github.com/kaituanwang/hyperledger@v2.0.1+incompatible/core/deliverservice/config.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package deliverservice 8 9 import ( 10 "crypto/x509" 11 "io/ioutil" 12 "time" 13 14 "github.com/hyperledger/fabric/core/comm" 15 "github.com/hyperledger/fabric/core/config" 16 "github.com/hyperledger/fabric/internal/pkg/peer/orderers" 17 18 "github.com/pkg/errors" 19 "github.com/spf13/viper" 20 ) 21 22 const ( 23 DefaultReConnectBackoffThreshold = float64(time.Hour) 24 DefaultReConnectTotalTimeThreshold = time.Second * 60 * 60 25 DefaultConnectionTimeout = time.Second * 3 26 ) 27 28 // DeliverServiceConfig is the struct that defines the deliverservice configuration. 29 type DeliverServiceConfig struct { 30 // PeerTLSEnabled enables/disables Peer TLS. 31 PeerTLSEnabled bool 32 // ReConnectBackoffThreshold sets the delivery service maximal delay between consencutive retries. 33 ReConnectBackoffThreshold float64 34 // ReconnectTotalTimeThreshold sets the total time the delivery service may spend in reconnection attempts 35 // until its retry logic gives up and returns an error. 36 ReconnectTotalTimeThreshold time.Duration 37 // ConnectionTimeout sets the delivery service <-> ordering service node connection timeout 38 ConnectionTimeout time.Duration 39 // Keepalive option for deliveryservice 40 KeepaliveOptions comm.KeepaliveOptions 41 // SecOpts provides the TLS info for connections 42 SecOpts comm.SecureOptions 43 44 // OrdererEndpointOverrides is a map of orderer addresses which should be 45 // re-mapped to a different orderer endpoint. 46 OrdererEndpointOverrides map[string]*orderers.Endpoint 47 } 48 49 type AddressOverride struct { 50 From string `mapstructure:"from"` 51 To string `mapstructure:"to"` 52 CACertsFile string `mapstructure:"caCertsFile"` 53 } 54 55 // GlobalConfig obtains a set of configuration from viper, build and returns the config struct. 56 func GlobalConfig() *DeliverServiceConfig { 57 c := &DeliverServiceConfig{} 58 c.loadDeliverServiceConfig() 59 return c 60 } 61 62 func LoadOverridesMap() (map[string]*orderers.Endpoint, error) { 63 var overrides []AddressOverride 64 err := viper.UnmarshalKey("peer.deliveryclient.addressOverrides", &overrides) 65 if err != nil { 66 return nil, errors.WithMessage(err, "could not unmarshal peer.deliveryclient.addressOverrides") 67 } 68 69 if len(overrides) == 0 { 70 return nil, nil 71 } 72 73 overrideMap := map[string]*orderers.Endpoint{} 74 for _, override := range overrides { 75 certPool := x509.NewCertPool() 76 if override.CACertsFile != "" { 77 pem, err := ioutil.ReadFile(override.CACertsFile) 78 if err != nil { 79 logger.Warningf("could not read file '%s' specified for caCertsFile of orderer endpoint override from '%s' to '%s': %s", override.CACertsFile, override.From, override.To, err) 80 continue 81 } 82 success := certPool.AppendCertsFromPEM(pem) 83 if !success { 84 logger.Warningf("Attempted to create a cert pool for override of orderer address '%s' to '%s' but did not find any valid certs in '%s'", override.From, override.To, override.CACertsFile) 85 continue 86 } 87 } 88 overrideMap[override.From] = &orderers.Endpoint{ 89 Address: override.To, 90 CertPool: certPool, 91 } 92 } 93 94 return overrideMap, nil 95 } 96 97 func (c *DeliverServiceConfig) loadDeliverServiceConfig() { 98 c.PeerTLSEnabled = viper.GetBool("peer.tls.enabled") 99 100 c.ReConnectBackoffThreshold = viper.GetFloat64("peer.deliveryclient.reConnectBackoffThreshold") 101 if c.ReConnectBackoffThreshold == 0 { 102 c.ReConnectBackoffThreshold = DefaultReConnectBackoffThreshold 103 } 104 105 c.ReconnectTotalTimeThreshold = viper.GetDuration("peer.deliveryclient.reconnectTotalTimeThreshold") 106 if c.ReconnectTotalTimeThreshold == 0 { 107 c.ReconnectTotalTimeThreshold = DefaultReConnectTotalTimeThreshold 108 } 109 110 c.ConnectionTimeout = viper.GetDuration("peer.deliveryclient.connTimeout") 111 if c.ConnectionTimeout == 0 { 112 c.ConnectionTimeout = DefaultConnectionTimeout 113 } 114 115 c.KeepaliveOptions = comm.DefaultKeepaliveOptions 116 if viper.IsSet("peer.keepalive.deliveryClient.interval") { 117 c.KeepaliveOptions.ClientInterval = viper.GetDuration("peer.keepalive.deliveryClient.interval") 118 } 119 if viper.IsSet("peer.keepalive.deliveryClient.timeout") { 120 c.KeepaliveOptions.ClientTimeout = viper.GetDuration("peer.keepalive.deliveryClient.timeout") 121 } 122 123 c.SecOpts = comm.SecureOptions{ 124 UseTLS: viper.GetBool("peer.tls.enabled"), 125 RequireClientCert: viper.GetBool("peer.tls.clientAuthRequired"), 126 } 127 128 if c.SecOpts.RequireClientCert { 129 certFile := config.GetPath("peer.tls.clientCert.file") 130 if certFile == "" { 131 certFile = config.GetPath("peer.tls.cert.file") 132 } 133 134 keyFile := config.GetPath("peer.tls.clientKey.file") 135 if keyFile == "" { 136 keyFile = config.GetPath("peer.tls.key.file") 137 } 138 139 keyPEM, err := ioutil.ReadFile(keyFile) 140 if err != nil { 141 panic(errors.WithMessagef(err, "unable to load key at '%s'", keyFile)) 142 } 143 c.SecOpts.Key = keyPEM 144 certPEM, err := ioutil.ReadFile(certFile) 145 if err != nil { 146 panic(errors.WithMessagef(err, "unable to load cert at '%s'", certFile)) 147 } 148 c.SecOpts.Certificate = certPEM 149 } 150 151 overridesMap, err := LoadOverridesMap() 152 if err != nil { 153 panic(err) 154 } 155 156 c.OrdererEndpointOverrides = overridesMap 157 }