github.com/myafeier/fabric@v1.0.1-0.20170722181825-3a4b1f2bce86/core/endorser/endorser_test.yaml

# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#

# CA server parameters
#
server:
        # current version of the CA
        version: "0.1"

        # limits the number of operating system threads used by the CA
        gomaxprocs: 2

        # path to the OBC state directory and CA state subdirectory
        # rootpath: "."
        # cadir: ".ca"

        # port the CA services are listening on
        port: ":20051"

        # TLS certificate and key file paths
        tls:

# Enabling/disabling different logging levels of the CA.
#
logging:
        trace: 0
        info: 1
        warning: 1
        error: 1
        panic: 1

# Enable attribute encryption in TCerts generated by TCA
tca:
    attribute-encryption:
       enabled: true

# Default attributes for Attribute Certificate Authority
aca:
    attributes:
        attribute-entry-0: user1;bank_a;company;ACompany;2015-01-01T00:00:00-03:00;;
        attribute-entry-1: user1;bank_a;position;Software Staff;2015-01-01T00:00:00-03:00;2015-07-12T23:59:59-03:00;
        attribute-entry-2: user1;bank_a;position;Software Engineer;2015-07-13T00:00:00-03:00;;
        attribute-entry-3: user2;bank_a;company;ACompany;2001-02-02T00:00:00-03:00;;
        attribute-entry-4: user2;bank_a;position;Project Manager;2001-02-02T00:00:00-03:00;;
    address: localhost:20051
    server-name: acap
    enabled: true

# Default users to be registered with the CA on first launch.  The role is a binary OR
# of the different roles a user can have:
#
# - simple client such as a wallet: CLIENT
# - non-validating peer: PEER
# - validating client: VALIDATOR
# - auditing client: AUDITOR
#
eca:
        affiliations:
           banks_and_institutions:
              banks:
                  - bank_a
                  - bank_b
                  - bank_c
              institutions:
                  - institution_a
        users:
                # <EnrollmentID>: <role (1:client, 2: peer, 4: validator, 8: auditor)> <EnrollmentPWD> <Affiliation> <Affiliation_Role>
                lukas: 1 NPKYL39uKbkj institution_a
                diego: 1 DRJ23pEQl16a institution_a
                jim: 1 6avZQLwcUe9b institution_a

                vp: 4 f3489fy98ghf

###############################################################################
#
#    CLI section
#
###############################################################################
cli:

    # The address that the cli process will use for callbacks from chaincodes
    address: 0.0.0.0:7052



###############################################################################
#
#    REST section
#
###############################################################################
rest:

    # Enable/disable setting for the REST service. It is recommended to disable
    # REST service on validators in production deployment and use non-validating
    # nodes to host REST service
    enabled: true

    # The address that the REST service will listen on for incoming requests.
    address: 0.0.0.0:7050


###############################################################################
#
#    LOGGING section
#
###############################################################################
logging:

    # Valid logging levels are case-insensitive strings chosen from

    #     CRITICAL | ERROR | WARNING | NOTICE | INFO | DEBUG

    # Logging 'module' names are also strings, however valid module names are
    # defined at runtime and are not checked for validity during option
    # processing.

    # Default logging levels are specified here for each of the peer
    # commands. For commands that have subcommands, the defaults also apply to
    # all subcommands of the command. These logging levels can be overridden
    # on the command line using the --logging-level command-line option, or by
    # setting the CORE_LOGGING_LEVEL environment variable.

    # The logging level specification is of the form

    #     [<module>[,<module>...]=]<level>[:[<module>[,<module>...]=]<level>...]

    # A logging level by itself is taken as the overall default. Otherwise,
    # overrides for individual or groups of modules can be specified using the
    # <module>[,<module>...]=<level> syntax.

    # Examples:
    #   info                                       - Set default to INFO
    #   warning:main,db=debug:chaincode=info       - Override default WARNING in main,db,chaincode
    #   chaincode=info:main=debug:db=debug:warning - Same as above
    msp:       debug
    peer:      debug
    crypto:    info
    status:    warning
    stop:      warning
    login:     warning
    vm:        warning
    chaincode: error


###############################################################################
#
#    Peer section
#
###############################################################################
peer:

    # Peer Version following version semantics as described here http://semver.org/
    # The Peer supplies this version in communications with other Peers
    version:  0.1.0

    # The Peer id is used for identifying this Peer instance.
    id: jdoe

    # The privateKey to be used by this peer
    # privateKey: 794ef087680e2494fa4918fd8fb80fb284b50b57d321a31423fe42b9ccf6216047cea0b66fe8365a8e3f2a8140c6866cc45852e63124668bee1daa9c97da0c2a

    # The networkId allows for logical seperation of networks
    # networkId: dev
    # networkId: test
    networkId: dev

    # The Address this Peer will listen on
    listenAddress: 0.0.0.0:21212
    # The Address this Peer will bind to for providing services
    address: 0.0.0.0:21212
    # Whether the Peer should programmatically determine the address to bind to.
    # This case is useful for docker containers.
    addressAutoDetect: true

    # Peer port to accept connections on
    port:    21212
    # Setting for runtime.GOMAXPROCS(n). If n < 1, it does not change the current setting
    gomaxprocs: -1
    workers: 2

    # Sync related configuration
    sync:
        blocks:
            # Channel size for readonly SyncBlocks messages channel for receiving
            # blocks from oppositie Peer Endpoints.
            # NOTE: currently messages are not stored and forwarded, but rather
            # lost if the channel write blocks.
            channelSize: 10
        state:
            snapshot:
                # Channel size for readonly syncStateSnapshot messages channel
                # for receiving state deltas for snapshot from oppositie Peer Endpoints.
                # NOTE: currently messages are not stored and forwarded, but
                # rather lost if the channel write blocks.
                channelSize: 50
            deltas:
                # Channel size for readonly syncStateDeltas messages channel for
                # receiving state deltas for a syncBlockRange from oppositie
                # Peer Endpoints.
                # NOTE: currently messages are not stored and forwarded,
                # but rather lost if the channel write blocks.
                channelSize: 20

    # Validator defines whether this peer is a validating peer or not, and if
    # it is enabled, what consensus plugin to load
    validator:
        enabled: true

        consensus:
            # Consensus plugin to use. The value is the name of the plugin, e.g. pbft, noops ( this value is case-insensitive)
            # if the given value is not recognized, we will default to noops
            plugin: noops

            # total number of consensus messages which will be buffered per connection before delivery is rejected
            buffersize: 1000

        events:
            # The address that the Event service will be enabled on the validator
            address: 0.0.0.0:7053

            # total number of events that could be buffered without blocking the
            # validator sends
            buffersize: 100

            # milliseconds timeout for producer to send an event.
            # if < 0, if buffer full, unblocks immediately and not send
            # if 0, if buffer full, will block and guarantee the event will be sent out
            # if > 0, if buffer full, blocks till timeout
            timeout: 10

    # TLS Settings for p2p communications
    tls:
        enabled:  false
        cert:
            file: testdata/server1.pem
        key:
            file: testdata/server1.key

        # The server name use to verify the hostname returned by TLS handshake
        # The key cert was generated using
        #       openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout testdata/server1.key -out testdata/server1.pem
        serverhostoverride: dummy

    # PKI member services properties
    pki:
        eca:
            paddr: localhost:20051
        tca:
            paddr: localhost:20051
        tlsca:
            paddr: localhost:20051
        tls:
            enabled: false
            rootcert:
                file: tlsca.cert
            # The server name use to verify the hostname returned by TLS handshake
            serverhostoverride:

    # Peer discovery settings.  Controls how this peer discovers other peers
    discovery:

        # The root nodes are used for bootstrapping purposes, and generally
        # supplied through ENV variables
        rootnode:

        # The duration of time between attempts to asks peers for their connected peers
        period:  5s

        ## leaving this in for example of sub map entry
        # testNodes:
        #    - node   : 1
        #      ip     : 127.0.0.1
        #      port   : 21212
        #    - node   : 2
        #      ip     : 127.0.0.1
        #      port   : 21212

        # Should the discovered nodes and their reputations
        # be stored in DB and persisted between restarts
        persist:    true

        # if peer discovery is off
        # the peer window will show
        # only what retrieved by active
        # peer [true/false]
        enabled:    true

        # number of workers that
        # test the peers for being
        # online [1..10]
        workers: 8

        # the period in seconds with which the discovery
        # tries to reconnect to successful nodes
        # 0 means the nodes are not reconnected
        touchPeriod: 600

        # the maximum nuber of nodes to reconnect to
        # -1 for unlimited
        touchMaxNodes: 100

    # Path on the file system where peer will store data
    fileSystemPath: /var/hyperledger/production


    profile:
        enabled:     false
        listenAddress: 0.0.0.0:6060

    mspConfigPath: ../../sampleconfig/msp

    # BCCSP (Blockchain crypto provider): Select which crypto implementation or
    # library to use
    BCCSP:
        Default: SW
        SW:
            # TODO: The default Hash and Security level needs refactoring to be
            # fully configurable. Changing these defaults requires coordination
            # SHA2 is hardcoded in several places, not only BCCSP
            Hash: SHA2
            Security: 256
            FileKeyStore:
                KeyStore:

###############################################################################
#
#    VM section
#
###############################################################################
vm:

    # Endpoint of the vm management system.  For docker can be one of the following in general
    # unix:///var/run/docker.sock
    # http://localhost:2375
    # https://localhost:2376
    endpoint: unix:///var/run/docker.sock

    # settings for docker vms
    docker:
        tls:
            enabled: false
            cert:
                file: /path/to/server.pem
            ca:
                file: /path/to/ca.pem
            key:
                file: /path/to/server-key.pem

###############################################################################
#
#    Chaincode section
#
###############################################################################
chaincode:

    # The id is used by the Chaincode stub to register the executing Chaincode
    # ID with the Peerand is generally supplied through ENV variables
    # the Path form of ID is provided when deploying the chaincode. The name is
    # used for all other requests. The name is really a hashcode
    # returned by the system in response to the deploy transaction. In
    # development mode where user runs the chaincode, the name can be any string
    id:
        path:
        name:

    # Generic builder environment, suitable for most chaincode types
    builder: $(DOCKER_NS)/fabric-ccenv:$(ARCH)-$(PROJECT_VERSION)

    golang:
        # golang will never need more than baseos
        runtime: $(BASE_DOCKER_NS)/fabric-baseos:$(ARCH)-$(BASE_VERSION)

    car:
        # car may need more facilities (JVM, etc) in the future as the catalog
        # of platforms are expanded.  For now, we can just use baseos
        runtime: $(BASE_DOCKER_NS)/fabric-baseos:$(ARCH)-$(BASE_VERSION)

    java:
        # This is an image based on java:openjdk-8 with addition compiler
        # tools added for java shim layer packaging.
        # This image is packed with shim layer libraries that are necessary
        # for Java chaincode runtime.
        Dockerfile:  |
            FROM $(DOCKER_NS)/fabric-javaenv:$(ARCH)-$(PROJECT_VERSION)

    # timeout in millisecs for starting up a container and waiting for Register
    # to come through. 1sec should be plenty for chaincode unit tests
    startuptimeout: 300000

    #timeout in millisecs for deploying chaincode from a remote repository.
    deploytimeout: 30000

    #mode - options are "dev", "net"
    #dev - in dev mode, user runs the chaincode after starting validator from
    # command line on local machine
    #net - in net mode validator will run chaincode in a docker container

    mode: net
    # typically installpath should not be modified. Otherwise, user must ensure
    # the chaincode executable is placed in the path specifed by installpath in
    # the image
    installpath: /opt/gopath/bin/

    # keepalive in seconds. In situations where the communiction goes through a
    # proxy that does not support keep-alive, this parameter will maintain connection
    # between peer and chaincode.
    # A value <= 0 turns keepalive off
    keepalive: 0

    # system chaincodes whitelist. To add system chaincode "myscc" to the
    # whitelist, add "myscc: enable" to the list
    system:
        lscc: enable
        escc: enable
        vscc: enable

###############################################################################
#
#    Ledger section - ledger configuration encompases both the blockchain
#    and the state
#
###############################################################################
ledger:

  blockchain:

    # Setting the deploy-system-chaincode property to false will prevent the
    # deploying of system chaincode at genesis time.
    deploy-system-chaincode: false

  state:

    # Control the number state deltas that are maintained. This takes additional
    # disk space, but allow the state to be rolled backwards and forwards
    # without the need to replay transactions.
    deltaHistorySize: 500

    # The data structure in which the state will be stored. Different data
    # structures may offer different performance characteristics.
    # Options are 'buckettree', 'trie' and 'raw'.
    # ( Note:'raw' is experimental and incomplete. )
    # If not set, the default data structure is the 'buckettree'.
    # This CANNOT be changed after the DB has been created.
    dataStructure:
      # The name of the data structure is for storing the state
      name: buckettree
      # The data structure specific configurations
      configs:
        # configurations for 'bucketree'. These CANNOT be changed after the DB
        # has been created. 'numBuckets' defines the number of bins that the
        # state key-values are to be divided
        numBuckets: 1000003
        # 'maxGroupingAtEachLevel' defines the number of bins that are grouped
        #together to construct next level of the merkle-tree (this is applied
        # repeatedly for constructing the entire tree).
        maxGroupingAtEachLevel: 5
        # 'bucketCacheSize' defines the size (in MBs) of the cache that is used to keep
        # the buckets (from root upto secondlast level) in memory. This cache helps
        # in making state hash computation faster. A value less than or equals to zero
        # leads to disabling this caching. This caching helps more if transactions
        # perform significant writes.
        bucketCacheSize: 100

        # configurations for 'trie'
        # 'tire' has no additional configurations exposed as yet

################################################################################
#
#   SECTION: STATETRANSFER
#
#   - This applies to recovery behavior when the replica has detected
#     a state transfer is required
#
#   - This might happen:
#     - During a view change in response to a faulty primary
#     - After a network outage which has isolated the replica
#     - If the current blockchain/state is determined to be corrupt
#
################################################################################
statetransfer:

    # Should a replica attempt to fix damaged blocks?
    # In general, this should be set to true, setting to false will cause
    # the replica to panic, and require a human's intervention to intervene
    # and fix the corruption
    recoverdamage: true

    # The number of blocks to retrieve per sync request
    blocksperrequest: 20

    # The maximum number of state deltas to attempt to retrieve
    # If more than this number of deltas is required to play the state up to date
    # then instead the state will be flagged as invalid, and a full copy of the state
    # will be retrieved instead
    maxdeltas: 200

    # Timeouts
    timeout:

        # How long may returning a single block take
        singleblock: 2s

        # How long may returning a single state delta take
        singlestatedelta: 2s

        # How long may transferring the complete state take
        fullstate: 60s