI help text (#1895)
- d9a8bc9 Peer CLI communicate with orderers with expired TLS certs
- 51ffd55 Add extra queryexecutor nil checks
- 95e4cfd [FAB-18208] Do not sign gossip message if membership is empty
- 5201e86 Fix data race in gossip/discovery test (#1865)
- 11cbae9 Add object handle and key cache to bccsp/pkcs11 [ #11 ]
- d626146 Drain session pool before creating new sessions
- d0c5065 Fix Broken Doc Reference
- d308fbf Re-enable Skipped PKCS11 Tests
- 80d3934 Fix broken pkcs11 tests
- c8d124f [FAB-18073] Add integration test for dev mode
- 9848841 [FAB-18171] Disregard certificate validity period in intra-orderer communication (#1825)
- 243dc0e [FAB-17539] Always remember anchor peers in membership (#142...
v2.4.0-alpha
v2.4.0-alpha Release Notes - April 15, 2021
New features
FABGW-1: Fabric Gateway Technical Preview
The Hyperledger Fabric v2.4.0 Alpha contains a technical preview of the new Fabric Gateway feature.
The Fabric Gateway is a new component that will implement much of the high-level 'gateway' programming model in the Fabric peer,
enabling the removal of much of the transaction submission and query logic from client applications, and shifting it to a common gateway component running within the Fabric peer.
The various client SDKs can therefore be slimmer, more consistent, and require less maintenance.
The Fabric Gateway will also simplify the administrative overhead of running a Fabric network because client applications
will be able to connect and submit transactions via a single network port rather than the current situation where ports
have to be opened from a client application to multiple peers across potentially multiple organizations.
The Fabric Gateway technical preview is delivered along with slim SDKs in the https://github.com/hyperledger/fabric-gateway repository,
along with client application samples.
Improvements
peer and orderer - Implement legacy name constraints verification for Go 1.15
These changes reproduce the Go 1.14 name constraint verification in the MSP.
Without these changes, certificate chains that would fail verification in Go 1.14 would
successfully validate in Go 1.15 due to the change mentioned in the Go 1.15 release notes.
Specifically, if a signing certificate contains a name constraint, the leaf certificate
does not include SAN extensions, and the leaf's common name looks like a host name,
then the additional verification is performed to ensure deterministic behavior relative
to prior Fabric releases.
peer and orderer - Default log record format improvements
Expanded the width of the log record sequence number to a minimum of four characters,
moved the log sequence number and log level to the left,
and added bold formatting to the function name.
These changes keep the fixed-width columns together at the left
and add a visual break between the logging module name and log message text.
Fixes
All fixes as of v2.3.1 are included in v2.4.0-alpha. Additionally, the following fixes are made in v2.4.0-alpha.
FAB-18427: orderer - Report correct reason of stream abort in orderer cluster
This commit fixes a bug that makes the cluster communication infrastructure
always report an "aborted" reason after a stream terminates.
FAB-18424: peer - Ledger snapshot request submission with special value "blockNumber 0"
If a ledger snapshot request is submitted with the special value "blockNumber 0", peer is expected to translate the request to last committed block.
This patch fixes the issue where, it may happen sometimes that the request is translated to block number 1 instead of last committed block.
This leads to the situation where no snapshot gets generated, including any future snapshot requests.
If you have ever used this special value, we encourage you to check the list of pending snapshots requests with peer snapshot listpending
.
If you notice one or more pending requests that are for the the block numbers lower than the latest committed block, cancel such requests with peer snapshot cancelrequest
to enable the further snapshot requests to be processed.
FAB-18304: peer and orderer - Fix leveldb manifest corruption
This fix updates the version of goleveldb. The prior version of goleveldb had a bug which
could cause manifest corruption in crash scenarios, especially in disk full crash scenarios.
With a corrupted goleveldb database, the peer or orderer would fail to start with error
"panic: Error opening leveldb: leveldb: manifest corrupted".
Dependencies
Fabric v2.4.0-alpha has been tested with the following dependencies:
- Go 1.15.7
- CouchDB v3.1.1
- Alpine images 3.13
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
- 06509ad v2.4.0-alpha release notes
- 4365412 remove redundant slice cast
- 5d500ee Fixed Typo
- d001dbc Add debug for gateway endorsement requests (#2538)
- 4cfc722 Skip plugin tests when the noplugin tag is used (#2535)
- ba7e923 fix: fix typo
- dead74f Fixed Typo (#2533)
- c7dc5d7 Improve snapshot dir error message
- 3714ca3 Document ledger.snapshots.rootDir
- b1f4329 Simplify GitHub Action for AZP Triggering
See More
- a8bfc98 Update deploy_chaincode.md
- 345a08b Add Security Model topic to docs
- aefa755 Fix link in
international_languages.md
- a559b2c Fix timeout in orderer connection from gateway
- d88e09c peer: the 'noplugin' build tag disables plugins
- f5de431 FABGW-9 Select endorsers with max block height
- f4dba9d Fix old or incorrect contents in the doc build instruction
- 576d186 Fix the fix for race condition in Finder unit test (#2504)
- 1147977 Clarify private data doc for endorsement pol...
v1.4.11
v1.4.11 Release Notes - March 2, 2021
Fixes
FAB-18413: peer - Node.js chaincode image build may fail
Node.js chaincode is built with fabric-ccenv image which extends fabric-baseimage.
Since fabric-baseimage uses Node.js v8, npm in fabric-ccenv must be pinned to npm v6.
If fabric-ccenv uses a later npm version, Node.js chaincode image build may fail
with error "Failed to generate platform-specific docker build".
This fix pins npm to v6 in fabric-ccenv image.
peer and orderer - Fix s390x builds
golang.org/x/crypto and golang.org/x/sys Go dependencies were out of sync,
causing build failure on s390x architecture.
This fix pins them to consistent versions of v1.14 so that s390x binaries can be built.
FAB-18427: orderer - Orderer cluster stream termination reports incorrect reason
The cluster communication infrastructure always reported an "aborted" reason
after a stream terminates, instead of reporting the correct reason.
This fix ensures that the correct reason is logged.
Dependencies
Fabric v1.4.11 has been tested with the following dependencies:
- Go 1.14.12
- Fabric baseimage 0.4.22
- CouchDB v2.3.1
Changes, Known Issues, and Workarounds
FAB-12134: Same chaincode source receiving fingerprint mismatch error -
Chaincode installed in different ways may result in "chaincode fingerprint
mismatch data mismatch" error upon instantiation. This may happen when
installing chaincode by using different SDKs. To workaround the problem,
package the chaincode prior to installation and instantiation, by using
the "peer chaincode package" command.
Known Vulnerabilities
FAB-8664: Peer should detect and react when its org has been removed
This is a relatively low severity problem, because it requires a significant
conspiracy of network admins, but it will be addressed in a future release.
Resolved Vulnerabilities
None.
Deprecations (existing)
The following functions are deprecated and are targeted for removal in a future release.
Support for automatically vendoring the chaincode shim into user chaincodes
The fabric-ccenv image which is used to build chaincode, currently includes
the github.com/hyperledger/fabric/core/chaincode/shim ("shim") package.
This is convenient, as it provides the ability to package chaincode
without the need to include the "shim". However, this may cause issues in future
releases (and/or when trying to use packages which are included by the "shim").
In order to avoid any issues, users are advised to manually vendor the "shim"
package with their chaincode prior to using the peer CLI for packaging and/or
for installing chaincode.
Support removed in v2.0. For more details see FAB-5177.
Support for CAR chaincode package format
Support for packaging chaincode using the CAR format will be removed in
a future release.
Support removed in v2.0. For more details see FAB-14720.
Support for invoking system chaincodes from user chaincodes.
System chaincodes, for example QSCC, are intended to be invoked by
a client rather than by a user chaincode. Invoking from a user chaincode
may cause deadlocks.
Support removed in v2.0. For more details see FAB-15285.
Support for user chaincodes to utilize the chaincode shim's logger via NewLogger()
Chaincodes that used the shim's NewLogger() will need to shift to their own preferred
logging mechanism.
Support removed in v2.0. For more details see FAB-15366.
Support for peer's Admin service
The peer's Admin service exposes APIs such as GetLogSpec() and SetLogSpec().
Instead of using these services, utilize the HTTP operations service that was
introduced in v1.4.0.
Support removed in v2.0. For more details see FAB-15390.
Support for specifying orderer endpoints at the global level in channel configuration.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of
an organization instead.
For more details see FAB-7559.
The 'Solo' consensus type is deprecated.
With the introduction of Raft-based ordering service in v1.4.1, it is possible
to deploy a single-node (non-production) or multi-node
Raft-based ordering service with no external dependencies.
For single-node (non-production) ordering services, utilize Raft-based ordering
service with a single node instead of Solo ordering service.
For more details see FAB-15754.
The 'Kafka' consensus type is deprecated
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
fabric-couchdb docker image no longer updated, maintained, or published
The fabric-couchdb docker image will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
Change log
For the full list of changes, refer to the release change log:
https://github.com/hyperledger/fabric/blob/release-1.4/CHANGELOG.md#v1411
Changes:
- 77facb4 Release v1.4.11 commit
- b6822cb Report correct reason of stream abort in orderer cluster
- 4db2091 Log stream total lifetime
- a7f2b15 deps: overrides to use go1.14 branches
- 999051d Remvoe mockery from standard gotool targets
- f15b2b4 Prepare for next release v1.4.11
- 59d406a Update AZP Service Connection Name
- e3d4a0a Update image filter used by integration tests
- a7e659d Pin npm to latest-6 for compatibility with node 8
- 7d1ee82 v1.4.10 release commit
See More
- adfdd61 Add v1.4.10 release notes
- 3813607 Fix the issue of Nil/Zero-length-byte-array value (#2312)
- e95a134 Remove unreachable and unnecessary code in gossip membership (#2296)
- 51a3a52 [FAB-17039] CherryPick: Skip retrieving pvtdata from transient store when txid is missing (bp #2183) (#2203)
- 746b7e9 [FAB-18323] CherryPick: remove ephemeral from BCCSP SW options (#1553)
- 25d99ba Update endorsementpolicies.md
- 7004000 Bump Go to 1.14.12
- 2dbf8d6 Bump version of golang.org/x/tools
- e876e64 [FAB-13370] increase go env timeout from 10s to 1m
- 1d7b876 Increase Eventually Timeout
- a25b63f Prepare for go 1.14 (#755)
- b5a12de Log TLS hanshake duration
- 56d7b84 Deduplicate orderer server TLS root CAs (#2030)
- cf344b5 FAB-18244 single node catches up with snapshot (#2022)
- 83c833c [FAB-18270] Disable debug of CouchDB response body
- 75f9fe7 [FAB-18265] Always Use DummyKeystore For PKCS11 BCCSP Provider
- a40f9d2 Allow tick interval override via orderer.yaml
- db1abf6 Always Finalize the PKCS11 FindObject Operation (#1978)
- df50dea Update devmode doc to note TLS must be disabled (release-1.4)
- 4af8308 Prepare for next release v1.4.10
- da55272 Release commit for v1.4.9
- 5146a9f Remove No Longer Relevant Release Note
- 4924294 Update release notes with FAB-18250
- 56a81f7 [FAB-18250] Check Error Before Returning Session to Pool (#1938)
- 17e171b Remove escc and vscc from list of system chaincodes
- 2d63281 Remove GetSessionInfo Call
- 4f1e340 Add release notes for v1.4.9
- 40abeec [FAB-18237] always update stateInfo message upon chaincode update (#1915)
- 693cae5 Clarify tlsHandshakeTimeShift CLI help text (#1895)
- d9a8bc9 Peer CLI communicate with orderers with expired TLS certs
- 51ffd55 Add extra queryexecutor nil checks
- 95e4cfd [FAB-18208] Do not sign gossip message if membership is empty
- 5201e86 Fix data race in gossip/discovery test (#1865)
- 11cbae9 Add object handle and key cache to bccsp/pkcs11 [ #11 ]
- d626146 Drain session pool before creating new sessions
- d0c5065 Fix Broken Doc Reference
- d308fbf Re-enable Skipped PKCS11 Tests
- 80d3934 Fix broken pkcs11 tests
- c8d124f [FAB-18073] Add integration test for dev mode
- 9848841...
v2.3.1
v2.3.1 Release Notes - February 3, 2021
Fixes
peer - incorrect handling of values set to empty byte array in node chaincode
Peer should handle key values set to nil or empty byte arrays as a delete of the key.
While the behavior worked as expected when using Go chaincode and Java chaincode,
if using node chaincode it did not work correctly when setting key values to empty byte arrays.
This fix ensures that peer will interpret empty byte arrays as deletes even for node chaincodes.
If using node chaincode with private data, if you had set private data values to an empty
byte array, the private data hash would have been committed incorrectly to the state database.
To repair the state database, after applying the fix, with the peer stopped, request that
the state database be rebuilt by calling "peer node rebuild-dbs" or by deleting the state database.
Upon the next start, the peer will rebuild the state database from the already processed block store.
If subsequent transactions had referenced the existence of such a private data hash by calling
GetPrivateDataHash, then the subsequent transactions may have been processed incorrectly and
the peer will need to additionally reprocess blocks, which can be triggered by calling
"peer node reset" instead of "peer node rebuild-dbs".
If the peer joined channels from a snapshot, "peer node rebuild-dbs" and "peer node reset"
are not available since the peer does not have all blocks since the genesis block. In
these cases the peer will need to be replaced with a new peer that re-joins from the snapshots.
If using regular channel data only and not private data, the empty byte array will not
have been committed, and therefore no action is required on the peer beyond applying the fix.
orderer - incorrect osnadmin flag --channel-id
The osnadmin CLI introduced in v2.3.0 used an incorrect flag --channel-id.
The flag has been corrected to be --channelID in order to be consistent
with other CLIs.
Dependencies
Fabric v2.3.1 has been tested with the following dependencies:
- Go 1.14.12
- CouchDB v3.1.1
Deprecations (existing)
FAB-15754: The 'Solo' consensus type is deprecated.
The 'Solo' consensus type has always been marked non-production and should be in
use only in test environments, however for compatibility it is still available,
but may be removed entirely in a future release.
FAB-16408: The 'Kafka' consensus type is deprecated.
The 'Raft' consensus type was introduced in v1.4.1 and has become the preferred
production consensus type. There is a documented and tested migration path from
Kafka to Raft, and existing users should migrate to the newer Raft consensus type.
For compatibility with existing deployments, Kafka is still supported,
but may be removed entirely in a future release.
Additionally, the fabric-kafka and fabric-zookeeper docker images are no longer updated, maintained, or published.
Fabric CouchDB image is deprecated
v2.2.0 added support for CouchDB 3.1.0 as the recommended and tested version of CouchDB.
If prior versions are utilized, a Warning will appear in peer log.
Note that CouchDB 3.1.0 requires that an admin username and password be set,
while this was optional in CouchDB v2.x. See the
Fabric CouchDB documentation
for configuration details.
Also note that CouchDB 3.1.0 default max_document_size is reduced to 8MB. Set a higher value if needed in your environment.
Finally, the fabric-couchdb docker image will not be updated to v3.1.0 and will no longer be updated, maintained, or published.
Users can utilize the official CouchDB docker image maintained by the Apache CouchDB project instead.
FAB-7559: Support for specifying orderer endpoints at the global level in channel configuration is deprecated.
Utilize the new 'OrdererEndpoints' stanza within the channel configuration of an organization instead.
Configuring orderer endpoints at the organization level accommodates
scenarios where orderers are run by different organizations. Using
this configuration ensures that only the TLS CA certificates of that organization
are used for orderer communications, in contrast to the global channel level endpoints which
would cause an aggregation of all orderer TLS CA certificates across
all orderer organizations to be used for orderer communications.
FAB-17428: Support for configtxgen flag --outputAnchorPeersUpdate
is deprecated.
The --outputAnchorPeersUpdate
mechanism for updating anchor peers has always had
limitations (for instance, it only works the first time anchor peers are updated).
Instead, anchor peer updates should be performed through the normal config update flow.
FAB-15406: The fabric-tools docker image is deprecated
The fabric-tools docker image will not be published in future Fabric releases.
Instead of using the fabric-tools docker image, users should utilize the
published Fabric binaries. The Fabric binaries can be used to make client calls
to Fabric runtime components, regardless of where the Fabric components are running.
FAB-15317: Block dissemination via gossip is deprecated
Block dissemination via gossip is deprecated and may be removed in a future release.
Fabric peers can be configured to receive blocks directly from an ordering service
node by using the following configuration:
peer.gossip.orgLeader: true
peer.gossip.useLeaderElection: false
peer.gossip.state.enabled: false
FAB-15061: Legacy chaincode lifecycle is deprecated
The legacy chaincode lifecycle from v1.x is deprecated and will be removed
in a future release. To prepare for the eventual removal, utilize the v2.x
chaincode lifecycle instead, by enabling V2_0 application capability on all
channels, and redeploying all chaincodes using the v2.x lifecycle. The new
chaincode lifecycle provides a more flexible and robust governance model
for chaincodes. For more details see the
documentation for enabling the new lifecycle.
Changes:
- 2f69b42 Release commit for v2.3.1
- 17b7e4f Add peer log message for failure to invoke chaincode (#2339)
- fc63fcd Test network does not work with latest Docker
- 8dc9930 Minor updates related to documentation for commands and more osnadmin updates (release-2.3) (#2322)
- c29420c Rename --channel-id to --channelID in osadmin
- 410ba71 Participation edits to network concept doc
- f682cad Fix the issue of Nil/Zero-length-byte-array value (#2309)
- 23b677c Remove system channel from Test Network tutorial
- 1dc0b47 [FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678)
- b144d49 cherry pick test network doc chaincode deployment
See More
- 7996176 [FAB-18398] Added osnadmin binary to tools image (#2275)
- 7debdef Remove unreachable and unnecessary code in gossip membership (#2294)
- f99cff0 Orderer deployment tutorial update
- b4548dd [doc] fix broken link
- a4a86d6 Minor create channel doc typos
- c8d3e08 Even more edits to docs for participation API (#2208) (#2281)
- 06866fb Revert "Minor create channel doc typos" backport
- e24a05e Pass GO_TAGS to tools container (#2278)
- c2758ef Raft configuration doc issue after mergify backport (release-2.3)
- 157f556 [FAB-18170] Endorsement policy page discusses NodeSDK
- f3cb99e [FAB-18392] Clarify scope and limitations of test network
- d486efb [FAB-18252] Documentation should reference Java chaincode support
- 377290d Remove anchor peers from configtx.yaml tutorial (#2257)
- e6b55b1 Update "add an org" tutorial to not use CLI
- cd578f3 Split command in "add an org to network" tutorial
- 0b2c755 Add more details to logging specification examples
- 56a0861 Minor create channel doc typos
- c8cc666 Update image filter used by integration tests
- 4d213ba Add Language Argument to DeployCC Calls
- 9ab9368 Check correct error
- 06eb9b1 [FAB-18378] Log warning when peer is lagging behind and cannot catch up
- e5e858a Fix unusual dash character in channel participation tutorial
- 5da3b0f [FAB-17039] Skip retrieving pvtdata from transient store when txid is missing (#2183) (#2200)
- cc5a77c More doc edits for system channel removal
- 0e774df Remove Short Names and Replace With Full Path in Fabric
- c91961c Edits to orderer and capabilities concept for participation API
- eb22bbf [FAB-17954] Document CouchDB JSON determinism (#2187)
- b1fb856 Fix name of...