5a34506eb6
Update multiple aspects of our docker development stack. The frontend now has a devel specific webpack that allows development against a local server/api. The docker-composer.yaml also includes both versioning and networking updates. Overall, the major change is to migrate our proxy access into the crc webpack proxy.
165 lines
4.8 KiB
YAML
165 lines
4.8 KiB
YAML
version: '3.9'
|
|
services:
|
|
composer:
|
|
image: local/osbuild-composer
|
|
build:
|
|
context: ../../osbuild-composer
|
|
dockerfile: ./distribution/Dockerfile-ubi
|
|
entrypoint:
|
|
[
|
|
"python3",
|
|
"/opt/entrypoint.py",
|
|
"--remote-worker-api",
|
|
"--composer-api"
|
|
]
|
|
volumes:
|
|
- ${COMPOSER_CONFIG_DIR}/osbuild-composer.toml:/etc/osbuild-composer/osbuild-composer.toml:z
|
|
- ${COMPOSER_CONFIG_DIR}/acl.yml:/etc/osbuild-composer/acl.yml:z
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/osbuild-composer/ca-crt.pem:z
|
|
- ${CERT_DIR}/composer-crt.pem:/etc/osbuild-composer/composer-crt.pem:z
|
|
- ${CERT_DIR}/composer-key.pem:/etc/osbuild-composer/composer-key.pem:z
|
|
ports:
|
|
- 8080:8080
|
|
- 8700:8700
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.10
|
|
worker:
|
|
image: local/osbuild-worker
|
|
build:
|
|
context: ../../osbuild-composer
|
|
dockerfile: ./distribution/Dockerfile-worker
|
|
# override the entrypoint to specify composer hostname and port
|
|
entrypoint: [ "/usr/libexec/osbuild-composer/osbuild-worker", "composer:8700" ]
|
|
volumes:
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/osbuild-composer/ca-crt.pem:z
|
|
- ${WORKER_CONFIG_DIR}/osbuild-worker.toml:/etc/osbuild-worker/osbuild-worker.toml:z
|
|
- ${WORKER_CONFIG_DIR}/secret:/etc/osbuild-worker/secret:z
|
|
environment:
|
|
- CACHE_DIRECTORY=/var/cache/osbuild-composer
|
|
privileged: true
|
|
cap_add:
|
|
- MKNOD
|
|
- SYS_ADMIN
|
|
- NET_ADMIN
|
|
depends_on:
|
|
- "composer"
|
|
restart: on-failure
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.20
|
|
postgres:
|
|
image: docker.io/postgres:10.5
|
|
healthcheck:
|
|
test: [ "CMD", "pg_isready", "-U", "postgres", "-d", "postgres" ]
|
|
interval: 2s
|
|
timeout: 2s
|
|
retries: 10
|
|
environment:
|
|
- POSTGRES_USER=postgres
|
|
- POSTGRES_PASSWORD=postgres
|
|
volumes:
|
|
- ../../image-builder/internal/db/migrations-tern/:/docker-entrypoint-initdb.d/:Z
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.30
|
|
backend:
|
|
image: local/image-builder
|
|
build:
|
|
context: ../../image-builder
|
|
dockerfile: ./distribution/Dockerfile-ubi
|
|
ports:
|
|
- "8086:8086"
|
|
healthcheck:
|
|
test: [ "CMD", "curl", "localhost:8086/status" ]
|
|
interval: 2s
|
|
timeout: 2s
|
|
retries: 10
|
|
volumes:
|
|
- ./config/backend/quotas.json:/config/quotas.json:z
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/image-builder/ca-crt.pem:z
|
|
- ${CERT_DIR}/client-crt.pem:/etc/image-builder/client-crt.pem:z
|
|
- ${CERT_DIR}/client-key.pem:/etc/image-builder/client-key.pem:z
|
|
environment:
|
|
- LISTEN_ADDRESS=backend:8086
|
|
- LOG_LEVEL=DEBUG
|
|
- ALLOWED_ORG_IDS=*
|
|
- PGHOST=postgres
|
|
- PGPORT=5432
|
|
- PGDATABASE=postgres
|
|
- PGUSER=postgres
|
|
- PGPASSWORD=postgres
|
|
- COMPOSER_URL=https://composer:8080
|
|
- COMPOSER_TOKEN_URL=http://fauxauth:8888/token?refresh_token=42
|
|
- COMPOSER_CLIENT_SECRET=${COMPOSER_CLIENT_SECRET}
|
|
- COMPOSER_CLIENT_ID=${COMPOSER_CLIENT_ID}
|
|
- COMPOSER_CA_PATH=/etc/image-builder/ca-crt.pem
|
|
- DISTRIBUTIONS_DIR=/app/distributions
|
|
- QUOTA_FILE=/config/quotas.json
|
|
depends_on:
|
|
- "composer"
|
|
- "postgres"
|
|
restart: on-failure
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.40
|
|
frontend:
|
|
image: local/image-builder-frontend
|
|
ports:
|
|
- "1337:1337"
|
|
build:
|
|
context: ../../image-builder-frontend
|
|
dockerfile: ./distribution/Dockerfile
|
|
environment:
|
|
- HOST=frontend
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.50
|
|
prometheus:
|
|
profiles: ["metrics"]
|
|
image: prom/prometheus:latest
|
|
ports:
|
|
- "9000:9090"
|
|
volumes:
|
|
- ./config/prometheus:/config
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/image-builder/ca-crt.pem:z
|
|
- ${CERT_DIR}/client-crt.pem:/etc/image-builder/client-crt.pem:z
|
|
- ${CERT_DIR}/client-key.pem:/etc/image-builder/client-key.pem:z
|
|
restart: unless-stopped
|
|
command:
|
|
- "--config.file=/config/prometheus.yml"
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.60
|
|
grafana:
|
|
profiles: ["metrics"]
|
|
image: grafana/grafana:latest
|
|
ports:
|
|
- "3000:3000"
|
|
volumes:
|
|
- ./config/grafana:/etc/grafana/provisioning/
|
|
restart: unless-stopped
|
|
environment:
|
|
- GF_SECURITY_ADMIN_PASSWORD=foobar
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.70
|
|
fauxauth:
|
|
image: local/osbuild-fauxauth
|
|
build:
|
|
context: ../../osbuild-composer
|
|
dockerfile: ./distribution/Dockerfile-fauxauth
|
|
entrypoint: [ "/opt/fauxauth.py", "-a", "0.0.0.0", "-p", "8888" ]
|
|
volumes:
|
|
- ${CERT_DIR}/:/etc/osbuild-composer/:z
|
|
ports:
|
|
- "8888:8888"
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.80
|
|
networks:
|
|
net:
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: 172.31.0.0/16
|