Tinkerbell.Sandbox/deploy/docker-compose.yml
Gianluca Arbezzano 0c4f4d6f59 Single place for all the tink stack version
Tinkerbell is made of different components as we all know at this point.

Sandbox had those versions all over the places. This PR moves them as
part of the `envrc` file.

Signed-off-by: Gianluca Arbezzano <gianarb92@gmail.com>
2020-09-21 17:50:08 +02:00

156 lines
4.6 KiB
YAML

version: "2.1"
services:
tink-server:
image: ${TINKERBELL_TINK_SERVER_IMAGE}
restart: unless-stopped
environment:
FACILITY: ${FACILITY:-onprem}
PACKET_ENV: ${PACKET_ENV:-testing}
PACKET_VERSION: ${PACKET_VERSION:-ignored}
ROLLBAR_TOKEN: ${ROLLBAR_TOKEN:-ignored}
ROLLBAR_DISABLE: ${ROLLBAR_DISABLE:-1}
PGDATABASE: tinkerbell
PGHOST: db
PGPASSWORD: tinkerbell
PGPORT: 5432
PGSSLMODE: disable
PGUSER: tinkerbell
TINKERBELL_GRPC_AUTHORITY: :42113
TINKERBELL_HTTP_AUTHORITY: :42114
TINK_AUTH_USERNAME: ${TINKERBELL_TINK_USERNAME}
TINK_AUTH_PASSWORD: ${TINKERBELL_TINK_PASSWORD}
depends_on:
db:
condition: service_healthy
healthcheck:
test: ["CMD-SHELL", "wget -qO- 127.0.0.1:42114/cert"] # port needs to match TINKERBELL_HTTP_AUTHORITY
interval: 5s
timeout: 2s
retries: 30
volumes:
- ./state/certs:/certs/${FACILITY:-onprem}
ports:
- 42113:42113/tcp
- 42114:42114/tcp
db:
image: postgres:10-alpine
restart: unless-stopped
environment:
POSTGRES_DB: tinkerbell
POSTGRES_PASSWORD: tinkerbell
POSTGRES_USER: tinkerbell
volumes:
- ./db/tinkerbell-init.sql:/docker-entrypoint-initdb.d/tinkerbell-init.sql:ro
- postgres_data:/var/lib/postgresql/data:rw
ports:
- 5432:5432
healthcheck:
test: ["CMD-SHELL", "pg_isready -U tinkerbell"]
interval: 1s
timeout: 1s
retries: 30
tink-cli:
image: ${TINKERBELL_TINK_CLI_IMAGE}
restart: unless-stopped
environment:
TINKERBELL_GRPC_AUTHORITY: 127.0.0.1:42113
TINKERBELL_CERT_URL: http://127.0.0.1:42114/cert
depends_on:
tink-server:
condition: service_healthy
db:
condition: service_healthy
network_mode: host
registry:
build:
context: registry
args:
REGISTRY_USERNAME: $TINKERBELL_REGISTRY_USERNAME
REGISTRY_PASSWORD: $TINKERBELL_REGISTRY_PASSWORD
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "curl --cacert /certs/ca.pem https://127.0.0.1"]
interval: 5s
timeout: 1s
retries: 5
environment:
REGISTRY_HTTP_ADDR: 0.0.0.0:443
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/server.pem
REGISTRY_HTTP_TLS_KEY: /certs/server-key.pem
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: "Registry Realm"
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
volumes:
- ./state/certs:/certs
- ./state/registry:/var/lib/registry
network_mode: host
boots:
image: ${TINKERBELL_TINK_BOOTS_IMAGE}
restart: unless-stopped
network_mode: host
command: -dhcp-addr 0.0.0.0:67 -tftp-addr $TINKERBELL_HOST_IP:69 -http-addr $TINKERBELL_HOST_IP:80 -log-level DEBUG
environment:
API_AUTH_TOKEN: ${PACKET_API_AUTH_TOKEN:-ignored}
API_CONSUMER_TOKEN: ${PACKET_CONSUMER_TOKEN:-ignored}
FACILITY_CODE: ${FACILITY:-onprem}
PACKET_ENV: ${PACKET_ENV:-testing}
PACKET_VERSION: ${PACKET_VERSION:-ignored}
ROLLBAR_TOKEN: ${ROLLBAR_TOKEN:-ignored}
ROLLBAR_DISABLE: ${ROLLBAR_DISABLE:-1}
MIRROR_HOST: ${TINKERBELL_NGINX_IP:-127.0.0.1}
DNS_SERVERS: 8.8.8.8
PUBLIC_IP: $TINKERBELL_HOST_IP
BOOTP_BIND: $TINKERBELL_HOST_IP:67
HTTP_BIND: $TINKERBELL_HOST_IP:80
SYSLOG_BIND: $TINKERBELL_HOST_IP:514
TFTP_BIND: $TINKERBELL_HOST_IP:69
DOCKER_REGISTRY: $TINKERBELL_HOST_IP
REGISTRY_USERNAME: $TINKERBELL_REGISTRY_USERNAME
REGISTRY_PASSWORD: $TINKERBELL_REGISTRY_PASSWORD
TINKERBELL_GRPC_AUTHORITY: $TINKERBELL_HOST_IP:42113
TINKERBELL_CERT_URL: http://$TINKERBELL_HOST_IP:42114/cert
ELASTIC_SEARCH_URL: $TINKERBELL_HOST_IP:9200
DATA_MODEL_VERSION: 1
depends_on:
db:
condition: service_healthy
ports:
- $TINKERBELL_HOST_IP:80:80/tcp
- 67:67/udp
- 69:69/udp
nginx:
image: nginx:alpine
restart: unless-stopped
tty: true
ports:
- $TINKERBELL_NGINX_IP:80:80/tcp
volumes:
- ./state/webroot:/usr/share/nginx/html/
hegel:
image: ${TINKERBELL_TINK_HEGEL_IMAGE}
restart: unless-stopped
network_mode: host
environment:
ROLLBAR_TOKEN: ${ROLLBAR_TOKEN-ignored}
ROLLBAR_DISABLE: 1
PACKET_ENV: testing
PACKET_VERSION: ${PACKET_VERSION:-ignored}
GRPC_PORT: 42115
HEGEL_FACILITY: ${FACILITY:-onprem}
HEGEL_USE_TLS: 0
TINKERBELL_GRPC_AUTHORITY: 127.0.0.1:42113
TINKERBELL_CERT_URL: http://127.0.0.1:42114/cert
DATA_MODEL_VERSION: 1
depends_on:
db:
condition: service_healthy
volumes:
postgres_data: