github.com/yous1230/fabric@v2.0.0-beta.0.20191224111736-74345bee6ac2+incompatible/sampleconfig/configtx.yaml (about) 1 # Copyright IBM Corp. All Rights Reserved. 2 # 3 # SPDX-License-Identifier: Apache-2.0 4 # 5 6 --- 7 ################################################################################ 8 # 9 # ORGANIZATIONS 10 # 11 # This section defines the organizational identities that can be referenced 12 # in the configuration profiles. 13 # 14 ################################################################################ 15 Organizations: 16 17 # SampleOrg defines an MSP using the sampleconfig. It should never be used 18 # in production but may be used as a template for other definitions. 19 - &SampleOrg 20 # Name is the key by which this org will be referenced in channel 21 # configuration transactions. 22 # Name can include alphanumeric characters as well as dots and dashes. 23 Name: SampleOrg 24 25 # SkipAsForeign can be set to true for org definitions which are to be 26 # inherited from the orderer system channel during channel creation. This 27 # is especially useful when an admin of a single org without access to the 28 # MSP directories of the other orgs wishes to create a channel. Note 29 # this property must always be set to false for orgs included in block 30 # creation. 31 SkipAsForeign: false 32 33 # ID is the key by which this org's MSP definition will be referenced. 34 # ID can include alphanumeric characters as well as dots and dashes. 35 ID: SampleOrg 36 37 # MSPDir is the filesystem path which contains the MSP configuration. 38 MSPDir: msp 39 40 # Policies defines the set of policies at this level of the config tree 41 # For organization policies, their canonical path is usually 42 # /Channel/<Application|Orderer>/<OrgName>/<PolicyName> 43 Policies: &SampleOrgPolicies 44 Readers: 45 Type: Signature 46 Rule: "OR('SampleOrg.member')" 47 # If your MSP is configured with the new NodeOUs, you might 48 # want to use a more specific rule like the following: 49 # Rule: "OR('SampleOrg.admin', 'SampleOrg.peer', 'SampleOrg.client')" 50 Writers: 51 Type: Signature 52 Rule: "OR('SampleOrg.member')" 53 # If your MSP is configured with the new NodeOUs, you might 54 # want to use a more specific rule like the following: 55 # Rule: "OR('SampleOrg.admin', 'SampleOrg.client')" 56 Admins: 57 Type: Signature 58 Rule: "OR('SampleOrg.admin')" 59 Endorsement: 60 Type: Signature 61 Rule: "OR('SampleOrg.member')" 62 63 # OrdererEndpoints is a list of all orderers this org runs which clients 64 # and peers may to connect to to push transactions and receive blocks respectively. 65 OrdererEndpoints: 66 - "127.0.0.1:7050" 67 68 # AnchorPeers defines the location of peers which can be used for 69 # cross-org gossip communication. Note, this value is only encoded in 70 # the genesis block in the Application section context. 71 AnchorPeers: 72 - Host: 127.0.0.1 73 Port: 7051 74 75 ################################################################################ 76 # 77 # CAPABILITIES 78 # 79 # This section defines the capabilities of fabric network. This is a new 80 # concept as of v1.1.0 and should not be utilized in mixed networks with 81 # v1.0.x peers and orderers. Capabilities define features which must be 82 # present in a fabric binary for that binary to safely participate in the 83 # fabric network. For instance, if a new MSP type is added, newer binaries 84 # might recognize and validate the signatures from this type, while older 85 # binaries without this support would be unable to validate those 86 # transactions. This could lead to different versions of the fabric binaries 87 # having different world states. Instead, defining a capability for a channel 88 # informs those binaries without this capability that they must cease 89 # processing transactions until they have been upgraded. For v1.0.x if any 90 # capabilities are defined (including a map with all capabilities turned off) 91 # then the v1.0.x peer will deliberately crash. 92 # 93 ################################################################################ 94 Capabilities: 95 # Channel capabilities apply to both the orderers and the peers and must be 96 # supported by both. 97 # Set the value of the capability to true to require it. 98 Channel: &ChannelCapabilities 99 # V2.0 for Channel is a catchall flag for behavior which has been 100 # determined to be desired for all orderers and peers running at the v2.0.0 101 # level, but which would be incompatible with orderers and peers from 102 # prior releases. 103 # Prior to enabling V2.0 channel capabilities, ensure that all 104 # orderers and peers on a channel are at v2.0.0 or later. 105 V2_0: true 106 107 # Orderer capabilities apply only to the orderers, and may be safely 108 # used with prior release peers. 109 # Set the value of the capability to true to require it. 110 Orderer: &OrdererCapabilities 111 # V1.1 for Orderer is a catchall flag for behavior which has been 112 # determined to be desired for all orderers running at the v1.1.x 113 # level, but which would be incompatible with orderers from prior releases. 114 # Prior to enabling V2.0 orderer capabilities, ensure that all 115 # orderers on a channel are at v2.0.0 or later. 116 V2_0: true 117 118 # Application capabilities apply only to the peer network, and may be safely 119 # used with prior release orderers. 120 # Set the value of the capability to true to require it. 121 Application: &ApplicationCapabilities 122 # V2.0 for Application enables the new non-backwards compatible 123 # features and fixes of fabric v2.0. 124 # Prior to enabling V2.0 orderer capabilities, ensure that all 125 # orderers on a channel are at v2.0.0 or later. 126 V2_0: true 127 128 ################################################################################ 129 # 130 # APPLICATION 131 # 132 # This section defines the values to encode into a config transaction or 133 # genesis block for application-related parameters. 134 # 135 ################################################################################ 136 Application: &ApplicationDefaults 137 ACLs: &ACLsDefault 138 # This section provides defaults for policies for various resources 139 # in the system. These "resources" could be functions on system chaincodes 140 # (e.g., "GetBlockByNumber" on the "qscc" system chaincode) or other resources 141 # (e.g.,who can receive Block events). This section does NOT specify the resource's 142 # definition or API, but just the ACL policy for it. 143 # 144 # User's can override these defaults with their own policy mapping by defining the 145 # mapping under ACLs in their channel definition 146 147 #---New Lifecycle System Chaincode (_lifecycle) function to policy mapping for access control--# 148 149 # ACL policy for _lifecycle's "CommitChaincodeDefinition" function 150 _lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers 151 152 # ACL policy for _lifecycle's "QueryChaincodeDefinition" function 153 _lifecycle/QueryChaincodeDefinition: /Channel/Application/Readers 154 155 # ACL policy for _lifecycle's "QueryNamespaceDefinitions" function 156 _lifecycle/QueryNamespaceDefinitions: /Channel/Application/Readers 157 158 #---Lifecycle System Chaincode (lscc) function to policy mapping for access control---# 159 160 # ACL policy for lscc's "getid" function 161 lscc/ChaincodeExists: /Channel/Application/Readers 162 163 # ACL policy for lscc's "getdepspec" function 164 lscc/GetDeploymentSpec: /Channel/Application/Readers 165 166 # ACL policy for lscc's "getccdata" function 167 lscc/GetChaincodeData: /Channel/Application/Readers 168 169 # ACL Policy for lscc's "getchaincodes" function 170 lscc/GetInstantiatedChaincodes: /Channel/Application/Readers 171 172 #---Query System Chaincode (qscc) function to policy mapping for access control---# 173 174 # ACL policy for qscc's "GetChainInfo" function 175 qscc/GetChainInfo: /Channel/Application/Readers 176 177 # ACL policy for qscc's "GetBlockByNumber" function 178 qscc/GetBlockByNumber: /Channel/Application/Readers 179 180 # ACL policy for qscc's "GetBlockByHash" function 181 qscc/GetBlockByHash: /Channel/Application/Readers 182 183 # ACL policy for qscc's "GetTransactionByID" function 184 qscc/GetTransactionByID: /Channel/Application/Readers 185 186 # ACL policy for qscc's "GetBlockByTxID" function 187 qscc/GetBlockByTxID: /Channel/Application/Readers 188 189 #---Configuration System Chaincode (cscc) function to policy mapping for access control---# 190 191 # ACL policy for cscc's "GetConfigBlock" function 192 cscc/GetConfigBlock: /Channel/Application/Readers 193 194 # ACL policy for cscc's "GetConfigTree" function 195 cscc/GetConfigTree: /Channel/Application/Readers 196 197 # ACL policy for cscc's "SimulateConfigTreeUpdate" function 198 cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers 199 200 #---Miscellanesous peer function to policy mapping for access control---# 201 202 # ACL policy for invoking chaincodes on peer 203 peer/Propose: /Channel/Application/Writers 204 205 # ACL policy for chaincode to chaincode invocation 206 peer/ChaincodeToChaincode: /Channel/Application/Readers 207 208 #---Events resource to policy mapping for access control###---# 209 210 # ACL policy for sending block events 211 event/Block: /Channel/Application/Readers 212 213 # ACL policy for sending filtered block events 214 event/FilteredBlock: /Channel/Application/Readers 215 216 # Organizations lists the orgs participating on the application side of the 217 # network. 218 Organizations: 219 220 # Policies defines the set of policies at this level of the config tree 221 # For Application policies, their canonical path is 222 # /Channel/Application/<PolicyName> 223 Policies: &ApplicationDefaultPolicies 224 LifecycleEndorsement: 225 Type: ImplicitMeta 226 Rule: "MAJORITY Endorsement" 227 Endorsement: 228 Type: ImplicitMeta 229 Rule: "MAJORITY Endorsement" 230 Readers: 231 Type: ImplicitMeta 232 Rule: "ANY Readers" 233 Writers: 234 Type: ImplicitMeta 235 Rule: "ANY Writers" 236 Admins: 237 Type: ImplicitMeta 238 Rule: "MAJORITY Admins" 239 240 # Capabilities describes the application level capabilities, see the 241 # dedicated Capabilities section elsewhere in this file for a full 242 # description 243 Capabilities: 244 <<: *ApplicationCapabilities 245 246 ################################################################################ 247 # 248 # ORDERER 249 # 250 # This section defines the values to encode into a config transaction or 251 # genesis block for orderer related parameters. 252 # 253 ################################################################################ 254 Orderer: &OrdererDefaults 255 256 # Orderer Type: The orderer implementation to start. 257 # Available types are "solo" and "kafka". 258 OrdererType: solo 259 260 # Addresses used to be the list of orderer addresses that clients and peers 261 # could connect to. However, this does not allow clients to associate orderer 262 # addresses and orderer organizations which can be useful for things such 263 # as TLS validation. The preferred way to specify orderer addresses is now 264 # to include the OrdererEndpoints item in your org definition 265 Addresses: 266 # - 127.0.0.1:7050 267 268 # Batch Timeout: The amount of time to wait before creating a batch. 269 BatchTimeout: 2s 270 271 # Batch Size: Controls the number of messages batched into a block. 272 # The orderer views messages opaquely, but typically, messages may 273 # be considered to be Fabric transactions. The 'batch' is the group 274 # of messages in the 'data' field of the block. Blocks will be a few kb 275 # larger than the batch size, when signatures, hashes, and other metadata 276 # is applied. 277 BatchSize: 278 279 # Max Message Count: The maximum number of messages to permit in a 280 # batch. No block will contain more than this number of messages. 281 MaxMessageCount: 500 282 283 # Absolute Max Bytes: The absolute maximum number of bytes allowed for 284 # the serialized messages in a batch. The maximum block size is this value 285 # plus the size of the associated metadata (usually a few KB depending 286 # upon the size of the signing identities). Any transaction larger than 287 # this value will be rejected by ordering. If the "kafka" OrdererType is 288 # selected, set 'message.max.bytes' and 'replica.fetch.max.bytes' on 289 # the Kafka brokers to a value that is larger than this one. 290 AbsoluteMaxBytes: 10 MB 291 292 # Preferred Max Bytes: The preferred maximum number of bytes allowed 293 # for the serialized messages in a batch. Roughly, this field may be considered 294 # the best effort maximum size of a batch. A batch will fill with messages 295 # until this size is reached (or the max message count, or batch timeout is 296 # exceeded). If adding a new message to the batch would cause the batch to 297 # exceed the preferred max bytes, then the current batch is closed and written 298 # to a block, and a new batch containing the new message is created. If a 299 # message larger than the preferred max bytes is received, then its batch 300 # will contain only that message. Because messages may be larger than 301 # preferred max bytes (up to AbsoluteMaxBytes), some batches may exceed 302 # the preferred max bytes, but will always contain exactly one transaction. 303 PreferredMaxBytes: 2 MB 304 305 # Max Channels is the maximum number of channels to allow on the ordering 306 # network. When set to 0, this implies no maximum number of channels. 307 MaxChannels: 0 308 309 Kafka: 310 # Brokers: A list of Kafka brokers to which the orderer connects. Edit 311 # this list to identify the brokers of the ordering service. 312 # NOTE: Use IP:port notation. 313 Brokers: 314 - kafka0:9092 315 - kafka1:9092 316 - kafka2:9092 317 318 # EtcdRaft defines configuration which must be set when the "etcdraft" 319 # orderertype is chosen. 320 EtcdRaft: 321 # The set of Raft replicas for this network. For the etcd/raft-based 322 # implementation, we expect every replica to also be an OSN. Therefore, 323 # a subset of the host:port items enumerated in this list should be 324 # replicated under the Orderer.Addresses key above. 325 Consenters: 326 - Host: raft0.example.com 327 Port: 7050 328 ClientTLSCert: path/to/ClientTLSCert0 329 ServerTLSCert: path/to/ServerTLSCert0 330 - Host: raft1.example.com 331 Port: 7050 332 ClientTLSCert: path/to/ClientTLSCert1 333 ServerTLSCert: path/to/ServerTLSCert1 334 - Host: raft2.example.com 335 Port: 7050 336 ClientTLSCert: path/to/ClientTLSCert2 337 ServerTLSCert: path/to/ServerTLSCert2 338 339 # Options to be specified for all the etcd/raft nodes. The values here 340 # are the defaults for all new channels and can be modified on a 341 # per-channel basis via configuration updates. 342 Options: 343 # TickInterval is the time interval between two Node.Tick invocations. 344 TickInterval: 500ms 345 346 # ElectionTick is the number of Node.Tick invocations that must pass 347 # between elections. That is, if a follower does not receive any 348 # message from the leader of current term before ElectionTick has 349 # elapsed, it will become candidate and start an election. 350 # ElectionTick must be greater than HeartbeatTick. 351 ElectionTick: 10 352 353 # HeartbeatTick is the number of Node.Tick invocations that must 354 # pass between heartbeats. That is, a leader sends heartbeat 355 # messages to maintain its leadership every HeartbeatTick ticks. 356 HeartbeatTick: 1 357 358 # MaxInflightBlocks limits the max number of in-flight append messages 359 # during optimistic replication phase. 360 MaxInflightBlocks: 5 361 362 # SnapshotIntervalSize defines number of bytes per which a snapshot is taken 363 SnapshotIntervalSize: 16 MB 364 365 # Organizations lists the orgs participating on the orderer side of the 366 # network. 367 Organizations: 368 369 # Policies defines the set of policies at this level of the config tree 370 # For Orderer policies, their canonical path is 371 # /Channel/Orderer/<PolicyName> 372 Policies: 373 Readers: 374 Type: ImplicitMeta 375 Rule: "ANY Readers" 376 Writers: 377 Type: ImplicitMeta 378 Rule: "ANY Writers" 379 Admins: 380 Type: ImplicitMeta 381 Rule: "MAJORITY Admins" 382 # BlockValidation specifies what signatures must be included in the block 383 # from the orderer for the peer to validate it. 384 BlockValidation: 385 Type: ImplicitMeta 386 Rule: "ANY Writers" 387 388 # Capabilities describes the orderer level capabilities, see the 389 # dedicated Capabilities section elsewhere in this file for a full 390 # description 391 Capabilities: 392 <<: *OrdererCapabilities 393 394 ################################################################################ 395 # 396 # CHANNEL 397 # 398 # This section defines the values to encode into a config transaction or 399 # genesis block for channel related parameters. 400 # 401 ################################################################################ 402 Channel: &ChannelDefaults 403 # Policies defines the set of policies at this level of the config tree 404 # For Channel policies, their canonical path is 405 # /Channel/<PolicyName> 406 Policies: 407 # Who may invoke the 'Deliver' API 408 Readers: 409 Type: ImplicitMeta 410 Rule: "ANY Readers" 411 # Who may invoke the 'Broadcast' API 412 Writers: 413 Type: ImplicitMeta 414 Rule: "ANY Writers" 415 # By default, who may modify elements at this config level 416 Admins: 417 Type: ImplicitMeta 418 Rule: "MAJORITY Admins" 419 420 421 # Capabilities describes the channel level capabilities, see the 422 # dedicated Capabilities section elsewhere in this file for a full 423 # description 424 Capabilities: 425 <<: *ChannelCapabilities 426 427 ################################################################################ 428 # 429 # PROFILES 430 # 431 # Different configuration profiles may be encoded here to be specified as 432 # parameters to the configtxgen tool. The profiles which specify consortiums 433 # are to be used for generating the orderer genesis block. With the correct 434 # consortium members defined in the orderer genesis block, channel creation 435 # requests may be generated with only the org member names and a consortium 436 # name. 437 # 438 ################################################################################ 439 Profiles: 440 441 # SampleSingleMSPSolo defines a configuration which uses the Solo orderer, 442 # and contains a single MSP definition (the MSP sampleconfig). 443 # The Consortium SampleConsortium has only a single member, SampleOrg. 444 SampleSingleMSPSolo: 445 <<: *ChannelDefaults 446 Orderer: 447 <<: *OrdererDefaults 448 Organizations: 449 - *SampleOrg 450 Consortiums: 451 SampleConsortium: 452 Organizations: 453 - *SampleOrg 454 455 # SampleSingleMSPKafka defines a configuration that differs from the 456 # SampleSingleMSPSolo one only in that it uses the Kafka-based orderer. 457 SampleSingleMSPKafka: 458 <<: *ChannelDefaults 459 Orderer: 460 <<: *OrdererDefaults 461 OrdererType: kafka 462 Organizations: 463 - *SampleOrg 464 Consortiums: 465 SampleConsortium: 466 Organizations: 467 - *SampleOrg 468 469 # SampleInsecureSolo defines a configuration which uses the Solo orderer, 470 # contains no MSP definitions, and allows all transactions and channel 471 # creation requests for the consortium SampleConsortium. 472 SampleInsecureSolo: 473 <<: *ChannelDefaults 474 Orderer: 475 <<: *OrdererDefaults 476 Consortiums: 477 SampleConsortium: 478 Organizations: 479 480 # SampleInsecureKafka defines a configuration that differs from the 481 # SampleInsecureSolo one only in that it uses the Kafka-based orderer. 482 SampleInsecureKafka: 483 <<: *ChannelDefaults 484 Orderer: 485 OrdererType: kafka 486 <<: *OrdererDefaults 487 Consortiums: 488 SampleConsortium: 489 Organizations: 490 491 # SampleDevModeSolo defines a configuration which uses the Solo orderer, 492 # contains the sample MSP as both orderer and consortium member, and 493 # requires only basic membership for admin privileges. It also defines 494 # an Application on the ordering system channel, which should usually 495 # be avoided. 496 SampleDevModeSolo: 497 <<: *ChannelDefaults 498 Orderer: 499 <<: *OrdererDefaults 500 Organizations: 501 - <<: *SampleOrg 502 Policies: 503 <<: *SampleOrgPolicies 504 Admins: 505 Type: Signature 506 Rule: "OR('SampleOrg.member')" 507 Application: 508 <<: *ApplicationDefaults 509 Organizations: 510 - <<: *SampleOrg 511 Policies: 512 <<: *SampleOrgPolicies 513 Admins: 514 Type: Signature 515 Rule: "OR('SampleOrg.member')" 516 Consortiums: 517 SampleConsortium: 518 Organizations: 519 - <<: *SampleOrg 520 Policies: 521 <<: *SampleOrgPolicies 522 Admins: 523 Type: Signature 524 Rule: "OR('SampleOrg.member')" 525 526 # SampleDevModeKafka defines a configuration that differs from the 527 # SampleDevModeSolo one only in that it uses the Kafka-based orderer. 528 SampleDevModeKafka: 529 <<: *ChannelDefaults 530 Orderer: 531 <<: *OrdererDefaults 532 OrdererType: kafka 533 Organizations: 534 - <<: *SampleOrg 535 Policies: 536 <<: *SampleOrgPolicies 537 Admins: 538 Type: Signature 539 Rule: "OR('SampleOrg.member')" 540 Application: 541 <<: *ApplicationDefaults 542 Organizations: 543 - <<: *SampleOrg 544 Policies: 545 <<: *SampleOrgPolicies 546 Admins: 547 Type: Signature 548 Rule: "OR('SampleOrg.member')" 549 Consortiums: 550 SampleConsortium: 551 Organizations: 552 - <<: *SampleOrg 553 Policies: 554 <<: *SampleOrgPolicies 555 Admins: 556 Type: Signature 557 Rule: "OR('SampleOrg.member')" 558 559 # SampleSingleMSPChannel defines a channel with only the sample org as a 560 # member. It is designed to be used in conjunction with SampleSingleMSPSolo 561 # and SampleSingleMSPKafka orderer profiles. Note, for channel creation 562 # profiles, only the 'Application' section and consortium # name are 563 # considered. 564 SampleSingleMSPChannel: 565 <<: *ChannelDefaults 566 Consortium: SampleConsortium 567 Application: 568 <<: *ApplicationDefaults 569 Organizations: 570 - <<: *SampleOrg 571 572 # SampleDevModeEtcdRaft defines a configuration that differs from the 573 # SampleDevModeSolo one only in that it uses the etcd/raft-based orderer. 574 SampleDevModeEtcdRaft: 575 <<: *ChannelDefaults 576 Orderer: 577 <<: *OrdererDefaults 578 OrdererType: etcdraft 579 Organizations: 580 - <<: *SampleOrg 581 Policies: 582 <<: *SampleOrgPolicies 583 Admins: 584 Type: Signature 585 Rule: "OR('SampleOrg.member')" 586 Application: 587 <<: *ApplicationDefaults 588 Organizations: 589 - <<: *SampleOrg 590 Policies: 591 <<: *SampleOrgPolicies 592 Admins: 593 Type: Signature 594 Rule: "OR('SampleOrg.member')" 595 Consortiums: 596 SampleConsortium: 597 Organizations: 598 - <<: *SampleOrg 599 Policies: 600 <<: *SampleOrgPolicies 601 Admins: 602 Type: Signature 603 Rule: "OR('SampleOrg.member')"