Google Git
Sign in
apache/apisix/HEAD/./ci/pod/docker-compose.plugin.yml
blob: 0cecf593faba7bd3245a6bdfb763c0b81aa7a50b [file]
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
version: "3.8"
services:
## keycloak
apisix_keycloak:
container_name: apisix_keycloak
image: quay.io/keycloak/keycloak:18.0.2
# use host network because in CAS auth,
# keycloak needs to send back-channel POST to apisix.
network_mode: host
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KC_HTTPS_CERTIFICATE_FILE: /opt/keycloak/conf/server.crt.pem
KC_HTTPS_CERTIFICATE_KEY_FILE: /opt/keycloak/conf/server.key.pem
restart: unless-stopped
command: ["start-dev"]
volumes:
- /opt/keycloak-protocol-cas-18.0.2.jar:/opt/keycloak/providers/keycloak-protocol-cas-18.0.2.jar
- ./ci/pod/keycloak/server.crt.pem:/opt/keycloak/conf/server.crt.pem
- ./ci/pod/keycloak/server.key.pem:/opt/keycloak/conf/server.key.pem
- ./ci/pod/keycloak/kcadm_configure_cas.sh:/tmp/kcadm_configure_cas.sh
- ./ci/pod/keycloak/kcadm_configure_university.sh:/tmp/kcadm_configure_university.sh
- ./ci/pod/keycloak/kcadm_configure_basic.sh:/tmp/kcadm_configure_basic.sh
## kafka-cluster
zookeeper-server1:
image: bitnamilegacy/zookeeper:3.6.0
env_file:
- ci/pod/kafka/zookeeper-server/env/common.env
environment:
JVMFLAGS: "-Xms64m -Xmx128m"
restart: unless-stopped
ports:
- "2181:2181"
networks:
kafka_net:
zookeeper-server2:
image: bitnamilegacy/zookeeper:3.6.0
env_file:
- ci/pod/kafka/zookeeper-server/env/common.env
environment:
JVMFLAGS: "-Xms64m -Xmx128m"
restart: unless-stopped
ports:
- "12181:12181"
networks:
kafka_net:
zookeeper-server3:
image: bitnamilegacy/zookeeper:3.6.0
env_file:
- ci/pod/kafka/zookeeper-server/env/common.env
environment:
JVMFLAGS: "-Xms64m -Xmx128m"
restart: unless-stopped
ports:
- "12182:12181"
networks:
kafka_net_2:
kafka-server1:
image: bitnamilegacy/kafka:2.8.1
env_file:
- ci/pod/kafka/kafka-server/env/common.env
environment:
KAFKA_CFG_ZOOKEEPER_CONNECT: zookeeper-server1:2181
KAFKA_HEAP_OPTS: "-Xms256m -Xmx256m"
restart: unless-stopped
ports:
- "9092:9092"
depends_on:
- zookeeper-server1
- zookeeper-server2
networks:
kafka_net:
kafka-server2:
image: bitnamilegacy/kafka:2.8.1
env_file:
- ci/pod/kafka/kafka-server/env/common2.env
environment:
KAFKA_CFG_ZOOKEEPER_CONNECT: zookeeper-server2:2181
KAFKA_HEAP_OPTS: "-Xms256m -Xmx256m"
restart: unless-stopped
ports:
- "19092:19092"
- "19094:19094"
depends_on:
- zookeeper-server1
- zookeeper-server2
networks:
kafka_net:
volumes:
- ./ci/pod/kafka/kafka-server/kafka_jaas.conf:/opt/bitnami/kafka/config/kafka_jaas.conf:ro
kafka-server3-scram:
image: bitnamilegacy/kafka:2.8.1
env_file:
- ci/pod/kafka/kafka-server/env/common3-scram.env
environment:
KAFKA_CFG_ZOOKEEPER_CONNECT: zookeeper-server3:2181
KAFKA_HEAP_OPTS: "-Xms256m -Xmx256m"
restart: unless-stopped
ports:
- "29092:29092" # PLAINTEXT for inter-broker communication
- "29094:29094" # SASL_SCRAM for clients
depends_on:
- zookeeper-server1
- zookeeper-server2
- zookeeper-server3
networks:
kafka_net_2:
volumes:
- ./ci/pod/kafka/kafka-server/kafka_scram_jaas.conf:/opt/bitnami/kafka/config/kafka_jaas.conf:ro
## SkyWalking
skywalking:
image: apache/skywalking-oap-server:8.7.0-es6
environment:
JAVA_OPTS: "-Xms128m -Xmx256m"
restart: unless-stopped
ports:
- "1234:1234"
- "11800:11800"
- "12800:12800"
networks:
skywalk_net:
## OpenLDAP
openldap:
image: bitnamilegacy/openldap:2.5.8
environment:
- LDAP_ADMIN_USERNAME=amdin
- LDAP_ADMIN_PASSWORD=adminpassword
- LDAP_USERS=user01,user02
- LDAP_PASSWORDS=password1,password2
- LDAP_ENABLE_TLS=yes
- LDAP_TLS_CERT_FILE=/certs/localhost_slapd_cert.pem
- LDAP_TLS_KEY_FILE=/certs/localhost_slapd_key.pem
- LDAP_TLS_CA_FILE=/certs/apisix.crt
ports:
- "1389:1389"
- "1636:1636"
volumes:
- ./t/certs:/certs
## Grafana Loki
loki:
image: grafana/loki:2.8.0
command: -config.file=/etc/loki/local-config.yaml -auth.enabled -querier.multi-tenant-queries-enabled
ports:
- "3100:3100"
networks:
- loki_net
rocketmq_namesrv:
image: apacherocketmq/rocketmq:4.6.0
container_name: rmqnamesrv
environment:
JAVA_OPT_EXT: "-Xms128m -Xmx128m -Xmn64m"
restart: unless-stopped
ports:
- "9876:9876"
command: sh mqnamesrv
networks:
rocketmq_net:
rocketmq_broker:
image: apacherocketmq/rocketmq:4.6.0
container_name: rmqbroker
environment:
JAVA_OPT_EXT: "-Xms256m -Xmx256m -Xmn128m"
restart: unless-stopped
ports:
- "10909:10909"
- "10911:10911"
- "10912:10912"
depends_on:
- rocketmq_namesrv
command: sh mqbroker -n rocketmq_namesrv:9876 -c ../conf/broker.conf
networks:
rocketmq_net:
# Open Policy Agent
opa:
image: openpolicyagent/opa:0.35.0
restart: unless-stopped
ports:
- 8181:8181
command: run -s /example.rego /echo.rego /data.json /with_route.rego
volumes:
- type: bind
source: ./ci/pod/opa/with_route.rego
target: /with_route.rego
- type: bind
source: ./ci/pod/opa/example.rego
target: /example.rego
- type: bind
source: ./ci/pod/opa/echo.rego
target: /echo.rego
- type: bind
source: ./ci/pod/opa/data.json
target: /data.json
networks:
opa_net:
# Elasticsearch Logger Service
elasticsearch-noauth:
image: docker.elastic.co/elasticsearch/elasticsearch:8.12.0
restart: unless-stopped
ports:
- "9200:9200"
- "9300:9300"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
discovery.type: single-node
xpack.security.enabled: 'false'
elasticsearch-auth:
image: docker.elastic.co/elasticsearch/elasticsearch:8.12.0
restart: unless-stopped
ports:
- "9201:9201"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
discovery.type: single-node
ELASTIC_USERNAME: elastic
ELASTIC_PASSWORD: 123456
http.port: 9201
xpack.security.enabled: 'true'
elasticsearch-auth-2:
image: docker.elastic.co/elasticsearch/elasticsearch:9.0.2
restart: unless-stopped
ports:
- "9301:9201"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
discovery.type: single-node
ELASTIC_USERNAME: elastic
ELASTIC_PASSWORD: 123456
http.port: 9201
xpack.security.enabled: 'true'
elasticsearch-auth-3:
image: docker.elastic.co/elasticsearch/elasticsearch:7.0.0
restart: unless-stopped
ports:
- "9401:9201"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
discovery.type: single-node
ELASTIC_USERNAME: elastic
ELASTIC_PASSWORD: 123456
http.port: 9201
xpack.security.enabled: 'true'
elasticsearch-auth-4:
image: docker.elastic.co/elasticsearch/elasticsearch:6.7.0
restart: unless-stopped
ports:
- "9501:9201"
environment:
ES_JAVA_OPTS: -Xms512m -Xmx512m
discovery.type: single-node
ELASTIC_USERNAME: elastic
ELASTIC_PASSWORD: 123456
http.port: 9201
xpack.security.enabled: 'true'
# The function services of OpenFunction
test-header:
image: test-header-image:latest
restart: unless-stopped
ports:
- "30583:8080"
environment:
CONTEXT_MODE: "self-host"
FUNC_CONTEXT: "{\"name\":\"HelloWorld\",\"version\":\"v1.0.0\",\"port\":\"8080\",\"runtime\":\"Knative\"}"
test-uri:
image: test-uri-image:latest
restart: unless-stopped
ports:
- "30584:8080"
environment:
CONTEXT_MODE: "self-host"
FUNC_CONTEXT: "{\"name\":\"HelloWorld\",\"version\":\"v1.0.0\",\"port\":\"8080\",\"runtime\":\"Knative\"}"
test-body:
image: test-body-image:latest
restart: unless-stopped
ports:
- "30585:8080"
environment:
CONTEXT_MODE: "self-host"
FUNC_CONTEXT: "{\"name\":\"HelloWorld\",\"version\":\"v1.0.0\",\"port\":\"8080\",\"runtime\":\"Knative\"}"
## RedisCluster Enable TLS
redis-node-0:
image: docker.io/bitnamilegacy/redis-cluster:7.0
volumes:
- ./t/certs:/certs
environment:
- 'ALLOW_EMPTY_PASSWORD=yes'
- 'REDIS_NODES=redis-node-0 redis-node-1 redis-node-2'
- 'REDIS_TLS_ENABLED=yes'
- 'REDIS_TLS_CERT_FILE=/certs/mtls_server.crt'
- 'REDIS_TLS_KEY_FILE=/certs/mtls_server.key'
- 'REDIS_TLS_CA_FILE=/certs/mtls_ca.crt'
- 'REDIS_TLS_AUTH_CLIENTS=no'
ports:
- '7000:6379'
redis-node-1:
image: docker.io/bitnamilegacy/redis-cluster:7.0
volumes:
- ./t/certs:/certs
environment:
- 'ALLOW_EMPTY_PASSWORD=yes'
- 'REDIS_NODES=redis-node-0 redis-node-1 redis-node-2'
- 'REDIS_TLS_ENABLED=yes'
- 'REDIS_TLS_CERT_FILE=/certs/mtls_server.crt'
- 'REDIS_TLS_KEY_FILE=/certs/mtls_server.key'
- 'REDIS_TLS_CA_FILE=/certs/mtls_ca.crt'
- 'REDIS_TLS_AUTH_CLIENTS=no'
ports:
- '7001:6379'
redis-node-2:
image: docker.io/bitnamilegacy/redis-cluster:7.0
volumes:
- ./t/certs:/certs
depends_on:
- redis-node-0
- redis-node-1
environment:
- 'ALLOW_EMPTY_PASSWORD=yes'
- 'REDIS_CLUSTER_REPLICAS=0'
- 'REDIS_NODES=redis-node-0 redis-node-1 redis-node-2'
- 'REDIS_CLUSTER_CREATOR=yes'
- 'REDIS_TLS_ENABLED=yes'
- 'REDIS_TLS_CERT_FILE=/certs/mtls_server.crt'
- 'REDIS_TLS_KEY_FILE=/certs/mtls_server.key'
- 'REDIS_TLS_CA_FILE=/certs/mtls_ca.crt'
- 'REDIS_TLS_AUTH_CLIENTS=no'
ports:
- '7002:6379'
graphql-demo:
# the owner doesn't provide a semver tag
image: npalm/graphql-java-demo:latest
environment:
_JAVA_OPTIONS: "-Xms128m -Xmx256m"
ports:
- '8888:8080'
vector:
image: timberio/vector:0.29.1-debian
container_name: vector
volumes:
- ./ci/pod/vector:/etc/vector/
- ./t/certs:/certs
ports:
- '3000:3000' #tcp logger
- '8127:8127/udp'
- '43000:43000'
- '5140:5140'
- "18088:18088" # For splunk logging tests
- '5150:5150/udp'
- "3001:3001" #http logger
networks:
vector_net:
clickhouse:
image: clickhouse/clickhouse-server:23.4.2-alpine
container_name: clickhouse
ports:
- '8123:8123'
networks:
clickhouse_net:
clickhouse2:
image: clickhouse/clickhouse-server:23.4.2-alpine
container_name: clickhouse2
ports:
- '8124:8123'
networks:
clickhouse_net:
otel-collector:
image: otel/opentelemetry-collector-contrib
volumes:
- ./ci/pod/otelcol-contrib:/etc/otelcol-contrib:rw
ports:
- '4318:4318'
networks:
apisix_net:
kafka_net:
kafka_net_2:
skywalk_net:
rocketmq_net:
opa_net:
vector_net:
clickhouse_net:
loki_net: