Created
December 5, 2018 15:29
-
-
Save vieirin/3ffd7878ed90669513f155ce7dfa0455 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright IBM Corp. All Rights Reserved. | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # | |
| --- | |
| ################################################################################ | |
| # | |
| # Section: Organizations | |
| # | |
| # - This section defines the different organizational identities which will | |
| # be referenced later in the configuration. | |
| # | |
| ################################################################################ | |
| Organizations: | |
| # SampleOrg defines an MSP using the sampleconfig. It should never be used | |
| # in production but may be used as a template for other definitions | |
| - &OrdererOrg | |
| # DefaultOrg defines the organization which is used in the sampleconfig | |
| # of the fabric.git development environment | |
| Name: OrdererOrg | |
| # ID to load the MSP definition as | |
| ID: OrdererMSP | |
| # MSPDir is the filesystem path which contains the MSP configuration | |
| MSPDir: crypto-config/ordererOrganizations/example.com/msp | |
| Policies: &OrdererOrgPolicies | |
| Readers: | |
| Type: Signature | |
| Rule: "OR('OrdererMSP.member')" | |
| # If your MSP is configured with the new NodeOUs, you might | |
| # want to use a more specific rule like the following: | |
| # Rule: "OR('OrdererMSP.admin', 'OrdererMSP.peer')" | |
| Writers: | |
| Type: Signature | |
| Rule: "OR('OrdererMSP.member')" | |
| # If your MSP is configured with the new NodeOUs, you might | |
| # want to use a more specific rule like the following: | |
| # Rule: "OR('OrdererMSP.admin', 'OrdererMSP.client'')" | |
| Admins: | |
| Type: Signature | |
| Rule: "OR('OrdererMSP.admin')" | |
| - &Org1 | |
| # DefaultOrg defines the organization which is used in the sampleconfig | |
| # of the fabric.git development environment | |
| Name: Org1MSP | |
| # ID to load the MSP definition as | |
| ID: Org1MSP | |
| MSPDir: crypto-config/peerOrganizations/org1.example.com/msp | |
| Policies: &Org1Policies | |
| Readers: | |
| Type: Signature | |
| Rule: "OR('Org1MSP.member')" | |
| # If your MSP is configured with the new NodeOUs, you might | |
| # want to use a more specific rule like the following: | |
| # Rule: "OR('Org1MSP.admin', 'Org1MSP.peer')" | |
| Writers: | |
| Type: Signature | |
| Rule: "OR('Org1MSP.member')" | |
| # If your MSP is configured with the new NodeOUs, you might | |
| # want to use a more specific rule like the following: | |
| # Rule: "OR('Org1MSP.admin', 'Org1MSP.client'')" | |
| Admins: | |
| Type: Signature | |
| Rule: "OR('Org1MSP.admin')" | |
| AnchorPeers: | |
| # AnchorPeers defines the location of peers which can be used | |
| # for cross org gossip communication. Note, this value is only | |
| # encoded in the genesis block in the Application section context | |
| - Host: peer0.org1.example.com | |
| Port: 7051 | |
| - &Org2 | |
| # DefaultOrg defines the organization which is used in the sampleconfig | |
| # of the fabric.git development environment | |
| Name: Org2MSP | |
| # ID to load the MSP definition as | |
| ID: Org2MSP | |
| MSPDir: crypto-config/peerOrganizations/org2.example.com/msp | |
| Policies: &Org2Policies | |
| Readers: | |
| Type: Signature | |
| Rule: "OR('Org2MSP.member')" | |
| # If your MSP is configured with the new NodeOUs, you might | |
| # want to use a more specific rule like the following: | |
| # Rule: "OR('Org2MSP.admin', 'Org2MSP.peer')" | |
| Writers: | |
| Type: Signature | |
| Rule: "OR('Org2MSP.member')" | |
| # If your MSP is configured with the new NodeOUs, you might | |
| # want to use a more specific rule like the following: | |
| # Rule: "OR('Org2MSP.admin', 'Org2MSP.client'')" | |
| Admins: | |
| Type: Signature | |
| Rule: "OR('Org2MSP.admin')" | |
| AnchorPeers: | |
| # AnchorPeers defines the location of peers which can be used | |
| # for cross org gossip communication. Note, this value is only | |
| # encoded in the genesis block in the Application section context | |
| - Host: peer0.org2.example.com | |
| Port: 7051 | |
| ################################################################################ | |
| # | |
| # SECTION: Capabilities | |
| # | |
| # - This section defines the capabilities of fabric network. This is a new | |
| # concept as of v1.1.0 and should not be utilized in mixed networks with | |
| # v1.0.x peers and orderers. Capabilities define features which must be | |
| # present in a fabric binary for that binary to safely participate in the | |
| # fabric network. For instance, if a new MSP type is added, newer binaries | |
| # might recognize and validate the signatures from this type, while older | |
| # binaries without this support would be unable to validate those | |
| # transactions. This could lead to different versions of the fabric binaries | |
| # having different world states. Instead, defining a capability for a channel | |
| # informs those binaries without this capability that they must cease | |
| # processing transactions until they have been upgraded. For v1.0.x if any | |
| # capabilities are defined (including a map with all capabilities turned off) | |
| # then the v1.0.x peer will deliberately crash. | |
| # | |
| ################################################################################ | |
| Capabilities: | |
| # Channel capabilities apply to both the orderers and the peers and must be | |
| # supported by both. Set the value of the capability to true to require it. | |
| Global: &ChannelCapabilities | |
| # V1.1 for Global is a catchall flag for behavior which has been | |
| # determined to be desired for all orderers and peers running v1.0.x, | |
| # but the modification of which would cause incompatibilities. Users | |
| # should leave this flag set to true. | |
| V1_1: true | |
| # Orderer capabilities apply only to the orderers, and may be safely | |
| # manipulated without concern for upgrading peers. Set the value of the | |
| # capability to true to require it. | |
| Orderer: &OrdererCapabilities | |
| # V1.1 for Order is a catchall flag for behavior which has been | |
| # determined to be desired for all orderers running v1.0.x, but the | |
| # modification of which would cause incompatibilities. Users should | |
| # leave this flag set to true. | |
| V1_1: true | |
| # Application capabilities apply only to the peer network, and may be safely | |
| # manipulated without concern for upgrading orderers. Set the value of the | |
| # capability to true to require it. | |
| Application: &ApplicationCapabilities | |
| # V1.2 for Application is a catchall flag for behavior which has been | |
| # determined to be desired for all peers running v1.0.x, but the | |
| # modification of which would cause incompatibilities. Users should | |
| # leave this flag set to true. | |
| V1_2: true | |
| ################################################################################ | |
| # | |
| # SECTION: Orderer | |
| # | |
| # - This section defines the values to encode into a config transaction or | |
| # genesis block for orderer related parameters | |
| # | |
| ################################################################################ | |
| Orderer: &OrdererDefaults | |
| # Orderer Type: The orderer implementation to start | |
| # Available types are "solo" and "kafka" | |
| OrdererType: solo | |
| Addresses: | |
| - orderer.example.com:7050 | |
| # Batch Timeout: The amount of time to wait before creating a batch | |
| BatchTimeout: 0.2s | |
| # Batch Size: Controls the number of messages batched into a block | |
| BatchSize: | |
| # Max Message Count: The maximum number of messages to permit in a batch | |
| MaxMessageCount: 10 | |
| # Absolute Max Bytes: The absolute maximum number of bytes allowed for | |
| # the serialized messages in a batch. | |
| AbsoluteMaxBytes: 99 MB | |
| # Preferred Max Bytes: The preferred maximum number of bytes allowed for | |
| # the serialized messages in a batch. A message larger than the preferred | |
| # max bytes will result in a batch larger than preferred max bytes. | |
| PreferredMaxBytes: 512 KB | |
| Kafka: | |
| # Brokers: A list of Kafka brokers to which the orderer connects | |
| # NOTE: Use IP:port notation | |
| Brokers: | |
| - 127.0.0.1:9092 | |
| # Organizations is the list of orgs which are defined as participants on | |
| # the orderer side of the network | |
| Organizations: | |
| Policies: | |
| Readers: | |
| Type: ImplicitMeta | |
| Rule: "ANY Readers" | |
| Writers: | |
| Type: ImplicitMeta | |
| Rule: "ANY Writers" | |
| Admins: | |
| Type: ImplicitMeta | |
| Rule: "MAJORITY Admins" | |
| # BlockValidation specifies what signatures must be included in the block | |
| # from the orderer for the peer to validate it. | |
| BlockValidation: | |
| Type: ImplicitMeta | |
| Rule: "ANY Writers" | |
| ################################################################################ | |
| # | |
| # SECTION: Application | |
| # | |
| # - This section defines the values to encode into a config transaction or | |
| # genesis block for application related parameters | |
| # | |
| ################################################################################ | |
| Application: &ApplicationDefaults | |
| ACLs: &ACLsDefault | |
| #This section provides defaults for policies for various resources | |
| #in the system. These "resources" could be functions on system chaincodes | |
| #(e.g., "GetBlockByNumber" on the "qscc" system chaincode) or other resources | |
| #(e.g.,who can receive Block events). This section does NOT specify the resource's | |
| #definition or API, but just the ACL policy for it. | |
| # | |
| #User's can override these defaults with their own policy mapping by defining the | |
| #mapping under ACLs in their channel definition | |
| #---Lifecycle System Chaincode (lscc) function to policy mapping for access control---# | |
| #ACL policy for lscc's "getid" function | |
| lscc/ChaincodeExists: /Channel/Application/Readers | |
| #ACL policy for lscc's "getdepspec" function | |
| lscc/GetDeploymentSpec: /Channel/Application/Readers | |
| #ACL policy for lscc's "getccdata" function | |
| lscc/GetChaincodeData: /Channel/Application/Readers | |
| #---Query System Chaincode (qscc) function to policy mapping for access control---# | |
| #ACL policy for qscc's "GetChainInfo" function | |
| qscc/GetChainInfo: /Channel/Application/Readers | |
| #ACL policy for qscc's "GetBlockByNumber" function | |
| qscc/GetBlockByNumber: /Channel/Application/Readers | |
| #ACL policy for qscc's "GetBlockByHash" function | |
| qscc/GetBlockByHash: /Channel/Application/Readers | |
| #ACL policy for qscc's "GetTransactionByID" function | |
| qscc/GetTransactionByID: /Channel/Application/Readers | |
| #ACL policy for qscc's "GetBlockByTxID" function | |
| qscc/GetBlockByTxID: /Channel/Application/Readers | |
| #---Configuration System Chaincode (cscc) function to policy mapping for access control---# | |
| #ACL policy for cscc's "GetConfigBlock" function | |
| cscc/GetConfigBlock: /Channel/Application/Readers | |
| #ACL policy for cscc's "GetConfigTree" function | |
| cscc/GetConfigTree: /Channel/Application/Readers | |
| #ACL policy for cscc's "SimulateConfigTreeUpdate" function | |
| cscc/SimulateConfigTreeUpdate: /Channel/Application/Writers | |
| #---Miscellanesous peer function to policy mapping for access control---# | |
| #ACL policy for invoking chaincodes on peer | |
| peer/Propose: /Channel/Application/Writers | |
| #ACL policy for chaincode to chaincode invocation | |
| peer/ChaincodeToChaincode: /Channel/Application/Readers | |
| #---Events resource to policy mapping for access control###---# | |
| #ACL policy for sending block events | |
| event/Block: /Channel/Application/Readers | |
| #ACL policy for sending filtered block events | |
| event/FilteredBlock: /Channel/Application/Readers | |
| # Organizations is the list of orgs which are defined as participants on | |
| # the application side of the network | |
| Organizations: | |
| # Policies defines the set of policies at this level of the config tree | |
| # For Application policies, their canonical path is | |
| # /Channel/Application/<PolicyName> | |
| Policies: | |
| Readers: | |
| Type: ImplicitMeta | |
| Rule: "ANY Readers" | |
| Writers: | |
| Type: ImplicitMeta | |
| Rule: "ANY Writers" | |
| Admins: | |
| Type: ImplicitMeta | |
| Rule: "MAJORITY Admins" | |
| Org1MemberPolicy: | |
| Type: Signature | |
| Rule: "OR('Org1MSP.member')" | |
| Org2MemberPolicy: | |
| Type: Signature | |
| Rule: "OR('Org2MSP.member')" | |
| Org1Org2MemberPolicy: | |
| Type: Signature | |
| Rule: "OR('Org1MSP.member','Org2MSP.member')" | |
| # Capabilities describes the application level capabilities, see the | |
| # dedicated Capabilities section elsewhere in this file for a full | |
| # description | |
| Capabilities: | |
| <<: *ApplicationCapabilities | |
| ################################################################################ | |
| # | |
| # CHANNEL | |
| # | |
| # This section defines the values to encode into a config transaction or | |
| # genesis block for channel related parameters. | |
| # | |
| ################################################################################ | |
| Channel: &ChannelDefaults | |
| # Policies defines the set of policies at this level of the config tree | |
| # For Channel policies, their canonical path is | |
| # /Channel/<PolicyName> | |
| Policies: | |
| # Who may invoke the 'Deliver' API | |
| Readers: | |
| Type: ImplicitMeta | |
| Rule: "ANY Readers" | |
| # Who may invoke the 'Broadcast' API | |
| Writers: | |
| Type: ImplicitMeta | |
| Rule: "ANY Writers" | |
| # By default, who may modify elements at this config level | |
| Admins: | |
| Type: ImplicitMeta | |
| Rule: "MAJORITY Admins" | |
| # Capabilities describes the channel level capabilities, see the | |
| # dedicated Capabilities section elsewhere in this file for a full | |
| # description | |
| Capabilities: | |
| <<: *ChannelCapabilities | |
| ################################################################################ | |
| # | |
| # Profile | |
| # | |
| # - Different configuration profiles may be encoded here to be specified | |
| # as parameters to the configtxgen tool | |
| # | |
| ################################################################################ | |
| Profiles: | |
| TwoOrgOrdererGenesis: | |
| Capabilities: | |
| <<: *ChannelCapabilities | |
| Orderer: | |
| <<: *OrdererDefaults | |
| Organizations: | |
| - *OrdererOrg | |
| Capabilities: | |
| <<: *OrdererCapabilities | |
| Consortiums: | |
| SampleConsortium: | |
| Organizations: | |
| - *Org1 | |
| - *Org2 | |
| TwoOrgChannel: | |
| Consortium: SampleConsortium | |
| Application: | |
| <<: *ApplicationDefaults | |
| Organizations: | |
| - *Org1 | |
| - *Org2 | |
| Capabilities: | |
| <<: *ApplicationCapabilities |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment