docker-compose.yml 6.37 KB
Newer Older
1 2
# WARNING! All FIWARE components are running at full debug and extra ports have been exposed to allow for direct calls
# to services.
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
# They also contain various obvious security flaws - passwords in plain text, no load balancing,
# no use of HTTPS and so on.
#
# This is all to avoid the need of multiple machines, generating certificates, encrypting secrets
# and so on, purely so that a single docker-compose file can be read as an example to build on,
# not use directly.
#
# When deploying to a production environment, please looking at the SmartSDK Recipes
# in order to scale up to a proper architecture:
#
# see: https://smartsdk.github.io/smartsdk-recipes/
#
version: "3.5"
services:
  # Orion is the context broker
  orion:
19
    image: fiware/orion:${ORION_VERSION}
20 21 22 23 24 25 26 27 28
    container_name: fiware-orion
    depends_on:
      - mongo-db
    networks:
      default:
        ipv4_address: 172.18.1.9
    expose:
      - "${ORION_PORT}"
    ports:
29
      - "${ORION_PORT}:${ORION_PORT}"
30
    command: -dbhost mongo-db -logLevel INFO
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72
    healthcheck:
      test: curl --fail -s http://orion:${ORION_PORT}/version || exit 1

  # Keyrock is an Identity Management Front-End
  keyrock:
    image: fiware/idm:${KEYROCK_VERSION}
    container_name: fiware-keyrock
    networks:
      default:
        ipv4_address: 172.18.1.5
    depends_on:
      - mysql-db
    ports:
      - "${KEYROCK_PORT}:${KEYROCK_PORT}" # localhost:3005
    environment:
      - DEBUG=idm:*
      - IDM_DB_HOST=mysql-db
      - IDM_DB_PASS_FILE=/run/secrets/my_secret_data
      - IDM_DB_USER=root
      - IDM_HOST=http://localhost:${KEYROCK_PORT}
      - IDM_PORT=${KEYROCK_PORT}
      - IDM_HTTPS_ENABLED=${IDM_HTTPS_ENABLED}
      - IDM_HTTPS_PORT=${KEYROCK_HTTPS_PORT}
      - IDM_ADMIN_USER=alice
      - IDM_ADMIN_EMAIL=alice-the-admin@test.com
      - IDM_ADMIN_PASS=test
    secrets:
      - my_secret_data
    healthcheck:
      test: curl --fail -s http://localhost:${KEYROCK_PORT}/version || exit 1

  # PEP Proxy for Orion
  orion-proxy:
    image: fiware/pep-proxy:${WILMA_VERSION}
    container_name: fiware-orion-proxy
    networks:
      default:
        ipv4_address: 172.18.1.10
    depends_on:
      - keyrock
    expose:
      - "${ORION_PROXY_PORT}"
73 74
    ports:
      - "${ORION_PROXY_PORT}:${ORION_PROXY_PORT}"
75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111
    environment:
      - PEP_PROXY_APP_HOST=orion
      - PEP_PROXY_APP_PORT=${ORION_PORT}
      - PEP_PROXY_PORT=${ORION_PROXY_PORT}
      - PEP_PROXY_IDM_HOST=keyrock
      - PEP_PROXY_HTTPS_ENABLED=false
      - PEP_PROXY_AUTH_ENABLED=false
      - PEP_PROXY_IDM_SSL_ENABLED=false
      - PEP_PROXY_IDM_PORT=${KEYROCK_PORT}
      - PEP_PROXY_APP_ID=tutorial-dckr-site-0000-xpresswebapp
      - PEP_PROXY_USERNAME=pep_proxy_00000000-0000-0000-0000-000000000000
      - PEP_PASSWORD=test
      - PEP_PROXY_PDP=idm
      - PEP_PROXY_MAGIC_KEY=1234
      - PEP_PROXY_PUBLIC_PATHS=/version
    healthcheck:
      test: curl --fail -s http://orion-proxy:${ORION_PROXY_PORT}/version || exit 1

  # Databases
  mongo-db:
    image: mongo:${MONGO_DB_VERSION}
    container_name: db-mongo
    expose:
      - "${MONGO_DB_PORT}"
    ports:
      - "${MONGO_DB_PORT}:${MONGO_DB_PORT}" # localhost:27017
    networks:
      - default
    command: --bind_ip_all --smallfiles
    volumes:
      - mongo-db:/data

  # mongo admin dashboard
  mongo-express:
    image: mongo-express
    container_name: mongo-express
    networks:
112 113
      default:
        ipv4_address: 172.18.1.12
114 115 116
    depends_on:
      - mongo-db
    expose:
117
      - "${MONGO_DB_EXPRESS_PORT}"
118
    ports:
119
      - "${MONGO_DB_EXPRESS_PORT}:${MONGO_DB_EXPRESS_PORT}"
120 121
    environment:
      - ME_CONFIG_OPTIONS_EDITORTHEME=ambiance
122 123
      - ME_CONFIG_BASICAUTH_USERNAME=${MONGO_DB_EXPRESS_USER}
      - ME_CONFIG_BASICAUTH_PASSWORD=${MONGO_DB_EXPRESS_PASS}
124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147
      - ME_CONFIG_MONGODB_PORT=${MONGO_DB_PORT}
      - ME_CONFIG_MONGODB_ENABLE_ADMIN=false
      - ME_CONFIG_MONGODB_SERVER=mongo-db

  mysql-db:
    restart: always
    image: mysql:${MYSQL_DB_VERSION}
    container_name: db-mysql
    expose:
      - "${MYSQL_DB_PORT}"
    ports:
      - "${MYSQL_DB_PORT}:${MYSQL_DB_PORT}" # localhost:3306
    networks:
      default:
        ipv4_address: 172.18.1.6
    environment:
      - "MYSQL_ROOT_PASSWORD_FILE=/run/secrets/my_secret_data"
      - "MYSQL_ROOT_HOST=172.18.1.5" # Allow Keyrock to access this database
    volumes:
      - mysql-db:/var/lib/mysql
      - ./mysql-data:/docker-entrypoint-initdb.d/:ro
    secrets:
      - my_secret_data

148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185
  # db for timeseries (quantumleap)
  crate-db:
    image: crate:${CRATE_VERSION}
    container_name: db-crate
    networks:
      default:
        ipv4_address: 172.18.1.8
    expose:
      - "${CRATE_PORT_GUI}"
    ports:
      - "${CRATE_PORT_GUI}:${CRATE_PORT_GUI}" # Admin UI
      - "${CRATE_PORT}:${CRATE_PORT_GUI}" # Transport protocol
    command: crate -Clicense.enterprise=false -Cauth.host_based.enabled=false  -Ccluster.name=democluster -Chttp.cors.enabled=true -Chttp.cors.allow-origin="*"
    volumes:
      - crate-storage:/data

  # Quantum Leap is persisting Short Term History to Crate-DB
  quantumleap:
    image: smartsdk/quantumleap:${QUANTUMLEAP_VERSION}
    container_name: fiware-quantumleap
    expose:
      - "${QUANTUMLEAP_PORT}"
    ports:
      - "${QUANTUMLEAP_PORT}:${QUANTUMLEAP_PORT}"
    depends_on:
      - crate-db
    networks:
      default:
        ipv4_address: 172.18.1.7
    environment:
      - CRATE_HOST=crate-db
    healthcheck:
      test: curl --fail -s http://fiware-quantumleap:${QUANTUMLEAP_PORT}/v2/version || exit 1
      start_period: 40s
      interval: 1m30s
      timeout: 10s
      retries: 3

186 187 188 189 190 191 192 193 194 195
  wms-app-example:
    build:
      context: ./wms-example
      dockerfile: Dockerfile
    image: wms-app-example:latest
    container_name: wms-app-example
    environment:
      - LC_ALL=C.UTF-8
      - LANG=C.UTF-8
      - FLASK_DEBUG=1
196
    expose:
197
      - "${WMS_MODULE_PORT}"
198
    ports:
199
      - "${WMS_MODULE_PORT}:${WMS_MODULE_PORT}"
200 201
    volumes:
      - ./wms-example:/code
202 203
    networks:
      default:
204 205 206
        ipv4_address: 172.18.1.11
    healthcheck:
      test: curl --fail -s http://wms-app-example:${WMS_MODULE_PORT}/healthcheck || exit 1
207 208 209

networks:
  default:
210 211 212
    driver: bridge
    driver_opts:
      com.docker.network.driver.mtu: 1450
213
      com.docker.network.bridge.name: naiades-network
214 215 216
    ipam:
      config:
        - subnet: 172.18.1.0/24
217

218 219 220
volumes:
  mysql-db: ~
  mongo-db: ~
221
  crate-storage: ~
222 223 224 225

secrets:
  my_secret_data:
    file: secrets