Skip to content

Commit

Permalink
[FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678)
Browse files Browse the repository at this point in the history
- Notes about configure TLSCARoot
- Notes about configure non-general-TLS orderer with etcdraft mode

Signed-off-by: davidliu <david-khala@hotmail.com>
(cherry picked from commit 0744363)
  • Loading branch information
davidkhala authored and mergify[bot] committed Jan 22, 2021
1 parent b144d49 commit 1dc0b47
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions docs/source/raft_configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -82,22 +82,26 @@ other, and TLS certificates issued by a public TLS CA for the client facing API.

* `ClientCertificate`, `ClientPrivateKey`: The file path of the client TLS certificate
and corresponding private key.
* `ListenPort`: The port the cluster listens on. If blank, the port is the same
port as the orderer general port (`general.listenPort`)
* `ListenPort`: The port the cluster listens on.
It must be same as `consenters[i].Port` in Channel configuration.
If blank, the port is the same port as the orderer general port (`general.listenPort`)
* `ListenAddress`: The address the cluster service is listening on.
* `ServerCertificate`, `ServerPrivateKey`: The TLS server certificate key pair
which is used when the cluster service is running on a separate gRPC server
(different port).
* `SendBufferSize`: Regulates the number of messages in the egress buffer.

Note: `ListenPort`, `ListenAddress`, `ServerCertificate`, `ServerPrivateKey` must
be either set together or unset together.
If they are unset, they are inherited from the general TLS section,
in example `general.tls.{privateKey, certificate}`.
When general TLS is disabled:
- Use a different `ListenPort` than the orderer general port
- Properly configure TLS root CAs in the channel configuration.

There are also hidden configuration parameters for `general.cluster` which can be
used to further fine tune the cluster communication or replication mechanisms:

* `SendBufferSize`: Regulates the number of messages in the egress buffer.
* `DialTimeout`, `RPCTimeout`: Specify the timeouts of creating connections and
establishing streams.
* `ReplicationBufferSize`: the maximum number of bytes that can be allocated
Expand Down

0 comments on commit 1dc0b47

Please sign in to comment.