溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

Organizations組織機(jī)構(gòu)怎么配置

發(fā)布時(shí)間:2021-12-24 17:14:32 來源:億速云 閱讀:101 作者:iii 欄目:互聯(lián)網(wǎng)科技

這篇文章主要介紹“Organizations組織機(jī)構(gòu)怎么配置”,在日常操作中,相信很多人在Organizations組織機(jī)構(gòu)怎么配置問題上存在疑惑,小編查閱了各式資料,整理出簡(jiǎn)單好用的操作方法,希望對(duì)大家解答”O(jiān)rganizations組織機(jī)構(gòu)怎么配置”的疑惑有所幫助!接下來,請(qǐng)跟著小編一起來學(xué)習(xí)吧!

configtx.yaml是Hyperledger Fabric區(qū)塊鏈網(wǎng)絡(luò)運(yùn)維工具configtxgen用于生成通道創(chuàng)世塊或通道交易的配置文件,configtx.yaml的內(nèi)容直接決定了所生成的創(chuàng)世區(qū)塊的內(nèi)容。

Capabilities / 通道能力配置

Capabilities段用來定義fabric網(wǎng)絡(luò)的能力。這是版本v1.0.0引入的一個(gè)新的配置段,當(dāng)與版本v1.0.x的對(duì)等節(jié)點(diǎn)與排序節(jié)點(diǎn)混合組網(wǎng)時(shí)不可使用。

Capabilities段定義了fabric程序要加入網(wǎng)絡(luò)所必須支持的特性。例如,如果添加了一個(gè)新的MSP類型,那么更新的程序可能會(huì)根據(jù)該類型識(shí)別并驗(yàn)證簽名,但是老版本的程序就沒有辦法驗(yàn)證這些交易。這可能導(dǎo)致不同版本的fabric程序中維護(hù)的世界狀態(tài)不一致。

因此,通過定義通道的能力,就明確了不滿足該能力要求的fabric程序,將無法處理交易,除非升級(jí)到新的版本。對(duì)于v1.0.x的程序而言,如果在Capabilities段定義了任何能力,即使聲明不需要支持這些能力,都會(huì)導(dǎo)致其有意崩潰。

Capabilities:
    # Global配置同時(shí)應(yīng)用于排序節(jié)點(diǎn)和對(duì)等節(jié)點(diǎn),并且必須被兩種節(jié)點(diǎn)同時(shí)支持。
    # 將該配置項(xiàng)設(shè)置為ture表明要求節(jié)點(diǎn)具備該能力
    Global: &ChannelCapabilities
        V1_3: true

    # Orderer配置僅應(yīng)用于排序節(jié)點(diǎn),不需考慮對(duì)等節(jié)點(diǎn)的升級(jí)。將該配置項(xiàng)
    # 設(shè)置為true表明要求排序節(jié)點(diǎn)具備該能力
    Orderer: &OrdererCapabilities
        V1_1: true

    # Application配置僅應(yīng)用于對(duì)等網(wǎng)絡(luò),不需考慮排序節(jié)點(diǎn)的升級(jí)。將該配置項(xiàng)
    # 設(shè)置為true表明要求對(duì)等節(jié)點(diǎn)具備該能力
    Application: &ApplicationCapabilities
        V1_3: true

Organizations / 組織機(jī)構(gòu)配置

Organizations配置段用來定義組織機(jī)構(gòu)實(shí)體,以便在后續(xù)配置中引用。例如,下面的配置文件中,定義了三個(gè)機(jī)構(gòu),可以分別使用ExampleCom、Org1ExampleCom和Org2ExampleCom引用其配置:

Organizations:

    - &ExampleCom
        Name: ExampleCom
        ID: example.com
        AdminPrincipal: Role.ADMIN
        MSPDir: ./ordererOrganizations/example.com/msp
        Policies:
            Readers:
                Type: Signature
                Rule: OR('example.com.member')
            Writers:
                Type: Signature
                Rule: OR('example.com.member')
            Admins:
                Type: Signature
                Rule: OR('example.com.admin')
            Endorsement:
                Type: Signature
                Rule: OR('example.com.member')

    - &Org1ExampleCom
        Name: Org1ExampleCom
        ID: org1.example.com
        MSPDir: ./peerOrganizations/org1.example.com/msp
        AdminPrincipal: Role.ADMIN
        AnchorPeers:
            - Host: peer0.org1.example.com
              Port: 7051
        Policies:
            Readers:
                Type: Signature
                Rule: OR('org1.example.com.member')
            Writers:
                Type: Signature
                Rule: OR('org1.example.com.member')
            Admins:
                Type: Signature
                Rule: OR('org1.example.com.admin')
            Endorsement:
                Type: Signature
                Rule: OR('org1.example.com.member')

    - &Org2ExampleCom
        Name: Org2ExampleCom
        ID: org2.example.com
        MSPDir: ./peerOrganizations/org2.example.com/msp
        AdminPrincipal: Role.ADMIN
        AnchorPeers:
            - Host: peer0.org2.example.com
              Port: 7051
        Policies:
            Readers:
                Type: Signature
                Rule: OR('org2.example.com.member')
            Writers:
                Type: Signature
                Rule: OR('org2.example.com.member')
            Admins:
                Type: Signature
                Rule: OR('org2.example.com.admin')
            Endorsement:
                Type: Signature
                Rule: OR('org2.example.com.member')

Orderer / 排序節(jié)點(diǎn)配置

Orderer配置段用來定義要編碼寫入創(chuàng)世區(qū)塊或通道交易的排序節(jié)點(diǎn)參數(shù)。

Orderer: &OrdererDefaults

    # 排序節(jié)點(diǎn)類型用來指定要啟用的排序節(jié)點(diǎn)實(shí)現(xiàn),不同的實(shí)現(xiàn)對(duì)應(yīng)不同的共識(shí)算法。
    # 目前可用的類型為:solo和kafka
    OrdererType: solo
    Addresses:
        - orderer0.example.com:7050

    BatchTimeout: 2s
    BatchSize:
        MaxMessageCount: 10
        AbsoluteMaxBytes: 98 MB
        PreferredMaxBytes: 512 KB

    MaxChannels: 0
    Kafka:
        Brokers:
            - kafka0:9092
            - kafka1:9092
            - kafka2:9092
            - kafka3:9092

    Organizations:

    # 定義本層級(jí)的排序節(jié)點(diǎn)策略,其權(quán)威路徑為 /Channel/Orderer/<PolicyName>
    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: ANY Readers
        Writers:
            Type: ImplicitMeta
            Rule: ANY Writers
        Admins:
            Type: ImplicitMeta
            Rule: MAJORITY Admins
        # BlockValidation配置項(xiàng)指定了哪些簽名必須包含在區(qū)塊中,以便對(duì)等節(jié)點(diǎn)進(jìn)行驗(yàn)證
        BlockValidation:
            Type: ImplicitMeta
            Rule: ANY Writers

    # Capabilities配置描述排序節(jié)點(diǎn)層級(jí)的能力需求,這里直接引用
    # 前面Capabilities配置段中的OrdererCapabilities配置項(xiàng)
    Capabilities:
        <<: *OrdererCapabilities

Channel / 通道配置

Channel配置段用來定義要寫入創(chuàng)世區(qū)塊或配置交易的通道參數(shù)。

Channel: &ChannelDefaults
    # 定義本層級(jí)的通道訪問策略,其權(quán)威路徑為 /Channel/<PolicyName>
    Policies:
        Readers:
            Type: ImplicitMeta
            Rule: ANY Readers
        # Writes策略定義了調(diào)用Broadcast API提交交易的許可規(guī)則
        Writers:
            Type: ImplicitMeta
            Rule: ANY Writers
        # Admin策略定義了修改本層級(jí)配置的許可規(guī)則
        Admins:
            Type: ImplicitMeta
            Rule: MAJORITY Admins

    # Capabilities配置描通道層級(jí)的能力需求,這里直接引用
    # 前面Capabilities配置段中的ChannelCapabilities配置項(xiàng)
    Capabilities:
        <<: *ChannelCapabilities

Application / 應(yīng)用配置

Application配置段用來定義要寫入創(chuàng)世區(qū)塊或配置交易的應(yīng)用參數(shù)。

Application: &ApplicationDefaults
    ACLs: &ACLsDefault
        # ACLs配置段為系統(tǒng)中各種資源提供默認(rèn)的策略。
        # 這里所說的“資源”,可以是系統(tǒng)鏈碼的函數(shù),例如qscc系統(tǒng)鏈碼的GetBlockByNumber方法
        # 也可以是其他資源,例如誰可以接收區(qū)塊事件。
        # 這個(gè)配置段不是用來定義資源或API,而僅僅是定義資源的訪問控制策略
        # 
        # 用戶可以在通道定義中重寫這些默認(rèn)策略

        #---New Lifecycle System Chaincode (_lifecycle) function to policy mapping for access control--#

        # _lifecycle系統(tǒng)鏈碼CommitChaincodeDefinition函數(shù)的ACL定義
        _lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers

        # _lifecycle系統(tǒng)鏈碼的QueryChaincodeDefinition函數(shù)的ACL定義
        _lifecycle/QueryChaincodeDefinition: /Channel/Application/Readers

        # _lifecycle系統(tǒng)鏈碼的QueryNamespaceDefinitions函數(shù)的ACL定義
        _lifecycle/QueryNamespaceDefinitions: /Channel/Application/Readers

        #---Lifecycle System Chaincode (lscc) function to policy mapping for access control---#

        # lscc系統(tǒng)鏈碼的getid函數(shù)的ACL定義
        lscc/ChaincodeExists: /Channel/Application/Readers

        # lscc系統(tǒng)鏈碼的getdepspec函數(shù)的ACL定義
        lscc/GetDeploymentSpec: /Channel/Application/Readers

        # lscc系統(tǒng)鏈碼的getccdata函數(shù)的ACL定義
        lscc/GetChaincodeData: /Channel/Application/Readers

        # lscc系統(tǒng)鏈碼的getchaincodes函數(shù)的ACL定義
        lscc/GetInstantiatedChaincodes: /Channel/Application/Readers

        #---Query System Chaincode (qscc) function to policy mapping for access control---#

        # qscc系統(tǒng)鏈碼的GetChainInfo函數(shù)的ACL定義
        qscc/GetChainInfo: /Channel/Application/Readers

        # qscc系統(tǒng)鏈碼的GetBlockByNumber函數(shù)的ACL定義
        qscc/GetBlockByNumber: /Channel/Application/Readers

        # qscc系統(tǒng) 鏈碼的GetBlockByHash函數(shù)的ACL定義
        qscc/GetBlockByHash: /Channel/Application/Readers

        # qscc系統(tǒng)鏈碼的GetTransactionByID函數(shù)的ACL定義
        qscc/GetTransactionByID: /Channel/Application/Readers

        # qscc系統(tǒng)鏈碼GetBlockByTxID函數(shù)的ACL定義
        qscc/GetBlockByTxID: /Channel/Application/Readers

        #---Configuration System Chaincode (cscc) function to policy mapping for access control---#

        # cscc系統(tǒng)鏈碼的GetConfigBlock函數(shù)的ACl定義
        cscc/GetConfigBlock: /Channel/Application/Readers

        # cscc系統(tǒng)鏈碼的GetConfigTree函數(shù)的ACL定義
        cscc/GetConfigTree: /Channel/Application/Readers

        # cscc系統(tǒng)鏈碼的SimulateConfigTreeUpdate函數(shù)的ACL定義
        cscc/SimulateConfigTreeUpdate: /Channel/Application/Readers

        #---Miscellanesous peer function to policy mapping for access control---#

        # 訪問對(duì)等節(jié)點(diǎn)上的鏈碼的ACL策略定義
        peer/Propose: /Channel/Application/Writers

        # 從鏈碼中訪問其他鏈碼的ACL策略定義
        peer/ChaincodeToChaincode: /Channel/Application/Readers

        #---Events resource to policy mapping for access control###---#

        # 發(fā)送區(qū)塊事件的ACL策略定義
        event/Block: /Channel/Application/Readers

        # 發(fā)送過濾的區(qū)塊事件的ACL策略定義
        event/FilteredBlock: /Channel/Application/Readers

    # Organizations配置列出參與到網(wǎng)絡(luò)中的機(jī)構(gòu)清單
    Organizations:

    # 定義本層級(jí)的應(yīng)用控制策略,其權(quán)威路徑為 /Channel/Application/<PolicyName>
    Policies: &ApplicationDefaultPolicies
        Readers:
            Type: ImplicitMeta
            Rule: "ANY Readers"
        Writers:
            Type: ImplicitMeta
            Rule: "ANY Writers"
        Admins:
            Type: ImplicitMeta
            Rule: "MAJORITY Admins"
        LifecycleEndorsement:
            Type: ImplicitMeta
            Rule: "ANY Endorsement"
        Endorsement:
            Type: ImplicitMeta
            Rule: "ANY Endorsement"

    # Capabilities配置描述應(yīng)用層級(jí)的能力需求,這里直接引用
    # 前面Capabilities配置段中的ApplicationCapabilities配置項(xiàng)
    Capabilities:
        <<: *ApplicationCapabilities

Profiles / 配置入口

Profiles配置段用來定義用于configtxgen工具的配置入口。包含委員會(huì)(consortium)的配置入口可以用來生成排序節(jié)點(diǎn)的創(chuàng)世區(qū)塊。如果在排序節(jié)點(diǎn)的創(chuàng)世區(qū)塊中正確定義了consortium的成員,那么可以僅使用機(jī)構(gòu)成員名稱和委員會(huì)的名稱來生成通道創(chuàng)建請(qǐng)求。

Profiles:

    # SampleInsecureSolo定義了一個(gè)使用Solo排序節(jié)點(diǎn)的簡(jiǎn)單配置
    SampleInsecureSolo:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *OrdererCapabilities
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *ApplicationCapabilities
            Policies:
                Readers:
                  Type: ImplicitMeta
                  Rule: ANY Readers
                Writers:
                  Type: ImplicitMeta
                  Rule: ANY Writers
                Admins:
                  Type: ImplicitMeta
                  Rule: MAJORITY Admins
                LifecycleEndorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
                Endorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
        Consortiums:
            SampleConsortium:
                Organizations:
                    - *Org1ExampleCom
                    - *Org2ExampleCom

    # SampleInsecureKafka定義了一個(gè)使用Kfaka排序節(jié)點(diǎn)的配置
    SampleInsecureKafka:
        <<: *ChannelDefaults
        Orderer:
            <<: *OrdererDefaults
            OrdererType: kafka
            Addresses:
                - orderer0.example.com:7050
                - orderer1.example.com:7050
                - orderer2.example.com:7050
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *OrdererCapabilities
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *ApplicationCapabilities
            Policies:
                Readers:
                  Type: ImplicitMeta
                  Rule: ANY Readers
                Writers:
                  Type: ImplicitMeta
                  Rule: ANY Writers
                Admins:
                  Type: ImplicitMeta
                  Rule: MAJORITY Admins
                LifecycleEndorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
                Endorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
        Consortiums:
            SampleConsortium:
                Organizations:
                    - *ExampleCom
                    - *Org1ExampleCom
                    - *Org2ExampleCom

    # SampleSingleMSPSolo定義了一個(gè)使用Solo排序節(jié)點(diǎn)、包含單一MSP的配置
    SampleSingleMSPSolo:
        Orderer:
            <<: *OrdererDefaults
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *OrdererCapabilities
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *ApplicationCapabilities
            Policies:
                Readers:
                  Type: ImplicitMeta
                  Rule: ANY Readers
                Writers:
                  Type: ImplicitMeta
                  Rule: ANY Writers
                Admins:
                  Type: ImplicitMeta
                  Rule: MAJORITY Admins
                LifecycleEndorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
                Endorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
        Consortiums:
            SampleConsortium:
                Organizations:
                    - *ExampleCom
                    - *Org1ExampleCom
                    - *Org2ExampleCom

    # SampleEmptyInsecureChannel定義了一個(gè)不包含成員與訪問控制策略的通道
    SampleEmptyInsecureChannel:
        Capabilities:
            <<: *ChannelCapabilities
        Consortium: SampleConsortium
        Application:
            Organizations:
                - *ExampleCom
            Capabilities:
                <<: *ApplicationCapabilities
            Policies:
                Readers:
                  Type: ImplicitMeta
                  Rule: ANY Readers
                Writers:
                  Type: ImplicitMeta
                  Rule: ANY Writers
                Admins:
                  Type: ImplicitMeta
                  Rule: MAJORITY Admins
                LifecycleEndorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
                Endorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement

    # SysTestChannel定義了一個(gè)用于測(cè)試的通道
    SysTestChannel:
        <<: *ChannelDefaults
        Capabilities:
            <<: *ChannelCapabilities
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *Org1ExampleCom
                - *Org2ExampleCom
            Capabilities:
                <<: *ApplicationCapabilities
            Policies:
                Readers:
                  Type: ImplicitMeta
                  Rule: ANY Readers
                Writers:
                  Type: ImplicitMeta
                  Rule: ANY Writers
                Admins:
                  Type: ImplicitMeta
                  Rule: MAJORITY Admins
                LifecycleEndorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
                Endorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement

    # SampleSingleMSPChannel定義了一個(gè)僅包含單一成員機(jī)構(gòu)的通道。
    # 該配置通常與SampleSingleMSPSolo或SampleSingleMSPKafka同時(shí)使用
    SampleSingleMSPChannel:
        <<: *ChannelDefaults
        Capabilities:
            <<: *ChannelCapabilities
        Consortium: SampleConsortium
        Application:
            <<: *ApplicationDefaults
            Organizations:
                - *Org1ExampleCom
                - *Org2ExampleCom
            Capabilities:
                <<: *ApplicationCapabilities
            Policies:
                Readers:
                  Type: ImplicitMeta
                  Rule: ANY Readers
                Writers:
                  Type: ImplicitMeta
                  Rule: ANY Writers
                Admins:
                  Type: ImplicitMeta
                  Rule: MAJORITY Admins
                LifecycleEndorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement
                Endorsement:
                  Type: ImplicitMeta
                  Rule: ANY Endorsement

到此,關(guān)于“Organizations組織機(jī)構(gòu)怎么配置”的學(xué)習(xí)就結(jié)束了,希望能夠解決大家的疑惑。理論與實(shí)踐的搭配能更好的幫助大家學(xué)習(xí),快去試試吧!若想繼續(xù)學(xué)習(xí)更多相關(guān)知識(shí),請(qǐng)繼續(xù)關(guān)注億速云網(wǎng)站,小編會(huì)繼續(xù)努力為大家?guī)砀鄬?shí)用的文章!

向AI問一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI