crypto-config.yaml:用于配置网络中的加密材料,例如证书、密钥等。该文件定义了组织、节点和用户的证书和私钥的存储位置、命名规则和类型等信息。这个文件是在启动网络之前必须要有的配置文件。
configtx.yaml :用于配置Fabric的创世区块和通道,包括定义组织、节点、策略、订购服务等信息。该文件定义了网络中的所有参与方的身份和角色,以及它们之间的关系和交互。此外,configtx.yaml还包括定义通道的策略、背书策略等信息。
docker-compose.yaml:用以配置fabric网络的相关容器
orderer.yaml:用于配置Orderer节点,例如定义共识类型、监听地址、TLS设置等信息。该文件定义了Orderer节点的角色和功能,包括共识机制、共识协议、共识节点之间的通信等信息。
core.yaml:用于配置Peer节点的行为,例如定义Peer节点如何连接到网络,定义背书和验证策略等信息。该文件定义了Peer节点的角色和功能,包括链码的背书和查询、事件订阅和传输、链码生命周期管理等信息。
core.yaml和orderer.yaml配置文件的位置通常会被打包在docker镜像中,而不是直接提供给用户查看和编辑。如果你需要自定义这些配置文件,可以通过构建自己的docker镜像并将其作为替换添加到test-network中。另外,你也可以通过在启动peer和orderer容器时使用-v参数挂载主机目录来替换默认的配置文件。
OrdererOrgs: ## 定义管理orderer节点的组织
- Name: Orderer ## 这个组织的名字叫 Orderer
Domain: example.com ## 这个组织的域名是 example.com
# 生成证书的时候,证书内会包含Name和Domain信息,orderer.example.com就是这个组织的地址
EnableNodeOUs: true ## 启用了 EnableNodeOUs 后,会在 MSP 目录下生成 config.yaml 文件,该文件包含了组织单元(OU)的相关配置信息,例如节点 OU 和客户端 OU 的组织单元标识符(OU Identifier)和证书。这些信息可以用于定义节点和客户端的身份验证策略。
# 如果启用了这个选项,那么节点的证书将会包含其所属的OU标识。这个选项在配置节点的MSP(成员服务提供程序)时使用,以便正确识别并验证节点的证书。具体来说,在节点的MSP配置中,可以指定一个或多个OU标识,并为每个标识提供相应的TLS和签名证书。然后,节点的证书可以将其所属的OU标识包含在内,以便在验证时正确识别节点。启用节点OU对于在Fabric网络中进行身份验证和授权非常重要。
# 如果不启用该选项,则节点的证书只会包含其所属的组织信息,而无法确定该节点属于哪个OU,这可能会导致网络安全问题。
# 对于一个Spec来说,配置了CommonName,那么文件夹则命名为CommonName
# 如果没有配置CommonName,则文件名为:{{.Hostname}}.{{Domain}}
# 在下面的例子中,在 crypto-config/ordererOrganizations/example.com/orderers 目录下
# 则会产生两个文件orderer.test.com和orderer5.test.com,
# 如果没有加CommonName,则目录名为order.example.com与order5.example.comn
# - SANS: (Optional) Specifies one or more Subject Alternative Names
# to be set in the resulting x509. Accepts template
# variables {{.Hostname}}, {{.Domain}}, {{.CommonName}}. IP
# addresses provided here will be properly recognized. Other
# values will be taken as DNS names.
# NOTE: Two implicit entries are created for you:
# - {{ .CommonName }}
# - {{ .Hostname }}
Specs:
- Hostname: orderer
CommonName: orderer.test.com
SANS:
- localhost #此处提供的地址将被正确识别。另外值将作为DNS名称解析。
# - Hostname: orderer2
# - Hostname: orderer3
# - Hostname: orderer4
- Hostname: orderer5
CommonName: orderer5.test.com
PeerOrgs: ## 定义管理peer节点的组织
- Name: Org1
Domain: org1.example.com
EnableNodeOUs: true
# Template是按照Template模板生成多个文件,数量由Count决定,起始编号由Start决定
# 如下配置会在crypto-config/peerOrganizations/org1.example.com/peers目录下,
# 生成两个文件,分别是 peer0.org1.example.com 和 peer1.org1.example.com
# 如果把Start注释去掉,那么会生成 peer5.org1.example.com 和 peer6.org1.example.com
Template:
Count: 2
# Start: 5
# Users是生成除了Admin之外多少个user,数量由Count决定
# 对于orderer组织,这个值设置了也没有效果
# 如果配置会在crypto-config/peerOrganizations/org1.example.com/users目录下,
# 生成两个文件,分别是Admin@org1.example.com和User1@org1.example.com
# 如果改为2,那么会多一个User2@org1.example.com
Users:
Count: 1
# 如下如果在这里加入一个Specs,那么会在peers目录下生成3个文件了
# 包括,peer0.org2.example.com, peer1.org2.example.com 和 test.org2.example.com
- Name: Org2
Domain: org2.example.com
EnableNodeOUs: true
# Specs:
# - Hostname: test
Template:
Count: 2
Users:
Count: 1
Organizations配置段用来定义组织机构实体,以便在后续配置中引用
Organizations:
- &OrdererOrg
Name: OrdererOrg ## 组织名称
ID: OrdererMSP ## 组织ID,ID是引用组织的关键
MSPDir: crypto-config/ordererOrganizations/example.com/msp ## 组织的MSP证书路径
## 定义本层级的组织策略,其权威路径为 /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
Policies:
Readers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Writers:
Type: Signature
Rule: "OR('OrdererMSP.member')"
Admins:
Type: Signature
Rule: "OR('OrdererMSP.admin')"
- &Org1
Name: Org1MSP
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
AnchorPeers: ## 定义组织的锚节点
- Host: peer0.org1.example.com ## 锚节点的host地址
Port: 7051 ## 锚节点开放的端口号
- &Org2
Name: Org2MSP
ID: Org2MSP
MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
Writers:
Type: Signature
Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
Admins:
Type: Signature
Rule: "OR('Org2MSP.admin')"
AnchorPeers:
- Host: peer0.org2.example.com
Port: 9051
Capabilities 段用来定义fabric网络的能力。这是版本v1.1.0引入的一个新的配置段,当与版本v1.0.x的orderer节点与peer节点混合组网时不可使用。
Capabilities:
# Channel配置同时应用于orderer节点与peer节点,并且必须被两种节点同时支持
# 将该配置项设置为ture表明要求节点具备该能力,false则不要求该节点具备该能力
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
# Orderer功能仅适用于orderers,可以安全地操作,而无需担心升级peers
# 将该配置项设置为ture表明要求节点具备该能力,false则不要求该节点具备该能力
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
# 应用程序功能仅适用于Peer网络,可以安全地操作,而无需担心升级或更新orderers
# 将该配置项设置为ture表明要求节点具备该能力,false则不要求该节点具备该能力
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Application配置段用来定义要写入创世区块或配置交易的应用参数
Application: &ApplicationDefaults ## 自定义被引用的地址
Organizations: ## Organizations配置列出参与到网络中的机构清单
Policies: ## 定义本层级的应用控制策略,其权威路径为 /Channel/Application/<PolicyName>
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities配置描述应用层级的能力需求,这里直接引用
# 前面Capabilities配置段中的ApplicationCapabilities配置项
Capabilities:
<<: *ApplicationCapabilities
Orderer配置段用来定义要编码写入创世区块或通道交易的排序节点参数
Orderer: &OrdererDefaults
# 排序节点类型用来指定要启用的排序节点实现,不同的实现对应不同的共识算法。
# 目前可用的类型为:solo,kafka,EtcdRaft
OrdererType: solo
Addresses: ## 服务地址,这个地方很重要,一定要配正确
- orderer.example.com:7050
BatchTimeout: 2s ## 区块打包的最大超时时间 (到了该时间就打包区块)
BatchSize: ## 区块打包的最大包含交易数(orderer端切分区块的参数)
MaxMessageCount: 10 ## 一个区块里最大的交易数
AbsoluteMaxBytes: 99 MB ## 一个区块的最大字节数,任何时候都不能超过
PreferredMaxBytes: 512 KB ## 一个区块的建议字节数,如果一个交易消息的大小超过了这个值, 就会被放入另外一个更大的区块中
MaxChannels: 0 ## 【可选项】表示Orderer允许的最大通道数, 默认0表示没有最大通道数
Kafka:
Brokers: ## kafka模式的时候kafka节点的地址,通常至少配2个
- 127.0.0.1:9092
EtcdRaft: ## 定义了EtcdRaft排序类型被选择时的配置
Consenters:
- Host: orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
- Host: orderer2.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
- Host: orderer3.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
- Host: orderer4.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
- Host: orderer5.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
Organizations: ## 参与维护Orderer的组织,默认为空
# 定义本层级的排序节点策略,其权威路径为 /Channel/Orderer/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
BlockValidation:
Type: ImplicitMeta
Rule: "ANY Writers"
# Capabilities配置描述排序节点层级的能力需求,这里直接引用
# 前面Capabilities配置段中的OrdererCapabilities配置项
Capabilities:
<<: *OrdererCapabilities
Channel配置段用来定义要写入创世区块或配置交易的通道参数。
Channel: &ChannelDefaults
# 定义本层级的通道访问策略,其权威路径为 /Channel/<PolicyName>
Policies:
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Writes策略定义了调用Broadcast API提交交易的许可规则
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# Admin策略定义了修改本层级配置的许可规则
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
# Capabilities配置描通道层级的能力需求,这里直接引用
# 前面Capabilities配置段中的ChannelCapabilities配置项
Capabilities:
<<: *ChannelCapabilities
Profiles配置段用来定义用于configtxgen工具的配置入口。包含联盟(consortium)的配置入口可以用来生成排序节点的创世区块。
Profiles:
# TwoOrgsOrdererGenesis用来生成orderer启动时所需的block,用于生成创世区块,名字可以任意
# 需要包含Orderer和Consortiums两部分
TwoOrgsOrdererGenesis:
<<: *ChannelDefaults ## 通道为默认配置,这里直接引用上面channel配置段中的ChannelDefaults
Orderer:
<<: *OrdererDefaults ## Orderer为默认配置,这里直接引用上面orderer配置段中的OrdererDefaults
Organizations: ## 这里直接引用上面Organizations配置段中的OrdererOrg
- *OrdererOrg
Capabilities: ## 这里直接引用上面Capabilities配置段中的OrdererCapabilities
<<: *OrdererCapabilities
# 联盟为默认的 SampleConsortium 联盟,添加了两个组织,表示orderer所服务的联盟列表
Consortiums:
SampleConsortium: ## 创建更多应用通道时的联盟引用 TwoOrgsChannel 所示
Organizations:
- *Org1
- *Org2
# TwoOrgsChannel用来生成channel配置信息,名字可以任意
# 需要包含Consortium和Applicatioon两部分。
TwoOrgsChannel:
Consortium: SampleConsortium ## 通道所关联的联盟名称
<<: *ChannelDefaults ## 通道为默认配置,这里直接引用上面channel配置段中的ChannelDefaults
Application:
<<: *ApplicationDefaults ## 这里直接引用上面Application配置段中的ApplicationDefaults
Organizations:
- *Org1
- *Org2
Capabilities:
<<: *ApplicationCapabilities ## 这里直接引用上面Capabilities配置段中的ApplicationCapabilities
# SampleInsecureKafka定义了一个使用Kfaka排序节点的配置
SampleDevModeKafka:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: kafka
Kafka:
Brokers:
- kafka.example.com:9092
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
# SampleInsecureKafka定义了一个使用EtcdRaft排序节点的配置
SampleMultiNodeEtcdRaft:
<<: *ChannelDefaults
Capabilities:
<<: *ChannelCapabilities
Orderer:
<<: *OrdererDefaults
OrdererType: etcdraft
EtcdRaft:
Consenters:
- Host: orderer.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
- Host: orderer2.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
- Host: orderer3.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
- Host: orderer4.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
- Host: orderer5.example.com
Port: 7050
ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
Addresses:
- orderer.example.com:7050
- orderer2.example.com:7050
- orderer3.example.com:7050
- orderer4.example.com:7050
- orderer5.example.com:7050
Organizations:
- *OrdererOrg
Capabilities:
<<: *OrdererCapabilities
Application:
<<: *ApplicationDefaults
Organizations:
- <<: *OrdererOrg
Consortiums:
SampleConsortium:
Organizations:
- *Org1
- *Org2
version: '2'
volumes:
orderer0.example.com:
orderer1.example.com:
orderer2.example.com:
peer0.org1.example.com:
peer1.org1.example.com:
peer0.org2.example.com:
peer1.org2.example.com:
networks:
testwork:
services:
orderer0.example.com:
container_name: orderer0.example.com
image: hyperledger/fabric-orderer:latest
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_LISTENPORT=5050
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/:/var/hyperledger/orderer/tls
- orderer0.example.com:/var/hyperledger/production/orderer
ports:
- 5050:5050
networks:
- testwork
orderer1.example.com:
container_name: orderer1.example.com
image: hyperledger/fabric-orderer:latest
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_LISTENPORT=6050
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer1.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer1.example.com/tls/:/var/hyperledger/orderer/tls
- orderer1.example.com:/var/hyperledger/production/orderer
ports:
- 6050:6050
networks:
- testwork
orderer2.example.com:
container_name: orderer2.example.com
image: hyperledger/fabric-orderer:latest
environment:
- FABRIC_LOGGING_SPEC=INFO
- ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
- ORDERER_GENERAL_LISTENPORT=7050
- ORDERER_GENERAL_BOOTSTRAPMETHOD=file
- ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
- ORDERER_GENERAL_LOCALMSPID=OrdererMSP
- ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
# enabled TLS
- ORDERER_GENERAL_TLS_ENABLED=true
- ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
- ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
- ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
- ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
working_dir: /opt/gopath/src/github.com/hyperledger/fabric
command: orderer
volumes:
- ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/msp:/var/hyperledger/orderer/msp
- ./crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/:/var/hyperledger/orderer/tls
- orderer2.example.com:/var/hyperledger/production/orderer
ports:
- 7050:7050
networks:
- testwork
peer0.org1.example.com:
container_name: peer0.org1.example.com
image: hyperledger/fabric-peer:latest
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.org1.example.com
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LISTENADDRESS=0.0.0.0:7051
- CORE_PEER_CHAINCODEADDRESS=peer0.org1.example.com:7052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org1.example.com:/var/hyperledger/production
ports:
- 7051:7051
- 7052:7052
- 7053:7053
networks:
- testwork
peer1.org1.example.com:
container_name: peer1.org1.example.com
image: hyperledger/fabric-peer:latest
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer1.org1.example.com
- CORE_PEER_ADDRESS=peer1.org1.example.com:7061
- CORE_PEER_LISTENADDRESS=0.0.0.0:7061
- CORE_PEER_CHAINCODEADDRESS=peer1.org1.example.com:7062
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7062
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.example.com:7061
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:7061
- CORE_PEER_LOCALMSPID=Org1MSP
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls:/etc/hyperledger/fabric/tls
- peer1.org1.example.com:/var/hyperledger/production
ports:
- 7061:7061
- 7062:7062
- 7063:7063
networks:
- testwork
peer0.org2.example.com:
container_name: peer0.org2.example.com
image: hyperledger/fabric-peer:latest
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer0.org2.example.com
- CORE_PEER_ADDRESS=peer0.org2.example.com:8051
- CORE_PEER_LISTENADDRESS=0.0.0.0:8051
- CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:8052
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
- CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:8051
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:8051
- CORE_PEER_LOCALMSPID=Org2MSP
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
- peer0.org2.example.com:/var/hyperledger/production
ports:
- 8051:8051
- 8052:8052
- 8053:8053
networks:
- testwork
peer1.org2.example.com:
container_name: peer1.org2.example.com
image: hyperledger/fabric-peer:latest
environment:
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- CORE_PEER_ID=peer1.org2.example.com
- CORE_PEER_ADDRESS=peer1.org2.example.com:8061
- CORE_PEER_LISTENADDRESS=0.0.0.0:8061
- CORE_PEER_CHAINCODEADDRESS=peer1.org2.example.com:8062
- CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8062
- CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.example.com:8061
- CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:8061
- CORE_PEER_LOCALMSPID=Org2MSP
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_GOSSIP_USELEADERELECTION=true
- CORE_PEER_GOSSIP_ORGLEADER=false
- CORE_PEER_PROFILE_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
- CORE_CHAINCODE_EXECUTETIMEOUT=300s
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: peer node start
volumes:
- /var/run/:/host/var/run/
- ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
- ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
- peer1.org2.example.com:/var/hyperledger/production
ports:
- 8061:8061
- 8062:8062
- 8063:8063
networks:
- testwork
cli1:
container_name: cli1
image: hyperledger/fabric-tools:latest
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli1
- CORE_PEER_ADDRESS=peer0.org1.example.com:7051
- CORE_PEER_LOCALMSPID=Org1MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/multiple-deployment/chaincode/go
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org1.example.com
- peer0.org2.example.com
- orderer0.example.com
- orderer1.example.com
- orderer2.example.com
networks:
- testwork
cli2:
container_name: cli2
image: hyperledger/fabric-tools:latest
tty: true
stdin_open: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
#- FABRIC_LOGGING_SPEC=DEBUG
- FABRIC_LOGGING_SPEC=INFO
- CORE_PEER_ID=cli2
- CORE_PEER_ADDRESS=peer0.org2.example.com:8051
- CORE_PEER_LOCALMSPID=Org2MSP
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
- CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
- CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/multiple-deployment/chaincode/go
- ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
- ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
depends_on:
- peer0.org1.example.com
- peer0.org2.example.com
- orderer0.example.com
- orderer1.example.com
- orderer2.example.com
networks:
- testwork
参考链接: Hyperledger Fabric配置文件解析1
参考链接: Hyperledger Fabric配置文件解析2