-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathdocker-compose.example.yaml
103 lines (92 loc) · 3.45 KB
/
docker-compose.example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# Copyright 2022 Nikita Petko <petko@vmminfra.net>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A simple docker-compose script to run a node of containers
version: '2.1'
services:
# App contains an instance of each proxy service
app:
build: .
volumes:
# Uncomment the following line to mount CORs and Hardocoded Response rules.
# rules to the container.
# - ./cors-rules.yml:/app/cors-rules.yml
# - ./hardcoded-response-rules.yml:/app/hardcoded-response-rules.yml
- ./.env:/app/.env
- ./logs:/app/logs
networks:
- rbx-proxy-private-subnet
environment:
- BIND_ADDRESS_IPV4=0.0.0.0
- ENABLE_TLS_SERVER=false
- INSECURE_PORT=8080
- DISABLE_IPV6=true
# On deploy we will start 5 instances of the app
deploy:
mode: replicated
replicas: 5
# lb contains a service that will load balance the app instances
# and expose them on port 80 and 443
lb:
depends_on:
- app
image: nginx
volumes:
- ./nginx/nginx.example.conf:/etc/nginx/nginx.conf
- ./ssl/roblox-platform.crt:/etc/nginx/server.crt
- ./ssl/roblox-platform.unencrypted.key:/etc/nginx/server.key
- ./ssl/global-ca.crt:/etc/nginx/ca.crt
links:
- app:test
networks:
rbx-proxy-public-subnet:
# With the way MacVLAN and IPVLAN works, we need to specify the IP
# address of the interface that the load balancer will be using.
# You need to make sure that on your host, the IP address is not
# already in use.
ipv4_address: 172.16.0.2
# Uncomment the following line if you want to use an IPv6 address
# ipv6_address: 2001:db8:1::3
rbx-proxy-private-subnet:
networks:
# The following network exposes the load balancer to the public
# and is used to route traffic to the app instances.
# By "public" we mean that the load balancer will be accessible
# from the host machine.
rbx-proxy-public-subnet:
driver: macvlan
# Uncomment the following line if you want to use an IPv6 addressess
# use_ipv6: true
ipam:
config:
# You can configure your host network subnet here.
# This is an example if your network is 172.16.0.0/24
- subnet: 172.16.0.0/24
gateway: 172.16.0.1
# Uncomment the following line if you want to use an IPv6 address
# - subnet: 2001:db8:1::/64
# gateway: 2001:db8:1::1
options:
# You can configure your host network interface here.
parent: eth0
# The following network is only used internally by the load balancer
# and the app instances.
rbx-proxy-private-subnet:
ipam:
config:
# Ideally you can configure whatever subnet you want here.
# You will have to update the nginx.conf file to match the subnet
# as for some reason it can only get DNS for the cluster and first
# node of the cluster.
- subnet: 172.16.1.0/24
gateway: 172.16.1.1