mirror of
https://github.com/hyperledger/fabric-samples.git
synced 2026-06-23 01:55:10 +00:00
717 lines
30 KiB
YAML
717 lines
30 KiB
YAML
# Copyright IBM Corp. All Rights Reserved.
|
||
#
|
||
# SPDX-License-Identifier: Apache-2.0
|
||
#
|
||
# 1.4 做出了更新 不再有单独的logging模块
|
||
#
|
||
logging:
|
||
# yunxiang fabric log module config
|
||
isOpenYxlog: false
|
||
logpath: /var/fabric_logs
|
||
logname: peer_log
|
||
# peer log level,0:emergency, 1:alert, 2:critical, 3:error,4:warning,5:notice,6:info, 7:debug
|
||
# default to be 6:info
|
||
yxLogLevel: 7
|
||
maxlinesPerFile: 100000000
|
||
maxsizePerFile: 102400000
|
||
maxTotalSize: 1024000000
|
||
isautodelete: false
|
||
maxdays: 7
|
||
daily: true
|
||
# chaincodeLog
|
||
chaincodeLogLevel: 7
|
||
# chaincode 日志宿主机存放路径,容器内部存放路径为logpath
|
||
chaincodeLogPath: /var/chaincode_logs/
|
||
###############################################################################
|
||
#
|
||
# Peer section
|
||
#
|
||
###############################################################################
|
||
peer:
|
||
|
||
# The Peer id is used for identifying this Peer instance.
|
||
id: jdoe
|
||
|
||
# The networkId allows for logical seperation of networks
|
||
networkId: dev
|
||
|
||
# The Address at local network interface this Peer will listen on.
|
||
# By default, it will listen on all network interfaces
|
||
listenAddress: 0.0.0.0:7051
|
||
|
||
# The endpoint this peer uses to listen for inbound chaincode connections.
|
||
# If this is commented-out, the listen address is selected to be
|
||
# the peer's address (see below) with port 7052
|
||
# chaincodeListenAddress: 0.0.0.0:7052
|
||
|
||
# The endpoint the chaincode for this peer uses to connect to the peer.
|
||
# If this is not specified, the chaincodeListenAddress address is selected.
|
||
# And if chaincodeListenAddress is not specified, address is selected from
|
||
# peer listenAddress.
|
||
# chaincodeAddress: 0.0.0.0:7052
|
||
|
||
# When used as peer config, this represents the endpoint to other peers
|
||
# in the same organization. For peers in other organization, see
|
||
# gossip.externalEndpoint for more info.
|
||
# When used as CLI config, this means the peer's endpoint to interact with
|
||
address: 0.0.0.0:7051
|
||
|
||
# Whether the Peer should programmatically determine its address
|
||
# This case is useful for docker containers.
|
||
addressAutoDetect: false
|
||
|
||
# Setting for runtime.GOMAXPROCS(n). If n < 1, it does not change the
|
||
# current setting
|
||
gomaxprocs: -1
|
||
|
||
# Keepalive settings for peer server and clients
|
||
keepalive:
|
||
# MinInterval is the minimum permitted time between client pings.
|
||
# If clients send pings more frequently, the peer server will
|
||
# disconnect them
|
||
minInterval: 60s
|
||
# Client keepalive settings for communicating with other peer nodes
|
||
client:
|
||
# Interval is the time between pings to peer nodes. This must
|
||
# greater than or equal to the minInterval specified by peer
|
||
# nodes
|
||
interval: 60s
|
||
# Timeout is the duration the client waits for a response from
|
||
# peer nodes before closing the connection
|
||
timeout: 20s
|
||
# DeliveryClient keepalive settings for communication with ordering
|
||
# nodes.
|
||
deliveryClient:
|
||
# Interval is the time between pings to ordering nodes. This must
|
||
# greater than or equal to the minInterval specified by ordering
|
||
# nodes.
|
||
interval: 60s
|
||
# Timeout is the duration the client waits for a response from
|
||
# ordering nodes before closing the connection
|
||
timeout: 20s
|
||
|
||
|
||
# Gossip related configuration
|
||
gossip:
|
||
# Bootstrap set to initialize gossip with.
|
||
# This is a list of other peers that this peer reaches out to at startup.
|
||
# Important: The endpoints here have to be endpoints of peers in the same
|
||
# organization, because the peer would refuse connecting to these endpoints
|
||
# unless they are in the same organization as the peer.
|
||
bootstrap: 127.0.0.1:7051
|
||
|
||
# NOTE: orgLeader and useLeaderElection parameters are mutual exclusive.
|
||
# Setting both to true would result in the termination of the peer
|
||
# since this is undefined state. If the peers are configured with
|
||
# useLeaderElection=false, make sure there is at least 1 peer in the
|
||
# organization that its orgLeader is set to true.
|
||
|
||
# Defines whenever peer will initialize dynamic algorithm for
|
||
# "leader" selection, where leader is the peer to establish
|
||
# connection with ordering service and use delivery protocol
|
||
# to pull ledger blocks from ordering service. It is recommended to
|
||
# use leader election for large networks of peers.
|
||
useLeaderElection: true
|
||
# Statically defines peer to be an organization "leader",
|
||
# where this means that current peer will maintain connection
|
||
# with ordering service and disseminate block across peers in
|
||
# its own organization
|
||
orgLeader: false
|
||
|
||
# Interval for membershipTracker polling
|
||
membershipTrackerInterval: 5s
|
||
|
||
# Overrides the endpoint that the peer publishes to peers
|
||
# in its organization. For peers in foreign organizations
|
||
# see 'externalEndpoint'
|
||
endpoint:
|
||
# Maximum count of blocks stored in memory
|
||
maxBlockCountToStore: 100
|
||
# Max time between consecutive message pushes(unit: millisecond)
|
||
maxPropagationBurstLatency: 10ms
|
||
# Max number of messages stored until a push is triggered to remote peers
|
||
maxPropagationBurstSize: 10
|
||
# Number of times a message is pushed to remote peers
|
||
propagateIterations: 1
|
||
# Number of peers selected to push messages to
|
||
propagatePeerNum: 3
|
||
# Determines frequency of pull phases(unit: second)
|
||
# Must be greater than digestWaitTime + responseWaitTime
|
||
pullInterval: 4s
|
||
# Number of peers to pull from
|
||
pullPeerNum: 3
|
||
# Determines frequency of pulling state info messages from peers(unit: second)
|
||
requestStateInfoInterval: 4s
|
||
# Determines frequency of pushing state info messages to peers(unit: second)
|
||
publishStateInfoInterval: 4s
|
||
# Maximum time a stateInfo message is kept until expired
|
||
stateInfoRetentionInterval:
|
||
# Time from startup certificates are included in Alive messages(unit: second)
|
||
publishCertPeriod: 10s
|
||
# Should we skip verifying block messages or not (currently not in use)
|
||
skipBlockVerification: false
|
||
# Dial timeout(unit: second)
|
||
dialTimeout: 3s
|
||
# Connection timeout(unit: second)
|
||
connTimeout: 2s
|
||
# Buffer size of received messages
|
||
recvBuffSize: 20
|
||
# Buffer size of sending messages
|
||
sendBuffSize: 200
|
||
# Time to wait before pull engine processes incoming digests (unit: second)
|
||
# Should be slightly smaller than requestWaitTime
|
||
digestWaitTime: 1s
|
||
# Time to wait before pull engine removes incoming nonce (unit: milliseconds)
|
||
# Should be slightly bigger than digestWaitTime
|
||
requestWaitTime: 1500ms
|
||
# Time to wait before pull engine ends pull (unit: second)
|
||
responseWaitTime: 2s
|
||
# Alive check interval(unit: second)
|
||
aliveTimeInterval: 5s
|
||
# Alive expiration timeout(unit: second)
|
||
aliveExpirationTimeout: 25s
|
||
# Reconnect interval(unit: second)
|
||
reconnectInterval: 25s
|
||
# This is an endpoint that is published to peers outside of the organization.
|
||
# If this isn't set, the peer will not be known to other organizations.
|
||
externalEndpoint:
|
||
# Leader election service configuration
|
||
election:
|
||
# Longest time peer waits for stable membership during leader election startup (unit: second)
|
||
startupGracePeriod: 15s
|
||
# Interval gossip membership samples to check its stability (unit: second)
|
||
membershipSampleInterval: 1s
|
||
# Time passes since last declaration message before peer decides to perform leader election (unit: second)
|
||
leaderAliveThreshold: 10s
|
||
# Time between peer sends propose message and declares itself as a leader (sends declaration message) (unit: second)
|
||
leaderElectionDuration: 5s
|
||
|
||
pvtData:
|
||
# pullRetryThreshold determines the maximum duration of time private data corresponding for a given block
|
||
# would be attempted to be pulled from peers until the block would be committed without the private data
|
||
pullRetryThreshold: 60s
|
||
# As private data enters the transient store, it is associated with the peer's ledger's height at that time.
|
||
# transientstoreMaxBlockRetention defines the maximum difference between the current ledger's height upon commit,
|
||
# and the private data residing inside the transient store that is guaranteed not to be purged.
|
||
# Private data is purged from the transient store when blocks with sequences that are multiples
|
||
# of transientstoreMaxBlockRetention are committed.
|
||
transientstoreMaxBlockRetention: 1000
|
||
# pushAckTimeout is the maximum time to wait for an acknowledgement from each peer
|
||
# at private data push at endorsement time.
|
||
pushAckTimeout: 3s
|
||
# Block to live pulling margin, used as a buffer
|
||
# to prevent peer from trying to pull private data
|
||
# from peers that is soon to be purged in next N blocks.
|
||
# This helps a newly joined peer catch up to current
|
||
# blockchain height quicker.
|
||
btlPullMargin: 10
|
||
# the process of reconciliation is done in an endless loop, while in each iteration reconciler tries to
|
||
# pull from the other peers the most recent missing blocks with a maximum batch size limitation.
|
||
# reconcileBatchSize determines the maximum batch size of missing private data that will be reconciled in a
|
||
# single iteration.
|
||
reconcileBatchSize: 10
|
||
# reconcileSleepInterval determines the time reconciler sleeps from end of an iteration until the beginning
|
||
# of the next reconciliation iteration.
|
||
reconcileSleepInterval: 1m
|
||
# reconciliationEnabled is a flag that indicates whether private data reconciliation is enable or not.
|
||
reconciliationEnabled: true
|
||
|
||
# Gossip state transfer related configuration
|
||
state:
|
||
# indicates whenever state transfer is enabled or not
|
||
# default value is true, i.e. state transfer is active
|
||
# and takes care to sync up missing blocks allowing
|
||
# lagging peer to catch up to speed with rest network
|
||
enabled: true
|
||
# checkInterval interval to check whether peer is lagging behind enough to
|
||
# request blocks via state transfer from another peer.
|
||
checkInterval: 10s
|
||
# responseTimeout amount of time to wait for state transfer response from
|
||
# other peers
|
||
responseTimeout: 3s
|
||
# batchSize the number of blocks to request via state transfer from another peer
|
||
batchSize: 10
|
||
# blockBufferSize reflect the maximum distance between lowest and
|
||
# highest block sequence number state buffer to avoid holes.
|
||
# In order to ensure absence of the holes actual buffer size
|
||
# is twice of this distance
|
||
blockBufferSize: 100
|
||
# maxRetries maximum number of re-tries to ask
|
||
# for single state transfer request
|
||
maxRetries: 3
|
||
|
||
# TLS Settings
|
||
# Note that peer-chaincode connections through chaincodeListenAddress is
|
||
# not mutual TLS auth. See comments on chaincodeListenAddress for more info
|
||
tls:
|
||
# Require server-side TLS
|
||
enabled: false
|
||
# Require client certificates / mutual TLS.
|
||
# Note that clients that are not configured to use a certificate will
|
||
# fail to connect to the peer.
|
||
clientAuthRequired: false
|
||
# X.509 certificate used for TLS server
|
||
cert:
|
||
file: tls/server.crt
|
||
# Private key used for TLS server (and client if clientAuthEnabled
|
||
# is set to true
|
||
key:
|
||
file: tls/server.key
|
||
# Trusted root certificate chain for tls.cert
|
||
rootcert:
|
||
file: tls/ca.crt
|
||
# Set of root certificate authorities used to verify client certificates
|
||
clientRootCAs:
|
||
files:
|
||
- tls/ca.crt
|
||
# Private key used for TLS when making client connections. If
|
||
# not set, peer.tls.key.file will be used instead
|
||
clientKey:
|
||
file:
|
||
# X.509 certificate used for TLS when making client connections.
|
||
# If not set, peer.tls.cert.file will be used instead
|
||
clientCert:
|
||
file:
|
||
|
||
# Authentication contains configuration parameters related to authenticating
|
||
# client messages
|
||
authentication:
|
||
# the acceptable difference between the current server time and the
|
||
# client's time as specified in a client request message
|
||
timewindow: 15m
|
||
|
||
# Path on the file system where peer will store data (eg ledger). This
|
||
# location must be access control protected to prevent unintended
|
||
# modification that might corrupt the peer operations.
|
||
fileSystemPath: /var/hyperledger/production
|
||
|
||
# BCCSP (Blockchain crypto provider): Select which crypto implementation or
|
||
# library to use
|
||
BCCSP:
|
||
# if setting is GM, chaincode.golang.dynamiclink must be false.
|
||
Default: SW
|
||
# Settings for the SW crypto provider (i.e. when DEFAULT: SW)
|
||
SW:
|
||
# TODO: The default Hash and Security level needs refactoring to be
|
||
# fully configurable. Changing these defaults requires coordination
|
||
# SHA2 is hardcoded in several places, not only BCCSP
|
||
Hash: SHA2
|
||
Security: 256
|
||
# Location of Key Store
|
||
FileKeyStore:
|
||
# If "", defaults to 'mspConfigPath'/keystore
|
||
KeyStore:
|
||
# Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
|
||
PKCS11:
|
||
# Location of the PKCS11 module library
|
||
Library:
|
||
# Token Label
|
||
Label:
|
||
# User PIN
|
||
Pin:
|
||
Hash:
|
||
Security:
|
||
FileKeyStore:
|
||
KeyStore:
|
||
|
||
# Path on the file system where peer will find MSP local configurations
|
||
mspConfigPath: msp
|
||
|
||
# Identifier of the local MSP
|
||
# ----!!!!IMPORTANT!!!-!!!IMPORTANT!!!-!!!IMPORTANT!!!!----
|
||
# Deployers need to change the value of the localMspId string.
|
||
# In particular, the name of the local MSP ID of a peer needs
|
||
# to match the name of one of the MSPs in each of the channel
|
||
# that this peer is a member of. Otherwise this peer's messages
|
||
# will not be identified as valid by other nodes.
|
||
localMspId: SampleOrg
|
||
|
||
# CLI common client config options
|
||
client:
|
||
# connection timeout
|
||
connTimeout: 3s
|
||
|
||
# Delivery service related config
|
||
deliveryclient:
|
||
# It sets the total time the delivery service may spend in reconnection
|
||
# attempts until its retry logic gives up and returns an error
|
||
reconnectTotalTimeThreshold: 3600s
|
||
|
||
# It sets the delivery service <-> ordering service node connection timeout
|
||
connTimeout: 3s
|
||
|
||
# It sets the delivery service maximal delay between consecutive retries
|
||
reConnectBackoffThreshold: 3600s
|
||
|
||
# Type for the local MSP - by default it's of type bccsp
|
||
localMspType: bccsp
|
||
|
||
# Used with Go profiling tools only in none production environment. In
|
||
# production, it should be disabled (eg enabled: false)
|
||
profile:
|
||
enabled: false
|
||
listenAddress: 0.0.0.0:6060
|
||
|
||
# The admin service is used for administrative operations such as
|
||
# control over logger levels, etc.
|
||
# Only peer administrators can use the service.
|
||
adminService:
|
||
# The interface and port on which the admin server will listen on.
|
||
# If this is commented out, or the port number is equal to the port
|
||
# of the peer listen address - the admin service is attached to the
|
||
# peer's service (defaults to 7051).
|
||
#listenAddress: 0.0.0.0:7055
|
||
|
||
# Handlers defines custom handlers that can filter and mutate
|
||
# objects passing within the peer, such as:
|
||
# Auth filter - reject or forward proposals from clients
|
||
# Decorators - append or mutate the chaincode input passed to the chaincode
|
||
# Endorsers - Custom signing over proposal response payload and its mutation
|
||
# Valid handler definition contains:
|
||
# - A name which is a factory method name defined in
|
||
# core/handlers/library/library.go for statically compiled handlers
|
||
# - library path to shared object binary for pluggable filters
|
||
# Auth filters and decorators are chained and executed in the order that
|
||
# they are defined. For example:
|
||
# authFilters:
|
||
# -
|
||
# name: FilterOne
|
||
# library: /opt/lib/filter.so
|
||
# -
|
||
# name: FilterTwo
|
||
# decorators:
|
||
# -
|
||
# name: DecoratorOne
|
||
# -
|
||
# name: DecoratorTwo
|
||
# library: /opt/lib/decorator.so
|
||
# Endorsers are configured as a map that its keys are the endorsement system chaincodes that are being overridden.
|
||
# Below is an example that overrides the default ESCC and uses an endorsement plugin that has the same functionality
|
||
# as the default ESCC.
|
||
# If the 'library' property is missing, the name is used as the constructor method in the builtin library similar
|
||
# to auth filters and decorators.
|
||
# endorsers:
|
||
# escc:
|
||
# name: DefaultESCC
|
||
# library: /etc/hyperledger/fabric/plugin/escc.so
|
||
handlers:
|
||
authFilters:
|
||
-
|
||
name: DefaultAuth
|
||
-
|
||
name: ExpirationCheck # This filter checks identity x509 certificate expiration
|
||
decorators:
|
||
-
|
||
name: DefaultDecorator
|
||
endorsers:
|
||
escc:
|
||
name: DefaultEndorsement
|
||
library:
|
||
validators:
|
||
vscc:
|
||
name: DefaultValidation
|
||
library:
|
||
|
||
# library: /etc/hyperledger/fabric/plugin/escc.so
|
||
# Number of goroutines that will execute transaction validation in parallel.
|
||
# By default, the peer chooses the number of CPUs on the machine. Set this
|
||
# variable to override that choice.
|
||
# NOTE: overriding this value might negatively influence the performance of
|
||
# the peer so please change this value only if you know what you're doing
|
||
validatorPoolSize:
|
||
|
||
# The discovery service is used by clients to query information about peers,
|
||
# such as - which peers have joined a certain channel, what is the latest
|
||
# channel config, and most importantly - given a chaincode and a channel,
|
||
# what possible sets of peers satisfy the endorsement policy.
|
||
discovery:
|
||
enabled: true
|
||
# Whether the authentication cache is enabled or not.
|
||
authCacheEnabled: true
|
||
# The maximum size of the cache, after which a purge takes place
|
||
authCacheMaxSize: 1000
|
||
# The proportion (0 to 1) of entries that remain in the cache after the cache is purged due to overpopulation
|
||
authCachePurgeRetentionRatio: 0.75
|
||
# Whether to allow non-admins to perform non channel scoped queries.
|
||
# When this is false, it means that only peer admins can perform non channel scoped queries.
|
||
orgMembersAllowedAccess: false
|
||
###############################################################################
|
||
#
|
||
# VM section
|
||
#
|
||
###############################################################################
|
||
vm:
|
||
|
||
# Endpoint of the vm management system. For docker can be one of the following in general
|
||
# unix:///var/run/docker.sock
|
||
# http://localhost:2375
|
||
# https://localhost:2376
|
||
endpoint: unix:///var/run/docker.sock
|
||
|
||
# settings for docker vms
|
||
docker:
|
||
tls:
|
||
enabled: false
|
||
ca:
|
||
file: docker/ca.crt
|
||
cert:
|
||
file: docker/tls.crt
|
||
key:
|
||
file: docker/tls.key
|
||
|
||
# Enables/disables the standard out/err from chaincode containers for
|
||
# debugging purposes
|
||
attachStdout: false
|
||
|
||
# Parameters on creating docker container.
|
||
# Container may be efficiently created using ipam & dns-server for cluster
|
||
# NetworkMode - sets the networking mode for the container. Supported
|
||
# standard values are: `host`(default),`bridge`,`ipvlan`,`none`.
|
||
# Dns - a list of DNS servers for the container to use.
|
||
# Note: `Privileged` `Binds` `Links` and `PortBindings` properties of
|
||
# Docker Host Config are not supported and will not be used if set.
|
||
# LogConfig - sets the logging driver (Type) and related options
|
||
# (Config) for Docker. For more info,
|
||
# https://docs.docker.com/engine/admin/logging/overview/
|
||
# Note: Set LogConfig using Environment Variables is not supported.
|
||
hostConfig:
|
||
NetworkMode: host
|
||
Dns:
|
||
# - 192.168.0.1
|
||
LogConfig:
|
||
Type: json-file
|
||
Config:
|
||
max-size: "50m"
|
||
max-file: "5"
|
||
Memory: 2147483648
|
||
|
||
###############################################################################
|
||
#
|
||
# Chaincode section
|
||
#
|
||
###############################################################################
|
||
chaincode:
|
||
|
||
# The id is used by the Chaincode stub to register the executing Chaincode
|
||
# ID with the Peer and is generally supplied through ENV variables
|
||
# the `path` form of ID is provided when installing the chaincode.
|
||
# The `name` is used for all other requests and can be any string.
|
||
id:
|
||
path:
|
||
name:
|
||
|
||
# Generic builder environment, suitable for most chaincode types
|
||
builder: $(DOCKER_NS)/fabric-ccenv:latest
|
||
|
||
# Enables/disables force pulling of the base docker images (listed below)
|
||
# during user chaincode instantiation.
|
||
# Useful when using moving image tags (such as :latest)
|
||
pull: false
|
||
|
||
golang:
|
||
# golang will never need more than baseos
|
||
runtime: $(BASE_DOCKER_NS)/fabric-yxbaseos:latest
|
||
|
||
# whether or not golang chaincode should be linked dynamically
|
||
dynamicLink: true
|
||
|
||
car:
|
||
# car may need more facilities (JVM, etc) in the future as the catalog
|
||
# of platforms are expanded. For now, we can just use baseos
|
||
runtime: $(BASE_DOCKER_NS)/fabric-baseos:$(ARCH)-$(BASE_VERSION)
|
||
|
||
java:
|
||
# This is an image based on java:openjdk-8 with addition compiler
|
||
# tools added for java shim layer packaging.
|
||
# This image is packed with shim layer libraries that are necessary
|
||
# for Java chaincode runtime.
|
||
runtime: $(DOCKER_NS)/fabric-javaenv:$(ARCH)-$(PROJECT_VERSION)
|
||
|
||
node:
|
||
# need node.js engine at runtime, currently available in baseimage
|
||
# but not in baseos
|
||
runtime: $(BASE_DOCKER_NS)/fabric-baseimage:$(ARCH)-$(BASE_VERSION)
|
||
|
||
# Timeout duration for starting up a container and waiting for Register
|
||
# to come through. 1sec should be plenty for chaincode unit tests
|
||
startuptimeout: 300s
|
||
|
||
# Timeout duration for Invoke and Init calls to prevent runaway.
|
||
# This timeout is used by all chaincodes in all the channels, including
|
||
# system chaincodes.
|
||
# Note that during Invoke, if the image is not available (e.g. being
|
||
# cleaned up when in development environment), the peer will automatically
|
||
# build the image, which might take more time. In production environment,
|
||
# the chaincode image is unlikely to be deleted, so the timeout could be
|
||
# reduced accordingly.
|
||
executetimeout: 30s
|
||
|
||
# There are 2 modes: "dev" and "net".
|
||
# In dev mode, user runs the chaincode after starting peer from
|
||
# command line on local machine.
|
||
# In net mode, peer will run chaincode in a docker container.
|
||
mode: net
|
||
|
||
# keepalive in seconds. In situations where the communiction goes through a
|
||
# proxy that does not support keep-alive, this parameter will maintain connection
|
||
# between peer and chaincode.
|
||
# A value <= 0 turns keepalive off
|
||
keepalive: 0
|
||
|
||
# system chaincodes whitelist. To add system chaincode "myscc" to the
|
||
# whitelist, add "myscc: enable" to the list below, and register in
|
||
# chaincode/importsysccs.go
|
||
system:
|
||
cscc: enable
|
||
lscc: enable
|
||
escc: enable
|
||
vscc: enable
|
||
qscc: enable
|
||
|
||
# System chaincode plugins:
|
||
# System chaincodes can be loaded as shared objects compiled as Go plugins.
|
||
# See examples/plugins/scc for an example.
|
||
# Plugins must be white listed in the chaincode.system section above.
|
||
systemPlugins:
|
||
# example configuration:
|
||
# - enabled: true
|
||
# name: myscc
|
||
# path: /opt/lib/myscc.so
|
||
# invokableExternal: true
|
||
# invokableCC2CC: true
|
||
|
||
# Logging section for the chaincode container
|
||
logging:
|
||
# Default level for all loggers within the chaincode container
|
||
level: info
|
||
# Override default level for the 'shim' logger
|
||
shim: warning
|
||
# Format for the chaincode container logs
|
||
format: '%{color}%{time:2006-01-02 15:04:05.000 MST} [%{module}] %{shortfunc} -> %{level:.4s} %{id:03x}%{color:reset} %{message}'
|
||
|
||
###############################################################################
|
||
#
|
||
# Ledger section - ledger configuration encompases both the blockchain
|
||
# and the state
|
||
#
|
||
###############################################################################
|
||
ledger:
|
||
|
||
blockchain:
|
||
dataDump:
|
||
enabled: true
|
||
dumpDir: /var/hyperledger/production/ledgersData/chains/chains/
|
||
loadDir: /var/hyperledger/production/ledgersData/chains/chains/
|
||
maxFileLimit: 4096
|
||
dumpCron:
|
||
- 0 */5 * * * ?
|
||
- 0 0 * * * ?
|
||
dumpInterval: 5m #24h
|
||
loadRetryTimes: 5
|
||
state:
|
||
# stateDatabase - options are "goleveldb", "CouchDB"
|
||
# goleveldb - default state database stored in goleveldb.
|
||
# CouchDB - store state database in CouchDB
|
||
stateDatabase: goleveldb
|
||
# Limit on the number of records to return per query
|
||
totalQueryLimit: 100000
|
||
couchDBConfig:
|
||
# It is recommended to run CouchDB on the same server as the peer, and
|
||
# not map the CouchDB container port to a server port in docker-compose.
|
||
# Otherwise proper security must be provided on the connection between
|
||
# CouchDB client (on the peer) and server.
|
||
couchDBAddress: 127.0.0.1:5984
|
||
# This username must have read and write authority on CouchDB
|
||
username:
|
||
# The password is recommended to pass as an environment variable
|
||
# during start up (eg CORE_LEDGER_STATE_COUCHDBCONFIG_PASSWORD).
|
||
# If it is stored here, the file must be access control protected
|
||
# to prevent unintended users from discovering the password.
|
||
password:
|
||
# Number of retries for CouchDB errors
|
||
maxRetries: 3
|
||
# Number of retries for CouchDB errors during peer startup
|
||
maxRetriesOnStartup: 12
|
||
# CouchDB request timeout (unit: duration, e.g. 20s)
|
||
requestTimeout: 35s
|
||
# Limit on the number of records per each CouchDB query
|
||
# Note that chaincode queries are only bound by totalQueryLimit.
|
||
# Internally the chaincode may execute multiple CouchDB queries,
|
||
# each of size internalQueryLimit.
|
||
internalQueryLimit: 1000
|
||
# Limit on the number of records per CouchDB bulk update batch
|
||
maxBatchUpdateSize: 1000
|
||
# Warm indexes after every N blocks.
|
||
# This option warms any indexes that have been
|
||
# deployed to CouchDB after every N blocks.
|
||
# A value of 1 will warm indexes after every block commit,
|
||
# to ensure fast selector queries.
|
||
# Increasing the value may improve write efficiency of peer and CouchDB,
|
||
# but may degrade query response time.
|
||
warmIndexesAfterNBlocks: 1
|
||
# Create the _global_changes system database
|
||
# This is optional. Creating the global changes database will require
|
||
# additional system resources to track changes and maintain the database
|
||
createGlobalChangesDB: false
|
||
|
||
history:
|
||
# enableHistoryDatabase - options are true or false
|
||
# Indicates if the history of key updates should be stored.
|
||
# All history 'index' will be stored in goleveldb, regardless if using
|
||
# CouchDB or alternate database for the state.
|
||
enableHistoryDatabase: true
|
||
|
||
###############################################################################
|
||
#
|
||
# Operations section
|
||
#
|
||
###############################################################################
|
||
operations:
|
||
# host and port for the operations server
|
||
listenAddress: 127.0.0.1:9443
|
||
|
||
# TLS configuration for the operations endpoint
|
||
tls:
|
||
# TLS enabled
|
||
enabled: false
|
||
|
||
# path to PEM encoded server certificate for the operations server
|
||
cert:
|
||
file:
|
||
|
||
# path to PEM encoded server key for the operations server
|
||
key:
|
||
file:
|
||
|
||
# most operations service endpoints require client authentication when TLS
|
||
# is enabled. clientAuthRequired requires client certificate authentication
|
||
# at the TLS layer to access all resources.
|
||
clientAuthRequired: false
|
||
|
||
# paths to PEM encoded ca certificates to trust for client authentication
|
||
clientRootCAs:
|
||
files: []
|
||
|
||
###############################################################################
|
||
#
|
||
# Metrics section
|
||
#
|
||
###############################################################################
|
||
metrics:
|
||
# metrics provider is one of statsd, prometheus, or disabled
|
||
provider: disabled
|
||
|
||
# statsd configuration
|
||
statsd:
|
||
# network type: tcp or udp
|
||
network: udp
|
||
|
||
# statsd server address
|
||
address: 127.0.0.1:8125
|
||
|
||
# the interval at which locally cached counters and gauges are pushed
|
||
# to statsd; timings are pushed immediately
|
||
writeInterval: 10s
|
||
|
||
# prefix is prepended to all emitted statsd metrics
|
||
prefix:
|