Hyperledger Fabric配置文件解析

目录

  • 1、相关配置文件介绍
  • 2、crypto-config.yaml
  • 3、configtx.yaml
    • 3.1 Organizations组织配置部分
    • 3.2 Capabilities通道能力配置部分
    • 3.3 Application 应用通道相关配置
    • 3.4 Orderer 排序节点配置
    • 3.5 Channel 通道配置
    • 3.6 Profiles 配置入口
  • 4、docker-compose.yaml

1、相关配置文件介绍

crypto-config.yaml:用于配置网络中的加密材料,例如证书、密钥等。该文件定义了组织、节点和用户的证书和私钥的存储位置、命名规则和类型等信息。这个文件是在启动网络之前必须要有的配置文件。


configtx.yaml :用于配置Fabric的创世区块和通道,包括定义组织、节点、策略、订购服务等信息。该文件定义了网络中的所有参与方的身份和角色,以及它们之间的关系和交互。此外,configtx.yaml还包括定义通道的策略、背书策略等信息。


docker-compose.yaml:用以配置fabric网络的相关容器



orderer.yaml:用于配置Orderer节点,例如定义共识类型、监听地址、TLS设置等信息。该文件定义了Orderer节点的角色和功能,包括共识机制、共识协议、共识节点之间的通信等信息。


core.yaml:用于配置Peer节点的行为,例如定义Peer节点如何连接到网络,定义背书和验证策略等信息。该文件定义了Peer节点的角色和功能,包括链码的背书和查询、事件订阅和传输、链码生命周期管理等信息。


core.yaml和orderer.yaml配置文件的位置通常会被打包在docker镜像中,而不是直接提供给用户查看和编辑。如果你需要自定义这些配置文件,可以通过构建自己的docker镜像并将其作为替换添加到test-network中。另外,你也可以通过在启动peer和orderer容器时使用-v参数挂载主机目录来替换默认的配置文件。

2、crypto-config.yaml

OrdererOrgs:						## 定义管理orderer节点的组织
  - Name: Orderer					## 这个组织的名字叫 Orderer
    Domain: example.com				## 这个组织的域名是 example.com 
    
    # 生成证书的时候,证书内会包含Name和Domain信息,orderer.example.com就是这个组织的地址
    
    EnableNodeOUs: true		## 启用了 EnableNodeOUs 后,会在 MSP 目录下生成 config.yaml 文件,该文件包含了组织单元(OU)的相关配置信息,例如节点 OU 和客户端 OU 的组织单元标识符(OU Identifier)和证书。这些信息可以用于定义节点和客户端的身份验证策略。
    # 如果启用了这个选项,那么节点的证书将会包含其所属的OU标识。这个选项在配置节点的MSP(成员服务提供程序)时使用,以便正确识别并验证节点的证书。具体来说,在节点的MSP配置中,可以指定一个或多个OU标识,并为每个标识提供相应的TLS和签名证书。然后,节点的证书可以将其所属的OU标识包含在内,以便在验证时正确识别节点。启用节点OU对于在Fabric网络中进行身份验证和授权非常重要。
    # 如果不启用该选项,则节点的证书只会包含其所属的组织信息,而无法确定该节点属于哪个OU,这可能会导致网络安全问题。
    
    # 对于一个Spec来说,配置了CommonName,那么文件夹则命名为CommonName
    # 如果没有配置CommonName,则文件名为:{{.Hostname}}.{{Domain}}
    # 在下面的例子中,在 crypto-config/ordererOrganizations/example.com/orderers 目录下
    # 则会产生两个文件orderer.test.com和orderer5.test.com,
    # 如果没有加CommonName,则目录名为order.example.com与order5.example.comn

    #   - SANS:       (Optional) Specifies one or more Subject Alternative Names
    #                 to be set in the resulting x509. Accepts template
    #                 variables {{.Hostname}}, {{.Domain}}, {{.CommonName}}. IP
    #                 addresses provided here will be properly recognized. Other
    #                 values will be taken as DNS names.
    #                 NOTE: Two implicit entries are created for you:
    #                     - {{ .CommonName }}
    #                     - {{ .Hostname }}
    Specs:
      - Hostname: orderer
        CommonName: orderer.test.com
        SANS:
          - localhost  #此处提供的地址将被正确识别。另外值将作为DNS名称解析。
      # - Hostname: orderer2
      # - Hostname: orderer3
      # - Hostname: orderer4
      - Hostname: orderer5
        CommonName: orderer5.test.com

PeerOrgs:											## 定义管理peer节点的组织
  - Name: Org1								
    Domain: org1.example.com	
    EnableNodeOUs: true
  	
  	# Template是按照Template模板生成多个文件,数量由Count决定,起始编号由Start决定
  	# 如下配置会在crypto-config/peerOrganizations/org1.example.com/peers目录下,
  	# 生成两个文件,分别是 peer0.org1.example.com 和 peer1.org1.example.com
  	# 如果把Start注释去掉,那么会生成 peer5.org1.example.com 和 peer6.org1.example.com
    Template:
      Count: 2
      # Start: 5
      
    # Users是生成除了Admin之外多少个user,数量由Count决定
    # 对于orderer组织,这个值设置了也没有效果
    # 如果配置会在crypto-config/peerOrganizations/org1.example.com/users目录下,
    # 生成两个文件,分别是Admin@org1.example.com和User1@org1.example.com
    # 如果改为2,那么会多一个User2@org1.example.com
    Users:
      Count: 1
	
		# 如下如果在这里加入一个Specs,那么会在peers目录下生成3个文件了
		# 包括,peer0.org2.example.com, peer1.org2.example.com 和 test.org2.example.com
  - Name: Org2
    Domain: org2.example.com
    EnableNodeOUs: true
    # Specs:
    #  - Hostname: test
    Template:
      Count: 2
    Users:
      Count: 1

3、configtx.yaml

3.1 Organizations组织配置部分

Organizations配置段用来定义组织机构实体,以便在后续配置中引用

Organizations:
    - &OrdererOrg
        Name: OrdererOrg	## 组织名称
        ID: OrdererMSP	## 组织IDID是引用组织的关键
        MSPDir: crypto-config/ordererOrganizations/example.com/msp	## 组织的MSP证书路径
        ## 定义本层级的组织策略,其权威路径为 /Channel/<Application|Orderer>/<OrgName>/<PolicyName>
        Policies:
            Readers:
                Type: Signature
                Rule: "OR('OrdererMSP.member')"
            Writers:
                Type: Signature
                Rule: "OR('OrdererMSP.member')"
            Admins:
                Type: Signature
                Rule: "OR('OrdererMSP.admin')"

    - &Org1
        Name: Org1MSP
        ID: Org1MSP
        MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
        Policies:
            Readers:
                Type: Signature
                Rule: "OR('Org1MSP.admin', 'Org1MSP.peer', 'Org1MSP.client')"
            Writers:
                Type: Signature
                Rule: "OR('Org1MSP.admin', 'Org1MSP.client')"
            Admins:
                Type: Signature
                Rule: "OR('Org1MSP.admin')"
        AnchorPeers:		## 定义组织的锚节点
            - Host: peer0.org1.example.com		## 锚节点的host地址
              Port: 7051	## 锚节点开放的端口号

    - &Org2
        Name: Org2MSP
        ID: Org2MSP
        MSPDir: crypto-config/peerOrganizations/org2.example.com/msp
        Policies:
            Readers:
                Type: Signature
                Rule: "OR('Org2MSP.admin', 'Org2MSP.peer', 'Org2MSP.client')"
            Writers:
                Type: Signature
                Rule: "OR('Org2MSP.admin', 'Org2MSP.client')"
            Admins:
                Type: Signature
                Rule: "OR('Org2MSP.admin')"
        AnchorPeers:	
            - Host: peer0.org2.example.com
              Port: 9051

3.2 Capabilities通道能力配置部分

Capabilities 段用来定义fabric网络的能力。这是版本v1.1.0引入的一个新的配置段,当与版本v1.0.x的orderer节点与peer节点混合组网时不可使用。

Capabilities:
		# Channel配置同时应用于orderer节点与peer节点,并且必须被两种节点同时支持
    # 将该配置项设置为ture表明要求节点具备该能力,false则不要求该节点具备该能力
    Channel: &ChannelCapabilities
        V1_4_3: true    
        V1_3: false 
        V1_1: false
    # Orderer功能仅适用于orderers,可以安全地操作,而无需担心升级peers
    # 将该配置项设置为ture表明要求节点具备该能力,false则不要求该节点具备该能力
    Orderer: &OrdererCapabilities
        V1_4_2: true 
        V1_1: false
    # 应用程序功能仅适用于Peer网络,可以安全地操作,而无需担心升级或更新orderers
    # 将该配置项设置为ture表明要求节点具备该能力,false则不要求该节点具备该能力
    Application: &ApplicationCapabilities
        V1_4_2: true
        V1_3: false
        V1_2: false  
        V1_1: false

3.3 Application 应用通道相关配置

Application配置段用来定义要写入创世区块或配置交易的应用参数

Application: &ApplicationDefaults  ##  自定义被引用的地址
    Organizations:	## Organizations配置列出参与到网络中的机构清单
    Policies:		## 定义本层级的应用控制策略,其权威路径为 /Channel/Application/<PolicyName>
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"
    # Capabilities配置描述应用层级的能力需求,这里直接引用
    # 前面Capabilities配置段中的ApplicationCapabilities配置项
    Capabilities:
        <<: *ApplicationCapabilities

3.4 Orderer 排序节点配置

Orderer配置段用来定义要编码写入创世区块或通道交易的排序节点参数

Orderer: &OrdererDefaults
		# 排序节点类型用来指定要启用的排序节点实现,不同的实现对应不同的共识算法。
    # 目前可用的类型为:solo,kafka,EtcdRaft
    OrdererType: solo
    Addresses:		## 服务地址,这个地方很重要,一定要配正确
        - orderer.example.com:7050
    BatchTimeout: 2s	## 区块打包的最大超时时间 (到了该时间就打包区块)
    BatchSize:	## 区块打包的最大包含交易数(orderer端切分区块的参数)
        MaxMessageCount: 10	 				## 一个区块里最大的交易数
        AbsoluteMaxBytes: 99 MB			## 一个区块的最大字节数,任何时候都不能超过
        PreferredMaxBytes: 512 KB		## 一个区块的建议字节数,如果一个交易消息的大小超过了这个值, 就会被放入另外一个更大的区块中
    MaxChannels: 0    ## 【可选项】表示Orderer允许的最大通道数, 默认0表示没有最大通道数
    Kafka:
        Brokers:	## kafka模式的时候kafka节点的地址,通常至少配2- 127.0.0.1:9092
    EtcdRaft:	## 定义了EtcdRaft排序类型被选择时的配置
        Consenters:
            - Host: orderer.example.com
              Port: 7050
              ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
              ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
            - Host: orderer2.example.com
              Port: 7050
              ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
              ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
            - Host: orderer3.example.com
              Port: 7050
              ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
              ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
            - Host: orderer4.example.com
              Port: 7050
              ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
              ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
            - Host: orderer5.example.com
              Port: 7050
              ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
              ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
    Organizations:	 ## 参与维护Orderer的组织,默认为空
    # 定义本层级的排序节点策略,其权威路径为 /Channel/Orderer/<PolicyName>
    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"
        BlockValidation:
            Type: ImplicitMeta
            Rule: "ANY Writers"
    # Capabilities配置描述排序节点层级的能力需求,这里直接引用
    # 前面Capabilities配置段中的OrdererCapabilities配置项
    Capabilities:
        <<: *OrdererCapabilities

3.5 Channel 通道配置

Channel配置段用来定义要写入创世区块或配置交易的通道参数。

Channel: &ChannelDefaults
		# 定义本层级的通道访问策略,其权威路径为 /Channel/<PolicyName>
    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        # Writes策略定义了调用Broadcast API提交交易的许可规则
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        # Admin策略定义了修改本层级配置的许可规则
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"
    # Capabilities配置描通道层级的能力需求,这里直接引用
    # 前面Capabilities配置段中的ChannelCapabilities配置项
    Capabilities:
        <<: *ChannelCapabilities

3.6 Profiles 配置入口

Profiles配置段用来定义用于configtxgen工具的配置入口。包含联盟(consortium)的配置入口可以用来生成排序节点的创世区块。

Profiles:
		# TwoOrgsOrdererGenesis用来生成orderer启动时所需的block,用于生成创世区块,名字可以任意
		# 需要包含Orderer和Consortiums两部分
    TwoOrgsOrdererGenesis:	
        <<: *ChannelDefaults	## 通道为默认配置,这里直接引用上面channel配置段中的ChannelDefaults
        Orderer:
            <<: *OrdererDefaults	## Orderer为默认配置,这里直接引用上面orderer配置段中的OrdererDefaults
            Organizations:	## 这里直接引用上面Organizations配置段中的OrdererOrg
                - *OrdererOrg	
            Capabilities:	## 这里直接引用上面Capabilities配置段中的OrdererCapabilities
                <<: *OrdererCapabilities
        # 联盟为默认的 SampleConsortium 联盟,添加了两个组织,表示orderer所服务的联盟列表
        Consortiums:	
            SampleConsortium:		##  创建更多应用通道时的联盟引用 TwoOrgsChannel 所示
                Organizations:
                    - *Org1
                    - *Org2
    # TwoOrgsChannel用来生成channel配置信息,名字可以任意
		# 需要包含Consortium和Applicatioon两部分。 
    TwoOrgsChannel:
        Consortium: SampleConsortium		## 通道所关联的联盟名称
        <<: *ChannelDefaults		## 通道为默认配置,这里直接引用上面channel配置段中的ChannelDefaults
        Application:
            <<: *ApplicationDefaults	## 这里直接引用上面Application配置段中的ApplicationDefaults
            Organizations:
                - *Org1
                - *Org2
            Capabilities:
                <<: *ApplicationCapabilities	## 这里直接引用上面Capabilities配置段中的ApplicationCapabilities
                
		# SampleInsecureKafka定义了一个使用Kfaka排序节点的配置
    SampleDevModeKafka:
        <<: *ChannelDefaults
        Capabilities:
            <<: *ChannelCapabilities
        Orderer:
            <<: *OrdererDefaults
            OrdererType: kafka
            Kafka:
                Brokers:
                - kafka.example.com:9092

            Organizations:
            - *OrdererOrg
            Capabilities:
                <<: *OrdererCapabilities
        Application:
            <<: *ApplicationDefaults
            Organizations:
            - <<: *OrdererOrg
        Consortiums:
            SampleConsortium:
                Organizations:
                - *Org1
                - *Org2
		# SampleInsecureKafka定义了一个使用EtcdRaft排序节点的配置
    SampleMultiNodeEtcdRaft:
        <<: *ChannelDefaults
        Capabilities:
            <<: *ChannelCapabilities
        Orderer:
            <<: *OrdererDefaults
            OrdererType: etcdraft
            EtcdRaft:
                Consenters:
                - Host: orderer.example.com
                  Port: 7050
                  ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
                  ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer.example.com/tls/server.crt
                - Host: orderer2.example.com
                  Port: 7050
                  ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
                  ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/server.crt
                - Host: orderer3.example.com
                  Port: 7050
                  ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
                  ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer3.example.com/tls/server.crt
                - Host: orderer4.example.com
                  Port: 7050
                  ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
                  ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer4.example.com/tls/server.crt
                - Host: orderer5.example.com
                  Port: 7050
                  ClientTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
                  ServerTLSCert: crypto-config/ordererOrganizations/example.com/orderers/orderer5.example.com/tls/server.crt
            Addresses:
                - orderer.example.com:7050
                - orderer2.example.com:7050
                - orderer3.example.com:7050
                - orderer4.example.com:7050
                - orderer5.example.com:7050

            Organizations:
            - *OrdererOrg
            Capabilities:
                <<: *OrdererCapabilities
        Application:
            <<: *ApplicationDefaults
            Organizations:
            - <<: *OrdererOrg
        Consortiums:
            SampleConsortium:
                Organizations:
                - *Org1
                - *Org2

4、docker-compose.yaml

version: '2'

volumes:
  orderer0.example.com:
  orderer1.example.com:
  orderer2.example.com:
  peer0.org1.example.com:
  peer1.org1.example.com:
  peer0.org2.example.com:
  peer1.org2.example.com:
  
  
networks:
  testwork:
  
services:
  orderer0.example.com:
    container_name: orderer0.example.com
    image: hyperledger/fabric-orderer:latest
    environment:
      - FABRIC_LOGGING_SPEC=INFO
      - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
      - ORDERER_GENERAL_LISTENPORT=5050
      - ORDERER_GENERAL_BOOTSTRAPMETHOD=file
      - ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
      - ORDERER_GENERAL_LOCALMSPID=OrdererMSP
      - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
      # enabled TLS
      - ORDERER_GENERAL_TLS_ENABLED=true
      - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
      - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric
    command: orderer
    volumes:
      - ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
      - ./crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/msp:/var/hyperledger/orderer/msp
      - ./crypto-config/ordererOrganizations/example.com/orderers/orderer0.example.com/tls/:/var/hyperledger/orderer/tls
      - orderer0.example.com:/var/hyperledger/production/orderer
    ports:
      - 5050:5050
    networks:
      - testwork
      
  orderer1.example.com:
    container_name: orderer1.example.com
    image: hyperledger/fabric-orderer:latest
    environment:
      - FABRIC_LOGGING_SPEC=INFO
      - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
      - ORDERER_GENERAL_LISTENPORT=6050
      - ORDERER_GENERAL_BOOTSTRAPMETHOD=file
      - ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
      - ORDERER_GENERAL_LOCALMSPID=OrdererMSP
      - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
      # enabled TLS
      - ORDERER_GENERAL_TLS_ENABLED=true
      - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
      - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric
    command: orderer
    volumes:
      - ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
      - ./crypto-config/ordererOrganizations/example.com/orderers/orderer1.example.com/msp:/var/hyperledger/orderer/msp
      - ./crypto-config/ordererOrganizations/example.com/orderers/orderer1.example.com/tls/:/var/hyperledger/orderer/tls
      - orderer1.example.com:/var/hyperledger/production/orderer
    ports:
      - 6050:6050
    networks:
      - testwork
      
  orderer2.example.com:
    container_name: orderer2.example.com
    image: hyperledger/fabric-orderer:latest
    environment:
      - FABRIC_LOGGING_SPEC=INFO
      - ORDERER_GENERAL_LISTENADDRESS=0.0.0.0
      - ORDERER_GENERAL_LISTENPORT=7050
      - ORDERER_GENERAL_BOOTSTRAPMETHOD=file
      - ORDERER_GENERAL_BOOTSTRAPFILE=/var/hyperledger/orderer/orderer.genesis.block
      - ORDERER_GENERAL_LOCALMSPID=OrdererMSP
      - ORDERER_GENERAL_LOCALMSPDIR=/var/hyperledger/orderer/msp
      # enabled TLS
      - ORDERER_GENERAL_TLS_ENABLED=true
      - ORDERER_GENERAL_TLS_PRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_TLS_CERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_TLS_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
      - ORDERER_GENERAL_CLUSTER_CLIENTCERTIFICATE=/var/hyperledger/orderer/tls/server.crt
      - ORDERER_GENERAL_CLUSTER_CLIENTPRIVATEKEY=/var/hyperledger/orderer/tls/server.key
      - ORDERER_GENERAL_CLUSTER_ROOTCAS=[/var/hyperledger/orderer/tls/ca.crt]
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric
    command: orderer
    volumes:
      - ./channel-artifacts/genesis.block:/var/hyperledger/orderer/orderer.genesis.block
      - ./crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/msp:/var/hyperledger/orderer/msp
      - ./crypto-config/ordererOrganizations/example.com/orderers/orderer2.example.com/tls/:/var/hyperledger/orderer/tls
      - orderer2.example.com:/var/hyperledger/production/orderer
    ports:
      - 7050:7050
    networks:
      - testwork
      
  peer0.org1.example.com:
    container_name: peer0.org1.example.com
    image: hyperledger/fabric-peer:latest
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      - CORE_PEER_ID=peer0.org1.example.com
      - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:7051
      - CORE_PEER_CHAINCODEADDRESS=peer0.org1.example.com:7052
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7052
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org1.example.com:7051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org1.example.com:7051
      - CORE_PEER_LOCALMSPID=Org1MSP
      - FABRIC_LOGGING_SPEC=INFO
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_CHAINCODE_EXECUTETIMEOUT=300s
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
      - /var/run/:/host/var/run/
      - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/msp:/etc/hyperledger/fabric/msp
      - ./crypto-config/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls:/etc/hyperledger/fabric/tls
      - peer0.org1.example.com:/var/hyperledger/production
    ports:
      - 7051:7051
      - 7052:7052
      - 7053:7053
    networks:
      - testwork
      
  peer1.org1.example.com:
    container_name: peer1.org1.example.com
    image: hyperledger/fabric-peer:latest
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      - CORE_PEER_ID=peer1.org1.example.com
      - CORE_PEER_ADDRESS=peer1.org1.example.com:7061
      - CORE_PEER_LISTENADDRESS=0.0.0.0:7061
      - CORE_PEER_CHAINCODEADDRESS=peer1.org1.example.com:7062
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:7062
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org1.example.com:7061
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org1.example.com:7061
      - CORE_PEER_LOCALMSPID=Org1MSP
      - FABRIC_LOGGING_SPEC=INFO
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_CHAINCODE_EXECUTETIMEOUT=300s
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
      - /var/run/:/host/var/run/
      - ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/msp:/etc/hyperledger/fabric/msp
      - ./crypto-config/peerOrganizations/org1.example.com/peers/peer1.org1.example.com/tls:/etc/hyperledger/fabric/tls
      - peer1.org1.example.com:/var/hyperledger/production
    ports:
      - 7061:7061
      - 7062:7062
      - 7063:7063
    networks:
      - testwork

  
  peer0.org2.example.com:
    container_name: peer0.org2.example.com
    image: hyperledger/fabric-peer:latest
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      - CORE_PEER_ID=peer0.org2.example.com
      - CORE_PEER_ADDRESS=peer0.org2.example.com:8051
      - CORE_PEER_LISTENADDRESS=0.0.0.0:8051
      - CORE_PEER_CHAINCODEADDRESS=peer0.org2.example.com:8052
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8052
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer0.org2.example.com:8051
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer0.org2.example.com:8051
      - CORE_PEER_LOCALMSPID=Org2MSP
      - FABRIC_LOGGING_SPEC=INFO
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_CHAINCODE_EXECUTETIMEOUT=300s
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
      - /var/run/:/host/var/run/
      - ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/msp:/etc/hyperledger/fabric/msp
      - ./crypto-config/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls:/etc/hyperledger/fabric/tls
      - peer0.org2.example.com:/var/hyperledger/production
    ports:
      - 8051:8051
      - 8052:8052
      - 8053:8053
    networks:
      - testwork 
      
  peer1.org2.example.com:
    container_name: peer1.org2.example.com
    image: hyperledger/fabric-peer:latest
    environment:
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      - CORE_PEER_ID=peer1.org2.example.com
      - CORE_PEER_ADDRESS=peer1.org2.example.com:8061
      - CORE_PEER_LISTENADDRESS=0.0.0.0:8061
      - CORE_PEER_CHAINCODEADDRESS=peer1.org2.example.com:8062
      - CORE_PEER_CHAINCODELISTENADDRESS=0.0.0.0:8062
      - CORE_PEER_GOSSIP_BOOTSTRAP=peer1.org2.example.com:8061
      - CORE_PEER_GOSSIP_EXTERNALENDPOINT=peer1.org2.example.com:8061
      - CORE_PEER_LOCALMSPID=Org2MSP
      - FABRIC_LOGGING_SPEC=INFO
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_GOSSIP_USELEADERELECTION=true
      - CORE_PEER_GOSSIP_ORGLEADER=false
      - CORE_PEER_PROFILE_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/etc/hyperledger/fabric/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/etc/hyperledger/fabric/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/etc/hyperledger/fabric/tls/ca.crt
      - CORE_CHAINCODE_EXECUTETIMEOUT=300s
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: peer node start
    volumes:
      - /var/run/:/host/var/run/
      - ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/msp:/etc/hyperledger/fabric/msp
      - ./crypto-config/peerOrganizations/org2.example.com/peers/peer1.org2.example.com/tls:/etc/hyperledger/fabric/tls
      - peer1.org2.example.com:/var/hyperledger/production
    ports:
      - 8061:8061
      - 8062:8062
      - 8063:8063
    networks:
      - testwork 

  cli1:
    container_name: cli1
    image: hyperledger/fabric-tools:latest
    tty: true
    stdin_open: true
    environment:
      - GOPATH=/opt/gopath
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      #- FABRIC_LOGGING_SPEC=DEBUG
      - FABRIC_LOGGING_SPEC=INFO
      - CORE_PEER_ID=cli1
      - CORE_PEER_ADDRESS=peer0.org1.example.com:7051
      - CORE_PEER_LOCALMSPID=Org1MSP
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/peers/peer0.org1.example.com/tls/ca.crt
      - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org1.example.com/users/Admin@org1.example.com/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: /bin/bash
    volumes:
      - /var/run/:/host/var/run/
      - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/multiple-deployment/chaincode/go
      - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
      - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
    depends_on:
      - peer0.org1.example.com
      - peer0.org2.example.com
      - orderer0.example.com
      - orderer1.example.com
      - orderer2.example.com
    networks:
      - testwork
  
  cli2:
    container_name: cli2
    image: hyperledger/fabric-tools:latest
    tty: true
    stdin_open: true
    environment:
      - GOPATH=/opt/gopath
      - CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
      #- FABRIC_LOGGING_SPEC=DEBUG
      - FABRIC_LOGGING_SPEC=INFO
      - CORE_PEER_ID=cli2
      - CORE_PEER_ADDRESS=peer0.org2.example.com:8051
      - CORE_PEER_LOCALMSPID=Org2MSP
      - CORE_PEER_TLS_ENABLED=true
      - CORE_PEER_TLS_CERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.crt
      - CORE_PEER_TLS_KEY_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/server.key
      - CORE_PEER_TLS_ROOTCERT_FILE=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/peers/peer0.org2.example.com/tls/ca.crt
      - CORE_PEER_MSPCONFIGPATH=/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/peerOrganizations/org2.example.com/users/Admin@org2.example.com/msp
    working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
    command: /bin/bash
    volumes:
      - /var/run/:/host/var/run/
      - ../chaincode/go/:/opt/gopath/src/github.com/hyperledger/multiple-deployment/chaincode/go
      - ./crypto-config:/opt/gopath/src/github.com/hyperledger/fabric/peer/crypto/
      - ./channel-artifacts:/opt/gopath/src/github.com/hyperledger/fabric/peer/channel-artifacts
    depends_on:
      - peer0.org1.example.com
      - peer0.org2.example.com
      - orderer0.example.com
      - orderer1.example.com
      - orderer2.example.com
    networks:
      - testwork
 

参考链接: Hyperledger Fabric配置文件解析1
参考链接: Hyperledger Fabric配置文件解析2

你可能感兴趣的:(Hyperledger,Fabric,fabric,docker,区块链)