Code Review / oam.git / blob
? search:


1dbef2e873eba735230d4aa7a3c4e11569c5b346
[oam.git] / solution / integration / smo / common / docker-compose.yml
1 ################################################################################
2 # Copyright 2022 highstreet technologies GmbH
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #     http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 #
16 version: '3.8'
17 services:
18
19   identity:
20     image: ${IDENTITY_IMAGE}
21     container_name: identity
22     ports:
23       - ${IDENTITY_PORT_HTTPS}:${IDENTITY_PORT_HTTPS}
24     environment:
25       - KEYCLOAK_HTTPS_PORT=${IDENTITY_PORT_HTTPS}
26       - KEYCLOAK_CREATE_ADMIN_USER=true
27       - KEYCLOAK_ADMIN_USER=${ADMIN_USERNAME}
28       - KEYCLOAK_ADMIN_PASSWORD=${ADMIN_PASSWORD}
29       - KEYCLOAK_MANAGEMENT_USER=${IDENTITY_MGMT_USERNAME}
30       - KEYCLOAK_MANAGEMENT_PASSWORD=${IDENTITY_MGMT_PASSWORD}
31       - KEYCLOAK_DATABASE_HOST=identitydb
32       - KEYCLOAK_DATABASE_NAME=keycloak
33       - KEYCLOAK_DATABASE_USER=keycloak
34       - KEYCLOAK_DATABASE_PASSWORD=keycloak
35       - KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=30000
36       - KEYCLOAK_PRODUCTION=false
37       - KEYCLOAK_ENABLE_TLS=true
38       - KEYCLOAK_TLS_KEYSTORE_FILE=/opt/bitnami/keycloak/certs/keystore.jks
39       - KEYCLOAK_TLS_TRUSTSTORE_FILE=/opt/bitnami/keycloak/certs/truststore.jks
40       - KEYCLOAK_TLS_KEYSTORE_PASSWORD=password
41       - KEYCLOAK_TLS_TRUSTSTORE_PASSWORD=changeit
42       # - JAVA_OPTS=-Djboss.http.port=${IDENTITY_PORT}
43  #     - JAVA_OPTS=-Djboss.bind.address.private=[::1] -Djboss.bind.address=[::1] -Djava.net.preferIPv6Addresses=true -Djava.net.preferIPv4Stack=false
44     volumes:
45       - /etc/localtime:/etc/localtime:ro
46       - ./identity/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml
47       - ./identity/keystore.jks:/opt/bitnami/keycloak/certs/keystore.jks
48       - ./identity/truststoreONAPall.jks:/opt/bitnami/keycloak/certs/truststore.jks
49     depends_on:
50       - identitydb
51     networks:
52       - dmz
53
54   identitydb:
55     image: docker.io/bitnami/postgresql:13
56     container_name: identitydb
57     environment:
58       - ALLOW_EMPTY_PASSWORD=no
59       - POSTGRESQL_USERNAME=keycloak
60       - POSTGRESQL_DATABASE=keycloak
61       - POSTGRESQL_PASSWORD=keycloak
62     networks:
63       - dmz
64
65
66   persistence:
67     image: ${PERSISTENCE_IMAGE}
68     container_name: persistence
69     environment:
70       - discovery.type=single-node
71
72   zookeeper:
73     image: ${ZOOKEEPER_IMAGE}
74     container_name: zookeeper
75     ports:
76       - 2181:2181
77     environment:
78       ZOOKEEPER_REPLICAS: 1
79       ZOOKEEPER_TICK_TIME: 2000
80       ZOOKEEPER_SYNC_LIMIT: 5
81       ZOOKEEPER_INIT_LIMIT: 10
82       ZOOKEEPER_MAX_CLIENT_CNXNS: 200
83       ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
84       ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
85       ZOOKEEPER_CLIENT_PORT: 2181
86       KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
87       ZOOKEEPER_SERVER_ID:
88     volumes:
89       -  ./zookeeper/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
90
91   kafka:
92     image: ${KAFKA_IMAGE}
93     container_name: kafka
94     ports:
95      - 9092:9092
96     environment:
97       enableCadi: 'false'
98       KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
99       KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 40000
100       KAFKA_ZOOKEEPER_SESSION_TIMEOUT_MS: 40000
101       KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
102       KAFKA_ADVERTISED_LISTENERS: INTERNAL_PLAINTEXT://kafka:9092
103       KAFKA_LISTENERS: INTERNAL_PLAINTEXT://0.0.0.0:9092
104       KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL_PLAINTEXT
105       KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE: 'false'
106       KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
107       KAFKA_ZOOKEEPER_SET_ACL: 'true'
108       KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
109       # Reduced the number of partitions only to avoid the timeout error for the first subscribe call in slow environment
110       KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
111     volumes:
112       -  ./kafka/zk_client_jaas.conf:/etc/kafka/secrets/jaas/zk_client_jaas.conf
113     depends_on:
114      - zookeeper
115
116   dmaap:
117     container_name: onap-dmaap
118     image: ${DMAAP_IMAGE}
119     ports:
120       - 3904:3904
121       - 3905:3905
122     environment:
123       enableCadi: 'false'
124     volumes:
125       - ./dmaap/MsgRtrApi.properties:/appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
126       - ./dmaap/logback.xml:/appl/dmaapMR1/bundleconfig/etc/logback.xml
127       - ./dmaap/cadi.properties:/appl/dmaapMR1/etc/cadi.properties
128     depends_on:
129       - zookeeper
130       - kafka
131
132   o-ran-sc-topology-service:
133     image: "${O_RAN_SC_TOPOLOGY_IMAGE}"
134     container_name: o-ran-sc-topology-service
135     hostname: o-ran-sc-topology-service
136     ports:
137       - 18181:8181
138     volumes:
139         - ./o-ran-sc-topology-service/tapi-common-operational.json:/opt/dev/deploy/data/tapi-common-operational.json
140         - ./o-ran-sc-topology-service/tapi-common-running.json:/opt/dev/deploy/data/tapi-common-running.json
141
142   wireshark:
143     image: "${WIRESHARK_IMAGE}"
144     container_name: wireshark
145     cap_add:
146       - NET_ADMIN
147     network_mode: host
148     environment:
149       - PUID=1000
150       - PGID=1000
151       - TZ=Europe/London
152     volumes:
153       - ./wireshark:/config
154     # no port mappbecause of network mode host.
155     # ports:
156     #   - 3000:3000
157     restart: unless-stopped
158 networks:
159   dmz:
160     driver: bridge
161     name: dmz
162     enable_ipv6: false
163   default:
164     driver: bridge
165     name: smo
166     enable_ipv6: true
167     ipam:
168       driver: default
169       config:
170       - subnet:  ${NETWORK_SUBNET_SMO}
171         gateway: ${NETWORK_GATEWAY_SMO}
Repository for Operation and Maintenance (O1 interface, OpenFronthaul Management plane) related code artifacts, which are not already part of ONAP.