-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
338 lines (319 loc) · 8.92 KB
/
docker-compose.yml
File metadata and controls
338 lines (319 loc) · 8.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
services:
# PostgreSQL - Main database for Profile and Consent services
postgresql:
image: postgres:15-alpine
container_name: pcm-postgresql
environment:
POSTGRES_USER: pcm
POSTGRES_PASSWORD: pcm_dev_password
POSTGRES_DB: pcm
ports:
- "8843:5432"
volumes:
- postgresql_data:/var/lib/postgresql/data
- ./docker/init-databases.sql:/docker-entrypoint-initdb.d/init-databases.sql
healthcheck:
test: ["CMD-SHELL", "pg_isready -U pcm"]
interval: 10s
timeout: 5s
retries: 5
networks:
- pcm-network
# Redis - Caching layer
redis:
image: redis:7-alpine
container_name: pcm-redis
ports:
- "6779:6379"
command: redis-server --appendonly yes
volumes:
- redis_data:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
networks:
- pcm-network
# Zookeeper - Required for Kafka
zookeeper:
image: confluentinc/cp-zookeeper:7.5.3
container_name: pcm-zookeeper
environment:
ZOOKEEPER_CLIENT_PORT: 2181
ZOOKEEPER_TICK_TIME: 2000
ports:
- "2181:2181"
volumes:
- zookeeper_data:/var/lib/zookeeper/data
- zookeeper_logs:/var/lib/zookeeper/log
networks:
- pcm-network
# Kafka - Event streaming platform
kafka:
image: confluentinc/cp-kafka:7.5.3
container_name: pcm-kafka
depends_on:
- zookeeper
ports:
- "9092:9092"
- "9093:9093"
environment:
KAFKA_BROKER_ID: 1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:29092,PLAINTEXT_HOST://localhost:9092
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true"
volumes:
- kafka_data:/var/lib/kafka/data
healthcheck:
test: ["CMD", "kafka-broker-api-versions", "--bootstrap-server", "localhost:9092"]
interval: 10s
timeout: 10s
retries: 5
networks:
- pcm-network
# Schema Registry - Avro schema management
schema-registry:
image: confluentinc/cp-schema-registry:7.5.3
container_name: pcm-schema-registry
depends_on:
- kafka
ports:
- "8081:8081"
environment:
SCHEMA_REGISTRY_HOST_NAME: schema-registry
SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: kafka:29092
SCHEMA_REGISTRY_LISTENERS: http://0.0.0.0:8081
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8081/"]
interval: 10s
timeout: 5s
retries: 5
networks:
- pcm-network
# Elasticsearch - Search and analytics engine for Segment Service
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.11.3
container_name: pcm-elasticsearch
environment:
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.enabled=false
- xpack.security.enrollment.enabled=false
ports:
- "9200:9200"
- "9300:9300"
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost:9200/_cluster/health || exit 1"]
interval: 30s
timeout: 10s
retries: 5
networks:
- pcm-network
# Kibana - Visualization for Elasticsearch
kibana:
image: docker.elastic.co/kibana/kibana:8.11.3
container_name: pcm-kibana
ports:
- "5601:5601"
environment:
- ELASTICSEARCH_HOSTS=http://elasticsearch:9200
depends_on:
- elasticsearch
networks:
- pcm-network
# Logstash - Log aggregation and processing
logstash:
image: docker.elastic.co/logstash/logstash:8.11.3
container_name: pcm-logstash
ports:
- "5044:5044"
- "9600:9600"
volumes:
- ./docker/logstash.conf:/usr/share/logstash/pipeline/logstash.conf:ro
environment:
- "LS_JAVA_OPTS=-Xmx256m -Xms256m"
- ENVIRONMENT=development
depends_on:
- elasticsearch
healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost:9600/_node/stats || exit 1"]
interval: 30s
timeout: 10s
retries: 5
networks:
- pcm-network
# HashiCorp Vault - Secrets management and PII encryption
vault:
image: hashicorp/vault:1.15
container_name: pcm-vault
ports:
- "8200:8200"
environment:
VAULT_DEV_ROOT_TOKEN_ID: pcm-dev-root-token
VAULT_DEV_LISTEN_ADDRESS: 0.0.0.0:8200
VAULT_ADDR: http://0.0.0.0:8200
cap_add:
- IPC_LOCK
volumes:
- vault_data:/vault/data
- vault_logs:/vault/logs
command: server -dev -dev-root-token-id="pcm-dev-root-token" -dev-listen-address="0.0.0.0:8200"
healthcheck:
test: ["CMD", "vault", "status"]
interval: 10s
timeout: 5s
retries: 5
networks:
- pcm-network
# Kafka UI - Web interface for Kafka management
kafka-ui:
image: provectuslabs/kafka-ui:latest
container_name: pcm-kafka-ui
depends_on:
- kafka
- schema-registry
ports:
- "8095:8080"
environment:
KAFKA_CLUSTERS_0_NAME: pcm-local
KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: kafka:29092
KAFKA_CLUSTERS_0_SCHEMAREGISTRY: http://schema-registry:8081
networks:
- pcm-network
# pgAdmin - PostgreSQL management interface
pgadmin:
image: dpage/pgadmin4:latest
container_name: pcm-pgadmin
environment:
PGADMIN_DEFAULT_EMAIL: admin@pcm.dev
PGADMIN_DEFAULT_PASSWORD: admin
PGADMIN_CONFIG_SERVER_MODE: 'False'
ports:
- "5050:80"
volumes:
- pgadmin_data:/var/lib/pgadmin
networks:
- pcm-network
# Prometheus - Metrics collection
prometheus:
image: prom/prometheus:latest
container_name: pcm-prometheus
ports:
- "9090:9090"
volumes:
- ./docker/prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
networks:
- pcm-network
# Grafana - Metrics visualization
grafana:
image: grafana/grafana:latest
container_name: pcm-grafana
ports:
- "3000:3000"
environment:
GF_SECURITY_ADMIN_USER: admin
GF_SECURITY_ADMIN_PASSWORD: admin
GF_INSTALL_PLUGINS: grafana-piechart-panel
volumes:
- grafana_data:/var/lib/grafana
- ./docker/grafana/dashboards:/etc/grafana/provisioning/dashboards
- ./docker/grafana/datasources:/etc/grafana/provisioning/datasources
depends_on:
- prometheus
networks:
- pcm-network
# Jaeger - Distributed tracing
jaeger:
image: jaegertracing/all-in-one:latest
container_name: pcm-jaeger
ports:
- "16686:16686" # UI
- "4317:4317" # OTLP gRPC (internal collector)
- "4318:4318" # OTLP HTTP (internal collector)
- "9411:9411" # Zipkin (legacy)
networks:
- pcm-network
# OpenTelemetry Collector
otel-collector:
image: otel/opentelemetry-collector-contrib:latest
container_name: pcm-otel-collector
command: ["--config=/etc/otel-collector-config.yaml"]
volumes:
- ./docker/otel-collector-config.yaml:/etc/otel-collector-config.yaml
ports:
- "4317:4317" # OTLP gRPC
- "4318:4318" # OTLP HTTP
- "8888:8888" # Metrics
depends_on:
- jaeger
- prometheus
networks:
- pcm-network
# Keycloak - Identity and Access Management
keycloak:
image: quay.io/keycloak/keycloak:23.0.1
container_name: pcm-keycloak
command: start-dev --import-realm
environment:
KC_HOSTNAME: localhost
KC_HOSTNAME_PORT: 8090
KC_HOSTNAME_STRICT: "false"
KC_HTTP_PORT: 8080
KC_HTTP_RELATIVE_PATH: /auth
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
ports:
- "8090:8080"
volumes:
- ./docker/keycloak/pcm-realm.json:/opt/keycloak/data/import/pcm-realm.json
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/auth/health/live"]
interval: 10s
timeout: 5s
retries: 5
networks:
- pcm-network
# RabbitMQ - Alternative messaging broker for portability verification
rabbitmq:
image: rabbitmq:3-management-alpine
container_name: pcm-rabbitmq
ports:
- "5672:5672" # AMQP
- "15672:15672" # Management UI
environment:
RABBITMQ_DEFAULT_USER: guest
RABBITMQ_DEFAULT_PASS: guest
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "check_running"]
interval: 10s
timeout: 5s
retries: 5
networks:
- pcm-network
volumes:
postgresql_data:
redis_data:
zookeeper_data:
zookeeper_logs:
kafka_data:
elasticsearch_data:
vault_data:
vault_logs:
pgadmin_data:
prometheus_data:
grafana_data:
networks:
pcm-network:
driver: bridge