From c79dde13fe36179d4f6bd0e63f733ed4d504fc54 Mon Sep 17 00:00:00 2001 From: Cherry Wang Date: Thu, 3 Oct 2024 11:48:51 +0800 Subject: [PATCH] fix: Generate new TAF compose files with postgres for support-cron-scheduler test Signed-off-by: Cherry Wang --- compose-builder/Makefile | 68 +- .../add-delayed-start-services.yml | 8 +- compose-builder/add-security-zero-trust.yml | 2 +- .../add-service-secure-template.yml | 2 +- .../add-taf-app-services-secure.yml | 4 +- docker-compose-arm64.yml | 4 +- docker-compose-with-app-sample-arm64.yml | 4 +- docker-compose-with-app-sample.yml | 4 +- docker-compose-zero-trust-arm64.yml | 4 +- docker-compose-zero-trust.yml | 4 +- docker-compose.yml | 4 +- taf/docker-compose-taf-arm64.yml | 4 +- taf/docker-compose-taf-keeper-arm64.yml | 4 +- taf/docker-compose-taf-keeper.yml | 4 +- taf/docker-compose-taf-mqtt-bus-arm64.yml | 4 +- ...cker-compose-taf-mqtt-bus-keeper-arm64.yml | 16 +- ...ose-taf-mqtt-bus-keeper-postgres-arm64.yml | 2455 +++++++++++++++++ ...r-compose-taf-mqtt-bus-keeper-postgres.yml | 2455 +++++++++++++++++ taf/docker-compose-taf-mqtt-bus-keeper.yml | 16 +- taf/docker-compose-taf-mqtt-bus.yml | 4 +- ...ose-taf-no-secty-mqtt-bus-keeper-arm64.yml | 10 +- ...o-secty-mqtt-bus-keeper-postgres-arm64.yml | 1025 +++++++ ...-taf-no-secty-mqtt-bus-keeper-postgres.yml | 1025 +++++++ ...r-compose-taf-no-secty-mqtt-bus-keeper.yml | 10 +- taf/docker-compose-taf-perf-arm64.yml | 4 +- taf/docker-compose-taf-perf.yml | 4 +- taf/docker-compose-taf.yml | 4 +- 27 files changed, 7076 insertions(+), 76 deletions(-) create mode 100644 taf/docker-compose-taf-mqtt-bus-keeper-postgres-arm64.yml create mode 100644 taf/docker-compose-taf-mqtt-bus-keeper-postgres.yml create mode 100644 taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres-arm64.yml create mode 100644 taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres.yml diff --git a/compose-builder/Makefile b/compose-builder/Makefile index 12c3fca0..a7a97224 100644 --- a/compose-builder/Makefile +++ b/compose-builder/Makefile @@ -44,8 +44,7 @@ export USERID:=$(shell id -u) export DOCKER_SOCKET_PATH=/var/run/docker.sock # Get total system memory in megabytes for vault config -#export TOTAL_SYSTEM_MEMORY:=$(shell grep MemTotal /proc/meminfo | awk '{print $$2}')m -export TOTAL_SYSTEM_MEMORY:=327352832m +export TOTAL_SYSTEM_MEMORY:=$(shell grep MemTotal /proc/meminfo | awk '{print $$2}')m BROKER_YAML=add-mqtt-broker-mosquitto.yml TAF_BROKER_YAML=add-taf-mqtt-broker-mosquitto.yml @@ -156,7 +155,7 @@ ifeq (keeper, $(filter keeper,$(ARGS))) export WRITABLE_INSECURESECRETS_DB_SECRETNAME= ifeq (no-secty, $(filter no-secty,$(ARGS))) export MESSAGEBUS_AUTHMODE=none - export MESSAGEBUS_SECRETNAME= + export MESSAGEBUS_SECRETNAME= export WRITABLE_INSECURESECRETS_DB_SECRETNAME=postgres export WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME=postgres export WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD=postgres @@ -891,6 +890,16 @@ endif # Build compose for TAF secure testing (ignore all other compose file options) ifeq (taf-secty, $(filter taf-secty,$(ARGS))) + + ifeq (postgres, $(filter postgres,$(ARGS))) + export COMMON_SEC_STAGE_GATE_FILE_NAME=common-sec-stage-gate-postgres.env + DATABASE:=-postgres + COMPOSE_FILES:=-f docker-compose-base-postgres.yml -f add-cron-scheduler.yml \ + -f add-security-postgres.yml -f add-secure-postgres.yml + else + COMPOSE_FILES:=-f docker-compose-base.yml -f add-security.yml + endif + TOKEN_LIST:=app-http-export,app-mqtt-export,app-functional-tests,app-scalability-test-mqtt-export,app-sample,device-modbus,app-external-mqtt-trigger,device-onvif-camera # Note that the services in this list should be separated by ';', but that causes issues with build scripts, so # have to list them individually. @@ -898,9 +907,7 @@ ifeq (taf-secty, $(filter taf-secty,$(ARGS))) KNOWN_SECRETS_LIST:=$(KNOWN_SECRETS_LIST),message-bus[app-rules-engine],message-bus[app-http-export],message-bus[app-mqtt-export],message-bus[app-external-mqtt-trigger],message-bus[app-scalability-test-mqtt-export],message-bus[app-sample],message-bus[device-modbus],message-bus[device-rest],message-bus[device-virtual],message-bus[device-onvif-camera] EXTRA_PROXY_ROUTE_LIST:=device-modbus.http://edgex-device-modbus:59901 - COMPOSE_FILES:= \ - -f docker-compose-base.yml \ - -f add-security.yml \ + COMPOSE_FILES:= $(COMPOSE_FILES) \ -f add-security-proxy.yml \ -f add-taf-app-services.yml \ -f add-taf-app-services-secure.yml \ @@ -922,6 +929,14 @@ ifeq (taf-secty, $(filter taf-secty,$(ARGS))) IS_SECURE_MODE:=1 IS_MQTT_BUS:=1 COMPOSE_FILES:=$(COMPOSE_FILES) -f add-mqtt-messagebus.yml -f add-secure-mqtt-messagebus.yml -f add-secure-mqtt-broker.yml + ifeq (keeper, $(filter keeper,$(ARGS))) + export MESSAGEBUS_AUTHMODE=usernamepassword + export MESSAGEBUS_SECRETNAME=message-bus + export MESSAGEBUS_HOST=edgex-mqtt-broker + export MESSAGEBUS_PORT=1883 + export MESSAGEBUS_PROTOCOL=tcp + export MESSAGEBUS_TYPE=mqtt + endif else COMPOSE_FILES:=$(COMPOSE_FILES) -f add-secure-redis-messagebus.yml IS_MQTT_BUS:=0 @@ -964,7 +979,6 @@ else ifeq (taf-no-secty, $(filter taf-no-secty,$(ARGS))) COMPOSE_FILES:= \ - -f docker-compose-base.yml \ -f add-taf-app-services.yml \ -f add-asc-http-export.yml \ -f add-asc-mqtt-export.yml \ @@ -973,18 +987,39 @@ else -f add-device-virtual.yml \ -f add-device-rest.yml \ -f add-device-modbus.yml \ - -f add-device-onvif-camera.yml \ + -f add-device-onvif-camera.yml \ -f add-taf-device-services-mods.yml \ -f ${BROKER_YAML} \ -f add-modbus-simulator.yml \ -f ${TAF_BROKER_YAML} - NO_SECURITY:=-no-secty + NO_SECURITY:=-no-secty - ifeq (mqtt-bus, $(filter mqtt-bus,$(ARGS))) - IS_SECURE_MODE:=0 - COMPOSE_FILES:=$(COMPOSE_FILES) -f add-mqtt-messagebus.yml - endif + ifeq (postgres, $(filter postgres,$(ARGS))) + export MESSAGEBUS_AUTHMODE=none + export MESSAGEBUS_SECRETNAME= + export WRITABLE_INSECURESECRETS_DB_SECRETNAME=postgres + export WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME=postgres + export WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD=postgres + DATABASE:=-postgres + COMPOSE_FILES:=$(COMPOSE_FILES) -f docker-compose-base-postgres.yml -f add-cron-scheduler.yml + else + COMPOSE_FILES:=$(COMPOSE_FILES) -f docker-compose-base.yml + endif + + ifeq (mqtt-bus, $(filter mqtt-bus,$(ARGS))) + IS_SECURE_MODE:=0 + COMPOSE_FILES:=$(COMPOSE_FILES) -f add-mqtt-messagebus.yml + + ifeq (keeper, $(filter keeper,$(ARGS))) + export MESSAGEBUS_AUTHMODE=none + export MESSAGEBUS_HOST=edgex-mqtt-broker + export MESSAGEBUS_PORT=1883 + export MESSAGEBUS_PROTOCOL=tcp + export MESSAGEBUS_SECRETNAME= + export MESSAGEBUS_TYPE=mqtt + endif + endif ifeq (keeper, $(filter keeper,$(ARGS))) COMPOSE_FILES:=$(COMPOSE_FILES) -f add-keeper.yml @@ -992,6 +1027,7 @@ else else COMPOSE_FILES:=$(COMPOSE_FILES) -f add-consul.yml -f add-keeper.yml endif + else # Build compose for TAF secure performance testing (ignore all other compose file options) ifeq (taf-perf, $(filter taf-perf,$(ARGS))) @@ -1157,6 +1193,10 @@ build-taf: make taf-compose taf-no-secty keeper mqtt-bus mqtt-verbose make taf-compose taf-secty keeper mqtt-bus mqtt-verbose arm64 make taf-compose taf-no-secty keeper mqtt-bus mqtt-verbose arm64 + make taf-compose taf-secty keeper mqtt-bus mqtt-verbose postgres + make taf-compose taf-no-secty keeper mqtt-bus mqtt-verbose postgres + make taf-compose taf-secty keeper mqtt-bus mqtt-verbose postgres arm64 + make taf-compose taf-no-secty keeper mqtt-bus mqtt-verbose postgres arm64 make taf-compose-perf taf-perf make taf-compose-perf taf-perf-no-secty make taf-compose-perf taf-perf arm64 @@ -1172,7 +1212,7 @@ compose: gen cat gen-header docker-compose.yml > $(RELEASE_FOLDER)/docker-compose$(NO_SECURITY)$(APP_SAMPLE)$(BUS)$(NANOMQ)$(ZERO_TRUST_COMPOSE)$(ARCH).yml taf-compose: gen - cat gen-header docker-compose.yml > $(RELEASE_FOLDER)/taf/docker-compose-taf$(NO_SECURITY)$(BUS)$(NANOMQ)$(REGISTRY)$(ARCH).yml + cat gen-header docker-compose.yml > $(RELEASE_FOLDER)/taf/docker-compose-taf$(NO_SECURITY)$(BUS)$(NANOMQ)$(REGISTRY)$(DATABASE)$(ARCH).yml taf-compose-perf: gen cat gen-header docker-compose.yml > $(RELEASE_FOLDER)taf/docker-compose-taf-perf$(NO_SECURITY)$(BUS)$(NANOMQ)$(ARCH).yml diff --git a/compose-builder/add-delayed-start-services.yml b/compose-builder/add-delayed-start-services.yml index 0d5b7cbf..7c17a552 100644 --- a/compose-builder/add-delayed-start-services.yml +++ b/compose-builder/add-delayed-start-services.yml @@ -35,7 +35,7 @@ services: restart: always env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} tmpfs: - /run volumes: @@ -65,7 +65,7 @@ services: restart: always env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} tmpfs: - /run volumes: @@ -97,7 +97,7 @@ services: restart: always env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} tmpfs: - /run volumes: @@ -126,7 +126,7 @@ services: restart: always env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} environment: SERVICE_HOST: edgex-security-spiffe-token-provider tmpfs: diff --git a/compose-builder/add-security-zero-trust.yml b/compose-builder/add-security-zero-trust.yml index f46a4f92..ba655830 100644 --- a/compose-builder/add-security-zero-trust.yml +++ b/compose-builder/add-security-zero-trust.yml @@ -65,7 +65,7 @@ services: - security-bootstrapper env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} environment: SERVICE_HOST: edgex-ui-go CLIENTS_CORE_COMMAND_SECURITYOPTIONS_MODE: "zerotrust" diff --git a/compose-builder/add-service-secure-template.yml b/compose-builder/add-service-secure-template.yml index 4bb5b740..5d85001e 100644 --- a/compose-builder/add-service-secure-template.yml +++ b/compose-builder/add-service-secure-template.yml @@ -28,7 +28,7 @@ services: command: "/${EXECUTABLE} --registry ${CP_FLAGS}" env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} ##${ENVIRONMENT_SECTION} volumes: - edgex-init:/edgex-init:ro diff --git a/compose-builder/add-taf-app-services-secure.yml b/compose-builder/add-taf-app-services-secure.yml index a4f69ea1..bcb76f13 100644 --- a/compose-builder/add-taf-app-services-secure.yml +++ b/compose-builder/add-taf-app-services-secure.yml @@ -24,7 +24,7 @@ services: command: "/app-service-configurable --registry ${CP_FLAGS}" env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} volumes: - edgex-init:/edgex-init:ro - /tmp/edgex/secrets/app-functional-tests:/tmp/edgex/secrets/app-functional-tests:ro,z @@ -38,7 +38,7 @@ services: command: "/app-service-configurable --registry ${CP_FLAGS}" env_file: - common-security.env - - common-sec-stage-gate.env + - ${COMMON_SEC_STAGE_GATE_FILE_NAME} volumes: - edgex-init:/edgex-init:ro - /tmp/edgex/secrets/app-scalability-test-mqtt-export:/tmp/edgex/secrets/app-scalability-test-mqtt-export:ro,z diff --git a/docker-compose-arm64.yml b/docker-compose-arm64.yml index 581f5811..3aa92642 100644 --- a/docker-compose-arm64.yml +++ b/docker-compose-arm64.yml @@ -1303,7 +1303,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1328,7 +1328,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/docker-compose-with-app-sample-arm64.yml b/docker-compose-with-app-sample-arm64.yml index 82b76303..1e19f3f9 100644 --- a/docker-compose-with-app-sample-arm64.yml +++ b/docker-compose-with-app-sample-arm64.yml @@ -1380,7 +1380,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1405,7 +1405,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/docker-compose-with-app-sample.yml b/docker-compose-with-app-sample.yml index 351a3e19..26713ffb 100644 --- a/docker-compose-with-app-sample.yml +++ b/docker-compose-with-app-sample.yml @@ -1380,7 +1380,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1405,7 +1405,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/docker-compose-zero-trust-arm64.yml b/docker-compose-zero-trust-arm64.yml index bbff0c3f..a9a512a1 100644 --- a/docker-compose-zero-trust-arm64.yml +++ b/docker-compose-zero-trust-arm64.yml @@ -1134,7 +1134,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1159,7 +1159,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/docker-compose-zero-trust.yml b/docker-compose-zero-trust.yml index 1acdad58..78b1c5e4 100644 --- a/docker-compose-zero-trust.yml +++ b/docker-compose-zero-trust.yml @@ -1134,7 +1134,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1159,7 +1159,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/docker-compose.yml b/docker-compose.yml index 4cc68e66..54e673c4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1303,7 +1303,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1328,7 +1328,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-arm64.yml b/taf/docker-compose-taf-arm64.yml index 326ec661..00e1caad 100644 --- a/taf/docker-compose-taf-arm64.yml +++ b/taf/docker-compose-taf-arm64.yml @@ -2351,7 +2351,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2376,7 +2376,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-keeper-arm64.yml b/taf/docker-compose-taf-keeper-arm64.yml index e474a2cb..424f1fa0 100644 --- a/taf/docker-compose-taf-keeper-arm64.yml +++ b/taf/docker-compose-taf-keeper-arm64.yml @@ -2270,7 +2270,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2295,7 +2295,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-keeper.yml b/taf/docker-compose-taf-keeper.yml index 61cc803a..002d5f0b 100644 --- a/taf/docker-compose-taf-keeper.yml +++ b/taf/docker-compose-taf-keeper.yml @@ -2270,7 +2270,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2295,7 +2295,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-mqtt-bus-arm64.yml b/taf/docker-compose-taf-mqtt-bus-arm64.yml index 2ba270e7..1ca2dce6 100644 --- a/taf/docker-compose-taf-mqtt-bus-arm64.yml +++ b/taf/docker-compose-taf-mqtt-bus-arm64.yml @@ -2416,7 +2416,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2441,7 +2441,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml b/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml index 092f5dde..15844d12 100644 --- a/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml +++ b/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml @@ -1281,12 +1281,12 @@ services: DATABASE_PORT: "6379" DATABASE_TYPE: redisdb EDGEX_SECURITY_SECRET_STORE: "true" - MESSAGEBUS_AUTHMODE: none - MESSAGEBUS_HOST: edgex-redis - MESSAGEBUS_PORT: "6379" - MESSAGEBUS_PROTOCOL: redis - MESSAGEBUS_SECRETNAME: redisdb - MESSAGEBUS_TYPE: redis + MESSAGEBUS_AUTHMODE: usernamepassword + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: message-bus + MESSAGEBUS_TYPE: mqtt PROXY_SETUP_HOST: edgex-security-proxy-setup SECRETSTORE_HOST: edgex-vault SERVICE_HOST: edgex-core-keeper @@ -2335,7 +2335,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2360,7 +2360,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-mqtt-bus-keeper-postgres-arm64.yml b/taf/docker-compose-taf-mqtt-bus-keeper-postgres-arm64.yml new file mode 100644 index 00000000..a1ab6ad4 --- /dev/null +++ b/taf/docker-compose-taf-mqtt-bus-keeper-postgres-arm64.yml @@ -0,0 +1,2455 @@ +# * Copyright 2024 Intel Corporation. +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except +# * in compliance with the License. You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software distributed under the License +# * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# * or implied. See the License for the specific language governing permissions and limitations under +# * the License. +# * +# * EdgeX Foundry, Odessa WIP release +# *******************************************************************************/ +# +# +# +# ************************ This is a generated compose file **************************** +# +# DO NOT MAKE CHANGES that are intended to be permanent to EdgeX edgex-compose repo. +# +# Permanent changes can be made to the source compose files located in the compose-builder folder +# at the top level of the edgex-compose repo. +# +# From the compose-builder folder use `make build` to regenerate all standard compose files variations +# +# Generated with: Docker Compose version v2.29.2 +name: edgex +services: + app-external-mqtt-trigger: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-external-mqtt-trigger + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: external-mqtt-trigger + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-external-mqtt-trigger + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + TRIGGER_EXTERNALMQTT_URL: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-export + hostname: edgex-app-external-mqtt-trigger + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59706 + published: "59706" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-external-mqtt-trigger + target: /tmp/edgex/secrets/app-external-mqtt-trigger + read_only: true + bind: + selinux: z + create_host_path: true + app-functional-tests: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-functional-tests + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: functional-tests + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-functional-tests + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-app-functional-tests + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59705 + published: "59705" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-functional-tests + target: /tmp/edgex/secrets/app-functional-tests + read_only: true + bind: + selinux: z + create_host_path: true + app-http-export: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-http-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: http-export + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-http-export + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_HTTPEXPORT_PARAMETERS_URL: http://EXPORT_HOST_PLACE_HOLDER:7770 + hostname: edgex-app-http-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59704 + published: "59704" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-http-export + target: /tmp/edgex/secrets/app-http-export + read_only: true + bind: + selinux: z + create_host_path: true + app-mqtt-export: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-mqtt-export + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59703 + published: "59703" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-mqtt-export + target: /tmp/edgex/secrets/app-mqtt-export + read_only: true + bind: + selinux: z + create_host_path: true + app-rules-engine: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-rules-engine + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: rules-engine + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-rules-engine + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-app-rules-engine + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59701 + published: "59701" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-rules-engine + target: /tmp/edgex/secrets/app-rules-engine + read_only: true + bind: + selinux: z + create_host_path: true + app-sample: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-sample + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + CLIENTS_CORE_COMMAND_HOST: edgex-core-command + CLIENTS_CORE_DATA_HOST: edgex-core-data + CLIENTS_SUPPORT-NOTIFICATIONS_HOST: edgex-support-notifications + EDGEX_PROFILE: sample + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-sample + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-app-sample + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59700 + published: "59700" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-sample + target: /tmp/edgex/secrets/app-sample + read_only: true + bind: + selinux: z + create_host_path: true + app-scalability-test-mqtt-export: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-scalability-test-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "true" + EDGEX_SERVICE_KEY: app-scalability-test-mqtt-export + MESSAGEBUS_OPTIONAL_CLIENTID: app-scalability-test-mqtt-export + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-scalability-test-mqtt-export + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_MQTT_SECRETS_PASSWORD: PASSWORD_PLACE_HOLDER + WRITABLE_INSECURESECRETS_MQTT_SECRETS_USERNAME: USERNAME_PLACEH_OLDER + WRITABLE_LOGLEVEL: DEBUG + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_CLIENTID: app-scalability-test-mqtt-export + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-scalability-test-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59703 + published: "59710" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-scalability-test-mqtt-export + target: /tmp/edgex/secrets/app-scalability-test-mqtt-export + read_only: true + bind: + selinux: z + create_host_path: true + core-command: + command: + - /core-command + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-command + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883 + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-command + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-core-command + image: nexus3.edgexfoundry.org:10004/core-command-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59882 + published: "59882" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-command + target: /tmp/edgex/secrets/core-command + read_only: true + bind: + selinux: z + create_host_path: true + core-common-config-bootstrapper: + command: + - /entrypoint.sh + - /core-common-config-bootstrapper + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-common-config-bootstrapper + depends_on: + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + ALL_SERVICES_DATABASE_HOST: edgex-postgres + ALL_SERVICES_DATABASE_PORT: "5432" + ALL_SERVICES_DATABASE_TYPE: postgres + ALL_SERVICES_MESSAGEBUS_AUTHMODE: usernamepassword + ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker + ALL_SERVICES_MESSAGEBUS_PORT: "1883" + ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp + ALL_SERVICES_MESSAGEBUS_SECRETNAME: message-bus + ALL_SERVICES_MESSAGEBUS_TYPE: mqtt + ALL_SERVICES_REGISTRY_HOST: edgex-core-keeper + ALL_SERVICES_REGISTRY_PORT: "59890" + ALL_SERVICES_REGISTRY_TYPE: keeper + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-core-common-config-bootstrapper + image: nexus3.edgexfoundry.org:10004/core-common-config-bootstrapper-arm64:latest + networks: + edgex-network: null + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-common-config-bootstrapper + target: /tmp/edgex/secrets/core-common-config-bootstrapper + read_only: true + bind: + selinux: z + create_host_path: true + core-data: + command: + - /core-data + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-data + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-data + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-core-data + image: nexus3.edgexfoundry.org:10004/core-data-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59880 + published: "59880" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-data + target: /tmp/edgex/secrets/core-data + read_only: true + bind: + selinux: z + create_host_path: true + core-metadata: + command: + - /core-metadata + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-metadata + depends_on: + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-metadata + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-core-metadata + image: nexus3.edgexfoundry.org:10004/core-metadata-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59881 + published: "59881" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-metadata + target: /tmp/edgex/secrets/core-metadata + read_only: true + bind: + selinux: z + create_host_path: true + database: + container_name: edgex-postgres + depends_on: + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/postgres_wait_install.sh + environment: + DATABASECONFIG_NAME: create-users.sh + DATABASECONFIG_PATH: /tmp/postgres-init-scripts + EDGEX_SECURITY_SECRET_STORE: "true" + POSTGRES_DB: edgex_db + POSTGRES_PASSWORD: postgres + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-postgres + image: postgres:16.3-alpine3.20 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 5432 + published: "5432" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + - /tmp + volumes: + - type: volume + source: db-data + target: /data + volume: {} + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: postgres-data + target: /var/lib/postgresql/data + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-bootstrapper-postgres + target: /tmp/edgex/secrets/security-bootstrapper-postgres + read_only: true + bind: + selinux: z + create_host_path: true + device-modbus: + command: + - /device-modbus + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-modbus + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + modbus-simulator: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-modbus + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-modbus + image: nexus3.edgexfoundry.org:10004/device-modbus-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59901 + published: "59901" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-modbus + target: /tmp/edgex/secrets/device-modbus + read_only: true + bind: + selinux: z + create_host_path: true + device-onvif-camera: + command: + - /device-onvif-camera + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-device-onvif-camera + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-onvif-camera + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-onvif-camera + image: nexus3.edgexfoundry.org:10004/device-onvif-camera-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59984 + published: "59984" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-onvif-camera + target: /tmp/edgex/secrets/device-onvif-camera + read_only: true + bind: + selinux: z + create_host_path: true + device-rest: + command: + - /device-rest + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-device-rest + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-rest + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-rest + image: nexus3.edgexfoundry.org:10004/device-rest-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59986 + published: "59986" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-rest + target: /tmp/edgex/secrets/device-rest + read_only: true + bind: + selinux: z + create_host_path: true + device-virtual: + command: + - /device-virtual + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-virtual + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-virtual + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-virtual + image: nexus3.edgexfoundry.org:10004/device-virtual-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59900 + published: "59900" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-virtual + target: /tmp/edgex/secrets/device-virtual + read_only: true + bind: + selinux: z + create_host_path: true + keeper: + command: + - /core-keeper + container_name: edgex-core-keeper + depends_on: + database: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + MESSAGEBUS_AUTHMODE: usernamepassword + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: message-bus + MESSAGEBUS_TYPE: mqtt + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-keeper + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-core-keeper + image: nexus3.edgexfoundry.org:10004/core-keeper-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59890 + published: "59890" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-keeper + target: /tmp/edgex/secrets/core-keeper + read_only: true + bind: + selinux: z + create_host_path: true + modbus-simulator: + container_name: edgex-modbus-simulator + hostname: edgex-modbus-simulator + image: nexus3.edgexfoundry.org:10003/edgex-devops/edgex-modbus-simulator-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1502 + published: "1502" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + mqtt-broker: + command: + - /usr/sbin/mosquitto + - -v + - -c + - /mosquitto/config/mosquitto.conf + container_name: edgex-mqtt-broker + depends_on: + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/messagebus_wait_install.sh + environment: + BROKER_TYPE: mosquitto + CONF_DIR: /edgex-init/bootstrap-mosquitto/res + EDGEX_SECURITY_SECRET_STORE: "true" + ENTRYPOINT: /docker-entrypoint.sh /usr/sbin/mosquitto -v -c /mosquitto/config/mosquitto.conf + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1883" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: volume + source: mqtt + target: /mosquitto + volume: {} + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-bootstrapper-messagebus + target: /tmp/edgex/secrets/security-bootstrapper-messagebus + read_only: true + bind: + selinux: z + create_host_path: true + mqtt-taf-broker: + command: + - /usr/sbin/mosquitto + - -c + - /mosquitto-no-auth.conf + container_name: edgex-taf-mqtt-broker + hostname: edgex-taf-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1884" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + nginx: + command: + - /docker-entrypoint.sh + - nginx + - -g + - daemon off; + container_name: edgex-nginx + depends_on: + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /bin/sh + - /edgex-init/nginx_wait_install.sh + environment: + PROXY_SETUP_HOST: edgex-security-proxy-setup + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-nginx + image: nginx:1.25-alpine-slim + networks: + edgex-network: null + ports: + - mode: ingress + target: 8443 + published: "8443" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /etc/nginx/conf.d + - /var/cache/nginx + - /var/log/nginx + - /var/run + volumes: + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: nginx-templates + target: /etc/nginx/templates + volume: {} + - type: volume + source: nginx-tls + target: /etc/ssl/nginx + volume: {} + rules-engine: + container_name: edgex-kuiper + depends_on: + database: + condition: service_started + required: true + mqtt-broker: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/kuiper_wait_install.sh + environment: + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__CLIENTID: kuiper-rules-engine + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__KEEPALIVE: "500" + CONNECTION__EDGEX__MQTTMSGBUS__PORT: "1883" + CONNECTION__EDGEX__MQTTMSGBUS__PROTOCOL: tcp + CONNECTION__EDGEX__MQTTMSGBUS__SERVER: edgex-mqtt-broker + CONNECTION__EDGEX__MQTTMSGBUS__TYPE: mqtt + EDGEX__DEFAULT__OPTIONAL__CLIENTID: kuiper-rules-engine + EDGEX__DEFAULT__OPTIONAL__KEEPALIVE: "500" + EDGEX__DEFAULT__PORT: "1883" + EDGEX__DEFAULT__PROTOCOL: tcp + EDGEX__DEFAULT__SERVER: edgex-mqtt-broker + EDGEX__DEFAULT__TOPIC: edgex/rules-events + EDGEX__DEFAULT__TYPE: mqtt + KUIPER__BASIC__CONSOLELOG: "true" + KUIPER__BASIC__ENABLEOPENZITI: "false" + KUIPER__BASIC__RESTPORT: "59720" + PROXY_SETUP_HOST: edgex-security-proxy-setup + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-kuiper + image: lfedge/ekuiper:v1.14.0-alpha.2 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59720 + published: "59720" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: kuiper:kuiper + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: kuiper-data + target: /kuiper/data + volume: {} + - type: volume + source: kuiper-etc + target: /kuiper/etc + volume: {} + - type: volume + source: kuiper-log + target: /kuiper/log + volume: {} + - type: volume + source: kuiper-plugins + target: /kuiper/plugins + volume: {} + - type: volume + source: kuiper-sources + target: /kuiper/etc/sources + volume: {} + - type: volume + source: kuiper-connections + target: /kuiper/etc/connections + volume: {} + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + security-bootstrapper: + container_name: edgex-security-bootstrapper + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + EDGEX_GROUP: "2001" + EDGEX_USER: "2002" + PROXY_SETUP_HOST: edgex-security-proxy-setup + REGISTRY_HOST: edgex-core-keeper + REGISTRY_PORT: "59890" + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-bootstrapper + image: nexus3.edgexfoundry.org:10004/security-bootstrapper-arm64:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + security-proxy-auth: + command: + - entrypoint.sh + - /security-proxy-auth + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-proxy-auth + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /bin/sh + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-proxy-auth + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-proxy-auth + image: nexus3.edgexfoundry.org:10004/security-proxy-auth-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59842 + published: "59842" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-proxy-auth + target: /tmp/edgex/secrets/security-proxy-auth + read_only: true + bind: + selinux: z + create_host_path: true + security-proxy-setup: + container_name: edgex-security-proxy-setup + depends_on: + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/proxy_setup_wait_install.sh + environment: + EDGEX_ADD_PROXY_ROUTE: device-modbus.http://edgex-device-modbus:59901 + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-proxy-setup + image: nexus3.edgexfoundry.org:10004/security-proxy-setup-arm64:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: vault-config + target: /vault/config + volume: {} + - type: volume + source: nginx-templates + target: /etc/nginx/templates + volume: {} + - type: volume + source: nginx-tls + target: /etc/ssl/nginx + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-proxy-setup + target: /tmp/edgex/secrets/security-proxy-setup + read_only: true + bind: + selinux: z + create_host_path: true + - type: volume + source: consul-acl-token + target: /tmp/edgex/secrets/consul-acl-token + read_only: true + volume: {} + security-secretstore-setup: + container_name: edgex-security-secretstore-setup + depends_on: + security-bootstrapper: + condition: service_started + required: true + vault: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_ADD_KNOWN_SECRETS: redisdb[app-rules-engine],redisdb[app-http-export],redisdb[app-mqtt-export],redisdb[app-scalability-test-mqtt-export],redisdb[app-sample],redisdb[device-modbus],redisdb[device-rest],redisdb[device-virtual],redisdb[device-onvif-camera],message-bus[app-rules-engine],message-bus[app-http-export],message-bus[app-mqtt-export],message-bus[app-external-mqtt-trigger],message-bus[app-scalability-test-mqtt-export],message-bus[app-sample],message-bus[device-modbus],message-bus[device-rest],message-bus[device-virtual],message-bus[device-onvif-camera] + EDGEX_ADD_SECRETSTORE_TOKENS: app-http-export,app-mqtt-export,app-functional-tests,app-scalability-test-mqtt-export,app-sample,device-modbus,app-external-mqtt-trigger,device-onvif-camera + EDGEX_GROUP: "2001" + EDGEX_SECURITY_SECRET_STORE: "true" + EDGEX_USER: "2002" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SECUREMESSAGEBUS_TYPE: mqtt + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-secretstore-setup + image: nexus3.edgexfoundry.org:10004/security-secretstore-setup-arm64:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + - /vault + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: vault-config + target: /vault/config + volume: {} + - type: bind + source: /tmp/edgex/secrets + target: /tmp/edgex/secrets + bind: + selinux: z + create_host_path: true + - type: volume + source: kuiper-sources + target: /tmp/kuiper + volume: {} + - type: volume + source: kuiper-connections + target: /tmp/kuiper-connections + volume: {} + security-spiffe-token-provider: + command: + - /security-spiffe-token-provider + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-security-spiffe-token-provider + depends_on: + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-spire-agent: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-security-spiffe-token-provider + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spiffe-token-provider + image: nexus3.edgexfoundry.org:10004/security-spiffe-token-provider-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59841 + published: "59841" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + - type: bind + source: /tmp/edgex/secrets/security-spiffe-token-provider + target: /tmp/edgex/secrets/security-spiffe-token-provider + bind: + selinux: z + create_host_path: true + security-spire-agent: + command: + - docker-entrypoint.sh + container_name: edgex-security-spire-agent + depends_on: + security-spire-server: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spire-agent + image: nexus3.edgexfoundry.org:10004/security-spire-agent-arm64:latest + networks: + edgex-network: null + pid: host + privileged: true + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: volume + source: spire-ca + target: /srv/spiffe/ca + volume: {} + - type: volume + source: spire-agent + target: /srv/spiffe/agent + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + - type: bind + source: /var/run/docker.sock + target: /var/run/docker.sock + bind: + create_host_path: true + security-spire-config: + command: + - docker-entrypoint.sh + container_name: edgex-security-spire-config + depends_on: + security-spire-agent: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spire-config + image: nexus3.edgexfoundry.org:10004/security-spire-config-arm64:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + security-spire-server: + command: + - docker-entrypoint.sh + container_name: edgex-security-spire-server + depends_on: + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spire-server + image: nexus3.edgexfoundry.org:10004/security-spire-server-arm64:latest + networks: + edgex-network: null + pid: host + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59840 + published: "59840" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: volume + source: spire-ca + target: /srv/spiffe/ca + volume: {} + - type: volume + source: spire-server + target: /srv/spiffe/server + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + support-cron-scheduler: + command: + - /support-cron-scheduler + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-cron-scheduler + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-support-cron-scheduler + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-support-cron-scheduler + image: nexus3.edgexfoundry.org:10004/support-cron-scheduler-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59863 + published: "59863" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/support-cron-scheduler + target: /tmp/edgex/secrets/support-cron-scheduler + read_only: true + bind: + selinux: z + create_host_path: true + support-notifications: + command: + - /support-notifications + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-notifications + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-support-notifications + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-support-notifications + image: nexus3.edgexfoundry.org:10004/support-notifications-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59860 + published: "59860" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/support-notifications + target: /tmp/edgex/secrets/support-notifications + read_only: true + bind: + selinux: z + create_host_path: true + ui: + container_name: edgex-ui-go + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + SERVICE_HOST: edgex-ui-go + hostname: edgex-ui-go + image: nexus3.edgexfoundry.org:10004/edgex-ui-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 4000 + published: "4000" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + vault: + command: + - server + container_name: edgex-vault + depends_on: + security-bootstrapper: + condition: service_started + required: true + deploy: + resources: + limits: + memory: "4190239719424" + entrypoint: + - /edgex-init/vault_wait_install.sh + environment: + PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + VAULT_ADDR: http://edgex-vault:8200 + VAULT_CONFIG_DIR: /vault/config + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" + VAULT_UI: "true" + hostname: edgex-vault + image: hashicorp/vault:1.14 + memswap_limit: "4190239719424" + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 8200 + published: "8200" + protocol: tcp + restart: always + tmpfs: + - /vault/config + user: root:root + volumes: + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: vault-file + target: /vault/file + volume: {} + - type: volume + source: vault-logs + target: /vault/logs + volume: {} +networks: + edgex-network: + name: edgex_edgex-network + driver: bridge +volumes: + consul-acl-token: + name: edgex_consul-acl-token + db-data: + name: edgex_db-data + edgex-init: + name: edgex_edgex-init + kuiper-connections: + name: edgex_kuiper-connections + kuiper-data: + name: edgex_kuiper-data + kuiper-etc: + name: edgex_kuiper-etc + kuiper-log: + name: edgex_kuiper-log + kuiper-plugins: + name: edgex_kuiper-plugins + kuiper-sources: + name: edgex_kuiper-sources + mqtt: + name: edgex_mqtt + nginx-templates: + name: edgex_nginx-templates + nginx-tls: + name: edgex_nginx-tls + postgres-data: + name: edgex_postgres-data + spire-agent: + name: edgex_spire-agent + spire-ca: + name: edgex_spire-ca + spire-server: + name: edgex_spire-server + vault-config: + name: edgex_vault-config + vault-file: + name: edgex_vault-file + vault-logs: + name: edgex_vault-logs diff --git a/taf/docker-compose-taf-mqtt-bus-keeper-postgres.yml b/taf/docker-compose-taf-mqtt-bus-keeper-postgres.yml new file mode 100644 index 00000000..59453330 --- /dev/null +++ b/taf/docker-compose-taf-mqtt-bus-keeper-postgres.yml @@ -0,0 +1,2455 @@ +# * Copyright 2024 Intel Corporation. +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except +# * in compliance with the License. You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software distributed under the License +# * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# * or implied. See the License for the specific language governing permissions and limitations under +# * the License. +# * +# * EdgeX Foundry, Odessa WIP release +# *******************************************************************************/ +# +# +# +# ************************ This is a generated compose file **************************** +# +# DO NOT MAKE CHANGES that are intended to be permanent to EdgeX edgex-compose repo. +# +# Permanent changes can be made to the source compose files located in the compose-builder folder +# at the top level of the edgex-compose repo. +# +# From the compose-builder folder use `make build` to regenerate all standard compose files variations +# +# Generated with: Docker Compose version v2.29.2 +name: edgex +services: + app-external-mqtt-trigger: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-external-mqtt-trigger + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: external-mqtt-trigger + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-external-mqtt-trigger + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + TRIGGER_EXTERNALMQTT_URL: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-export + hostname: edgex-app-external-mqtt-trigger + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59706 + published: "59706" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-external-mqtt-trigger + target: /tmp/edgex/secrets/app-external-mqtt-trigger + read_only: true + bind: + selinux: z + create_host_path: true + app-functional-tests: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-functional-tests + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: functional-tests + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-functional-tests + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-app-functional-tests + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59705 + published: "59705" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-functional-tests + target: /tmp/edgex/secrets/app-functional-tests + read_only: true + bind: + selinux: z + create_host_path: true + app-http-export: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-http-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: http-export + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-http-export + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_HTTPEXPORT_PARAMETERS_URL: http://EXPORT_HOST_PLACE_HOLDER:7770 + hostname: edgex-app-http-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59704 + published: "59704" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-http-export + target: /tmp/edgex/secrets/app-http-export + read_only: true + bind: + selinux: z + create_host_path: true + app-mqtt-export: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-mqtt-export + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59703 + published: "59703" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-mqtt-export + target: /tmp/edgex/secrets/app-mqtt-export + read_only: true + bind: + selinux: z + create_host_path: true + app-rules-engine: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-rules-engine + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: rules-engine + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-rules-engine + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-app-rules-engine + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59701 + published: "59701" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-rules-engine + target: /tmp/edgex/secrets/app-rules-engine + read_only: true + bind: + selinux: z + create_host_path: true + app-sample: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-sample + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + CLIENTS_CORE_COMMAND_HOST: edgex-core-command + CLIENTS_CORE_DATA_HOST: edgex-core-data + CLIENTS_SUPPORT-NOTIFICATIONS_HOST: edgex-support-notifications + EDGEX_PROFILE: sample + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-sample + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-app-sample + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59700 + published: "59700" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-sample + target: /tmp/edgex/secrets/app-sample + read_only: true + bind: + selinux: z + create_host_path: true + app-scalability-test-mqtt-export: + command: + - /app-service-configurable + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-scalability-test-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "true" + EDGEX_SERVICE_KEY: app-scalability-test-mqtt-export + MESSAGEBUS_OPTIONAL_CLIENTID: app-scalability-test-mqtt-export + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-app-scalability-test-mqtt-export + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_MQTT_SECRETS_PASSWORD: PASSWORD_PLACE_HOLDER + WRITABLE_INSECURESECRETS_MQTT_SECRETS_USERNAME: USERNAME_PLACEH_OLDER + WRITABLE_LOGLEVEL: DEBUG + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_CLIENTID: app-scalability-test-mqtt-export + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-scalability-test-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59703 + published: "59710" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/app-scalability-test-mqtt-export + target: /tmp/edgex/secrets/app-scalability-test-mqtt-export + read_only: true + bind: + selinux: z + create_host_path: true + core-command: + command: + - /core-command + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-command + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883 + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-command + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-core-command + image: nexus3.edgexfoundry.org:10004/core-command:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59882 + published: "59882" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-command + target: /tmp/edgex/secrets/core-command + read_only: true + bind: + selinux: z + create_host_path: true + core-common-config-bootstrapper: + command: + - /entrypoint.sh + - /core-common-config-bootstrapper + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-common-config-bootstrapper + depends_on: + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + ALL_SERVICES_DATABASE_HOST: edgex-postgres + ALL_SERVICES_DATABASE_PORT: "5432" + ALL_SERVICES_DATABASE_TYPE: postgres + ALL_SERVICES_MESSAGEBUS_AUTHMODE: usernamepassword + ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker + ALL_SERVICES_MESSAGEBUS_PORT: "1883" + ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp + ALL_SERVICES_MESSAGEBUS_SECRETNAME: message-bus + ALL_SERVICES_MESSAGEBUS_TYPE: mqtt + ALL_SERVICES_REGISTRY_HOST: edgex-core-keeper + ALL_SERVICES_REGISTRY_PORT: "59890" + ALL_SERVICES_REGISTRY_TYPE: keeper + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-core-common-config-bootstrapper + image: nexus3.edgexfoundry.org:10004/core-common-config-bootstrapper:latest + networks: + edgex-network: null + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-common-config-bootstrapper + target: /tmp/edgex/secrets/core-common-config-bootstrapper + read_only: true + bind: + selinux: z + create_host_path: true + core-data: + command: + - /core-data + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-data + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-data + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-core-data + image: nexus3.edgexfoundry.org:10004/core-data:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59880 + published: "59880" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-data + target: /tmp/edgex/secrets/core-data + read_only: true + bind: + selinux: z + create_host_path: true + core-metadata: + command: + - /core-metadata + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-metadata + depends_on: + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-metadata + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-core-metadata + image: nexus3.edgexfoundry.org:10004/core-metadata:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59881 + published: "59881" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-metadata + target: /tmp/edgex/secrets/core-metadata + read_only: true + bind: + selinux: z + create_host_path: true + database: + container_name: edgex-postgres + depends_on: + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/postgres_wait_install.sh + environment: + DATABASECONFIG_NAME: create-users.sh + DATABASECONFIG_PATH: /tmp/postgres-init-scripts + EDGEX_SECURITY_SECRET_STORE: "true" + POSTGRES_DB: edgex_db + POSTGRES_PASSWORD: postgres + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-postgres + image: postgres:16.3-alpine3.20 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 5432 + published: "5432" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + - /tmp + volumes: + - type: volume + source: db-data + target: /data + volume: {} + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: postgres-data + target: /var/lib/postgresql/data + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-bootstrapper-postgres + target: /tmp/edgex/secrets/security-bootstrapper-postgres + read_only: true + bind: + selinux: z + create_host_path: true + device-modbus: + command: + - /device-modbus + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-modbus + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + modbus-simulator: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-modbus + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-modbus + image: nexus3.edgexfoundry.org:10004/device-modbus:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59901 + published: "59901" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-modbus + target: /tmp/edgex/secrets/device-modbus + read_only: true + bind: + selinux: z + create_host_path: true + device-onvif-camera: + command: + - /device-onvif-camera + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-device-onvif-camera + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-onvif-camera + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-onvif-camera + image: nexus3.edgexfoundry.org:10004/device-onvif-camera:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59984 + published: "59984" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-onvif-camera + target: /tmp/edgex/secrets/device-onvif-camera + read_only: true + bind: + selinux: z + create_host_path: true + device-rest: + command: + - /device-rest + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-device-rest + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-rest + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-rest + image: nexus3.edgexfoundry.org:10004/device-rest:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59986 + published: "59986" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-rest + target: /tmp/edgex/secrets/device-rest + read_only: true + bind: + selinux: z + create_host_path: true + device-virtual: + command: + - /device-virtual + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-virtual + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-device-virtual + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-device-virtual + image: nexus3.edgexfoundry.org:10004/device-virtual:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59900 + published: "59900" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/device-virtual + target: /tmp/edgex/secrets/device-virtual + read_only: true + bind: + selinux: z + create_host_path: true + keeper: + command: + - /core-keeper + container_name: edgex-core-keeper + depends_on: + database: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + MESSAGEBUS_AUTHMODE: usernamepassword + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: message-bus + MESSAGEBUS_TYPE: mqtt + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-core-keeper + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-core-keeper + image: nexus3.edgexfoundry.org:10004/core-keeper:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59890 + published: "59890" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/core-keeper + target: /tmp/edgex/secrets/core-keeper + read_only: true + bind: + selinux: z + create_host_path: true + modbus-simulator: + container_name: edgex-modbus-simulator + hostname: edgex-modbus-simulator + image: nexus3.edgexfoundry.org:10003/edgex-devops/edgex-modbus-simulator:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1502 + published: "1502" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + mqtt-broker: + command: + - /usr/sbin/mosquitto + - -v + - -c + - /mosquitto/config/mosquitto.conf + container_name: edgex-mqtt-broker + depends_on: + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/messagebus_wait_install.sh + environment: + BROKER_TYPE: mosquitto + CONF_DIR: /edgex-init/bootstrap-mosquitto/res + EDGEX_SECURITY_SECRET_STORE: "true" + ENTRYPOINT: /docker-entrypoint.sh /usr/sbin/mosquitto -v -c /mosquitto/config/mosquitto.conf + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1883" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: volume + source: mqtt + target: /mosquitto + volume: {} + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-bootstrapper-messagebus + target: /tmp/edgex/secrets/security-bootstrapper-messagebus + read_only: true + bind: + selinux: z + create_host_path: true + mqtt-taf-broker: + command: + - /usr/sbin/mosquitto + - -c + - /mosquitto-no-auth.conf + container_name: edgex-taf-mqtt-broker + hostname: edgex-taf-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1884" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + nginx: + command: + - /docker-entrypoint.sh + - nginx + - -g + - daemon off; + container_name: edgex-nginx + depends_on: + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /bin/sh + - /edgex-init/nginx_wait_install.sh + environment: + PROXY_SETUP_HOST: edgex-security-proxy-setup + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-nginx + image: nginx:1.25-alpine-slim + networks: + edgex-network: null + ports: + - mode: ingress + target: 8443 + published: "8443" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /etc/nginx/conf.d + - /var/cache/nginx + - /var/log/nginx + - /var/run + volumes: + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: nginx-templates + target: /etc/nginx/templates + volume: {} + - type: volume + source: nginx-tls + target: /etc/ssl/nginx + volume: {} + rules-engine: + container_name: edgex-kuiper + depends_on: + database: + condition: service_started + required: true + mqtt-broker: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/kuiper_wait_install.sh + environment: + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__CLIENTID: kuiper-rules-engine + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__KEEPALIVE: "500" + CONNECTION__EDGEX__MQTTMSGBUS__PORT: "1883" + CONNECTION__EDGEX__MQTTMSGBUS__PROTOCOL: tcp + CONNECTION__EDGEX__MQTTMSGBUS__SERVER: edgex-mqtt-broker + CONNECTION__EDGEX__MQTTMSGBUS__TYPE: mqtt + EDGEX__DEFAULT__OPTIONAL__CLIENTID: kuiper-rules-engine + EDGEX__DEFAULT__OPTIONAL__KEEPALIVE: "500" + EDGEX__DEFAULT__PORT: "1883" + EDGEX__DEFAULT__PROTOCOL: tcp + EDGEX__DEFAULT__SERVER: edgex-mqtt-broker + EDGEX__DEFAULT__TOPIC: edgex/rules-events + EDGEX__DEFAULT__TYPE: mqtt + KUIPER__BASIC__CONSOLELOG: "true" + KUIPER__BASIC__ENABLEOPENZITI: "false" + KUIPER__BASIC__RESTPORT: "59720" + PROXY_SETUP_HOST: edgex-security-proxy-setup + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-kuiper + image: lfedge/ekuiper:v1.14.0-alpha.2 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59720 + published: "59720" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: kuiper:kuiper + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: kuiper-data + target: /kuiper/data + volume: {} + - type: volume + source: kuiper-etc + target: /kuiper/etc + volume: {} + - type: volume + source: kuiper-log + target: /kuiper/log + volume: {} + - type: volume + source: kuiper-plugins + target: /kuiper/plugins + volume: {} + - type: volume + source: kuiper-sources + target: /kuiper/etc/sources + volume: {} + - type: volume + source: kuiper-connections + target: /kuiper/etc/connections + volume: {} + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + security-bootstrapper: + container_name: edgex-security-bootstrapper + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + EDGEX_GROUP: "2001" + EDGEX_USER: "2002" + PROXY_SETUP_HOST: edgex-security-proxy-setup + REGISTRY_HOST: edgex-core-keeper + REGISTRY_PORT: "59890" + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-bootstrapper + image: nexus3.edgexfoundry.org:10004/security-bootstrapper:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + security-proxy-auth: + command: + - entrypoint.sh + - /security-proxy-auth + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-proxy-auth + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /bin/sh + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-proxy-auth + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-proxy-auth + image: nexus3.edgexfoundry.org:10004/security-proxy-auth:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59842 + published: "59842" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-proxy-auth + target: /tmp/edgex/secrets/security-proxy-auth + read_only: true + bind: + selinux: z + create_host_path: true + security-proxy-setup: + container_name: edgex-security-proxy-setup + depends_on: + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/proxy_setup_wait_install.sh + environment: + EDGEX_ADD_PROXY_ROUTE: device-modbus.http://edgex-device-modbus:59901 + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-proxy-setup + image: nexus3.edgexfoundry.org:10004/security-proxy-setup:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: vault-config + target: /vault/config + volume: {} + - type: volume + source: nginx-templates + target: /etc/nginx/templates + volume: {} + - type: volume + source: nginx-tls + target: /etc/ssl/nginx + volume: {} + - type: bind + source: /tmp/edgex/secrets/security-proxy-setup + target: /tmp/edgex/secrets/security-proxy-setup + read_only: true + bind: + selinux: z + create_host_path: true + - type: volume + source: consul-acl-token + target: /tmp/edgex/secrets/consul-acl-token + read_only: true + volume: {} + security-secretstore-setup: + container_name: edgex-security-secretstore-setup + depends_on: + security-bootstrapper: + condition: service_started + required: true + vault: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_ADD_KNOWN_SECRETS: redisdb[app-rules-engine],redisdb[app-http-export],redisdb[app-mqtt-export],redisdb[app-scalability-test-mqtt-export],redisdb[app-sample],redisdb[device-modbus],redisdb[device-rest],redisdb[device-virtual],redisdb[device-onvif-camera],message-bus[app-rules-engine],message-bus[app-http-export],message-bus[app-mqtt-export],message-bus[app-external-mqtt-trigger],message-bus[app-scalability-test-mqtt-export],message-bus[app-sample],message-bus[device-modbus],message-bus[device-rest],message-bus[device-virtual],message-bus[device-onvif-camera] + EDGEX_ADD_SECRETSTORE_TOKENS: app-http-export,app-mqtt-export,app-functional-tests,app-scalability-test-mqtt-export,app-sample,device-modbus,app-external-mqtt-trigger,device-onvif-camera + EDGEX_GROUP: "2001" + EDGEX_SECURITY_SECRET_STORE: "true" + EDGEX_USER: "2002" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SECUREMESSAGEBUS_TYPE: mqtt + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-secretstore-setup + image: nexus3.edgexfoundry.org:10004/security-secretstore-setup:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + - /vault + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: vault-config + target: /vault/config + volume: {} + - type: bind + source: /tmp/edgex/secrets + target: /tmp/edgex/secrets + bind: + selinux: z + create_host_path: true + - type: volume + source: kuiper-sources + target: /tmp/kuiper + volume: {} + - type: volume + source: kuiper-connections + target: /tmp/kuiper-connections + volume: {} + security-spiffe-token-provider: + command: + - /security-spiffe-token-provider + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-security-spiffe-token-provider + depends_on: + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-spire-agent: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-security-spiffe-token-provider + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spiffe-token-provider + image: nexus3.edgexfoundry.org:10004/security-spiffe-token-provider:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59841 + published: "59841" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + - type: bind + source: /tmp/edgex/secrets/security-spiffe-token-provider + target: /tmp/edgex/secrets/security-spiffe-token-provider + bind: + selinux: z + create_host_path: true + security-spire-agent: + command: + - docker-entrypoint.sh + container_name: edgex-security-spire-agent + depends_on: + security-spire-server: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spire-agent + image: nexus3.edgexfoundry.org:10004/security-spire-agent:latest + networks: + edgex-network: null + pid: host + privileged: true + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: volume + source: spire-ca + target: /srv/spiffe/ca + volume: {} + - type: volume + source: spire-agent + target: /srv/spiffe/agent + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + - type: bind + source: /var/run/docker.sock + target: /var/run/docker.sock + bind: + create_host_path: true + security-spire-config: + command: + - docker-entrypoint.sh + container_name: edgex-security-spire-config + depends_on: + security-spire-agent: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spire-config + image: nexus3.edgexfoundry.org:10004/security-spire-config:latest + networks: + edgex-network: null + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + security-spire-server: + command: + - docker-entrypoint.sh + container_name: edgex-security-spire-server + depends_on: + security-bootstrapper: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-security-spire-server + image: nexus3.edgexfoundry.org:10004/security-spire-server:latest + networks: + edgex-network: null + pid: host + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59840 + published: "59840" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + user: root:root + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + volume: {} + - type: volume + source: spire-ca + target: /srv/spiffe/ca + volume: {} + - type: volume + source: spire-server + target: /srv/spiffe/server + volume: {} + - type: bind + source: /tmp/edgex/secrets/spiffe + target: /tmp/edgex/secrets/spiffe + bind: + selinux: z + create_host_path: true + support-cron-scheduler: + command: + - /support-cron-scheduler + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-cron-scheduler + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-support-cron-scheduler + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + hostname: edgex-support-cron-scheduler + image: nexus3.edgexfoundry.org:10004/support-cron-scheduler:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59863 + published: "59863" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/support-cron-scheduler + target: /tmp/edgex/secrets/support-cron-scheduler + read_only: true + bind: + selinux: z + create_host_path: true + support-notifications: + command: + - /support-notifications + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-notifications + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + security-bootstrapper: + condition: service_started + required: true + security-secretstore-setup: + condition: service_started + required: true + entrypoint: + - /edgex-init/ready_to_run_wait_install.sh + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "true" + PROXY_SETUP_HOST: edgex-security-proxy-setup + SECRETSTORE_HOST: edgex-vault + SERVICE_HOST: edgex-support-notifications + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: "" + hostname: edgex-support-notifications + image: nexus3.edgexfoundry.org:10004/support-notifications:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59860 + published: "59860" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: bind + source: /tmp/edgex/secrets/support-notifications + target: /tmp/edgex/secrets/support-notifications + read_only: true + bind: + selinux: z + create_host_path: true + ui: + container_name: edgex-ui-go + environment: + EDGEX_SECURITY_SECRET_STORE: "true" + SERVICE_HOST: edgex-ui-go + hostname: edgex-ui-go + image: nexus3.edgexfoundry.org:10004/edgex-ui:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 4000 + published: "4000" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + vault: + command: + - server + container_name: edgex-vault + depends_on: + security-bootstrapper: + condition: service_started + required: true + deploy: + resources: + limits: + memory: "4190239719424" + entrypoint: + - /edgex-init/vault_wait_install.sh + environment: + PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" + STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper + STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" + STAGEGATE_DATABASE_HOST: edgex-postgres + STAGEGATE_DATABASE_PORT: "5432" + STAGEGATE_DATABASE_READYPORT: "5432" + STAGEGATE_PROXYSETUP_READYPORT: "54325" + STAGEGATE_READY_TORUNPORT: "54329" + STAGEGATE_REGISTRY_HOST: edgex-core-keeper + STAGEGATE_REGISTRY_PORT: "59890" + STAGEGATE_REGISTRY_READYPORT: "54324" + STAGEGATE_SECRETSTORESETUP_HOST: edgex-security-secretstore-setup + STAGEGATE_SECRETSTORESETUP_TOKENS_READYPORT: "54322" + STAGEGATE_WAITFOR_TIMEOUT: 60s + VAULT_ADDR: http://edgex-vault:8200 + VAULT_CONFIG_DIR: /vault/config + VAULT_LOCAL_CONFIG: "listener \"tcp\" { \n address = \"edgex-vault:8200\" \n tls_disable = \"1\" \n cluster_address = \"edgex-vault:8201\" \n} \nbackend \"file\" {\n path = \"/vault/file\"\n}\ndefault_lease_ttl = \"168h\" \nmax_lease_ttl = \"720h\"\ndisable_mlock = true\n" + VAULT_UI: "true" + hostname: edgex-vault + image: hashicorp/vault:1.14 + memswap_limit: "4190239719424" + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 8200 + published: "8200" + protocol: tcp + restart: always + tmpfs: + - /vault/config + user: root:root + volumes: + - type: volume + source: edgex-init + target: /edgex-init + read_only: true + volume: {} + - type: volume + source: vault-file + target: /vault/file + volume: {} + - type: volume + source: vault-logs + target: /vault/logs + volume: {} +networks: + edgex-network: + name: edgex_edgex-network + driver: bridge +volumes: + consul-acl-token: + name: edgex_consul-acl-token + db-data: + name: edgex_db-data + edgex-init: + name: edgex_edgex-init + kuiper-connections: + name: edgex_kuiper-connections + kuiper-data: + name: edgex_kuiper-data + kuiper-etc: + name: edgex_kuiper-etc + kuiper-log: + name: edgex_kuiper-log + kuiper-plugins: + name: edgex_kuiper-plugins + kuiper-sources: + name: edgex_kuiper-sources + mqtt: + name: edgex_mqtt + nginx-templates: + name: edgex_nginx-templates + nginx-tls: + name: edgex_nginx-tls + postgres-data: + name: edgex_postgres-data + spire-agent: + name: edgex_spire-agent + spire-ca: + name: edgex_spire-ca + spire-server: + name: edgex_spire-server + vault-config: + name: edgex_vault-config + vault-file: + name: edgex_vault-file + vault-logs: + name: edgex_vault-logs diff --git a/taf/docker-compose-taf-mqtt-bus-keeper.yml b/taf/docker-compose-taf-mqtt-bus-keeper.yml index 6dc6ae43..2db657ca 100644 --- a/taf/docker-compose-taf-mqtt-bus-keeper.yml +++ b/taf/docker-compose-taf-mqtt-bus-keeper.yml @@ -1281,12 +1281,12 @@ services: DATABASE_PORT: "6379" DATABASE_TYPE: redisdb EDGEX_SECURITY_SECRET_STORE: "true" - MESSAGEBUS_AUTHMODE: none - MESSAGEBUS_HOST: edgex-redis - MESSAGEBUS_PORT: "6379" - MESSAGEBUS_PROTOCOL: redis - MESSAGEBUS_SECRETNAME: redisdb - MESSAGEBUS_TYPE: redis + MESSAGEBUS_AUTHMODE: usernamepassword + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: message-bus + MESSAGEBUS_TYPE: mqtt PROXY_SETUP_HOST: edgex-security-proxy-setup SECRETSTORE_HOST: edgex-vault SERVICE_HOST: edgex-core-keeper @@ -2335,7 +2335,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2360,7 +2360,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-mqtt-bus.yml b/taf/docker-compose-taf-mqtt-bus.yml index f07e9e80..abf41d46 100644 --- a/taf/docker-compose-taf-mqtt-bus.yml +++ b/taf/docker-compose-taf-mqtt-bus.yml @@ -2416,7 +2416,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2441,7 +2441,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-arm64.yml b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-arm64.yml index 34f749af..cb1329c5 100644 --- a/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-arm64.yml +++ b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-arm64.yml @@ -714,11 +714,11 @@ services: DATABASE_TYPE: redisdb EDGEX_SECURITY_SECRET_STORE: "false" MESSAGEBUS_AUTHMODE: none - MESSAGEBUS_HOST: edgex-redis - MESSAGEBUS_PORT: "6379" - MESSAGEBUS_PROTOCOL: redis - MESSAGEBUS_SECRETNAME: redisdb - MESSAGEBUS_TYPE: redis + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: "" + MESSAGEBUS_TYPE: mqtt SERVICE_HOST: edgex-core-keeper WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" diff --git a/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres-arm64.yml b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres-arm64.yml new file mode 100644 index 00000000..b344db44 --- /dev/null +++ b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres-arm64.yml @@ -0,0 +1,1025 @@ +# * Copyright 2024 Intel Corporation. +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except +# * in compliance with the License. You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software distributed under the License +# * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# * or implied. See the License for the specific language governing permissions and limitations under +# * the License. +# * +# * EdgeX Foundry, Odessa WIP release +# *******************************************************************************/ +# +# +# +# ************************ This is a generated compose file **************************** +# +# DO NOT MAKE CHANGES that are intended to be permanent to EdgeX edgex-compose repo. +# +# Permanent changes can be made to the source compose files located in the compose-builder folder +# at the top level of the edgex-compose repo. +# +# From the compose-builder folder use `make build` to regenerate all standard compose files variations +# +# Generated with: Docker Compose version v2.29.2 +name: edgex +services: + app-external-mqtt-trigger: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-external-mqtt-trigger + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: external-mqtt-trigger + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-external-mqtt-trigger + TRIGGER_EXTERNALMQTT_URL: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-export + hostname: edgex-app-external-mqtt-trigger + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59706 + published: "59706" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-functional-tests: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-functional-tests + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: functional-tests + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-functional-tests + hostname: edgex-app-functional-tests + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59705 + published: "59705" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-http-export: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-http-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: http-export + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-http-export + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_HTTPEXPORT_PARAMETERS_URL: http://EXPORT_HOST_PLACE_HOLDER:7770 + hostname: edgex-app-http-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59704 + published: "59704" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-mqtt-export: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-mqtt-export + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59703 + published: "59703" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-rules-engine: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-rules-engine + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: rules-engine + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-rules-engine + hostname: edgex-app-rules-engine + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59701 + published: "59701" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-sample: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-sample + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + CLIENTS_CORE_COMMAND_HOST: edgex-core-command + CLIENTS_CORE_DATA_HOST: edgex-core-data + CLIENTS_SUPPORT-NOTIFICATIONS_HOST: edgex-support-notifications + EDGEX_PROFILE: sample + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-sample + hostname: edgex-app-sample + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59700 + published: "59700" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-scalability-test-mqtt-export: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-scalability-test-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "false" + EDGEX_SERVICE_KEY: app-scalability-test-mqtt-export + MESSAGEBUS_OPTIONAL_CLIENTID: app-scalability-test-mqtt-export + SERVICE_HOST: edgex-app-scalability-test-mqtt-export + WRITABLE_LOGLEVEL: DEBUG + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_CLIENTID: app-scalability-test-mqtt-export + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-scalability-test-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59703 + published: "59710" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-command: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-command + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883 + SERVICE_HOST: edgex-core-command + hostname: edgex-core-command + image: nexus3.edgexfoundry.org:10004/core-command-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59882 + published: "59882" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-common-config-bootstrapper: + command: + - /core-common-config-bootstrapper + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-common-config-bootstrapper + depends_on: + keeper: + condition: service_started + required: true + environment: + ALL_SERVICES_DATABASE_HOST: edgex-postgres + ALL_SERVICES_DATABASE_PORT: "5432" + ALL_SERVICES_DATABASE_TYPE: postgres + ALL_SERVICES_MESSAGEBUS_AUTHMODE: none + ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker + ALL_SERVICES_MESSAGEBUS_PORT: "1883" + ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp + ALL_SERVICES_MESSAGEBUS_TYPE: mqtt + ALL_SERVICES_REGISTRY_HOST: edgex-core-keeper + ALL_SERVICES_REGISTRY_PORT: "59890" + ALL_SERVICES_REGISTRY_TYPE: keeper + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + EDGEX_SECURITY_SECRET_STORE: "false" + hostname: edgex-core-common-config-bootstrapper + image: nexus3.edgexfoundry.org:10004/core-common-config-bootstrapper-arm64:latest + networks: + edgex-network: null + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-data: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-data + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-core-data + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-core-data + image: nexus3.edgexfoundry.org:10004/core-data-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59880 + published: "59880" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-metadata: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-metadata + depends_on: + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-core-metadata + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-core-metadata + image: nexus3.edgexfoundry.org:10004/core-metadata-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59881 + published: "59881" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + database: + container_name: edgex-postgres + environment: + POSTGRES_DB: edgex_db + POSTGRES_PASSWORD: postgres + hostname: edgex-postgres + image: postgres:16.3-alpine3.20 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 5432 + published: "5432" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + volumes: + - type: volume + source: db-data + target: /data + volume: {} + device-modbus: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-modbus + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + modbus-simulator: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-modbus + hostname: edgex-device-modbus + image: nexus3.edgexfoundry.org:10004/device-modbus-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59901 + published: "59901" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + device-onvif-camera: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + container_name: edgex-device-onvif-camera + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-onvif-camera + hostname: edgex-device-onvif-camera + image: nexus3.edgexfoundry.org:10004/device-onvif-camera-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59984 + published: "59984" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + device-rest: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + container_name: edgex-device-rest + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-rest + hostname: edgex-device-rest + image: nexus3.edgexfoundry.org:10004/device-rest-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59986 + published: "59986" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + device-virtual: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-virtual + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-virtual + hostname: edgex-device-virtual + image: nexus3.edgexfoundry.org:10004/device-virtual-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59900 + published: "59900" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + keeper: + container_name: edgex-core-keeper + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + MESSAGEBUS_AUTHMODE: none + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: "" + MESSAGEBUS_TYPE: mqtt + SERVICE_HOST: edgex-core-keeper + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-core-keeper + image: nexus3.edgexfoundry.org:10004/core-keeper-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59890 + published: "59890" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + modbus-simulator: + container_name: edgex-modbus-simulator + hostname: edgex-modbus-simulator + image: nexus3.edgexfoundry.org:10003/edgex-devops/edgex-modbus-simulator-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1502 + published: "1502" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + mqtt-broker: + command: + - /usr/sbin/mosquitto + - -v + - -c + - /mosquitto-no-auth.conf + container_name: edgex-mqtt-broker + hostname: edgex-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1883" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + mqtt-taf-broker: + command: + - /usr/sbin/mosquitto + - -c + - /mosquitto-no-auth.conf + container_name: edgex-taf-mqtt-broker + hostname: edgex-taf-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1884" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + rules-engine: + container_name: edgex-kuiper + depends_on: + database: + condition: service_started + required: true + mqtt-broker: + condition: service_started + required: true + environment: + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__CLIENTID: kuiper-rules-engine + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__KEEPALIVE: "500" + CONNECTION__EDGEX__MQTTMSGBUS__PORT: "1883" + CONNECTION__EDGEX__MQTTMSGBUS__PROTOCOL: tcp + CONNECTION__EDGEX__MQTTMSGBUS__SERVER: edgex-mqtt-broker + CONNECTION__EDGEX__MQTTMSGBUS__TYPE: mqtt + EDGEX__DEFAULT__OPTIONAL__CLIENTID: kuiper-rules-engine + EDGEX__DEFAULT__OPTIONAL__KEEPALIVE: "500" + EDGEX__DEFAULT__PORT: "1883" + EDGEX__DEFAULT__PROTOCOL: tcp + EDGEX__DEFAULT__SERVER: edgex-mqtt-broker + EDGEX__DEFAULT__TOPIC: edgex/rules-events + EDGEX__DEFAULT__TYPE: mqtt + KUIPER__BASIC__CONSOLELOG: "true" + KUIPER__BASIC__ENABLEOPENZITI: "false" + KUIPER__BASIC__RESTPORT: "59720" + hostname: edgex-kuiper + image: lfedge/ekuiper:v1.14.0-alpha.2 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59720 + published: "59720" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: kuiper:kuiper + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: kuiper-data + target: /kuiper/data + volume: {} + - type: volume + source: kuiper-etc + target: /kuiper/etc + volume: {} + - type: volume + source: kuiper-log + target: /kuiper/log + volume: {} + - type: volume + source: kuiper-plugins + target: /kuiper/plugins + volume: {} + support-cron-scheduler: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-cron-scheduler + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-support-cron-scheduler + hostname: edgex-support-cron-scheduler + image: nexus3.edgexfoundry.org:10004/support-cron-scheduler-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59863 + published: "59863" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + support-notifications: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-notifications + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-support-notifications + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-support-notifications + image: nexus3.edgexfoundry.org:10004/support-notifications-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59860 + published: "59860" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + ui: + container_name: edgex-ui-go + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-ui-go + hostname: edgex-ui-go + image: nexus3.edgexfoundry.org:10004/edgex-ui-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 4000 + published: "4000" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true +networks: + edgex-network: + name: edgex_edgex-network + driver: bridge +volumes: + db-data: + name: edgex_db-data + kuiper-data: + name: edgex_kuiper-data + kuiper-etc: + name: edgex_kuiper-etc + kuiper-log: + name: edgex_kuiper-log + kuiper-plugins: + name: edgex_kuiper-plugins diff --git a/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres.yml b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres.yml new file mode 100644 index 00000000..5d9f4fb5 --- /dev/null +++ b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper-postgres.yml @@ -0,0 +1,1025 @@ +# * Copyright 2024 Intel Corporation. +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except +# * in compliance with the License. You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software distributed under the License +# * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +# * or implied. See the License for the specific language governing permissions and limitations under +# * the License. +# * +# * EdgeX Foundry, Odessa WIP release +# *******************************************************************************/ +# +# +# +# ************************ This is a generated compose file **************************** +# +# DO NOT MAKE CHANGES that are intended to be permanent to EdgeX edgex-compose repo. +# +# Permanent changes can be made to the source compose files located in the compose-builder folder +# at the top level of the edgex-compose repo. +# +# From the compose-builder folder use `make build` to regenerate all standard compose files variations +# +# Generated with: Docker Compose version v2.29.2 +name: edgex +services: + app-external-mqtt-trigger: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-external-mqtt-trigger + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: external-mqtt-trigger + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-external-mqtt-trigger + TRIGGER_EXTERNALMQTT_URL: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-export + hostname: edgex-app-external-mqtt-trigger + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59706 + published: "59706" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-functional-tests: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-functional-tests + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: functional-tests + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-functional-tests + hostname: edgex-app-functional-tests + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59705 + published: "59705" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-http-export: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-http-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: http-export + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-http-export + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_HTTPEXPORT_PARAMETERS_URL: http://EXPORT_HOST_PLACE_HOLDER:7770 + hostname: edgex-app-http-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59704 + published: "59704" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-mqtt-export: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-mqtt-export + WRITABLE_LOGLEVEL: INFO + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59703 + published: "59703" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-rules-engine: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-rules-engine + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: rules-engine + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-rules-engine + hostname: edgex-app-rules-engine + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59701 + published: "59701" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-sample: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-sample + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + CLIENTS_CORE_COMMAND_HOST: edgex-core-command + CLIENTS_CORE_DATA_HOST: edgex-core-data + CLIENTS_SUPPORT-NOTIFICATIONS_HOST: edgex-support-notifications + EDGEX_PROFILE: sample + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-app-sample + hostname: edgex-app-sample + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59700 + published: "59700" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + app-scalability-test-mqtt-export: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-app-scalability-test-mqtt-export + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_PROFILE: mqtt-export + EDGEX_SECURITY_SECRET_STORE: "false" + EDGEX_SERVICE_KEY: app-scalability-test-mqtt-export + MESSAGEBUS_OPTIONAL_CLIENTID: app-scalability-test-mqtt-export + SERVICE_HOST: edgex-app-scalability-test-mqtt-export + WRITABLE_LOGLEVEL: DEBUG + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_BROKERADDRESS: MQTT_BROKER_ADDRESS_PLACE_HOLDER + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_CLIENTID: app-scalability-test-mqtt-export + WRITABLE_PIPELINE_FUNCTIONS_MQTTEXPORT_PARAMETERS_TOPIC: edgex-events + hostname: edgex-app-scalability-test-mqtt-export + image: nexus3.edgexfoundry.org:10004/app-service-configurable:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 59703 + published: "59710" + protocol: tcp + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-command: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-command + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883 + SERVICE_HOST: edgex-core-command + hostname: edgex-core-command + image: nexus3.edgexfoundry.org:10004/core-command:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59882 + published: "59882" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-common-config-bootstrapper: + command: + - /core-common-config-bootstrapper + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-common-config-bootstrapper + depends_on: + keeper: + condition: service_started + required: true + environment: + ALL_SERVICES_DATABASE_HOST: edgex-postgres + ALL_SERVICES_DATABASE_PORT: "5432" + ALL_SERVICES_DATABASE_TYPE: postgres + ALL_SERVICES_MESSAGEBUS_AUTHMODE: none + ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker + ALL_SERVICES_MESSAGEBUS_PORT: "1883" + ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp + ALL_SERVICES_MESSAGEBUS_TYPE: mqtt + ALL_SERVICES_REGISTRY_HOST: edgex-core-keeper + ALL_SERVICES_REGISTRY_PORT: "59890" + ALL_SERVICES_REGISTRY_TYPE: keeper + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + EDGEX_SECURITY_SECRET_STORE: "false" + hostname: edgex-core-common-config-bootstrapper + image: nexus3.edgexfoundry.org:10004/core-common-config-bootstrapper:latest + networks: + edgex-network: null + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-data: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-data + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-core-data + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-core-data + image: nexus3.edgexfoundry.org:10004/core-data:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59880 + published: "59880" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-metadata: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-metadata + depends_on: + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-core-metadata + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-core-metadata + image: nexus3.edgexfoundry.org:10004/core-metadata:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59881 + published: "59881" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + database: + container_name: edgex-postgres + environment: + POSTGRES_DB: edgex_db + POSTGRES_PASSWORD: postgres + hostname: edgex-postgres + image: postgres:16.3-alpine3.20 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 5432 + published: "5432" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + volumes: + - type: volume + source: db-data + target: /data + volume: {} + device-modbus: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-modbus + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + modbus-simulator: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-modbus + hostname: edgex-device-modbus + image: nexus3.edgexfoundry.org:10004/device-modbus:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59901 + published: "59901" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + device-onvif-camera: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + container_name: edgex-device-onvif-camera + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-onvif-camera + hostname: edgex-device-onvif-camera + image: nexus3.edgexfoundry.org:10004/device-onvif-camera:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59984 + published: "59984" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + device-rest: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + container_name: edgex-device-rest + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-rest + hostname: edgex-device-rest + image: nexus3.edgexfoundry.org:10004/device-rest:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59986 + published: "59986" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + device-virtual: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + - --configDir=CONFIG_DIR_PLACE_HOLDER + container_name: edgex-device-virtual + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-virtual + hostname: edgex-device-virtual + image: nexus3.edgexfoundry.org:10004/device-virtual:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59900 + published: "59900" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: bind + source: /PROFILE_VOLUME_PLACE_HOLDER + target: CONFIG_DIR_PLACE_HOLDER + bind: + selinux: z + create_host_path: true + keeper: + container_name: edgex-core-keeper + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + MESSAGEBUS_AUTHMODE: none + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: "" + MESSAGEBUS_TYPE: mqtt + SERVICE_HOST: edgex-core-keeper + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-core-keeper + image: nexus3.edgexfoundry.org:10004/core-keeper:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59890 + published: "59890" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + modbus-simulator: + container_name: edgex-modbus-simulator + hostname: edgex-modbus-simulator + image: nexus3.edgexfoundry.org:10003/edgex-devops/edgex-modbus-simulator:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1502 + published: "1502" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + mqtt-broker: + command: + - /usr/sbin/mosquitto + - -v + - -c + - /mosquitto-no-auth.conf + container_name: edgex-mqtt-broker + hostname: edgex-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1883" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + mqtt-taf-broker: + command: + - /usr/sbin/mosquitto + - -c + - /mosquitto-no-auth.conf + container_name: edgex-taf-mqtt-broker + hostname: edgex-taf-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1884" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + rules-engine: + container_name: edgex-kuiper + depends_on: + database: + condition: service_started + required: true + mqtt-broker: + condition: service_started + required: true + environment: + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__CLIENTID: kuiper-rules-engine + CONNECTION__EDGEX__MQTTMSGBUS__OPTIONAL__KEEPALIVE: "500" + CONNECTION__EDGEX__MQTTMSGBUS__PORT: "1883" + CONNECTION__EDGEX__MQTTMSGBUS__PROTOCOL: tcp + CONNECTION__EDGEX__MQTTMSGBUS__SERVER: edgex-mqtt-broker + CONNECTION__EDGEX__MQTTMSGBUS__TYPE: mqtt + EDGEX__DEFAULT__OPTIONAL__CLIENTID: kuiper-rules-engine + EDGEX__DEFAULT__OPTIONAL__KEEPALIVE: "500" + EDGEX__DEFAULT__PORT: "1883" + EDGEX__DEFAULT__PROTOCOL: tcp + EDGEX__DEFAULT__SERVER: edgex-mqtt-broker + EDGEX__DEFAULT__TOPIC: edgex/rules-events + EDGEX__DEFAULT__TYPE: mqtt + KUIPER__BASIC__CONSOLELOG: "true" + KUIPER__BASIC__ENABLEOPENZITI: "false" + KUIPER__BASIC__RESTPORT: "59720" + hostname: edgex-kuiper + image: lfedge/ekuiper:v1.14.0-alpha.2 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59720 + published: "59720" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: kuiper:kuiper + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + - type: volume + source: kuiper-data + target: /kuiper/data + volume: {} + - type: volume + source: kuiper-etc + target: /kuiper/etc + volume: {} + - type: volume + source: kuiper-log + target: /kuiper/log + volume: {} + - type: volume + source: kuiper-plugins + target: /kuiper/plugins + volume: {} + support-cron-scheduler: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-cron-scheduler + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-support-cron-scheduler + hostname: edgex-support-cron-scheduler + image: nexus3.edgexfoundry.org:10004/support-cron-scheduler:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59863 + published: "59863" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + support-notifications: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-support-notifications + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + DATABASE_HOST: edgex-postgres + DATABASE_PORT: "5432" + DATABASE_TYPE: postgres + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-support-notifications + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + hostname: edgex-support-notifications + image: nexus3.edgexfoundry.org:10004/support-notifications:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59860 + published: "59860" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + ui: + container_name: edgex-ui-go + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-ui-go + hostname: edgex-ui-go + image: nexus3.edgexfoundry.org:10004/edgex-ui:latest + networks: + edgex-network: null + ports: + - mode: ingress + target: 4000 + published: "4000" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true +networks: + edgex-network: + name: edgex_edgex-network + driver: bridge +volumes: + db-data: + name: edgex_db-data + kuiper-data: + name: edgex_kuiper-data + kuiper-etc: + name: edgex_kuiper-etc + kuiper-log: + name: edgex_kuiper-log + kuiper-plugins: + name: edgex_kuiper-plugins diff --git a/taf/docker-compose-taf-no-secty-mqtt-bus-keeper.yml b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper.yml index eda7e900..f20239c7 100644 --- a/taf/docker-compose-taf-no-secty-mqtt-bus-keeper.yml +++ b/taf/docker-compose-taf-no-secty-mqtt-bus-keeper.yml @@ -714,11 +714,11 @@ services: DATABASE_TYPE: redisdb EDGEX_SECURITY_SECRET_STORE: "false" MESSAGEBUS_AUTHMODE: none - MESSAGEBUS_HOST: edgex-redis - MESSAGEBUS_PORT: "6379" - MESSAGEBUS_PROTOCOL: redis - MESSAGEBUS_SECRETNAME: redisdb - MESSAGEBUS_TYPE: redis + MESSAGEBUS_HOST: edgex-mqtt-broker + MESSAGEBUS_PORT: "1883" + MESSAGEBUS_PROTOCOL: tcp + MESSAGEBUS_SECRETNAME: "" + MESSAGEBUS_TYPE: mqtt SERVICE_HOST: edgex-core-keeper WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: "" WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: "" diff --git a/taf/docker-compose-taf-perf-arm64.yml b/taf/docker-compose-taf-perf-arm64.yml index 9bdeb377..591cfd3d 100644 --- a/taf/docker-compose-taf-perf-arm64.yml +++ b/taf/docker-compose-taf-perf-arm64.yml @@ -1693,7 +1693,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1718,7 +1718,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf-perf.yml b/taf/docker-compose-taf-perf.yml index 8204dbc0..3b4addc0 100644 --- a/taf/docker-compose-taf-perf.yml +++ b/taf/docker-compose-taf-perf.yml @@ -1693,7 +1693,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -1718,7 +1718,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: diff --git a/taf/docker-compose-taf.yml b/taf/docker-compose-taf.yml index eb274743..1580666c 100644 --- a/taf/docker-compose-taf.yml +++ b/taf/docker-compose-taf.yml @@ -2351,7 +2351,7 @@ services: deploy: resources: limits: - memory: "343254323167232" + memory: "4190239719424" entrypoint: - /edgex-init/vault_wait_install.sh environment: @@ -2376,7 +2376,7 @@ services: VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 - memswap_limit: "343254323167232" + memswap_limit: "4190239719424" networks: edgex-network: null ports: