diff --git a/README.md b/README.md index 489ea137..494e936d 100644 --- a/README.md +++ b/README.md @@ -126,3 +126,15 @@ The compose files under the `taf` subfolder are used for the automated TAF tests - **docker-compose-portainer.yml** Stand-alone compose file for running Portainer which is a Docker container management tool. Visit here https://www.portainer.io/ for more details on Portianer. Use `make portainer`and `make portainer-down` to start and stop Portainer. + +### Use PostgreSQL as the persistence layer in EdgeX +- **docker-compose-postgres-no-secty.yml** Contains just the services needed to run in non-secure configuration. Includes Postgres, Redis, Device Virtual and MQTT Broker services using a mix of Postgres and Redis as the databases and MQTT as the message bus. +- **docker-compose-postgres-no-secty-arm64.yml** Contains just the services needed to run in non-secure configuration on `ARM64` system. Includes Postgres, Redis, Device Virtual and MQTT Broker services using a mix of Postgres and Redis as the databases and MQTT as the message bus. + +> **Note:** Only **Core Data** supports Postgres as the database in EdgeX. More EdgeX services will support Postgres once the development work is done. + + **Start the EdgeX Services using Postgres and Redis as the databases** + + - Use `docker compose -f docker-compose-postgres-no-secty.yml up -d` to start the services using this compose file. + - Use `docker compose -f docker-compose-postgres-no-secty.yml down` to stop the services. + - Replace **docker-compose-postgres-no-secty.yml** with **docker-compose-postgres-no-secty-arm64.yml** in the above commands on `ARM64` system. diff --git a/docker-compose-postgres-no-secty-arm64.yml b/docker-compose-postgres-no-secty-arm64.yml new file mode 100644 index 00000000..8a40e870 --- /dev/null +++ b/docker-compose-postgres-no-secty-arm64.yml @@ -0,0 +1,318 @@ +# Generated with: Docker Compose version v2.27.1 +name: edgex +services: + core-command: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-command + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883 + SERVICE_HOST: edgex-core-command + hostname: edgex-core-command + image: nexus3.edgexfoundry.org:10004/core-command-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59882 + published: "59882" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-common-config-bootstrapper: + command: + - /core-common-config-bootstrapper + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-common-config-bootstrapper + depends_on: + keeper: + condition: service_started + required: true + environment: + ALL_SERVICES_DATABASE_HOST: edgex-redis + ALL_SERVICES_MESSAGEBUS_AUTHMODE: none + ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker + ALL_SERVICES_MESSAGEBUS_PORT: "1883" + ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp + ALL_SERVICES_MESSAGEBUS_TYPE: mqtt + ALL_SERVICES_REGISTRY_HOST: edgex-core-keeper + ALL_SERVICES_REGISTRY_PORT: "59890" + ALL_SERVICES_REGISTRY_TYPE: keeper + APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + EDGEX_SECURITY_SECRET_STORE: "false" + hostname: edgex-core-common-config-bootstrapper + image: nexus3.edgexfoundry.org:10004/core-common-config-bootstrapper-arm64:latest + networks: + edgex-network: null + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-data: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-data + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + edgex-postgres: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + SERVICE_HOST: edgex-core-data + DATABASE_HOST: edgex-postgres + DATABASE_TYPE: postgres + DATABASE_PORT: "5432" + hostname: edgex-core-data + image: nexus3.edgexfoundry.org:10004/core-data-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59880 + published: "59880" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-metadata: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-metadata + depends_on: + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-core-metadata + hostname: edgex-core-metadata + image: nexus3.edgexfoundry.org:10004/core-metadata-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59881 + published: "59881" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + database: + container_name: edgex-redis + hostname: edgex-redis + image: redis:7.0-alpine + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 6379 + published: "6379" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: volume + source: db-data + target: /data + volume: {} + device-virtual: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + container_name: edgex-device-virtual + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-virtual + hostname: edgex-device-virtual + image: nexus3.edgexfoundry.org:10004/device-virtual-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59900 + published: "59900" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + keeper: + container_name: edgex-core-keeper + environment: + DATABASE_HOST: edgex-redis + EDGEX_SECURITY_SECRET_STORE: "false" + MESSAGEBUS_HOST: edgex-redis + SERVICE_HOST: edgex-core-keeper + hostname: edgex-core-keeper + image: nexus3.edgexfoundry.org:10004/core-keeper-arm64:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59890 + published: "59890" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + mqtt-broker: + command: + - /usr/sbin/mosquitto + - -c + - /mosquitto-no-auth.conf + container_name: edgex-mqtt-broker + hostname: edgex-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1883" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + edgex-postgres: + container_name: edgex-postgres + environment: + POSTGRES_PASSWORD: postgres + POSTGRES_DB: edgex_db + hostname: postgres + image: postgres:16.3-alpine3.20 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 5432 + published: "5432" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + volumes: + - type: volume + source: postgres-data + target: /var/lib/postgresql/data + volume: {} +networks: + edgex-network: + name: edgex_edgex-network + driver: bridge +volumes: + db-data: + name: edgex_db-data + postgres-data: + name: edgex_postgres-data diff --git a/docker-compose-postgres-no-secty.yml b/docker-compose-postgres-no-secty.yml new file mode 100644 index 00000000..18784e71 --- /dev/null +++ b/docker-compose-postgres-no-secty.yml @@ -0,0 +1,318 @@ +# Generated with: Docker Compose version v2.27.1 +name: edgex +services: + core-command: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-command + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + EXTERNALMQTT_URL: tcp://edgex-mqtt-broker:1883 + SERVICE_HOST: edgex-core-command + hostname: edgex-core-command + image: nexus3.edgexfoundry.org:10004/core-command:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59882 + published: "59882" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-common-config-bootstrapper: + command: + - /core-common-config-bootstrapper + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-common-config-bootstrapper + depends_on: + keeper: + condition: service_started + required: true + environment: + ALL_SERVICES_DATABASE_HOST: edgex-redis + ALL_SERVICES_MESSAGEBUS_AUTHMODE: none + ALL_SERVICES_MESSAGEBUS_HOST: edgex-mqtt-broker + ALL_SERVICES_MESSAGEBUS_PORT: "1883" + ALL_SERVICES_MESSAGEBUS_PROTOCOL: tcp + ALL_SERVICES_MESSAGEBUS_TYPE: mqtt + ALL_SERVICES_REGISTRY_HOST: edgex-core-keeper + ALL_SERVICES_REGISTRY_PORT: "59890" + ALL_SERVICES_REGISTRY_TYPE: keeper + APP_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + DEVICE_SERVICES_CLIENTS_CORE_METADATA_HOST: edgex-core-metadata + EDGEX_SECURITY_SECRET_STORE: "false" + hostname: edgex-core-common-config-bootstrapper + image: nexus3.edgexfoundry.org:10004/core-common-config-bootstrapper:latest + networks: + edgex-network: null + read_only: true + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-data: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-data + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + edgex-postgres: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + WRITABLE_INSECURESECRETS_DB_SECRETNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_USERNAME: postgres + WRITABLE_INSECURESECRETS_DB_SECRETDATA_PASSWORD: postgres + SERVICE_HOST: edgex-core-data + DATABASE_HOST: edgex-postgres + DATABASE_TYPE: postgres + DATABASE_PORT: "5432" + hostname: edgex-core-data + image: nexus3.edgexfoundry.org:10004/core-data:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59880 + published: "59880" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + core-metadata: + command: + - --registry + - -cp=keeper.http://edgex-core-keeper:59890 + container_name: edgex-core-metadata + depends_on: + database: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-core-metadata + hostname: edgex-core-metadata + image: nexus3.edgexfoundry.org:10004/core-metadata:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59881 + published: "59881" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + database: + container_name: edgex-redis + hostname: edgex-redis + image: redis:7.0-alpine + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 6379 + published: "6379" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: root:root + volumes: + - type: volume + source: db-data + target: /data + volume: {} + device-virtual: + command: + - -cp=keeper.http://edgex-core-keeper:59890 + - --registry + container_name: edgex-device-virtual + depends_on: + core-common-config-bootstrapper: + condition: service_started + required: true + core-data: + condition: service_started + required: true + core-metadata: + condition: service_started + required: true + keeper: + condition: service_started + required: true + environment: + EDGEX_SECURITY_SECRET_STORE: "false" + SERVICE_HOST: edgex-device-virtual + hostname: edgex-device-virtual + image: nexus3.edgexfoundry.org:10004/device-virtual:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59900 + published: "59900" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + keeper: + container_name: edgex-core-keeper + environment: + DATABASE_HOST: edgex-redis + EDGEX_SECURITY_SECRET_STORE: "false" + MESSAGEBUS_HOST: edgex-redis + SERVICE_HOST: edgex-core-keeper + hostname: edgex-core-keeper + image: nexus3.edgexfoundry.org:10004/core-keeper:latest + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 59890 + published: "59890" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + create_host_path: true + mqtt-broker: + command: + - /usr/sbin/mosquitto + - -c + - /mosquitto-no-auth.conf + container_name: edgex-mqtt-broker + hostname: edgex-mqtt-broker + image: eclipse-mosquitto:2.0 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 1883 + published: "1883" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + user: 2002:2001 + edgex-postgres: + container_name: edgex-postgres + environment: + POSTGRES_PASSWORD: postgres + POSTGRES_DB: edgex_db + hostname: postgres + image: postgres:16.3-alpine3.20 + networks: + edgex-network: null + ports: + - mode: ingress + host_ip: 127.0.0.1 + target: 5432 + published: "5432" + protocol: tcp + read_only: true + restart: always + security_opt: + - no-new-privileges:true + tmpfs: + - /run + volumes: + - type: volume + source: postgres-data + target: /var/lib/postgresql/data + volume: { } +networks: + edgex-network: + name: edgex_edgex-network + driver: bridge +volumes: + db-data: + name: edgex_db-data + postgres-data: + name: edgex_postgres-data