I know that each entity in the hyperledger network does need an Identity. This identity is given by an certificate authority. The local and channel MSP maps this identity with an organization and gives the identity a role.
A couple of questions:
Q1: Different roles in the fabric
Q2: Yes, each role has specific access. While creating a channel we need to define all roles. Admin can do configuration block changes as per policies defined.
There are two types of policies
The reader can only read transactions, where the Writer can invoke a transaction. We define all policies in channel configuration block.
Q3: Only Organization(Orderer Organization, Peer Organization) has user, not for peer, so user can be one of (Admin, Reader, Writer)
Q4: There are two types of MSP
Channel MSP
Local MSP
channel configuration (channel MSPs), and locally on an actor’s premise (local MSP). Local MSPs are defined for clients (users) and for nodes (peers and orderers). Node local MSPs define the permissions for that node (who the peer admins are, for example). The local MSPs of the users allow the user side to authenticate itself in its transactions as a member of a channel (e.g. in chaincode transactions), or as the owner of a specific role into the system (an org admin, for example, in configuration transactions).
Q5: Only user of Organization have the role of Admin, I don't think peer have admin role, where as peer comes under some organization who will have some users(Admin user would be one of them)