身份模式配置和使用手册

1. 共识算法适配

  1. TBFT 身份模式:PermissionedWithCert, PermissionedWithKey

  2. HOTSTUFF 身份模式:PermissionedWithCert, PermissionedWithKey

  3. RAFT 身份模式:PermissionedWithCert, PermissionedWithKey

  4. DPOS 身份模式:Public

2. 链配置

2.1. 相关配置详解

2.1.1. PermissionedWithCert

  • auth_type:身份模式

    permissionedWithCert:面向强权限控制场景,基于数字证书的用户标识体系、基于角色的权限控制体系。

  • consensus:共识配置

    • nodes:共识节点列表

      • org_id:组织id

      • node_id:共识节点id列表,是由共识节点TLS证书里的公钥算出的唯一id

  • trust_roots:信任根配置列表

    • org_id:组织id

    • root:组织CA证书所在路径列表

2.1.2. PermissionedWithKey

  • auth_type:身份模式

    permissionedWithKey:面向强权限控制场景,基于公钥的用户标识体系、基于角色的权限控制体系。

  • consensus:共识配置

    • nodes:共识节点列表

      • org_id:组织id

      • node_id:共识节点id列表,是由共识节点公钥算出的唯一id

  • trust_roots:信任根配置列表

    • org_id:组织id

    • root:组织管理员用户公钥所在路径列表

2.1.3. Public

  • auth_type:身份模式

    public:面向弱权限控制场景,基于公钥的用户标识体系、基于角色的权限控制体系。

  • consensus:共识配置

    • nodes:共识节点列表

      DPOS共识模式暂时不需要配置,后续版本推出其他共识待定。

  • trust_roots:信任根配置列表

    默认只使用列表下第一个配置

    • org_id:public模式配置标识(需要填写public)

    org_id: "public"
    
    • root:链管理员公钥所在路径列表

2.2. 示例

2.2.1. PermissionedWithCert

chain_id: chain1                    # 链标识
version: v1.0.0                     # 链版本
sequence: 0                         # 配置版本
auth_type: "permissionedWithCert"   # 认证类型

crypto:
  hash: SHA256

# 合约支持类型的配置
contract:
  enable_sql_support: false

# 虚拟机配置
vm:
  # 虚拟机支持列表
  support_list:
    - "wasmer"
    - "gasm"
    - "evm"
    - "wxvm"

# 交易、区块相关配置
block:
  tx_timestamp_verify: true # 是否需要开启交易时间戳校验
  tx_timeout: 600  # 交易时间戳的过期时间(秒)
  block_tx_capacity: 100  # 区块中最大交易数
  block_size: 10  # 区块最大限制,单位MB
  block_interval: 2000 # 出块间隔,单位:ms

# core模块
core:
  tx_scheduler_timeout: 10 #  [0, 60] 交易调度器从交易池拿到交易后, 进行调度的时间
  tx_scheduler_validate_timeout: 10 # [0, 60] 交易调度器从区块中拿到交易后, 进行验证的超时时间
  consensus_turbo_config:
    consensus_message_turbo: true # 是否开启共识报文压缩
    retry_time: 500 # 根据交易ID列表从交易池获取交易的重试次数
    retry_interval: 20 # 重试间隔,单位:ms

#共识配置
consensus:
  # 共识类型(0-SOLO,1-TBFT,2-MBFT,3-HOTSTUFF,4-RAFT,5-DPOS)
  type: 1
  # 共识节点列表,组织必须出现在trust_roots的org_id中,每个组织可配置多个共识节点,节点地址采用libp2p格式
  nodes:
    - org_id: "wx-org1.chainmaker.org"
      node_id:
        - "QmcQHCuAXaFkbcsPUj7e37hXXfZ9DdN7bozseo5oX4qiC4"
    - org_id: "wx-org2.chainmaker.org"
      node_id:
        - "QmeyNRs2DwWjcHTpcVHoUSaDAAif4VQZ2wQDQAUNDP33gH"
    - org_id: "wx-org3.chainmaker.org"
      node_id:
        - "QmXf6mnQDBR9aHauRmViKzSuZgpumkn7x6rNxw1oqqRr45"
    - org_id: "wx-org4.chainmaker.org"
      node_id:
        - "QmRRWXJpAVdhFsFtd9ah5F4LDQWFFBDVKpECAF8hssqj6H"
        
  ext_config: # 扩展字段,记录难度、奖励等其他类共识算法配置
    - key: aa
      value: chain01_ext11

# 信任组织和根证书
trust_roots:
  - org_id: "wx-org1.chainmaker.org"
    root:
      - "../config/wx-org1/certs/ca/wx-org1.chainmaker.org/ca.crt"
  - org_id: "wx-org2.chainmaker.org"
    root:
      - "../config/wx-org2/certs/ca/wx-org2.chainmaker.org/ca.crt"
  - org_id: "wx-org3.chainmaker.org"
    root:
      - "../config/wx-org3/certs/ca/wx-org3.chainmaker.org/ca.crt"
  - org_id: "wx-org4.chainmaker.org"
    root:
      - "../config/wx-org4/certs/ca/wx-org4.chainmaker.org/ca.crt"

# 权限配置(只能整体添加、修改、删除)
resource_policies:
  - resource_name: CHAIN_CONFIG-NODE_ID_UPDATE
    policy:
      rule: SELF # 规则(ANY,MAJORITY...,全部大写,自动转大写)
      org_list: # 组织名称(组织名称,区分大小写)
      role_list: # 角色名称(role,自动转大写)
        - admin
  - resource_name: CHAIN_CONFIG-TRUST_ROOT_ADD
    policy:
      rule: MAJORITY
      org_list:
      role_list:
        - admin
  - resource_name: CHAIN_CONFIG-CERTS_FREEZE
    policy:
      rule: ANY
      org_list:
      role_list:
        - admin
        
disabled_native_contract:
 # - CONTRACT_NAME  # 通过指定系统合约名字来禁用系统合约

2.2.2. PermissionedWithKey

chain_id: chain1                      # 链标识
version: v1.0.0                       # 链版本
sequence: 0                           # 配置版本
auth_type: "permissionedWithKey"      # 认证类型 permissionedWithCert / permissionedWithKey / public

crypto:
  hash: SHA256

# 合约支持类型的配置
contract:
  enable_sql_support: false

# 交易、区块相关配置
block:
  tx_timestamp_verify: true # 是否需要开启交易时间戳校验
  tx_timeout: 600  # 交易时间戳的过期时间(秒)
  block_tx_capacity: 100  # 区块中最大交易数
  block_size: 10  # 区块最大限制,单位MB
  block_interval: 2000 # 出块间隔,单位:ms

# core模块
core:
  tx_scheduler_timeout: 10 #  [0, 60] 交易调度器从交易池拿到交易后, 进行调度的时间
  tx_scheduler_validate_timeout: 10 # [0, 60] 交易调度器从区块中拿到交易后, 进行验证的超时时间
  consensus_turbo_config:
    consensus_message_turbo: false # 是否开启共识报文压缩
    retry_time: 500 # 根据交易ID列表从交易池获取交易的重试次数
    retry_interval: 20 # 重试间隔,单位:ms


#共识配置
consensus:
  # 共识类型(0-SOLO,1-TBFT,2-MBFT,3-HOTSTUFF,4-RAFT,5-DPOS)
  type: 1
  # 共识节点列表,组织必须出现在trust_roots的org_id中,每个组织可配置多个共识节点,节点地址采用libp2p格式
  nodes:
    - org_id: "wx-org1.chainmaker.org"
      node_id:
        - "QmZcFcJFYYoZ3FNNGL88QaszUZwFwuBdFqYh6yPzJURc3s"
    - org_id: "wx-org2.chainmaker.org"
      node_id:
        - "QmXwtuPemSgH5ypzoKvcLdCLbd9jZ25FbpNf7VPjHF3HMS"
    - org_id: "wx-org3.chainmaker.org"
      node_id:
        - "QmRmQLHJoqAYGkuLFaNY6HLzwtTNxr45UJsYpSjdKvBQw2"
    - org_id: "wx-org4.chainmaker.org"
      node_id:
        - "QmURUHTGsuzzjgh1Xg6s92G1Q3gK91A6JEZGPfYNWwJMiT"
  ext_config: # 扩展字段,记录难度、奖励等其他类共识算法配置
    - key: aa
      value: chain01_ext11

# 信任组织和管理员公钥
trust_roots:
  - org_id: "wx-org1.chainmaker.org"
    root:
      - "../config-pk/permissioned-with-key/wx-org1/public-key/admin/wx-org1.chainmaker.org/admin.pem"
  - org_id: "wx-org2.chainmaker.org"
    root:
      - "../config-pk/permissioned-with-key/wx-org1/public-key/admin/wx-org2.chainmaker.org/admin.pem"
  - org_id: "wx-org3.chainmaker.org"
    root:
      - "../config-pk/permissioned-with-key/wx-org1/public-key/admin/wx-org3.chainmaker.org/admin.pem"
  - org_id: "wx-org4.chainmaker.org"
    root:
      - "../config-pk/permissioned-with-key/wx-org1/public-key/admin/wx-org4.chainmaker.org/admin.pem"

# 权限配置(只能整体添加、修改、删除)
resource_policies:
  - resource_name: CHAIN_CONFIG-NODE_ID_UPDATE
    policy:
      rule: SELF # 规则(ANY,MAJORITY...,全部大写,自动转大写)
      org_list: # 组织名称(组织名称,区分大小写)
      role_list: # 角色名称(role,自动转大写)
        - admin
  - resource_name: CHAIN_CONFIG-TRUST_ROOT_ADD
    policy:
      rule: MAJORITY
      org_list:
      role_list:
        - admin
  - resource_name: CHAIN_CONFIG-CERTS_FREEZE
    policy:
      rule: ANY
      org_list:
      role_list:
        - admin

2.2.3. Public

chain_id: chain1                      # 链标识
version: v1.0.0                       # 链版本
sequence: 0                           # 配置版本
auth_type: "public"                   # 认证类型 permissionedWithCert / permissionedWithKey / public

crypto:
  hash: SHA256

# 合约支持类型的配置
contract:
  enable_sql_support: false

# 交易、区块相关配置
block:
  tx_timestamp_verify: true # 是否需要开启交易时间戳校验
  tx_timeout: 600  # 交易时间戳的过期时间(秒)
  block_tx_capacity: 100  # 区块中最大交易数
  block_size: 10  # 区块最大限制,单位MB
  block_interval: 2000 # 出块间隔,单位:ms

# core模块
core:
  tx_scheduler_timeout: 10 #  [0, 60] 交易调度器从交易池拿到交易后, 进行调度的时间
  tx_scheduler_validate_timeout: 10 # [0, 60] 交易调度器从区块中拿到交易后, 进行验证的超时时间
  consensus_turbo_config:
    consensus_message_turbo: false # 是否开启共识报文压缩
    retry_time: 500 # 根据交易ID列表从交易池获取交易的重试次数
    retry_interval: 20 # 重试间隔,单位:ms

#共识配置
consensus:
  # 共识类型(0-SOLO,1-TBFT,2-MBFT,3-HOTSTUFF,4-RAFT,5-DPOS)
  type: 5
  ext_config: # 扩展字段,记录难度、奖励等其他类共识算法配置
    - key: aa
      value: chain01_ext11
  dpos_config: # DPoS
    #ERC20合约配置
    - key: erc20.total
      value: "10000000"
    - key: erc20.owner
      value: "6CeSsjU5M62Ee3Gx9umUX6nXJoaBkWYufQdTZqEJM5di"
    - key: erc20.decimals
      value: "18"
    - key: erc20.account:DPOS_STAKE
      value: "10000000"
    #Stake合约配置
    - key: stake.minSelfDelegation
      value: "2500000"
    - key: stake.epochValidatorNum
      value: "4"
    - key: stake.epochBlockNum
      value: "10"
    - key: stake.completionUnbondingEpochNum
      value: "1"
    - key: stake.candidate:6CeSsjU5M62Ee3Gx9umUX6nXJoaBkWYufQdTZqEJM5di
      value: "2500000"
    - key: stake.candidate:F5tJ4ca4vdbuyffpc1Szw3WHU3caGaTVAh52MRMS4qBt
      value: "2500000"
    - key: stake.candidate:FxfunVWGkKgYMjngxMtLkd4pUNYVNAHNAqiDqopg5zdw
      value: "2500000"
    - key: stake.candidate:DYt7DfcZnqKNpjgyJ6tU6GFixNfLMkkmnqdwB3NNiAP7
      value: "2500000"

    - key: stake.nodeID:6CeSsjU5M62Ee3Gx9umUX6nXJoaBkWYufQdTZqEJM5di
      value: "QmZcFcJFYYoZ3FNNGL88QaszUZwFwuBdFqYh6yPzJURc3s"
    - key: stake.nodeID:F5tJ4ca4vdbuyffpc1Szw3WHU3caGaTVAh52MRMS4qBt
      value: "QmXwtuPemSgH5ypzoKvcLdCLbd9jZ25FbpNf7VPjHF3HMS"
    - key: stake.nodeID:FxfunVWGkKgYMjngxMtLkd4pUNYVNAHNAqiDqopg5zdw
      value: "QmRmQLHJoqAYGkuLFaNY6HLzwtTNxr45UJsYpSjdKvBQw2"
    - key: stake.nodeID:DYt7DfcZnqKNpjgyJ6tU6GFixNfLMkkmnqdwB3NNiAP7
      value: "QmURUHTGsuzzjgh1Xg6s92G1Q3gK91A6JEZGPfYNWwJMiT"

# 超级管理员
trust_roots:
  - org_id: "public"
    root:
      - "../config-pk/public/admin/admin1/admin1.pem"
      - "../config-pk/public/admin/admin2/admin2.pem"
      - "../config-pk/public/admin/admin3/admin3.pem"
      - "../config-pk/public/admin/admin4/admin4.pem"

3. 节点配置

3.1. 相关配置详解

3.1.1. PermissionedWithCert

  • auth_type:身份模式

    permissionedWithCert:面向强权限控制场景,基于数字证书的用户标识体系、基于角色的权限控制体系。

  • node:节点配置

    • priv_key_file:节点SIGN证书的私钥地址

    • cert_file:节点SIGN证书的地址

  • net:网络配置

    • tls:TLS配置

      • priv_key_file:节点TLS证书的私钥地址

      • cert_file:节点TLS证书的地址

3.1.2. PermissionedWithKey

  • auth_type:身份模式

    permissionedWithKey:面向强权限控制场景,基于公钥的用户标识体系、基于角色的权限控制体系。

  • node:节点配置

    • priv_key_file:节点私钥地址

    • cert_file:不需要配置

  • net:网络配置

    • tls:TLS配置

      • priv_key_file:节点私钥地址

      • cert_file:不需要配置

注:node和net里需要配置同一个私钥的地址

3.1.3. Public

  • auth_type:身份模式

    public:面向弱权限控制场景,基于公钥的用户标识体系、基于角色的权限控制体系。

  • node:节点配置

    • priv_key_file:节点私钥地址

    • cert_file:不需要配置

  • net:网络配置

    • tls:TLS配置

      • priv_key_file:节点私钥地址

      • cert_file:不需要配置

注:node和net里需要配置同一个私钥的地址

3.2. 示例

3.2.1. PermissionedWithCert

auth_type: "permissionedWithCert"      # permissionedWithCert / permissionedWithKey / public

log:
  config_file: ../config/wx-org1/log.yml          # config file of logger configuration.

blockchain:
  - chainId: chain1
    genesis: ../config/wx-org1/chainconfig/bc1.yml

node:
  # 节点类型:full
  type:              full
  org_id:            wx-org1.chainmaker.org
  priv_key_file:     ../config/wx-org1/certs/node/consensus1/consensus1.sign.key
  cert_file:         ../config/wx-org1/certs/node/consensus1/consensus1.sign.crt
  signer_cache_size: 1000
  cert_cache_size:   1000

net:
  provider: LibP2P
  listen_addr: /ip4/0.0.0.0/tcp/11301
  seeds:
    - "/ip4/127.0.0.1/tcp/11301/p2p/QmcQHCuAXaFkbcsPUj7e37hXXfZ9DdN7bozseo5oX4qiC4"
    - "/ip4/127.0.0.1/tcp/11302/p2p/QmNdgWgD2QSu769yCwFCnwhVKhjWzyjA3PgSXL7ZJBrUoA"
    - "/ip4/127.0.0.1/tcp/11303/p2p/QmXf6mnQDBR9aHauRmViKzSuZgpumkn7x6rNxw1oqqRr45"
    - "/ip4/127.0.0.1/tcp/11304/p2p/QmRRWXJpAVdhFsFtd9ah5F4LDQWFFBDVKpECAF8hssqj6H"
  tls:
    enabled: true
    priv_key_file: ../config/wx-org1/certs/node/consensus1/consensus1.tls.key
    cert_file:     ../config/wx-org1/certs/node/consensus1/consensus1.tls.crt

txpool:
  max_txpool_size: 5120 # 普通交易池上限
  max_config_txpool_size: 10 # config交易池的上限
  full_notify_again_time: 30 # 交易池溢出后,再次通知的时间间隔(秒)

rpc:
  provider: grpc
  port: 12301
  tls:
    # TLS模式:
    #   disable - 不启用TLS
    #   oneway  - 单向认证
    #   twoway  - 双向认证
    #mode: disable
    #mode: oneway
    mode:           twoway
    priv_key_file:  ../config/wx-org1/certs/node/consensus1/consensus1.tls.key
    cert_file:      ../config/wx-org1/certs/node/consensus1/consensus1.tls.crt

monitor:
  enabled: false
  port: 14321

pprof:
  enabled: false
  port: 24321

storage:
  store_path: ../data/org1/ledgerData1
  blockdb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/blocks
      write_buffer_size: 1024
      block_write_buffer_size: 1024
  statedb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/state
  historydb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/history
  resultdb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/result
  disable_contract_eventdb: true  #是否禁止合约事件存储功能,默认为true,如果设置为false,需要配置mysql
  contract_eventdb_config:
    provider: sql                 #如果开启contract event db 功能,需要指定provider为sql
    sqldb_config:
      sqldb_type: mysql           #contract event db 只支持mysql
      dsn: root:password@tcp(127.0.0.1:3306)/  #mysql的连接信息,包括用户名、密码、ip、port等,示例:root:admin@tcp(127.0.0.1:3306)/
debug:
  # 是否开启CLI功能,过度期间使用
  is_cli_open: true
  is_http_open: false

3.2.2. PermissionedWithKey

auth_type: "permissionedWithKey"                                   # permissionedWithCert / permissionedWithKey / public

log:
  config_file: ../config-pk/permissioned-with-key/wx-org1/log.yml          # config file of logger configuration.

blockchain:
  - chainId: chain1
    genesis: ../config-pk/permissioned-with-key/wx-org1/chainconfig/bc1.yml

node:
  # 节点类型:full
  type:              full
  org_id:            wx-org1.chainmaker.org
  priv_key_file:     ../config-pk/permissioned-with-key/wx-org1/public-key/node/consensus1/consensus1.key
  signer_cache_size: 1000
  cert_cache_size:   1000

net:
  provider: liquid
  listen_addr: /ip4/0.0.0.0/tcp/11351
  seeds:
    - "/ip4/127.0.0.1/tcp/11351/p2p/QmZcFcJFYYoZ3FNNGL88QaszUZwFwuBdFqYh6yPzJURc3s"
    - "/ip4/127.0.0.1/tcp/11352/p2p/QmXwtuPemSgH5ypzoKvcLdCLbd9jZ25FbpNf7VPjHF3HMS"
    - "/ip4/127.0.0.1/tcp/11353/p2p/QmRmQLHJoqAYGkuLFaNY6HLzwtTNxr45UJsYpSjdKvBQw2"
    - "/ip4/127.0.0.1/tcp/11354/p2p/QmURUHTGsuzzjgh1Xg6s92G1Q3gK91A6JEZGPfYNWwJMiT"
  tls:
    enabled: true
    priv_key_file: ../config-pk/permissioned-with-key/wx-org1/public-key/node/consensus1/consensus1.key

txpool:
  max_txpool_size: 5120 # 普通交易池上限
  max_config_txpool_size: 10 # config交易池的上限
  full_notify_again_time: 30 # 交易池溢出后,再次通知的时间间隔(秒)

rpc:
  provider: grpc
  port: 12301
  tls:
    # TLS模式:
    #   disable - 不启用TLS
    #   oneway  - 单向认证
    #   twoway  - 双向认证
    #mode: disable
    #mode: oneway
    mode: disable

monitor:
  enabled: false
  port: 14321

pprof:
  enabled: false
  port: 24321

storage:
  store_path: ../data/org1/ledgerData1
  blockdb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/blocks
  statedb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/state
  historydb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/history
  resultdb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/org1/result
  disable_contract_eventdb: true  #是否禁止合约事件存储功能,默认为true,如果设置为false,需要配置mysql
  contract_eventdb_config:
    provider: sql                 #如果开启contract event db 功能,需要指定provider为sql
    sqldb_config:
      sqldb_type: mysql           #contract event db 只支持mysql
      dsn: root:password@tcp(127.0.0.1:3306)/  #mysql的连接信息,包括用户名、密码、ip、port等,示例:root:admin@tcp(127.0.0.1:3306)/
debug:
  # 是否开启CLI功能,过度期间使用
  is_cli_open: true
  is_http_open: false

3.2.3. Public

auth_type: "public"                                                        # permissionedWithCert / permissionedWithKey / public

log:
  config_file: ../config-pk/public/node/node1/log.yml                           # config file of logger configuration.

blockchain:
  - chainId: chain1
    genesis: ../config-pk/public/node/node1/chainconfig/bc1.yml

node:
  # 节点类型:full
  type:              full
  org_id:            wx-org1.chainmaker.org
  priv_key_file:     ../config-pk/public/node/node1/node1.key
  signer_cache_size: 1000
  cert_cache_size:   1000

net:
  provider: LibP2P
  listen_addr: /ip4/0.0.0.0/tcp/11351
  seeds:
    - "/ip4/127.0.0.1/tcp/11351/p2p/QmZcFcJFYYoZ3FNNGL88QaszUZwFwuBdFqYh6yPzJURc3s"
    - "/ip4/127.0.0.1/tcp/11352/p2p/QmXwtuPemSgH5ypzoKvcLdCLbd9jZ25FbpNf7VPjHF3HMS"
    - "/ip4/127.0.0.1/tcp/11353/p2p/QmRmQLHJoqAYGkuLFaNY6HLzwtTNxr45UJsYpSjdKvBQw2"
    - "/ip4/127.0.0.1/tcp/11354/p2p/QmURUHTGsuzzjgh1Xg6s92G1Q3gK91A6JEZGPfYNWwJMiT"
  tls:
    enabled: true
    priv_key_file: ../config-pk/public/node/node1/node1.key

txpool:
  max_txpool_size: 5120 # 普通交易池上限
  max_config_txpool_size: 10 # config交易池的上限
  full_notify_again_time: 30 # 交易池溢出后,再次通知的时间间隔(秒)

rpc:
  provider: grpc
  port: 12301
  tls:
    # TLS模式:
    #   disable - 不启用TLS
    #   oneway  - 单向认证
    #   twoway  - 双向认证
    #mode: disable
    #mode: oneway
    mode: disable

monitor:
  enabled: false
  port: 14321

pprof:
  enabled: false
  port: 24321

storage:
  store_path: ../data/node1/ledgerData1
  blockdb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/node1/blocks
  statedb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/node1/state
  historydb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/node1/history
  resultdb_config:
    provider: leveldb
    leveldb_config:
      store_path: ../data/node1/result
  disable_contract_eventdb: true  #是否禁止合约事件存储功能,默认为true,如果设置为false,需要配置mysql
  contract_eventdb_config:
    provider: sql                 #如果开启contract event db 功能,需要指定provider为sql
    sqldb_config:
      sqldb_type: mysql           #contract event db 只支持mysql
      dsn: root:password@tcp(127.0.0.1:3306)/  #mysql的连接信息,包括用户名、密码、ip、port等,示例:root:admin@tcp(127.0.0.1:3306)/
debug:
  # 是否开启CLI功能,过度期间使用
  is_cli_open: true
  is_http_open: false