# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 # --- ################################################################################ # # Orderer Configuration # # - This controls the type and configuration of the orderer. # ################################################################################ General: # Ledger Type: The ledger type to provide to the orderer. # Two non-production ledger types are provided for test purposes only: # - ram: An in-memory ledger whose contents are lost on restart. # - json: A simple file ledger that writes blocks to disk in JSON format. # Only one production ledger type is provided: # - file: A production file-based ledger. LedgerType: file # Listen address: The IP on which to bind to listen. ListenAddress: 127.0.0.1 # Listen port: The port on which to bind to listen. ListenPort: 7050 # TLS: TLS settings for the GRPC server. TLS: Enabled: false PrivateKey: tls/server.key Certificate: tls/server.crt RootCAs: - tls/ca.crt ClientAuthRequired: false ClientRootCAs: # Keepalive settings for the GRPC server. Keepalive: # ServerMinInterval is the minimum permitted time between client pings. # If clients send pings more frequently, the server will # disconnect them. ServerMinInterval: 60s # ServerInterval is the time between pings to clients. ServerInterval: 7200s # ServerTimeout is the duration the server waits for a response from # a client before closing the connection. ServerTimeout: 20s # Log Level: The level at which to log. This accepts logging specifications # per: fabric/docs/Setup/logging-control.md LogLevel: info # Log Format: The format string to use when logging. Especially useful to disable color logging LogFormat: '%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}' # Genesis method: The method by which the genesis block for the orderer # system channel is specified. Available options are "provisional", "file": # - provisional: Utilizes a genesis profile, specified by GenesisProfile, # to dynamically generate a new genesis block. # - file: Uses the file provided by GenesisFile as the genesis block. GenesisMethod: provisional # Genesis profile: The profile to use to dynamically generate the genesis # block to use when initializing the orderer system channel and # GenesisMethod is set to "provisional". See the configtx.yaml file for the # descriptions of the available profiles. Ignored if GenesisMethod is set to # "file". GenesisProfile: SampleInsecureSolo # Genesis file: The file containing the genesis block to use when # initializing the orderer system channel and GenesisMethod is set to # "file". Ignored if GenesisMethod is set to "provisional". GenesisFile: genesisblock # LocalMSPDir is where to find the private crypto material needed by the # orderer. It is set relative here as a default for dev environments but # should be changed to the real location in production. LocalMSPDir: msp # LocalMSPID is the identity to register the local MSP material with the MSP # manager. IMPORTANT: The local MSP ID of an orderer needs to match the MSP # ID of one of the organizations defined in the orderer system channel's # /Channel/Orderer configuration. The sample organization defined in the # sample configuration provided has an MSP ID of "SampleOrg". LocalMSPID: SampleOrg # Enable an HTTP service for Go "pprof" profiling as documented at: # https://golang.org/pkg/net/http/pprof Profile: Enabled: false Address: 0.0.0.0:6060 # BCCSP configures the blockchain crypto service providers. bccsp: default: PKCS11 pkcs11: Library: /usr/local/lib/softhsm/libsofthsm2.so Pin: ***** Label: orderer.example.com hash: SHA2 security: 256 filekeystore: # The directory used for the software file-based keystore keystore: msp/keystore # Authentication contains configuration parameters related to authenticating # client messages Authentication: # the acceptable difference between the current server time and the # client's time as specified in a client request message TimeWindow: 15m ################################################################################ # # SECTION: File Ledger # # - This section applies to the configuration of the file or json ledgers. # ################################################################################ FileLedger: # Location: The directory to store the blocks in. # NOTE: If this is unset, a new temporary location will be chosen every time # the orderer is restarted, using the prefix specified by Prefix. Location: /var/hyperledger/production/orderer # The prefix to use when generating a ledger directory in temporary space. # Otherwise, this value is ignored. Prefix: hyperledger-fabric-ordererledger ################################################################################ # # SECTION: RAM Ledger # # - This section applies to the configuration of the RAM ledger. # ################################################################################ RAMLedger: # History Size: The number of blocks that the RAM ledger is set to retain. # WARNING: Appending a block to the ledger might cause the oldest block in # the ledger to be dropped in order to limit the number total number blocks # to HistorySize. For example, if history size is 10, when appending block # 10, block 0 (the genesis block!) will be dropped to make room for block 10. HistorySize: 1000 ################################################################################ # # SECTION: Kafka # # - This section applies to the configuration of the Kafka-based orderer, and # its interaction with the Kafka cluster. # ################################################################################ Kafka: # Retry: What do if a connection to the Kafka cluster cannot be established, # or if a metadata request to the Kafka cluster needs to be repeated. Retry: # When a new channel is created, or when an existing channel is reloaded # (in case of a just-restarted orderer), the orderer interacts with the # Kafka cluster in the following ways: # 1. It creates a Kafka producer (writer) for the Kafka partition that # corresponds to the channel. # 2. It uses that producer to post a no-op CONNECT message to that # partition # 3. It creates a Kafka consumer (reader) for that partition. # If any of these steps fail, they will be re-attempted every # for a total of , and then every # for a total of until they succeed. # Note that the orderer will be unable to write to or read from a # channel until all of the steps above have been completed successfully. ShortInterval: 5s ShortTotal: 10m LongInterval: 5m LongTotal: 12h # Affects the socket timeouts when waiting for an initial connection, a # response, or a transmission. See Config.Net for more info: # https://godoc.org/github.com/Shopify/sarama#Config NetworkTimeouts: DialTimeout: 10s ReadTimeout: 10s WriteTimeout: 10s # Affects the metadata requests when the Kafka cluster is in the middle # of a leader election.See Config.Metadata for more info: # https://godoc.org/github.com/Shopify/sarama#Config Metadata: RetryBackoff: 250ms RetryMax: 3 # What to do if posting a message to the Kafka cluster fails. See # Config.Producer for more info: # https://godoc.org/github.com/Shopify/sarama#Config Producer: RetryBackoff: 100ms RetryMax: 3 # What to do if reading from the Kafka cluster fails. See # Config.Consumer for more info: # https://godoc.org/github.com/Shopify/sarama#Config Consumer: RetryBackoff: 2s # Settings to use when creating Kafka topics. Only applies when # Kafka.Version is v0.10.1.0 or higher Topic: # The number of Kafka brokers across which to replicate the topic ReplicationFactor: 3 # Verbose: Enable logging for interactions with the Kafka cluster. Verbose: false # TLS: TLS settings for the orderer's connection to the Kafka cluster. TLS: # Enabled: Use TLS when connecting to the Kafka cluster. Enabled: false # PrivateKey: PEM-encoded private key the orderer will use for # authentication. PrivateKey: # As an alternative to specifying the PrivateKey here, uncomment the # following "File" key and specify the file name from which to load the # value of PrivateKey. #File: path/to/PrivateKey # Certificate: PEM-encoded signed public key certificate the orderer will # use for authentication. Certificate: # As an alternative to specifying the Certificate here, uncomment the # following "File" key and specify the file name from which to load the # value of Certificate. #File: path/to/Certificate # RootCAs: PEM-encoded trusted root certificates used to validate # certificates from the Kafka cluster. RootCAs: # As an alternative to specifying the RootCAs here, uncomment the # following "File" key and specify the file name from which to load the # value of RootCAs. #File: path/to/RootCAs # SASLPlain: Settings for using SASL/PLAIN authentication with Kafka brokers SASLPlain: # Enabled: Use SASL/PLAIN to authenticate with Kafka brokers Enabled: false # User: Required when Enabled is set to true User: # Password: Required when Enabled is set to true Password: # Kafka protocol version used to communicate with the Kafka cluster brokers # (defaults to 0.10.2.0 if not specified) Version: ################################################################################ # # Debug Configuration # # - This controls the debugging options for the orderer # ################################################################################ Debug: # BroadcastTraceDir when set will cause each request to the Broadcast service # for this orderer to be written to a file in this directory BroadcastTraceDir: # DeliverTraceDir when set will cause each request to the Deliver service # for this orderer to be written to a file in this directory DeliverTraceDir: