diff --git a/compose-builder/.env b/compose-builder/.env
index 3eaa3752..e621f633 100644
--- a/compose-builder/.env
+++ b/compose-builder/.env
@@ -45,6 +45,18 @@ CP_FLAGS='-cp=consul.http://edgex-core-consul:8500'
REGISTRY_HOST=edgex-core-consul
REGISTRY_PORT=8500
REGISTRY_TYPE=consul
+DATABASE_HOST=edgex-redis
+DATABASE_TYPE=redis
+DATABASE_PORT=6379
+MESSAGEBUS_HOST=edgex-redis
+MESSAGEBUS_SECRETNAME=redisdb
+MESSAGEBUS_AUTHMODE=none
+MESSAGEBUS_PORT=6379
+MESSAGEBUS_PROTOCOL=redis
+MESSAGEBUS_TYPE=redis
+WRITABLE_INSECURESECRETS_DB_SECRETNAME=redisdb
+WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME=
+WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD=
# Lock on Vault 1.14 (last MPL-2.0 version)
VAULT_VERSION=1.14
@@ -52,6 +64,7 @@ VAULT_VERSION=1.14
CONSUL_VERSION=1.16
# Lock on Redis 7.0 until EdgeX 4.0
REDIS_VERSION=7.0-alpine
+POSTGRES_VERSION=16.3-alpine3.20
KUIPER_VERSION=v1.14.0-alpha.2
MOSQUITTO_VERSION=2.0
NANOMQ_VERSION=0.18
diff --git a/compose-builder/Makefile b/compose-builder/Makefile
index 511e9a5f..48156090 100644
--- a/compose-builder/Makefile
+++ b/compose-builder/Makefile
@@ -60,6 +60,7 @@ define OPTIONS
- asc-http asc-mqtt asc-sample asc-metrics as-llrp as-record-replay asc-ex-mqtt -
- modbus-sim zero-trust no-cleanup -
- consul keeper -
+ - postgres -
endef
export OPTIONS
@@ -139,6 +140,25 @@ ifeq (keeper, $(filter keeper,$(ARGS)))
export STAGEGATE_REGISTRY_HOST=edgex-core-keeper
export STAGEGATE_REGISTRY_PORT=59890
endif
+
+ ifeq (postgres, $(filter postgres,$(ARGS)))
+ export DATABASE_HOST=edgex-postgres
+ export DATABASE_TYPE=postgres
+ export DATABASE_PORT=5432
+ export MESSAGEBUS_HOST=edgex-mqtt-broker
+ export MESSAGEBUS_PORT=1883
+ export MESSAGEBUS_PROTOCOL=tcp
+ export MESSAGEBUS_TYPE=mqtt
+ ifeq (no-secty, $(filter no-secty,$(ARGS)))
+ export WRITABLE_INSECURESECRETS_DB_SECRETNAME=postgres
+ export WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME=postgres
+ export WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD=postgres
+ endif
+ endif
+endif
+
+ifeq (postgres, $(filter postgres,$(ARGS)))
+ COMPOSE_FILES:= -f docker-compose-base-postgres.yml
endif
# When in delay-start mode, ensure support services are delay-start-compliant by adding runtime-token configuration
diff --git a/compose-builder/README.md b/compose-builder/README.md
index c1946ada..ee303243 100644
--- a/compose-builder/README.md
+++ b/compose-builder/README.md
@@ -52,7 +52,9 @@ The `Extending using multiple Compose files` approach along with environment fil
This folder contains the following compose files:
- **docker-compose-base.yml**
- Base non-secure mode compose file. Contains all the services that run in the non-secure configuration, including the UI.
+ Base non-secure mode compose file. Contains all the services that run in the non-secure configuration, including the UI.
+- **docker-compose-base-postgres.yml**
+ Base non-secure mode compose file with PostgreSQL as database. Contains all the services that run in the non-secure configuration, including the UI.
- **add-security.yml**
Security **extending** compose file. Adds the additional security services and configuration of services so that all the services are running in the secure configuration.
- **add-secure-redis-messagebus.yml**
@@ -256,6 +258,7 @@ Options:
The NATS Server service is also included.
no-cleanup: Leaves generated files behind for debugging purposes.
keeper: Runs to registry service to core-keeper
+ postgres: Runs with PostgreSQL as database, 'mqtt-bus' is required when using this option
Services:
: Runs only services listed (and their dependent services) where 'name' matches a service name in one of the compose files used
```
@@ -315,6 +318,7 @@ Options:
nats-bus: Pull includes additional services for NATS Message Bus
no-cleanup: Leaves generated files behind for debugging purposes
keeper: Pull includes core-keeper
+ postgres: Pull includes PostgreSQL
Services:
: Pulls only images for the service(s) listed
@@ -373,6 +377,7 @@ Options:
no-cleanup: Leaves generated files behind for debugging purposes.
keeper: Generates compose file with services registry to core-keeper
The core-keeper service is also included
+ postgres: Generates compose file with PostgreSQL as database, 'mqtt-bus' is required when using this option
```
#### Clean
@@ -486,6 +491,7 @@ Options:
The NATS Server service is also included.
no-cleanup: Leaves generated files behind for debugging purposes.
keeper: Generates compose file to registry service to core-keeper
+ postgres: Generates compose file with PostgreSQL as database, 'mqtt-bus' is required when using this option
```
#### TAF Compose
diff --git a/compose-builder/add-keeper.yml b/compose-builder/add-keeper.yml
index ea3532b7..d86bc09c 100644
--- a/compose-builder/add-keeper.yml
+++ b/compose-builder/add-keeper.yml
@@ -28,8 +28,17 @@ services:
env_file:
- common-non-security.env
environment:
- DATABASE_HOST: edgex-redis
- MESSAGEBUS_HOST: edgex-redis
+ DATABASE_HOST: ${DATABASE_HOST}
+ DATABASE_TYPE: ${DATABASE_TYPE}
+ DATABASE_PORT: ${DATABASE_PORT}
+ MESSAGEBUS_HOST: ${MESSAGEBUS_HOST}
+ MESSAGEBUS_AUTHMODE: ${MESSAGEBUS_AUTHMODE}
+ MESSAGEBUS_PORT: ${MESSAGEBUS_PORT}
+ MESSAGEBUS_PROTOCOL: ${MESSAGEBUS_PROTOCOL}
+ MESSAGEBUS_TYPE: ${MESSAGEBUS_TYPE}
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: ${WRITABLE_INSECURESECRETS_DB_SECRETNAME}
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: ${WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME}
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: ${WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD}
SERVICE_HOST: edgex-core-keeper
security_opt:
- no-new-privileges:true
diff --git a/compose-builder/docker-compose-base-postgres.yml b/compose-builder/docker-compose-base-postgres.yml
new file mode 100644
index 00000000..f4fb9d0f
--- /dev/null
+++ b/compose-builder/docker-compose-base-postgres.yml
@@ -0,0 +1,317 @@
+# /*******************************************************************************
+# * Copyright 2024 IOTech Ltd
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+# * in compliance with the License. You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software distributed under the License
+# * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# * or implied. See the License for the specific language governing permissions and limitations under
+# * the License.
+# *******************************************************************************/
+
+# NOTE: this Docker Compose file does not contain the security services required to run in secure mode
+
+networks:
+ edgex-network:
+ driver: "bridge"
+
+volumes:
+ db-data:
+ kuiper-data:
+ kuiper-etc:
+ kuiper-log:
+ kuiper-plugins:
+
+services:
+ database:
+ image: postgres:${POSTGRES_VERSION}
+ ports:
+ - "127.0.0.1:5432:5432"
+ container_name: edgex-postgres
+ hostname: edgex-postgres
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ environment:
+ POSTGRES_PASSWORD: postgres
+ POSTGRES_DB: edgex_db
+ volumes:
+ - db-data:/data
+ security_opt:
+ - no-new-privileges:true
+ tmpfs:
+ - /run
+
+ core-metadata:
+ image: ${CORE_EDGEX_REPOSITORY}/core-metadata${ARCH}:${CORE_EDGEX_VERSION}
+ command: --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ ports:
+ - "127.0.0.1:59881:59881"
+ container_name: edgex-core-metadata
+ hostname: edgex-core-metadata
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ SERVICE_HOST: edgex-core-metadata
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
+ DATABASE_HOST: edgex-postgres
+ DATABASE_PORT: 5432
+ DATABASE_TYPE: postgres
+ depends_on:
+ - ${REGISTRY_TYPE}
+ - database
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ core-data:
+ image: ${CORE_EDGEX_REPOSITORY}/core-data${ARCH}:${CORE_EDGEX_VERSION}
+ command: --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ ports:
+ - "127.0.0.1:59880:59880"
+ container_name: edgex-core-data
+ hostname: edgex-core-data
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ SERVICE_HOST: edgex-core-data
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
+ DATABASE_HOST: edgex-postgres
+ DATABASE_PORT: 5432
+ DATABASE_TYPE: postgres
+ depends_on:
+ - ${REGISTRY_TYPE}
+ - database
+ - core-common-config-bootstrapper
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ core-command:
+ image: ${CORE_EDGEX_REPOSITORY}/core-command${ARCH}:${CORE_EDGEX_VERSION}
+ command: --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ ports:
+ - "127.0.0.1:59882:59882"
+ container_name: edgex-core-command
+ hostname: edgex-core-command
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ SERVICE_HOST: edgex-core-command
+ EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883
+ depends_on:
+ - ${REGISTRY_TYPE}
+ - database
+ - core-metadata
+ - core-common-config-bootstrapper
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ core-common-config-bootstrapper:
+ image: ${CORE_EDGEX_REPOSITORY}/core-common-config-bootstrapper${ARCH}:${CORE_EDGEX_VERSION}
+ command: /core-common-config-bootstrapper --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ container_name: edgex-core-common-config-bootstrapper
+ hostname: edgex-core-common-config-bootstrapper
+ read_only: true
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ ALL_SERVICES_REGISTRY_HOST: ${REGISTRY_HOST}
+ ALL_SERVICES_REGISTRY_PORT: ${REGISTRY_PORT}
+ ALL_SERVICES_REGISTRY_TYPE: ${REGISTRY_TYPE}
+ ALL_SERVICES_DATABASE_HOST: edgex-postgres
+ ALL_SERVICES_DATABASE_PORT: "5432"
+ ALL_SERVICES_DATABASE_TYPE: postgres
+ ALL_SERVICES_MESSAGEBUS_AUTHMODE: none
+ ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker
+ ALL_SERVICES_MESSAGEBUS_PORT: "1883"
+ ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp
+ ALL_SERVICES_MESSAGEBUS_TYPE: mqtt
+ ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ ALL_SERVICES_WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
+ APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata
+ DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata
+ depends_on:
+ - ${REGISTRY_TYPE}
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ support-notifications:
+ image: ${CORE_EDGEX_REPOSITORY}/support-notifications${ARCH}:${CORE_EDGEX_VERSION}
+ command: --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ ports:
+ - "127.0.0.1:59860:59860"
+ container_name: edgex-support-notifications
+ hostname: edgex-support-notifications
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ SERVICE_HOST: edgex-support-notifications
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
+ DATABASE_HOST: edgex-postgres
+ DATABASE_PORT: 5432
+ DATABASE_TYPE: postgres
+ depends_on:
+ - ${REGISTRY_TYPE}
+ - database
+ - core-common-config-bootstrapper
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ support-cron-scheduler:
+ image: ${CORE_EDGEX_REPOSITORY}/support-cron-scheduler${ARCH}:${CORE_EDGEX_VERSION}
+ command: --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ ports:
+ - "127.0.0.1:59863:59863"
+ container_name: edgex-support-cron-scheduler
+ hostname: edgex-support-cron-scheduler
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ SERVICE_HOST: edgex-support-cron-scheduler
+ DATABASE_HOST: edgex-postgres
+ depends_on:
+ - ${REGISTRY_TYPE}
+ - database
+ - core-common-config-bootstrapper
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ app-rules-engine:
+ image: ${APP_SVC_REPOSITORY}/app-service-configurable${ARCH}:${APP_SERVICE_CONFIG_VERSION}
+ command: --registry ${CP_FLAGS}
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ ports:
+ - "127.0.0.1:59701:59701"
+ container_name: edgex-app-rules-engine
+ hostname: edgex-app-rules-engine
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ env_file:
+ - common-non-security.env
+ environment:
+ EDGEX_PROFILE: rules-engine
+ SERVICE_HOST: edgex-app-rules-engine
+ depends_on:
+ - ${REGISTRY_TYPE}
+ - core-metadata
+ - core-common-config-bootstrapper
+ security_opt:
+ - no-new-privileges:true
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+
+ rules-engine:
+ image: lfedge/ekuiper:${KUIPER_VERSION}
+ user: "kuiper:kuiper"
+ ports:
+ - "127.0.0.1:59720:59720"
+ container_name: edgex-kuiper
+ hostname: edgex-kuiper
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
+ - kuiper-data:/kuiper/data
+ - kuiper-etc:/kuiper/etc
+ - kuiper-log:/kuiper/log
+ - kuiper-plugins:/kuiper/plugins
+ environment:
+# KUIPER__BASIC__DEBUG: "true"
+ KUIPER__BASIC__CONSOLELOG: "true"
+ KUIPER__BASIC__ENABLEOPENZITI: false
+ KUIPER__BASIC__RESTPORT: 59720
+ CONNECTION__EDGEX__MQTTMSGBUS__PORT: 1883
+ CONNECTION__EDGEX__MQTTMSGBUS__PROTOCOL: tcp
+ CONNECTION__EDGEX__MQTTMSGBUS__SERVER: edgex-mqtt-broker
+ CONNECTION__EDGEX__MQTTMSGBUS__TYPE: mqtt
+ EDGEX__DEFAULT__PORT: "1883"
+ EDGEX__DEFAULT__PROTOCOL: tcp
+ EDGEX__DEFAULT__SERVER: edgex-mqtt-broker
+ EDGEX__DEFAULT__TYPE: mqtt
+ EDGEX__DEFAULT__TOPIC: edgex/rules-events
+ depends_on:
+ - database
+ security_opt:
+ - no-new-privileges:true
+
+ ui:
+ image: ${UI_REPOSITORY}/edgex-ui${ARCH}:${EDGEX_UI_VERSION}
+ ports:
+ - "4000:4000"
+ container_name: edgex-ui-go
+ hostname: edgex-ui-go
+ environment:
+ EDGEX_SECURITY_SECRET_STORE: "false"
+ SERVICE_HOST: edgex-ui-go
+ read_only: true
+ restart: always
+ networks:
+ - edgex-network
+ security_opt:
+ - no-new-privileges:true
+ user: "${EDGEX_USER}:${EDGEX_GROUP}"
+ volumes:
+ # use host timezone
+ - /etc/localtime:/etc/localtime:ro
diff --git a/docker-compose-postgres-no-secty-arm64.yml b/docker-compose-postgres-no-secty-arm64.yml
index c9796592..5faa524b 100644
--- a/docker-compose-postgres-no-secty-arm64.yml
+++ b/docker-compose-postgres-no-secty-arm64.yml
@@ -13,7 +13,7 @@ services:
core-metadata:
condition: service_started
required: true
- database:
+ edgex-postgres:
condition: service_started
required: true
keeper:
@@ -140,7 +140,7 @@ services:
- -cp=keeper.http://edgex-core-keeper:59890
container_name: edgex-core-metadata
depends_on:
- database:
+ edgex-postgres:
condition: service_started
required: true
keeper:
@@ -148,8 +148,13 @@ services:
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
SERVICE_HOST: edgex-core-metadata
- DATABASE_HOST: edgex-redis
+ DATABASE_HOST: edgex-postgres
+ DATABASE_TYPE: postgres
+ DATABASE_PORT: "5432"
hostname: edgex-core-metadata
image: nexus3.edgexfoundry.org:10004/core-metadata-arm64:latest
networks:
@@ -172,28 +177,6 @@ services:
read_only: true
bind:
create_host_path: true
- database:
- container_name: edgex-redis
- hostname: edgex-redis
- image: redis:7.0-alpine
- networks:
- edgex-network: null
- ports:
- - mode: ingress
- host_ip: 127.0.0.1
- target: 6379
- published: "6379"
- protocol: tcp
- read_only: true
- restart: always
- security_opt:
- - no-new-privileges:true
- user: root:root
- volumes:
- - type: volume
- source: db-data
- target: /data
- volume: {}
device-virtual:
command:
- -cp=keeper.http://edgex-core-keeper:59890
@@ -326,6 +309,52 @@ services:
source: postgres-data
target: /var/lib/postgresql/data
volume: {}
+ support-notifications:
+ command:
+ - --registry
+ - -cp=keeper.http://edgex-core-keeper:59890
+ container_name: edgex-support-notifications
+ depends_on:
+ core-common-config-bootstrapper:
+ condition: service_started
+ required: true
+ edgex-postgres:
+ condition: service_started
+ required: true
+ keeper:
+ condition: service_started
+ required: true
+ environment:
+ EDGEX_SECURITY_SECRET_STORE: "false"
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
+ SERVICE_HOST: edgex-support-notifications
+ DATABASE_HOST: edgex-postgres
+ DATABASE_TYPE: postgres
+ DATABASE_PORT: "5432"
+ hostname: edgex-support-notifications
+ image: nexus3.edgexfoundry.org:10004/support-notifications-arm64:latest
+ networks:
+ edgex-network: null
+ ports:
+ - mode: ingress
+ host_ip: 127.0.0.1
+ target: 59860
+ published: "59860"
+ protocol: tcp
+ read_only: true
+ restart: always
+ security_opt:
+ - no-new-privileges:true
+ user: 2002:2001
+ volumes:
+ - type: bind
+ source: /etc/localtime
+ target: /etc/localtime
+ read_only: true
+ bind:
+ create_host_path: true
support-cron-scheduler:
command:
- --registry
@@ -350,7 +379,7 @@ services:
DATABASE_HOST: edgex-postgres
DATABASE_TYPE: postgres
DATABASE_PORT: "5432"
- hostname: edgex-core-data
+ hostname: edgex-support-cron-scheduler
image: nexus3.edgexfoundry.org:10004/support-cron-scheduler-arm64:latest
networks:
edgex-network: null
diff --git a/docker-compose-postgres-no-secty.yml b/docker-compose-postgres-no-secty.yml
index 984639d7..abf95d66 100644
--- a/docker-compose-postgres-no-secty.yml
+++ b/docker-compose-postgres-no-secty.yml
@@ -13,7 +13,7 @@ services:
core-metadata:
condition: service_started
required: true
- database:
+ edgex-postgres:
condition: service_started
required: true
keeper:
@@ -140,7 +140,7 @@ services:
- -cp=keeper.http://edgex-core-keeper:59890
container_name: edgex-core-metadata
depends_on:
- database:
+ edgex-postgres:
condition: service_started
required: true
keeper:
@@ -148,8 +148,13 @@ services:
required: true
environment:
EDGEX_SECURITY_SECRET_STORE: "false"
+ WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
+ WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
SERVICE_HOST: edgex-core-metadata
- DATABASE_HOST: edgex-redis
+ DATABASE_HOST: edgex-postgres
+ DATABASE_TYPE: postgres
+ DATABASE_PORT: "5432"
hostname: edgex-core-metadata
image: nexus3.edgexfoundry.org:10004/core-metadata:latest
networks:
@@ -172,28 +177,6 @@ services:
read_only: true
bind:
create_host_path: true
- database:
- container_name: edgex-redis
- hostname: edgex-redis
- image: redis:7.0-alpine
- networks:
- edgex-network: null
- ports:
- - mode: ingress
- host_ip: 127.0.0.1
- target: 6379
- published: "6379"
- protocol: tcp
- read_only: true
- restart: always
- security_opt:
- - no-new-privileges:true
- user: root:root
- volumes:
- - type: volume
- source: db-data
- target: /data
- volume: {}
device-virtual:
command:
- -cp=keeper.http://edgex-core-keeper:59890
@@ -326,11 +309,11 @@ services:
source: postgres-data
target: /var/lib/postgresql/data
volume: { }
- support-cron-scheduler:
+ support-notifications:
command:
- --registry
- -cp=keeper.http://edgex-core-keeper:59890
- container_name: edgex-support-cron-scheduler
+ container_name: edgex-support-notifications
depends_on:
core-common-config-bootstrapper:
condition: service_started
@@ -346,11 +329,52 @@ services:
WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres
WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres
WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres
- SERVICE_HOST: edgex-support-cron-scheduler
+ SERVICE_HOST: edgex-support-notifications
DATABASE_HOST: edgex-postgres
DATABASE_TYPE: postgres
DATABASE_PORT: "5432"
- hostname: edgex-core-data
+ hostname: edgex-support-notifications
+ image: nexus3.edgexfoundry.org:10004/support-notifications:latest
+ networks:
+ edgex-network: null
+ ports:
+ - mode: ingress
+ host_ip: 127.0.0.1
+ target: 59860
+ published: "59860"
+ protocol: tcp
+ read_only: true
+ restart: always
+ security_opt:
+ - no-new-privileges:true
+ user: 2002:2001
+ volumes:
+ - type: bind
+ source: /etc/localtime
+ target: /etc/localtime
+ read_only: true
+ bind:
+ create_host_path: true
+ support-cron-scheduler:
+ command:
+ - --registry
+ - -cp=keeper.http://edgex-core-keeper:59890
+ container_name: edgex-support-cron-scheduler
+ depends_on:
+ core-common-config-bootstrapper:
+ condition: service_started
+ required: true
+ edgex-postgres:
+ condition: service_started
+ required: true
+ keeper:
+ condition: service_started
+ required: true
+ environment:
+ EDGEX_SECURITY_SECRET_STORE: "false"
+ SERVICE_HOST: edgex-support-cron-scheduler
+ DATABASE_HOST: edgex-postgres
+ hostname: edgex-support-cron-scheduler
image: nexus3.edgexfoundry.org:10004/support-cron-scheduler:latest
networks:
edgex-network: null