-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathdocker-compose.yml
216 lines (204 loc) · 7.18 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
# WARNING: Do not deploy this tutorial configuration directly to a production environment
#
# The tutorial docker-compose files have not been written for production deployment and will not
# scale. A proper architecture has been sacrificed to keep the narrative focused on the learning
# goals, they are just used to deploy everything onto a single Docker machine. All FIWARE components
# are running at full debug and extra ports have been exposed to allow for direct calls to services.
# They also contain various obvious security flaws - passwords in plain text, no load balancing,
# no use of HTTPS and so on.
#
# This is all to avoid the need of multiple machines, generating certificates, encrypting secrets
# and so on, purely so that a single docker-compose file can be read as an example to build on,
# not use directly.
#
# When deploying to a production environment, please refer to the Helm Repository
# for FIWARE Components in order to scale up to a proper architecture:
#
# see: https://github.com/FIWARE/helm-charts/
#
services:
# Orion is an NGSI-v2 context broker
orion-v2:
labels:
org.fiware: 'tutorial'
image: quay.io/fiware/orion:${ORION_VERSION}
hostname: orion
container_name: fiware-orion
depends_on:
- mongo-db
networks:
- default
expose:
- "${ORION_PORT}"
ports:
- "${ORION_PORT}:${ORION_PORT}" # localhost:1026
command: -dbURI mongodb://mongo-db -logLevel DEBUG
healthcheck:
test: curl --fail -s http://orion:${ORION_PORT}/version || exit 1
interval: 5s
# IoT-Agent is configured for the UltraLight Protocol
iot-agent:
labels:
org.fiware: 'tutorial'
image: quay.io/fiware/iotagent-ul:${ULTRALIGHT_VERSION}
hostname: iot-agent
container_name: fiware-iot-agent
depends_on:
- mongo-db
- orion-v2
networks:
- default
ports:
- "${IOTA_NORTH_PORT}:${IOTA_NORTH_PORT}" # localhost:4041
- "${IOTA_SOUTH_PORT}:${IOTA_SOUTH_PORT}" # localhost:7896
environment:
- IOTA_CB_HOST=orion # name of the context broker to update context
- IOTA_CB_PORT=${ORION_PORT} # port the context broker listens on to update context
- IOTA_NORTH_PORT=${IOTA_NORTH_PORT}
- IOTA_REGISTRY_TYPE=mongodb #Whether to hold IoT device info in memory or in a database
- IOTA_LOG_LEVEL=DEBUG # The log level of the IoT Agent
- IOTA_TIMESTAMP=true # Supply timestamp information with each measurement
- IOTA_CB_NGSI_VERSION=v2 # use NGSIv2 when sending updates for active attributes
- IOTA_AUTOCAST=true # Ensure Ultralight number values are read as numbers not strings
- IOTA_MONGO_HOST=mongo-db # The host name of MongoDB
- IOTA_MONGO_PORT=${MONGO_DB_PORT} # The port mongoDB is listening on
- IOTA_MONGO_DB=iotagentul # The name of the database used in mongoDB
- IOTA_HTTP_PORT=${IOTA_SOUTH_PORT} # The port used for device traffic over HTTP
- IOTA_PROVIDER_URL=http://iot-agent:${IOTA_NORTH_PORT}
healthcheck:
interval: 5s
# Keyrock is an Identity Management Front-End
keyrock:
labels:
org.fiware: 'tutorial'
image: quay.io/fiware/idm:${KEYROCK_VERSION}
container_name: fiware-keyrock
hostname: keyrock
networks:
default:
ipv4_address: 172.18.1.5
depends_on:
- mysql-db
ports:
- "${KEYROCK_PORT}:${KEYROCK_PORT}" # localhost:3005
- "${KEYROCK_HTTPS_PORT}:${KEYROCK_HTTPS_PORT}" # localhost:3443
environment:
- DEBUG=idm:*
- IDM_DB_HOST=mysql-db
- IDM_DB_PASS_FILE=/run/secrets/my_secret_data
- IDM_DB_USER=root
- IDM_HOST=http://localhost:${KEYROCK_PORT}
- IDM_PORT=${KEYROCK_PORT}
- IDM_HTTPS_ENABLED=${IDM_HTTPS_ENABLED}
- IDM_HTTPS_PORT=${KEYROCK_HTTPS_PORT}
- IDM_ADMIN_USER=alice
- IDM_ADMIN_EMAIL=alice-the-admin@test.com
- IDM_ADMIN_PASS=test
- IDM_CSP_FORM_ACTION=*
secrets:
- my_secret_data
healthcheck:
interval: 5s
# Tutorial acts as a series of dummy IoT Sensors over HTTP
tutorial:
labels:
org.fiware: 'tutorial'
image: quay.io/fiware/tutorials.context-provider
hostname: iot-sensors
container_name: fiware-tutorial
depends_on:
orion-v2:
condition: service_started
iot-agent:
condition: service_started
keyrock:
condition: service_started
networks:
default:
ipv4_address: 172.18.1.7
aliases:
- tutorial
- context-provider
expose:
- "${TUTORIAL_APP_PORT}"
- "${TUTORIAL_DUMMY_DEVICE_PORT}"
ports:
- "${TUTORIAL_APP_PORT}:${TUTORIAL_APP_PORT}" # localhost:3000
- "${TUTORIAL_DUMMY_DEVICE_PORT}:${TUTORIAL_DUMMY_DEVICE_PORT}" # localhost:3001
environment:
- "MONGO_URL=mongodb://mongo-db:27017"
- "DEBUG=tutorial:*"
- "WEB_APP_PORT=${TUTORIAL_APP_PORT}" # Port used by the content provider proxy and web-app for viewing data
- "IOTA_HTTP_HOST=iot-agent"
- "IOTA_HTTP_PORT=${IOTA_SOUTH_PORT}"
- "IOTA_DEFAULT_RESOURCE=/iot/d"
- "DUMMY_DEVICES_PORT=${TUTORIAL_DUMMY_DEVICE_PORT}" # Port used by the dummy IOT devices to receive commands
- "DUMMY_DEVICES_TRANSPORT=HTTP" # Default transport used by dummy Io devices
- "CONTEXT_BROKER=http://orion:${ORION_PORT}/v2" # URL of the context broker to update context
- "OPENWEATHERMAP_KEY_ID=<ADD_YOUR_KEY_ID>"
- "TWITTER_CONSUMER_KEY=<ADD_YOUR_CONSUMER_KEY>"
- "TWITTER_CONSUMER_SECRET=<ADD_YOUR_CONSUMER_SECRET>"
- "NGSI_LD_PREFIX="
- "SECURE_ENDPOINTS=true"
- "KEYROCK_URL=http://localhost"
- "KEYROCK_IP_ADDRESS=http://172.18.1.5"
- "KEYROCK_PORT=${KEYROCK_PORT}"
- "KEYROCK_CLIENT_ID=tutorial-dckr-site-0000-xpresswebapp"
- "KEYROCK_CLIENT_SECRET=tutorial-dckr-site-0000-clientsecret"
- "CALLBACK_URL=http://localhost:${TUTORIAL_APP_PORT}/login"
# Databases
mongo-db:
labels:
org.fiware: 'tutorial'
image: mongo:${MONGO_DB_VERSION}
hostname: mongo-db
container_name: db-mongo
expose:
- "${MONGO_DB_PORT}"
ports:
- "${MONGO_DB_PORT}:${MONGO_DB_PORT}" # localhost:27017
networks:
- default
volumes:
- mongo-db:/data
healthcheck:
test: ["CMD","mongosh", "localhost:27017/test", "--quiet"]
interval: 5s
timeout: 5s
retries: 3
start_period: 5s
mysql-db:
restart: always
labels:
org.fiware: 'tutorial'
image: mysql:${MYSQL_DB_VERSION}
hostname: mysql-db
container_name: db-mysql
expose:
- "${MYSQL_DB_PORT}"
ports:
- "${MYSQL_DB_PORT}:${MYSQL_DB_PORT}" # localhost:3306
networks:
default:
ipv4_address: 172.18.1.6
environment:
- "MYSQL_ROOT_PASSWORD_FILE=/run/secrets/my_secret_data"
- "MYSQL_ROOT_HOST=172.18.1.5" # Allow Keyrock to access this database
volumes:
- mysql-db:/var/lib/mysql
- ./mysql-data:/docker-entrypoint-initdb.d/:ro # Preload Keyrock Users
secrets:
- my_secret_data
networks:
default:
labels:
org.fiware: 'tutorial'
ipam:
config:
- subnet: 172.18.1.0/24
volumes:
mysql-db: ~
mongo-db: ~
secrets:
my_secret_data:
file: ./secrets.txt