github.com/anjalikarhana/fabric@v2.1.1+incompatible/orderer/common/server/testdata/orderer.yaml (about) 1 # Copyright IBM Corp. All Rights Reserved. 2 # 3 # SPDX-License-Identifier: Apache-2.0 4 # 5 6 --- 7 ################################################################################ 8 # 9 # Orderer Configuration 10 # 11 # - This controls the type and configuration of the orderer. 12 # 13 ################################################################################ 14 General: 15 # Listen address: The IP on which to bind to listen. 16 ListenAddress: 127.0.0.1 17 18 # Listen port: The port on which to bind to listen. 19 ListenPort: 7050 20 21 # TLS: TLS settings for the GRPC server. 22 TLS: 23 Enabled: false 24 # PrivateKey governs the file location of the private key of the TLS certificate. 25 PrivateKey: crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/tls/server.key 26 # Certificate governs the file location of the server TLS certificate. 27 Certificate: crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/tls/server.crt 28 RootCAs: 29 - crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/tls/ca.crt 30 ClientAuthRequired: false 31 ClientRootCAs: 32 # Keepalive settings for the GRPC server. 33 Keepalive: 34 # ServerMinInterval is the minimum permitted time between client pings. 35 # If clients send pings more frequently, the server will 36 # disconnect them. 37 ServerMinInterval: 60s 38 # ServerInterval is the time between pings to clients. 39 ServerInterval: 7200s 40 # ServerTimeout is the duration the server waits for a response from 41 # a client before closing the connection. 42 ServerTimeout: 20s 43 # Cluster settings for ordering service nodes that communicate with other ordering service nodes 44 # such as Raft based ordering service. 45 Cluster: 46 # SendBufferSize is the maximum number of messages in the egress buffer. 47 # Consensus messages are dropped if the buffer is full, and transaction 48 # messages are waiting for space to be freed. 49 SendBufferSize: 10 50 # ClientCertificate governs the file location of the client TLS certificate 51 # used to establish mutual TLS connections with other ordering service nodes. 52 ClientCertificate: 53 # ClientPrivateKey governs the file location of the private key of the client TLS certificate. 54 ClientPrivateKey: 55 # The below 4 properties should be either set together, or be unset together. 56 # If they are set, then the orderer node uses a separate listener for intra-cluster 57 # communication. If they are unset, then the general orderer listener is used. 58 # This is useful if you want to use a different TLS server certificates on the 59 # client-facing and the intra-cluster listeners. 60 61 # ListenPort defines the port on which the cluster listens to connections. 62 ListenPort: 63 # ListenAddress defines the IP on which to listen to intra-cluster communication. 64 ListenAddress: 65 # ServerCertificate defines the file location of the server TLS certificate used for intra-cluster 66 # communication. 67 ServerCertificate: 68 # ServerPrivateKey defines the file location of the private key of the TLS certificate. 69 ServerPrivateKey: 70 71 # Genesis method: The method by which the genesis block for the orderer 72 # system channel is specified. The option can be one of: 73 # "file" - path to a faile containing the genesis block or config block of system channel 74 # "none" - allows an orderer to start without a system channel configuration 75 GenesisMethod: file 76 77 # The file containing the genesis block to use when initializing the orderer system channel 78 GenesisFile: genesisblock 79 80 # LocalMSPDir is where to find the private crypto material needed by the 81 # orderer. It is set relative here as a default for dev environments but 82 # should be changed to the real location in production. 83 LocalMSPDir: crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/msp 84 85 # LocalMSPID is the identity to register the local MSP material with the MSP 86 # manager. IMPORTANT: The local MSP ID of an orderer needs to match the MSP 87 # ID of one of the organizations defined in the orderer system channel's 88 # /Channel/Orderer configuration. The sample organization defined in the 89 # sample configuration provided has an MSP ID of "SampleOrg". 90 LocalMSPID: SampleOrg 91 92 # Enable an HTTP service for Go "pprof" profiling as documented at: 93 # https://golang.org/pkg/net/http/pprof 94 Profile: 95 Enabled: false 96 Address: 0.0.0.0:6060 97 98 # BCCSP configures the blockchain crypto service providers. 99 BCCSP: 100 # Default specifies the preferred blockchain crypto service provider 101 # to use. If the preferred provider is not available, the software 102 # based provider ("SW") will be used. 103 # Valid providers are: 104 # - SW: a software based crypto provider 105 # - PKCS11: a CA hardware security module crypto provider. 106 Default: SW 107 108 # SW configures the software based blockchain crypto provider. 109 SW: 110 # TODO: The default Hash and Security level needs refactoring to be 111 # fully configurable. Changing these defaults requires coordination 112 # SHA2 is hardcoded in several places, not only BCCSP 113 Hash: SHA2 114 Security: 256 115 # Location of key store. If this is unset, a location will be 116 # chosen using: 'LocalMSPDir'/keystore 117 FileKeyStore: 118 KeyStore: 119 120 # Authentication contains configuration parameters related to authenticating 121 # client messages 122 Authentication: 123 # the acceptable difference between the current server time and the 124 # client's time as specified in a client request message 125 TimeWindow: 15m 126 127 ################################################################################ 128 # 129 # SECTION: File Ledger 130 # 131 # - This section applies to the configuration of the file or json ledgers. 132 # 133 ################################################################################ 134 FileLedger: 135 136 # Location: The directory to store the blocks in. 137 # NOTE: If this is unset, a new temporary location will be chosen every time 138 # the orderer is restarted, using the prefix specified by Prefix. 139 Location: /var/hyperledger/production/orderer 140 141 # The prefix to use when generating a ledger directory in temporary space. 142 # Otherwise, this value is ignored. 143 Prefix: hyperledger-fabric-ordererledger 144 145 ################################################################################ 146 # 147 # SECTION: Kafka 148 # 149 # - This section applies to the configuration of the Kafka-based orderer, and 150 # its interaction with the Kafka cluster. 151 # 152 ################################################################################ 153 Kafka: 154 155 # Retry: What do if a connection to the Kafka cluster cannot be established, 156 # or if a metadata request to the Kafka cluster needs to be repeated. 157 Retry: 158 # When a new channel is created, or when an existing channel is reloaded 159 # (in case of a just-restarted orderer), the orderer interacts with the 160 # Kafka cluster in the following ways: 161 # 1. It creates a Kafka producer (writer) for the Kafka partition that 162 # corresponds to the channel. 163 # 2. It uses that producer to post a no-op CONNECT message to that 164 # partition 165 # 3. It creates a Kafka consumer (reader) for that partition. 166 # If any of these steps fail, they will be re-attempted every 167 # <ShortInterval> for a total of <ShortTotal>, and then every 168 # <LongInterval> for a total of <LongTotal> until they succeed. 169 # Note that the orderer will be unable to write to or read from a 170 # channel until all of the steps above have been completed successfully. 171 ShortInterval: 5s 172 ShortTotal: 10m 173 LongInterval: 5m 174 LongTotal: 12h 175 # Affects the socket timeouts when waiting for an initial connection, a 176 # response, or a transmission. See Config.Net for more info: 177 # https://godoc.org/github.com/Shopify/sarama#Config 178 NetworkTimeouts: 179 DialTimeout: 10s 180 ReadTimeout: 10s 181 WriteTimeout: 10s 182 # Affects the metadata requests when the Kafka cluster is in the middle 183 # of a leader election.See Config.Metadata for more info: 184 # https://godoc.org/github.com/Shopify/sarama#Config 185 Metadata: 186 RetryBackoff: 250ms 187 RetryMax: 3 188 # What to do if posting a message to the Kafka cluster fails. See 189 # Config.Producer for more info: 190 # https://godoc.org/github.com/Shopify/sarama#Config 191 Producer: 192 RetryBackoff: 100ms 193 RetryMax: 3 194 # What to do if reading from the Kafka cluster fails. See 195 # Config.Consumer for more info: 196 # https://godoc.org/github.com/Shopify/sarama#Config 197 Consumer: 198 RetryBackoff: 2s 199 # Settings to use when creating Kafka topics. Only applies when 200 # Kafka.Version is v0.10.1.0 or higher 201 Topic: 202 # The number of Kafka brokers across which to replicate the topic 203 ReplicationFactor: 3 204 # Verbose: Enable logging for interactions with the Kafka cluster. 205 Verbose: false 206 207 # TLS: TLS settings for the orderer's connection to the Kafka cluster. 208 TLS: 209 210 # Enabled: Use TLS when connecting to the Kafka cluster. 211 Enabled: false 212 213 # PrivateKey: PEM-encoded private key the orderer will use for 214 # authentication. 215 PrivateKey: 216 # As an alternative to specifying the PrivateKey here, uncomment the 217 # following "File" key and specify the file name from which to load the 218 # value of PrivateKey. 219 #File: path/to/PrivateKey 220 221 # Certificate: PEM-encoded signed public key certificate the orderer will 222 # use for authentication. 223 Certificate: 224 # As an alternative to specifying the Certificate here, uncomment the 225 # following "File" key and specify the file name from which to load the 226 # value of Certificate. 227 #File: path/to/Certificate 228 229 # RootCAs: PEM-encoded trusted root certificates used to validate 230 # certificates from the Kafka cluster. 231 RootCAs: 232 # As an alternative to specifying the RootCAs here, uncomment the 233 # following "File" key and specify the file name from which to load the 234 # value of RootCAs. 235 #File: path/to/RootCAs 236 237 # SASLPlain: Settings for using SASL/PLAIN authentication with Kafka brokers 238 SASLPlain: 239 # Enabled: Use SASL/PLAIN to authenticate with Kafka brokers 240 Enabled: false 241 # User: Required when Enabled is set to true 242 User: 243 # Password: Required when Enabled is set to true 244 Password: 245 246 # Kafka protocol version used to communicate with the Kafka cluster brokers 247 # (defaults to 0.10.2.0 if not specified) 248 Version: 249 250 ################################################################################ 251 # 252 # Debug Configuration 253 # 254 # - This controls the debugging options for the orderer 255 # 256 ################################################################################ 257 Debug: 258 259 # BroadcastTraceDir when set will cause each request to the Broadcast service 260 # for this orderer to be written to a file in this directory 261 BroadcastTraceDir: 262 263 # DeliverTraceDir when set will cause each request to the Deliver service 264 # for this orderer to be written to a file in this directory 265 DeliverTraceDir: 266 267 ################################################################################ 268 # 269 # Operations Configuration 270 # 271 # - This configures the operations server endpoint for the orderer 272 # 273 ################################################################################ 274 Operations: 275 # host and port for the operations server 276 ListenAddress: 127.0.0.1:8443 277 278 # TLS configuration for the operations endpoint 279 TLS: 280 # TLS enabled 281 Enabled: false 282 283 # Certificate is the location of the PEM encoded TLS certificate 284 Certificate: 285 286 # PrivateKey points to the location of the PEM-encoded key 287 PrivateKey: 288 289 # Most operations service endpoints require client authentication when TLS 290 # is enabled. ClientAuthRequired requires client certificate authentication 291 # at the TLS layer to access all resources. 292 ClientAuthRequired: false 293 294 # Paths to PEM encoded ca certificates to trust for client authentication 295 ClientRootCAs: [] 296 297 ################################################################################ 298 # 299 # Metrics Configuration 300 # 301 # - This configures metrics collection for the orderer 302 # 303 ################################################################################ 304 Metrics: 305 # The metrics provider is one of statsd, prometheus, or disabled 306 Provider: disabled 307 308 # The statsd configuration 309 Statsd: 310 # network type: tcp or udp 311 Network: udp 312 313 # the statsd server address 314 Address: 127.0.0.1:8125 315 316 # The interval at which locally cached counters and gauges are pushed 317 # to statsd; timings are pushed immediately 318 WriteInterval: 30s 319 320 # The prefix is prepended to all emitted statsd metrics 321 Prefix: 322 323 ################################################################################ 324 # 325 # Consensus Configuration 326 # 327 # - This section contains config options for a consensus plugin. It is opaque 328 # to orderer, and completely up to consensus implementation to make use of. 329 # 330 ################################################################################ 331 Consensus: 332 # The allowed key-value pairs here depend on consensus plugin. For etcd/raft, 333 # we use following options: 334 335 # WALDir specifies the location at which Write Ahead Logs for etcd/raft are 336 # stored. Each channel will have its own subdir named after channel ID. 337 WALDir: /var/hyperledger/production/orderer/etcdraft/wal 338 339 # SnapDir specifies the location at which snapshots for etcd/raft are 340 # stored. Each channel will have its own subdir named after channel ID. 341 SnapDir: /var/hyperledger/production/orderer/etcdraft/snapshot