1 ################################################################################
2 # Copyright 2022 highstreet technologies GmbH
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
20 image: ${IDENTITY_IMAGE}
21 container_name: identity
23 - ${IDENTITY_PORT_HTTPS}:${IDENTITY_PORT_HTTPS}
25 - KEYCLOAK_HTTPS_PORT=${IDENTITY_PORT_HTTPS}
26 - KEYCLOAK_CREATE_ADMIN_USER=true
27 - KEYCLOAK_ADMIN_USER=${ADMIN_USERNAME}
28 - KEYCLOAK_ADMIN_PASSWORD=${ADMIN_PASSWORD}
29 - KEYCLOAK_MANAGEMENT_USER=${IDENTITY_MGMT_USERNAME}
30 - KEYCLOAK_MANAGEMENT_PASSWORD=${IDENTITY_MGMT_PASSWORD}
31 - KEYCLOAK_DATABASE_HOST=identitydb
32 - KEYCLOAK_DATABASE_NAME=keycloak
33 - KEYCLOAK_DATABASE_USER=keycloak
34 - KEYCLOAK_DATABASE_PASSWORD=keycloak
35 - KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=30000
36 - KEYCLOAK_PRODUCTION=false
37 - KEYCLOAK_ENABLE_TLS=true
38 - KEYCLOAK_TLS_KEYSTORE_FILE=/opt/bitnami/keycloak/certs/keystore.jks
39 - KEYCLOAK_TLS_TRUSTSTORE_FILE=/opt/bitnami/keycloak/certs/truststore.jks
40 - KEYCLOAK_TLS_KEYSTORE_PASSWORD=password
41 - KEYCLOAK_TLS_TRUSTSTORE_PASSWORD=changeit
42 # - JAVA_OPTS=-Djboss.http.port=${IDENTITY_PORT}
43 # - JAVA_OPTS=-Djboss.bind.address.private=[::1] -Djboss.bind.address=[::1] -Djava.net.preferIPv6Addresses=true -Djava.net.preferIPv4Stack=false
45 - /etc/localtime:/etc/localtime:ro
46 - ./identity/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml
47 - ./identity/keystore.jks:/opt/bitnami/keycloak/certs/keystore.jks
48 - ./identity/truststoreONAPall.jks:/opt/bitnami/keycloak/certs/truststore.jks
55 image: docker.io/bitnami/postgresql:13
56 container_name: identitydb
58 - ALLOW_EMPTY_PASSWORD=no
59 - POSTGRESQL_USERNAME=keycloak
60 - POSTGRESQL_DATABASE=keycloak
61 - POSTGRESQL_PASSWORD=keycloak
67 image: ${PERSISTENCE_IMAGE}
68 container_name: persistence
70 - discovery.type=single-node
73 image: ${ZOOKEEPER_IMAGE}
74 container_name: zookeeper
79 ZOOKEEPER_TICK_TIME: 2000
80 ZOOKEEPER_SYNC_LIMIT: 5
81 ZOOKEEPER_INIT_LIMIT: 10
82 ZOOKEEPER_MAX_CLIENT_CNXNS: 200
83 ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
84 ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
85 ZOOKEEPER_CLIENT_PORT: 2181
86 KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
89 - ./zookeeper/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
98 KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
99 KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 40000
100 KAFKA_ZOOKEEPER_SESSION_TIMEOUT_MS: 40000
101 KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
102 KAFKA_ADVERTISED_LISTENERS: INTERNAL_PLAINTEXT://kafka:9092
103 KAFKA_LISTENERS: INTERNAL_PLAINTEXT://0.0.0.0:9092
104 KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL_PLAINTEXT
105 KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE: 'false'
106 KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
107 KAFKA_ZOOKEEPER_SET_ACL: 'true'
108 KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
109 # Reduced the number of partitions only to avoid the timeout error for the first subscribe call in slow environment
110 KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
112 - ./kafka/zk_client_jaas.conf:/etc/kafka/secrets/jaas/zk_client_jaas.conf
117 container_name: onap-dmaap
118 image: ${DMAAP_IMAGE}
125 - ./dmaap/MsgRtrApi.properties:/appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
126 - ./dmaap/logback.xml:/appl/dmaapMR1/bundleconfig/etc/logback.xml
127 - ./dmaap/cadi.properties:/appl/dmaapMR1/etc/cadi.properties
132 o-ran-sc-topology-service:
133 image: "${O_RAN_SC_TOPOLOGY_IMAGE}"
134 container_name: o-ran-sc-topology-service
135 hostname: o-ran-sc-topology-service
139 - ./o-ran-sc-topology-service/tapi-common-operational.json:/opt/dev/deploy/data/tapi-common-operational.json
140 - ./o-ran-sc-topology-service/tapi-common-running.json:/opt/dev/deploy/data/tapi-common-running.json
143 image: "${WIRESHARK_IMAGE}"
144 container_name: wireshark
153 - ./wireshark:/config
154 # no port mappbecause of network mode host.
157 restart: unless-stopped
170 - subnet: ${NETWORK_SUBNET_SMO}
171 gateway: ${NETWORK_GATEWAY_SMO}