Fabric的主要配置文件有四个:
- crypto-config.yaml: 密钥配置文件
- configtx.yaml: 组织、通道配置文件
- core.yaml: peer节点配置文件
- orderer.yaml: orderer节点配置文件
其实,这四个配置文件官方提供的都有示例,而且示例中给出了非常详细的注释。
先从crypto-config.yaml开始,他的实例文件可以使用如下命令获取
$ cryptogen showtemplate >> crypto-config.yaml
实例文件如下:
# ---------------------------------------------------------------------------
# "OrdererOrgs" - Definition of organizations managing orderer nodes
# ---------------------------------------------------------------------------
OrdererOrgs:
# ---------------------------------------------------------------------------
# Orderer
# ---------------------------------------------------------------------------
- Name: Orderer
Domain: example.com
# ---------------------------------------------------------------------------
# "Specs" - See PeerOrgs below for complete description
# ---------------------------------------------------------------------------
Specs:
- Hostname: orderer
# ---------------------------------------------------------------------------
# "PeerOrgs" - Definition of organizations managing peer nodes
# ---------------------------------------------------------------------------
PeerOrgs:
# ---------------------------------------------------------------------------
# Org1
# ---------------------------------------------------------------------------
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: false
# ---------------------------------------------------------------------------
# "CA"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of the CA for this
# organization. This entry is a Spec. See "Specs" section below for details.
# ---------------------------------------------------------------------------
# CA:
# Hostname: ca # implicitly ca.org1.example.com
# Country: US
# Province: California
# Locality: San Francisco
# OrganizationalUnit: Hyperledger Fabric
# StreetAddress: address for org # default nil
# PostalCode: postalCode for org # default nil
# ---------------------------------------------------------------------------
# "Specs"
# ---------------------------------------------------------------------------
# Uncomment this section to enable the explicit definition of hosts in your
# configuration. Most users will want to use Template, below
#
# Specs is an array of Spec entries. Each Spec entry consists of two fields:
# - Hostname: (Required) The desired hostname, sans the domain.
# - CommonName: (Optional) Specifies the template or explicit override for
# the CN. By default, this is the template:
#
# "{{.Hostname}}.{{.Domain}}"
#
# which obtains its values from the Spec.Hostname and
# Org.Domain, respectively.
# - SANS: (Optional) Specifies one or more Subject Alternative Names
# to be set in the resulting x509. Accepts template
# variables {{.Hostname}}, {{.Domain}}, {{.CommonName}}. IP
# addresses provided here will be properly recognized. Other
# values will be taken as DNS names.
# NOTE: Two implicit entries are created for you:
# - {{ .CommonName }}
# - {{ .Hostname }}
# ---------------------------------------------------------------------------
# Specs:
# - Hostname: foo # implicitly "foo.org1.example.com"
# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above
# SANS:
# - "bar.{{.Domain}}"
# - "altfoo.{{.Domain}}"
# - "{{.Hostname}}.org6.net"
# - 172.16.10.31
# - Hostname: bar
# - Hostname: baz
# ---------------------------------------------------------------------------
# "Template"
# ---------------------------------------------------------------------------
# Allows for the definition of 1 or more hosts that are created sequentially
# from a template. By default, this looks like "peer%d" from 0 to Count-1.
# You may override the number of nodes (Count), the starting index (Start)
# or the template used to construct the name (Hostname).
#
# Note: Template and Specs are not mutually exclusive. You may define both
# sections and the aggregate nodes will be created for you. Take care with
# name collisions
# ---------------------------------------------------------------------------
Template:
Count: 1
# Start: 5
# Hostname: {{.Prefix}}{{.Index}} # default
# SANS:
# - "{{.Hostname}}.alt.{{.Domain}}"
# ---------------------------------------------------------------------------
# "Users"
# ---------------------------------------------------------------------------
# Count: The number of user accounts _in addition_ to Admin
# ---------------------------------------------------------------------------
Users:
Count: 1
# ---------------------------------------------------------------------------
# Org2: See "Org1" for full specification
# ---------------------------------------------------------------------------
- Name: Org2
Domain: org2.example.com
EnableNodeOUs: false
Template:
Count: 1
Users:
Count: 1
我写好的crypto-config.yaml文件内容如下,为了方便阅读,我删除了示例文件中的英文注释。
OrdererOrgs:
- Name: Orderer
Domain: cardchain.com
Specs:
- Hostname: orderer
PeerOrgs:
- Name: OrgA
Domain: orga.cardchain.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 2
- Name: OrgB
Domain: orgb.cardchain.com
EnableNodeOUs: true
Template:
Count: 2
Users:
Count: 2
从配置文件中,我们可以看出,需要配置两个类型的组织:Orderer和Peer。
OrdererOrgs中,定义了Orderer的域名和主机名,其实orderer.cardchain.com就是Orderer的地址。
PeerOrgs中,定义了两个组织:OrgA和OrgB,并定义了每个组织的域名,Template表示该组织下有两个节点,默认两个子节点的名字分别为peer0,peer1,多个节点名字依次顺延,Users表示每个组织下有两个用户,默认两个用户名为User0,User1,多个用户名字依次顺延,此外,还会有一个Admin账户。
这就是crypto-config.yaml,他的作用是,根据配置生成各组织和用户所需要的证书即密钥。具体如何使用,将在介绍完四个配置文件后统一说明。