From 1dc0b47982dca59f1a9df24a962b4e18743a2f14 Mon Sep 17 00:00:00 2001 From: David Liu Date: Fri, 22 Jan 2021 12:35:37 +0800 Subject: [PATCH] [FAB-15648] document update: Non-TLS orderer with etcdraft usage (#1678) - Notes about configure TLSCARoot - Notes about configure non-general-TLS orderer with etcdraft mode Signed-off-by: davidliu (cherry picked from commit 07443633db632cb033bc973c7716ca1f44a2ad9d) --- docs/source/raft_configuration.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/source/raft_configuration.md b/docs/source/raft_configuration.md index 29e6f74e9e1..52f70f997bc 100644 --- a/docs/source/raft_configuration.md +++ b/docs/source/raft_configuration.md @@ -82,22 +82,26 @@ other, and TLS certificates issued by a public TLS CA for the client facing API. * `ClientCertificate`, `ClientPrivateKey`: The file path of the client TLS certificate and corresponding private key. - * `ListenPort`: The port the cluster listens on. If blank, the port is the same - port as the orderer general port (`general.listenPort`) + * `ListenPort`: The port the cluster listens on. + It must be same as `consenters[i].Port` in Channel configuration. + If blank, the port is the same port as the orderer general port (`general.listenPort`) * `ListenAddress`: The address the cluster service is listening on. * `ServerCertificate`, `ServerPrivateKey`: The TLS server certificate key pair which is used when the cluster service is running on a separate gRPC server (different port). - * `SendBufferSize`: Regulates the number of messages in the egress buffer. Note: `ListenPort`, `ListenAddress`, `ServerCertificate`, `ServerPrivateKey` must be either set together or unset together. If they are unset, they are inherited from the general TLS section, in example `general.tls.{privateKey, certificate}`. +When general TLS is disabled: + - Use a different `ListenPort` than the orderer general port + - Properly configure TLS root CAs in the channel configuration. There are also hidden configuration parameters for `general.cluster` which can be used to further fine tune the cluster communication or replication mechanisms: + * `SendBufferSize`: Regulates the number of messages in the egress buffer. * `DialTimeout`, `RPCTimeout`: Specify the timeouts of creating connections and establishing streams. * `ReplicationBufferSize`: the maximum number of bytes that can be allocated