github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/orderer/common/server/testdata/orderer.yaml (about) 1 # Copyright hechain. All Rights Reserved. 2 # 3 # SPDX-License-Identifier: Apache-2.0 4 # 5 6 --- 7 ################################################################################ 8 # 9 # Orderer Configuration 10 # 11 # - This controls the type and configuration of the orderer. 12 # 13 ################################################################################ 14 General: 15 # Listen address: The IP on which to bind to listen. 16 ListenAddress: 127.0.0.1 17 18 # Listen port: The port on which to bind to listen. 19 ListenPort: 7050 20 21 # TLS: TLS settings for the GRPC server. 22 TLS: 23 Enabled: false 24 # PrivateKey governs the file location of the private key of the TLS certificate. 25 PrivateKey: crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/tls/server.key 26 # Certificate governs the file location of the server TLS certificate. 27 Certificate: crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/tls/server.crt 28 RootCAs: 29 - crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/tls/ca.crt 30 ClientAuthRequired: false 31 ClientRootCAs: 32 # Keepalive settings for the GRPC server. 33 Keepalive: 34 # ServerMinInterval is the minimum permitted time between client pings. 35 # If clients send pings more frequently, the server will 36 # disconnect them. 37 ServerMinInterval: 60s 38 # ServerInterval is the time between pings to clients. 39 ServerInterval: 7200s 40 # ServerTimeout is the duration the server waits for a response from 41 # a client before closing the connection. 42 ServerTimeout: 20s 43 # Cluster settings for ordering service nodes that communicate with other ordering service nodes 44 # such as Raft based ordering service. 45 Cluster: 46 # SendBufferSize is the maximum number of messages in the egress buffer. 47 # Consensus messages are dropped if the buffer is full, and transaction 48 # messages are waiting for space to be freed. 49 SendBufferSize: 10 50 # ClientCertificate governs the file location of the client TLS certificate 51 # used to establish mutual TLS connections with other ordering service nodes. 52 ClientCertificate: 53 # ClientPrivateKey governs the file location of the private key of the client TLS certificate. 54 ClientPrivateKey: 55 # The below 4 properties should be either set together, or be unset together. 56 # If they are set, then the orderer node uses a separate listener for intra-cluster 57 # communication. If they are unset, then the general orderer listener is used. 58 # This is useful if you want to use a different TLS server certificates on the 59 # client-facing and the intra-cluster listeners. 60 61 # ListenPort defines the port on which the cluster listens to connections. 62 ListenPort: 63 # ListenAddress defines the IP on which to listen to intra-cluster communication. 64 ListenAddress: 65 # ServerCertificate defines the file location of the server TLS certificate used for intra-cluster 66 # communication. 67 ServerCertificate: 68 # ServerPrivateKey defines the file location of the private key of the TLS certificate. 69 ServerPrivateKey: 70 71 # Genesis method: The method by which the genesis block for the orderer 72 # system channel is specified. The option can be one of: 73 # "file" - path to a faile containing the genesis block or config block of system channel 74 # "none" - allows an orderer to start without a system channel configuration 75 GenesisMethod: file 76 77 # The file containing the genesis block to use when initializing the orderer system channel 78 GenesisFile: genesisblock 79 80 # LocalMSPDir is where to find the private crypto material needed by the 81 # orderer. It is set relative here as a default for dev environments but 82 # should be changed to the real location in production. 83 LocalMSPDir: crypto/ordererOrganizations/example.com/orderers/127.0.0.1.example.com/msp 84 85 # LocalMSPID is the identity to register the local MSP material with the MSP 86 # manager. IMPORTANT: The local MSP ID of an orderer needs to match the MSP 87 # ID of one of the organizations defined in the orderer system channel's 88 # /Channel/Orderer configuration. The sample organization defined in the 89 # sample configuration provided has an MSP ID of "SampleOrg". 90 LocalMSPID: SampleOrg 91 92 # Enable an HTTP service for Go "pprof" profiling as documented at: 93 # https://golang.org/pkg/net/http/pprof 94 Profile: 95 Enabled: false 96 Address: 0.0.0.0:6060 97 98 # BCCSP configures the blockchain crypto service providers. 99 BCCSP: 100 # Default specifies the preferred blockchain crypto service provider 101 # to use. If the preferred provider is not available, the software 102 # based provider ("SW") will be used. 103 # Valid providers are: 104 # - SW: a software based crypto provider 105 # - PKCS11: a CA hardware security module crypto provider. 106 Default: SW 107 108 # SW configures the software based blockchain crypto provider. 109 SW: 110 # TODO: The default Hash and Security level needs refactoring to be 111 # fully configurable. Changing these defaults requires coordination 112 # SHA2 is hardcoded in several places, not only BCCSP 113 Hash: SHA2 114 Security: 256 115 # Location of key store. If this is unset, a location will be 116 # chosen using: 'LocalMSPDir'/keystore 117 FileKeyStore: 118 KeyStore: 119 120 # Authentication contains configuration parameters related to authenticating 121 # client messages 122 Authentication: 123 # the acceptable difference between the current server time and the 124 # client's time as specified in a client request message 125 TimeWindow: 15m 126 127 ################################################################################ 128 # 129 # SECTION: File Ledger 130 # 131 # - This section applies to the configuration of the file ledger. 132 # 133 ################################################################################ 134 FileLedger: 135 136 # Location: The directory to store the blocks in. 137 Location: /var/hyperledger/production/orderer 138 139 ################################################################################ 140 # 141 # SECTION: Kafka 142 # 143 # - This section applies to the configuration of the Kafka-based orderer, and 144 # its interaction with the Kafka cluster. 145 # 146 ################################################################################ 147 Kafka: 148 149 # Retry: What do if a connection to the Kafka cluster cannot be established, 150 # or if a metadata request to the Kafka cluster needs to be repeated. 151 Retry: 152 # When a new channel is created, or when an existing channel is reloaded 153 # (in case of a just-restarted orderer), the orderer interacts with the 154 # Kafka cluster in the following ways: 155 # 1. It creates a Kafka producer (writer) for the Kafka partition that 156 # corresponds to the channel. 157 # 2. It uses that producer to post a no-op CONNECT message to that 158 # partition 159 # 3. It creates a Kafka consumer (reader) for that partition. 160 # If any of these steps fail, they will be re-attempted every 161 # <ShortInterval> for a total of <ShortTotal>, and then every 162 # <LongInterval> for a total of <LongTotal> until they succeed. 163 # Note that the orderer will be unable to write to or read from a 164 # channel until all of the steps above have been completed successfully. 165 ShortInterval: 5s 166 ShortTotal: 10m 167 LongInterval: 5m 168 LongTotal: 12h 169 # Affects the socket timeouts when waiting for an initial connection, a 170 # response, or a transmission. See Config.Net for more info: 171 # https://godoc.org/github.com/Shopify/sarama#Config 172 NetworkTimeouts: 173 DialTimeout: 10s 174 ReadTimeout: 10s 175 WriteTimeout: 10s 176 # Affects the metadata requests when the Kafka cluster is in the middle 177 # of a leader election.See Config.Metadata for more info: 178 # https://godoc.org/github.com/Shopify/sarama#Config 179 Metadata: 180 RetryBackoff: 250ms 181 RetryMax: 3 182 # What to do if posting a message to the Kafka cluster fails. See 183 # Config.Producer for more info: 184 # https://godoc.org/github.com/Shopify/sarama#Config 185 Producer: 186 RetryBackoff: 100ms 187 RetryMax: 3 188 # What to do if reading from the Kafka cluster fails. See 189 # Config.Consumer for more info: 190 # https://godoc.org/github.com/Shopify/sarama#Config 191 Consumer: 192 RetryBackoff: 2s 193 # Settings to use when creating Kafka topics. Only applies when 194 # Kafka.Version is v0.10.1.0 or higher 195 Topic: 196 # The number of Kafka brokers across which to replicate the topic 197 ReplicationFactor: 3 198 # Verbose: Enable logging for interactions with the Kafka cluster. 199 Verbose: false 200 201 # TLS: TLS settings for the orderer's connection to the Kafka cluster. 202 TLS: 203 204 # Enabled: Use TLS when connecting to the Kafka cluster. 205 Enabled: false 206 207 # PrivateKey: PEM-encoded private key the orderer will use for 208 # authentication. 209 PrivateKey: 210 # As an alternative to specifying the PrivateKey here, uncomment the 211 # following "File" key and specify the file name from which to load the 212 # value of PrivateKey. 213 #File: path/to/PrivateKey 214 215 # Certificate: PEM-encoded signed public key certificate the orderer will 216 # use for authentication. 217 Certificate: 218 # As an alternative to specifying the Certificate here, uncomment the 219 # following "File" key and specify the file name from which to load the 220 # value of Certificate. 221 #File: path/to/Certificate 222 223 # RootCAs: PEM-encoded trusted root certificates used to validate 224 # certificates from the Kafka cluster. 225 RootCAs: 226 # As an alternative to specifying the RootCAs here, uncomment the 227 # following "File" key and specify the file name from which to load the 228 # value of RootCAs. 229 #File: path/to/RootCAs 230 231 # SASLPlain: Settings for using SASL/PLAIN authentication with Kafka brokers 232 SASLPlain: 233 # Enabled: Use SASL/PLAIN to authenticate with Kafka brokers 234 Enabled: false 235 # User: Required when Enabled is set to true 236 User: 237 # Password: Required when Enabled is set to true 238 Password: 239 240 # Kafka protocol version used to communicate with the Kafka cluster brokers 241 # (defaults to 0.10.2.0 if not specified) 242 Version: 243 244 ################################################################################ 245 # 246 # Debug Configuration 247 # 248 # - This controls the debugging options for the orderer 249 # 250 ################################################################################ 251 Debug: 252 253 # BroadcastTraceDir when set will cause each request to the Broadcast service 254 # for this orderer to be written to a file in this directory 255 BroadcastTraceDir: 256 257 # DeliverTraceDir when set will cause each request to the Deliver service 258 # for this orderer to be written to a file in this directory 259 DeliverTraceDir: 260 261 ################################################################################ 262 # 263 # Operations Configuration 264 # 265 # - This configures the operations server endpoint for the orderer 266 # 267 ################################################################################ 268 Operations: 269 # host and port for the operations server 270 ListenAddress: 127.0.0.1:8443 271 272 # TLS configuration for the operations endpoint 273 TLS: 274 # TLS enabled 275 Enabled: false 276 277 # Certificate is the location of the PEM encoded TLS certificate 278 Certificate: 279 280 # PrivateKey points to the location of the PEM-encoded key 281 PrivateKey: 282 283 # Most operations service endpoints require client authentication when TLS 284 # is enabled. ClientAuthRequired requires client certificate authentication 285 # at the TLS layer to access all resources. 286 ClientAuthRequired: false 287 288 # Paths to PEM encoded ca certificates to trust for client authentication 289 ClientRootCAs: [] 290 291 ################################################################################ 292 # 293 # Metrics Configuration 294 # 295 # - This configures metrics collection for the orderer 296 # 297 ################################################################################ 298 Metrics: 299 # The metrics provider is one of statsd, prometheus, or disabled 300 Provider: disabled 301 302 # The statsd configuration 303 Statsd: 304 # network type: tcp or udp 305 Network: udp 306 307 # the statsd server address 308 Address: 127.0.0.1:8125 309 310 # The interval at which locally cached counters and gauges are pushed 311 # to statsd; timings are pushed immediately 312 WriteInterval: 30s 313 314 # The prefix is prepended to all emitted statsd metrics 315 Prefix: 316 317 ################################################################################ 318 # 319 # Channel participation API Configuration 320 # 321 # - This provides the channel participation API configuration for the orderer. 322 # - Channel participation uses the same ListenAddress and TLS settings of the 323 # Operations service. 324 # 325 ################################################################################ 326 ChannelParticipation: 327 # Channel participation API is enabled. 328 Enabled: false 329 330 # The maximum size of the request body when joining a channel. 331 MaxRequestBodySize: 1 MB 332 333 ################################################################################ 334 # 335 # Consensus Configuration 336 # 337 # - This section contains config options for a consensus plugin. It is opaque 338 # to orderer, and completely up to consensus implementation to make use of. 339 # 340 ################################################################################ 341 Consensus: 342 # The allowed key-value pairs here depend on consensus plugin. For etcd/raft, 343 # we use following options: 344 345 # WALDir specifies the location at which Write Ahead Logs for etcd/raft are 346 # stored. Each channel will have its own subdir named after channel ID. 347 WALDir: /var/hyperledger/production/orderer/etcdraft/wal 348 349 # SnapDir specifies the location at which snapshots for etcd/raft are 350 # stored. Each channel will have its own subdir named after channel ID. 351 SnapDir: /var/hyperledger/production/orderer/etcdraft/snapshot