amirmoghi3
/
ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

devops

master
Amir Hossein Moghiseh 2022-01-21 00:40:30 +03:30
parent 023e8b8652
commit 693a48e2b4
40 changed files with 1941 additions and 301 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored
View File

Binary file not shown.

1
.gitignore vendored 100644
View File

@ -0,0 +1 @@
.DS_*

44
config/sites-available/base.conf
View File

@ -31,11 +31,12 @@ server{
listen 443 ssl http2; # managed by Certbot listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/demo.igarson.app/fullchain.pem; # managed by Certbot ssl_certificate /etc/letsencrypt/live/igarson.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/demo.igarson.app/privkey.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/igarson.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
} }
server{ server{
@ -243,3 +244,42 @@ server{
} }
server{
server_name champions.of.galaxy.igarson.app;
access_log /var/log/nginx/ig/access.champions.of.galaxy.igarson.app.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:9000;
proxy_read_timeout 90;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/champions.of.galaxy.igarson.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/champions.of.galaxy.igarson.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
if ($host = champions.of.galaxy.igarson.app) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name champions.of.galaxy.igarson.app;
listen 80;
return 404; # managed by Certbot
}

1
config/sites-available/igarson.conf
View File

@ -1,3 +1,4 @@
include /etc/nginx/sites-available/base.conf; include /etc/nginx/sites-available/base.conf;
include /etc/nginx/sites-available/apps.conf; include /etc/nginx/sites-available/apps.conf;
include /etc/nginx/sites-available/games.conf; include /etc/nginx/sites-available/games.conf;
include /etc/nginx/sites-available/watcher.conf;

96
config/sites-available/watcher.conf 100644
View File

@ -0,0 +1,96 @@
server{
server_name prometheus.watcher.igarson.app;
access_log /var/log/nginx/ig/access.prometheus.watcher.igarson.app.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:9090;
proxy_read_timeout 90;
proxy_redirect off;
proxy_http_version 1.1;
}
listen 80;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/prometheus.watcher.igarson.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/prometheus.watcher.igarson.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
server_name alertmanager.watcher.igarson.app;
access_log /var/log/nginx/ig/access.alertmanager.watcher.igarson.app.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:9093;
proxy_read_timeout 90;
proxy_redirect off;
proxy_http_version 1.1;
}
listen 80;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/alertmanager.watcher.igarson.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/alertmanager.watcher.igarson.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
server_name unsee.watcher.igarson.app;
access_log /var/log/nginx/ig/access.unsee.watcher.igarson.app.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:9094;
proxy_read_timeout 90;
proxy_redirect off;
proxy_http_version 1.1;
}
listen 80;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/unsee.watcher.igarson.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/unsee.watcher.igarson.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
server_name grafana.watcher.igarson.app;
access_log /var/log/nginx/ig/access.grafana.watcher.igarson.app.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:3000;
proxy_read_timeout 90;
proxy_redirect off;
proxy_http_version 1.1;
}
listen 80;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/grafana.watcher.igarson.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/grafana.watcher.igarson.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

12
passwords
View File

@ -1,21 +1,19 @@
#mongo #mongo
MONGODB_IG_PASSWORD = jdZwyec3Yb0yaBr8BP+Joup1l/fovAbGT342I2pX8w+X+FqwCeLGvhXBLiL4vmhM MONGO_HOST=mongoprimary
MONGODB_IG_USER=API
MONGODB_IG_PASSWORD=QBtYse6FYRsM89AS0xGYKCfl7LrO40sbu7n1NU+xLbfoEnoLqmJ3zOG3m2RFOwLb
MONGODB_ADVERTISED_HOSTNAME=mongoprimary MONGODB_ADVERTISED_HOSTNAME=mongoprimary
MONGODB_REPLICA_SET_MODE=primary MONGODB_REPLICA_SET_MODE=primary
MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz
#pg #pg
POSTGRESQL_USERNAME=igarsonAgent REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6 POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
POSTGRESQL_DATABASE=igarsonDB
POSTGRESQL_REPLICATION_MODE=master
POSTGRESQL_REPLICATION_USER=pgreplicator
POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
#rabbit #rabbit
RABBITMQ_HOST=rabbitmq
RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
RABBITMQ_USERNAME=igarsonAgent RABBITMQ_USERNAME=igarsonAgent
#redis #redis
REDIS_REPLICATION_MODE=slave
REDIS_MASTER_HOST=redismaster REDIS_MASTER_HOST=redismaster
REDIS_MASTER_PORT_NUMBER=6379 REDIS_MASTER_PORT_NUMBER=6379
REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ== REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==

57
playbooks/server/addDomainAndEncrypt.yml
View File

@ -2,31 +2,46 @@
- name: letsencrypt - name: letsencrypt
hosts: supermaster hosts: supermaster
become: yes become: yes
vars_files:
- var/domains.yml
tasks: tasks:
# - name: add domain to nginx with j2 block - name: add domain to nginx with j2 block
# template: template:
# src: template/nginx-server-block.j2 src: template/nginx-server-block.j2
# dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf
# with_items: with_items:
# - "{{ newDomains }}" - server_name: mail.igarson.app
server_config: ""
service_port: 9999
conf_file: base.conf
- name: append /tmp/new-nginx-server-block.conf to specific conf
shell: |
cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}
rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf
with_items:
- server_name: mail.igarson.app
server_config: ""
service_port: 9999
conf_file: base.conf
# - name: append /tmp/new-nginx-server-block.conf to specific conf
# shell: |
# cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}
# rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf
# with_items:
# - "{{ newDomains }}"
- name: encrypt all domains - name: encrypt all domains
expect: shell: |
command: certbot --nginx -d "{{ item.server_name }}" certbot --nginx -d {{item.server_name}} -n --redirect
responses:
Question:
- 2
- 2
with_items: with_items:
- "{{ newDomains }}" - server_name: mail.igarson.app
server_config: ""
service_port: 9999
conf_file: base.conf
- name: Reload nginx to activate specified site
service: name=nginx state=restarted
- name: cron job for renew certificates
cron:
name: renew_certificates
special_time: weekly
job: certbot renew --post-hook "systemctl reload nginx"

69
playbooks/server/build.yml
View File

@ -1,6 +1,6 @@
--- ---
- name: server initial command - name: server initial command
hosts: 'all' hosts: 'new'
become: yes become: yes
become_method: sudo become_method: sudo
become_user: root become_user: root
@ -13,48 +13,20 @@
dest: /etc/hosts dest: /etc/hosts
mode: '0644' mode: '0644'
- name: set shecan dns
copy:
src: ../dns/resolv.conf
dest: /etc/resolv.conf
owner: root
group: root
mode: u=rwx,g=rwx,o=rwx
- name: disable ufw - name: disable ufw
shell: ufw disable shell: ufw disable
- name: disable swap - name: disable swap
shell: swapoff -a shell: swapoff -a
### sudo ufw allow 2376/tcp && sudo ufw allow 7946/udp && sudo ufw allow 7946/tcp && sudo ufw allow 80/tcp && sudo ufw allow 2377/tcp && sudo ufw allow 4789/udp
- name: flush iptables
shell: |
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
- name: iptables for masters
when: inventory_hostname in groups['masters']
shell: |
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -p tcp --dport 53 -j ACCEPT
iptables -I INPUT -p tcp --dport 2376 -j ACCEPT
iptables -I INPUT -p tcp --dport 7946 -j ACCEPT
iptables -I INPUT -p udp --dport 7946 -j ACCEPT
iptables -I INPUT -p tcp --dport 2377 -j ACCEPT
iptables -I INPUT -p udp --dport 4789 -j ACCEPT
iptables -I INPUT -p tcp --dport 25196 -j ACCEPT
iptables-save >> /etc/iptables.rules.v4
- name: iptables for workers
when: inventory_hostname in groups['workers']
shell: |
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 25196 -j ACCEPT
iptables-save >> /etc/iptables.rules.v4
- name: sid swap off in fstab - name: sid swap off in fstab
shell: sed -i '/swap/d' /etc/fstab shell: sed -i '/swap/d' /etc/fstab
@ -64,6 +36,11 @@
- name: apt-get update - name: apt-get update
apt: update_cache=yes force_apt_get=yes cache_valid_time=3600 apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
- name: add docker key and add docker repo
shell: |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
- name: installing docker dependencies - name: installing docker dependencies
apt: apt:
@ -77,11 +54,6 @@
- lsb-release - lsb-release
- name: add docker key and add docker repo
shell: |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
- name: installing docker-ce and docker-ce-cli and - name: installing docker-ce and docker-ce-cli and
apt: apt:
@ -103,8 +75,6 @@
- docker - docker
- containerd - containerd
- name: create the docker user account - name: create the docker user account
user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
@ -152,16 +122,17 @@
become: dockerman become: dockerman
shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }} shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}
- name: reboot
shell: reboot
ignore_errors: yes
- name: add enviroments to all servers - name: add enviroments to all servers
shell: | shell: |
echo "export ADMIN_USER=nerdguy" >> /etc/environment echo "export ADMIN_USER=nerdguy" >> /etc/environment
echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment
- name: reboot
shell: reboot
ignore_errors: yes

15
playbooks/server/fetchimportant.yml 100644
View File

@ -0,0 +1,15 @@
---
- name: fetch important folder and files
hosts: supermaster
become: true
vars_files:
- "var/nginx.yml"
tasks:
- name: fetch nginx site-available
fetch:
src: /etc/nginx/sites-available/{{ item }}
dest: ../../config/sites-available/{{item}}
flat: yes
with_items:
- "{{ nginx_confs }}"
- name: backup from /volume

12
playbooks/server/hosts
View File

@ -10,10 +10,10 @@ ff02::3 ip6-allhosts
87.107.132.77 masterold 87.107.132.77 masterold
87.107.132.78 workerold 87.107.132.78 workerold
192.168.1.6 master1local 192.168.1.6 master1
192.168.1.73 worker1local 192.168.1.73 worker1
192.168.1.254 worker2local 192.168.1.254 worker2
192.168.1.254 worker3
31.7.74.79 master1ip
31.7.74.79 master1
31.7.74.118 worker1
31.7.74.96 worker2

5
playbooks/server/supermaster.yml
View File

@ -62,11 +62,6 @@
- name: exportfs - name: exportfs
shell: exportfs -a shell: exportfs -a
- name: set iptables for clients ip for nfs
shell: |
iptables -A INPUT -s "{{ item.local }}"/32 -p tcp -m tcp --dport 2049 -j ACCEPT
with_items:
- "{{ clients }}"
- name: create overlay network - name: create overlay network
shell: | shell: |

6
playbooks/server/var/domains.yml
View File

@ -16,4 +16,8 @@ domains:
- demo.igarson.app - demo.igarson.app
- terrace.kermanshah.igarson.app - terrace.kermanshah.igarson.app
- champions.of.galaxy.igarson.app - champions.of.galaxy.igarson.app
newDomains:
- server_name: champions.of.galaxy.igarson.app
server_config: null
service_port: 9000
conf_file: base.conf

7
playbooks/server/var/nginx.yml 100644
View File

@ -0,0 +1,7 @@
---
nginx_confs:
- apps.conf
- base.conf
- games.conf
- igarson.conf
- watcher.conf

4
playbooks/server/var/swarm.yml
View File

@ -1,3 +1,3 @@
--- ---
manager_token: SWMTKN-1-2qwry99zn95r9ehs30mnyu6b526ccdwlk21ciwri15zjrwbmoj-8z1x15gas5ujyk860zvdbmdnk manager_token: SWMTKN-1-2lc4v06finh32fod6hm675cmfdjgo4eytnmwgyds9vwm0uu2ap-a6tlk6qvbep2q27amo37vzsfo
worker_token: SWMTKN-1-2qwry99zn95r9ehs30mnyu6b526ccdwlk21ciwri15zjrwbmoj-b0sesv6f6kntbfekxq0vf44os worker_token: SWMTKN-1-2lc4v06finh32fod6hm675cmfdjgo4eytnmwgyds9vwm0uu2ap-8tcf02zncgup3vsn0rmoys3jg

20
playbooks/server/workers.yml
View File

@ -1,12 +1,30 @@
--- ---
- name: configure worker for docker swarm - name: configure worker for docker swarm
become: yes become: yes
hosts: workers hosts: new
# add var file # add var file
vars_files: vars_files:
- "var/swarm.yml" - "var/swarm.yml"
- "var/hosts.yml" - "var/hosts.yml"
- "var/registry.yml"
tasks: tasks:
- name: nfs common
when: inventory_hostname in groups['workers']
apt:
name: nfs-common
state: present
update_cache: yes
- name: login docker
become: yes
become_user: dockerman
shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}
- name: add enviroments to all servers
shell: |
echo "export ADMIN_USER=nerdguy" >> /etc/environment
echo "export ADMIN_PASSWORD=RbBmIu1LCgIqKcMmopc1Ie21+1OKsX1ktNCAeiViNIb6HAKkzjJ+GhZlLysItwgm" >> /etc/environment
- name: join node in swarm as worker - name: join node in swarm as worker
shell: docker swarm join --token {{ worker_token }} {{ item.local }}:2377 shell: docker swarm join --token {{ worker_token }} {{ item.local }}:2377
with_items: with_items:

11
port-range
View File

@ -16,4 +16,15 @@
8013 capitan.igarson.app 8013 capitan.igarson.app
8014 igarson.app 8014 igarson.app
6732 guardians.of.galaxy.igarson.app ==> must change 8015 6732 guardians.of.galaxy.igarson.app ==> must change 8015
8016 yaus.ir
} }
9000-x + {3000} = monitoring
{
3000 grafana
9090 promateus
9093 alertmanager
9094 unsee
}
mailbox 9999

36
stack.test.yml 100644
View File

@ -0,0 +1,36 @@
version: "3.7"
networks:
mother:
external: true
services:
core:
image: registry.vnfco.ir/ig/api:0.4.4
environment:
- SPRING_ACTIVE_PROFILE=prod
volumes:
- /Users/amirmoghi3/application-prod.properties:/target/classes/application-prod.properties
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
window: 120s
resources:
limits:
cpus: '0.75'
memory: 400m
replicas: 1
mode: replicated
entrypoint: [ "java" ,"-jar","IGAPI.jar" , "--spring.config.location=/target/classes/application-prod.properties"]
ports:
- "8011:8080"
networks:
- mother

98
stackDev/mongo/stack.yml 100644
View File

@ -0,0 +1,98 @@
version: "3.7"
networks:
mother:
external: true
volumes:
mongoprimary-data:
mongosecondary-data:
services:
mongoprimary:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
volumes:
- mongoprimary-data:/bitnami/mongodb
environment:
- MONGODB_REPLICA_SET_MODE=primary
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongoprimary
- MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
replicas: 1
mode: replicated
ports:
- "27011:27017"
networks:
- mother
mongosecondary:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
environment:
- MONGODB_REPLICA_SET_MODE=secondary
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongosecondary
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
volumes:
- mongosecondary-data:/bitnami/mongodb
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
mode: replicated
replicas: 1
ports:
- "27012:27017"
networks:
- mother
mongoarbiter:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
environment:
- MONGODB_REPLICA_SET_MODE=arbiter
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongoarbiter
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
mode: replicated
replicas: 1
networks:
- mother

130
stackDev/pg/stack.yml 100644
View File

@ -0,0 +1,130 @@
version: "3.7"
networks:
mother:
external: true
volumes:
db-1-data:
db-0-data:
services:
pg-0:
image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
environment:
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-0
- REPMGR_NODE_NETWORK_NAME=pg-0
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
volumes:
- db-0-data:/bitnami/postgresql
ports:
- "5432:5432"
networks:
- mother
deploy:
update_config:
parallelism: 1
delay: 10s
order: stop-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
pg-1:
image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
environment:
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-1
- REPMGR_NODE_NETWORK_NAME=pg-1
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
volumes:
- db-1-data:/bitnami/postgresql
ports:
- "5433:5432"
networks:
- mother
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
# pgmaster:
# image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
# volumes:
# - '/volume/pg:/bitnami/postgresql'
# environment:
# - POSTGRESQL_USERNAME=igarsonAgent
# - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
# - POSTGRESQL_DATABASE=igarsonDB
# - POSTGRESQL_REPLICATION_MODE=master
# - POSTGRESQL_REPLICATION_USER=pgreplicator
# - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# resources:
# limits:
# cpus: '1'
# memory: 300M
# replicas: 1
# mode: replicated
# placement:
# constraints:
# - node.role == worker
# ports:
# - "5432:5432"
# networks:
# - mother
# pgslave:
# image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
# environment:
# - POSTGRESQL_REPLICATION_MODE=slave
# - POSTGRESQL_REPLICATION_USER=pgreplicator
# - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
# - POSTGRESQL_MASTER_HOST=pgmaster
# - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
# - POSTGRESQL_MASTER_PORT_NUMBER=5432
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# resources:
# limits:
# cpus: '0.7'
# memory: 300M
# mode: replicated
# replicas: 1
# placement:
# constraints:
# - node.role == worker
# ports:
# - "5433:5432"
# networks:
# - mother

33
stackDev/rabbitmq/stack.yml 100644
View File

@ -0,0 +1,33 @@
version: "3.7"
networks:
mother:
external: true
volumes:
rabbit-data:
services:
rabbitmq:
image: registry.vnfco.ir/library/bitnami/rabbitmq:latest
ports:
- '5672'
environment:
- RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
- RABBITMQ_USERNAME=igarsonAgent
volumes:
- rabbit-data:/bitnami
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
window: 120s
replicas: 1
mode: replicated
networks:
- mother

102
stackDev/redis/stack.yml 100644
View File

@ -0,0 +1,102 @@
version: "3.7"
networks:
mother:
external: true
volumes:
redis-data:
services:
redismaster:
image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
ports:
- '6969:6379'
environment:
- REDIS_REPLICATION_MODE=master
- REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_AOF_ENABLED=no
volumes:
- redis-data:/bitnami
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
replicas: 1
mode: replicated
networks:
- mother
healthcheck:
test: ["CMD-SHELL", "redis-cli ping"]
interval: 5s
timeout: 2s
retries: 3
start_period: 10s
redisreplica:
image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
ports:
- '6970:6379'
environment:
- REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_HOST=redismaster
- REDIS_MASTER_PORT_NUMBER=6379
- REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_AOF_ENABLED=no
- REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
replicas: 1
mode: replicated
networks:
- mother
healthcheck:
test: ["CMD-SHELL", "redis-cli ping"]
interval: 5s
timeout: 2s
retries: 3
start_period: 10s
redissentinel:
image: registry.vnfco.ir/library/bitnami/redis-sentinel:5.0.14-debian-10-r87
ports:
- '26379:26379'
environment:
- REDIS_SENTINEL_PASSWORD=wgi4KDgvFXLIeB1aiYYYFgMJtOfEI/uGoBv4JrPnhvzdgJCvQidapI3TE/LpheUYwn4T8nmacbkoBasy4+vTNSGgfbntvskXV4LUUp/iByz+Ao61J2Bl9bVC7Tl29TXq5LGEQN4LyPMmLSthYOmFajSNcCEP0xIG
- REDIS_MASTER_HOST=redismaster
- REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=2000
- REDIS_SENTINEL_FAILOVER_TIMEOUT=10000
- REDIS_SENTINEL_QUORUM=1
- REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
window: 120s
mode: global
networks:
- mother

2
stacks/lvl1/swarmprom/docker-compose.yml
View File

@ -164,7 +164,7 @@ services:
- node.role == manager - node.role == manager
resources: resources:
limits: limits:
memory: 512M memory: 1G
reservations: reservations:
memory: 128M memory: 128M

123
stacks/lvl2/mongo/stack.yml
View File

@ -5,18 +5,17 @@ networks:
external: true external: true
services: services:
mongoprimary: mongoprimary:
image: registry.vnfco.ir/library/bitnami/mongodb:5.0-debian-10 image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
volumes: volumes:
- /volume/mongo/primary:/data/db - /volume/mongo/primary:/bitnami/mongodb
environment: environment:
- MONGODB_ADVERTISED_HOSTNAME=mongoprimary
- MONGODB_REPLICA_SET_MODE=primary - MONGODB_REPLICA_SET_MODE=primary
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongoprimary
- MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l - MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
deploy: deploy:
update_config: update_config:
parallelism: 1 parallelism: 1
@ -29,57 +28,79 @@ services:
window: 120s window: 120s
resources: resources:
limits: limits:
cpus: '0.25' cpus: '0.5'
memory: 300M memory: 350M
replicas: 1 replicas: 1
mode: replicated mode: replicated
placement: placement:
constraints: constraints:
- node.labels.mongo.replica == 1 - node.role == worker
networks: ports:
- mother
mongosecondary:
image: registry.vnfco.ir/library/bitnami/mongodb:5.0-debian-10
environment:
- MONGODB_REPLICA_SET_MODE=secondary
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
resources:
limits:
cpus: '0.25'
memory: 300M
mode: replicated
replicas: 1
placement:
constraints:
- node.labels.mongo.replica == 2
port:
- "27011:27017" - "27011:27017"
networks: networks:
- mother - mother
healthcheck:
test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
mongoarbiter:
image: registry.vnfco.ir/library/bitnami/mongodb:5.0-debian-10 mongosecondary:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
environment: environment:
- MONGODB_REPLICA_SET_MODE=arbiter - MONGODB_REPLICA_SET_MODE=secondary
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongosecondary
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary - MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017 - MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=gp39MND7udY6bt9V3h9u+dhxToop4WZTZ2Umn810snSYurlSIPqs/oy0YfjftsBz - MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
volumes:
- /volume/mongo/secondary:/bitnami/mongodb
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
resources:
limits:
cpus: '0.25'
memory: 350M
mode: replicated
replicas: 1
placement:
constraints:
- node.role == worker
ports:
- "27012:27017"
networks:
- mother
healthcheck:
test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
mongoarbiter:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
environment:
- MONGODB_REPLICA_SET_MODE=arbiter
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongoarbiter
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
deploy: deploy:
update_config: update_config:
parallelism: 1 parallelism: 1
@ -95,14 +116,18 @@ services:
cpus: '0.2' cpus: '0.2'
memory: 100M memory: 100M
mode: replicated mode: replicated
replicas: 0 replicas: 1
placement: placement:
constraints: constraints:
- node.labels.mongo.replica == 2 - node.role == worker
port:
- "27012:27017"
networks: networks:
- mother - mother
healthcheck:
test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s

185
stacks/lvl2/pg/stack.yml
View File

@ -1,85 +1,148 @@
version: "3.7" version: "3.7"
networks: networks:
mother: mother:
external: true external: true
services: services:
pgmaster: pg-0:
image: registry.vnfco.ir/library/bitnami/postgresql:13 image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
volumes:
- '/volume/pg:/bitnami/postgresql'
environment: environment:
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-0
- REPMGR_NODE_NETWORK_NAME=pg-0
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
- POSTGRESQL_POSTGRES_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
- POSTGRESQL_USERNAME=igarsonAgent - POSTGRESQL_USERNAME=igarsonAgent
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
- POSTGRESQL_DATABASE=igarsonDB - POSTGRESQL_DATABASE=igarsonDB
- POSTGRESQL_REPLICATION_MODE=master volumes:
- POSTGRESQL_REPLICATION_USER=pgreplicator - /volume/pg/pg_0_data:/bitnami/postgresql
- POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
resources:
limits:
cpus: '0.7'
memory: 500M
replicas: 1
mode: replicated
placement:
constraints:
- node.labels.mongo.replica == 1
ports: ports:
- 5432 - "5432:5432"
networks: networks:
- mother - mother
pgslave1:
image: registry.vnfco.ir/library/bitnami/postgresql:13
environment:
- POSTGRESQL_REPLICATION_MODE=slave
- POSTGRESQL_REPLICATION_USER=pgreplicator
- POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
- POSTGRESQL_MASTER_HOST=pgmaster
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
- POSTGRESQL_MASTER_PORT_NUMBER=5432
deploy: deploy:
update_config: placement:
parallelism: 1 constraints:
delay: 10s - node.role == worker
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
resources: resources:
limits: limits:
cpus: '0.3' cpus: "1"
memory: 300M memory: 300M
mode: replicated update_config:
replicas: 1 parallelism: 1
placement: delay: 10s
constraints: order: stop-first
- node.labels.mongo.replica == 2 restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
pg-1:
image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
environment:
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-1
- REPMGR_NODE_NETWORK_NAME=pg-1
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
- POSTGRESQL_POSTGRES_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
- POSTGRESQL_USERNAME=igarsonAgent
- POSTGRESQL_DATABASE=igarsonDB
volumes:
- /volume/pg/pg_1_data:/bitnami/postgresql
ports: ports:
- 5432 - "5433:5432"
networks: networks:
- mother - mother
deploy:
placement:
constraints:
- node.role == worker
resources:
limits:
cpus: "0.5"
memory: 300M
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
# pgmaster:
# image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
# volumes:
# - '/volume/pg:/bitnami/postgresql'
# environment:
# - POSTGRESQL_USERNAME=igarsonAgent
# - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
# - POSTGRESQL_DATABASE=igarsonDB
# - POSTGRESQL_REPLICATION_MODE=master
# - POSTGRESQL_REPLICATION_USER=pgreplicator
# - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# resources:
# limits:
# cpus: '1'
# memory: 300M
# replicas: 1
# mode: replicated
# placement:
# constraints:
# - node.role == worker
# ports:
# - "5432:5432"
# networks:
# - mother
# pgslave:
# image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
# environment:
# - POSTGRESQL_REPLICATION_MODE=slave
# - POSTGRESQL_REPLICATION_USER=pgreplicator
# - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
# - POSTGRESQL_MASTER_HOST=pgmaster
# - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
# - POSTGRESQL_MASTER_PORT_NUMBER=5432
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# resources:
# limits:
# cpus: '0.7'
# memory: 300M
# mode: replicated
# replicas: 1
# placement:
# constraints:
# - node.role == worker
# ports:
# - "5433:5432"
# networks:
# - mother

13
stacks/lvl2/rabbitmq/stack.yml
View File

@ -11,15 +11,10 @@ services:
ports: ports:
- '5672' - '5672'
environment: environment:
- RABBITMQ_PASSWORD=muyXH/zymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT - RABBITMQ_PASSWORD=muyXHzymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT
- RABBITMQ_USERNAME=igarsonAgent - RABBITMQ_USERNAME=igarsonAgent
volumes: volumes:
- '/volume/rabbit:/bitnami' - '/volume/rabbit:/bitnami'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5672"]
interval: 10s
timeout: 3s
retries: 5
deploy: deploy:
update_config: update_config:
parallelism: 1 parallelism: 1
@ -37,3 +32,9 @@ services:
mode: replicated mode: replicated
networks: networks:
- mother - mother
healthcheck:
test: ["CMD", "rabbitmqctl", "status"]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s

113
stacks/lvl2/redis/stack.yml
View File

@ -7,12 +7,14 @@ networks:
services: services:
redismaster: redismaster:
image: registry.vnfco.ir/library/bitnami/redis:latest image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
ports: ports:
- '6969:6379' - '6969:6379'
environment: environment:
- REDIS_REPLICATION_MODE=master - REDIS_REPLICATION_MODE=master
- REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ== - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_AOF_ENABLED=no
volumes: volumes:
- '/volume/redis:/bitnami' - '/volume/redis:/bitnami'
deploy: deploy:
@ -27,44 +29,85 @@ services:
window: 120s window: 120s
resources: resources:
limits: limits:
cpus: '0.4' cpus: '0.5'
memory: 500M
replicas: 1 replicas: 1
mode: replicated mode: replicated
placement: placement:
constraints: constraints:
- node.labels.mongo.replica == 1 - node.role == worker
networks: networks:
- mother - mother
healthcheck:
test: ["CMD-SHELL", "redis-cli ping"]
interval: 5s
timeout: 2s
retries: 3
start_period: 10s
redisreplica: # redisreplica:
image: registry.vnfco.ir/library/bitnami/redis:latest # image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
ports: # ports:
- '6379' # - '6970:6379'
environment: # environment:
- REDIS_REPLICATION_MODE=slave # - REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_HOST=redismaster # - REDIS_MASTER_HOST=redismaster
- REDIS_MASTER_PORT_NUMBER=6379 # - REDIS_MASTER_PORT_NUMBER=6379
- REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ== # - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_PASSWORD=gpGS7RezaKsWRH+qga95z6JTTxvecrpFShRR9IXqWZO2o5Kf8YAoNvGni9Zh5GGIM0Oz+e9+Cph9XDjfs3phgauiFtsEDkAf/1dxR8CixIzddcXKXgaawiqfwB8WCuM/2k8Iw7cv2wqoIdWrhdHbn96N//Su57Ri4hy5CRbUAl7VmGd9EL1sGytOJmXzQOi3lJBWvfVWbYBmgALwVQSads6g+OHmP2wpXsTsYMG1thppJVGo7i5Rh515hAuAGWTed4Ayqoe1muRR1L1Rs8pdA7IH/u4kOL1758Idd3BfTTRkr7xfjXY40dM0BkUqL5E4rOga38ThaVC99g== # - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
deploy: # - REDIS_AOF_ENABLED=no
update_config: # - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
parallelism: 1 # deploy:
delay: 10s # update_config:
order: start-first # parallelism: 1
restart_policy: # delay: 10s
condition: any # order: start-first
delay: 5s # restart_policy:
max_attempts: 3 # condition: any
window: 120s # delay: 5s
resources: # max_attempts: 3
limits: # window: 120s
cpus: '0.3' # resources:
memory: 300M # limits:
replicas: 1 # cpus: '0.5'
mode: replicated # replicas: 1
placement: # mode: replicated
constraints: # placement:
- node.labels.mongo.replica == 2 # constraints:
networks: # - node.role == worker
- mother # networks:
# - mother
# healthcheck:
# test: ["CMD-SHELL", "redis-cli ping"]
# interval: 5s
# timeout: 2s
# retries: 3
# start_period: 10s
# redissentinel:
# image: registry.vnfco.ir/library/bitnami/redis-sentinel:5.0.14-debian-10-r87
# ports:
# - '26379:26379'
# environment:
# - REDIS_SENTINEL_PASSWORD=wgi4KDgvFXLIeB1aiYYYFgMJtOfEI/uGoBv4JrPnhvzdgJCvQidapI3TE/LpheUYwn4T8nmacbkoBasy4+vTNSGgfbntvskXV4LUUp/iByz+Ao61J2Bl9bVC7Tl29TXq5LGEQN4LyPMmLSthYOmFajSNcCEP0xIG
# - REDIS_MASTER_HOST=redismaster
# - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=2000
# - REDIS_SENTINEL_FAILOVER_TIMEOUT=10000
# - REDIS_SENTINEL_QUORUM=1
# - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# window: 120s
# resources:
# limits:
# cpus: '0.3'
# memory: 10M
# mode: global
# networks:
# - mother

106
stacks/lvl3/stack.yml
View File

@ -9,18 +9,10 @@ networks:
services: services:
ls: ls:
image: registry.vnfco.ir/ig/ls:test image: registry.vnfco.ir/ig/localserver:latest
# environment: environment:
# - NODE_ENV=production - ASPNETCORE_ENVIRONMENT=Production
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app
# - REACT_APP_PATH_URL=/api/v1
# - REACT_APP_STORAGE_URL=https://storage.igarson.app
# - REACT_APP_SIGNAL_URL_PATH=/restauranthub
# - REACT_APP_LOG_LENGTH=20
# - REACT_APP_SOCKET_SECRET=GodProtectedKeyTools
# - REACT_APP_SECRET_KEY_GAME=6JCvBmi1ADry5Qk0bLaV+5klnAqYaVtjn+HSHG4N4pOAEl480saobylNWcudDxhvgw6q0yzVmbYH+lQIS3RmEHLXRHYAHxsdXl5MBuqU/p1oCC3SWmYke1SWHkoTUOm1f8SBZ1HucOxBHv7psqFUu5lG38P/EPiozv6/0qDU+vVFFp6v9ZTigBihLll0mU6qR14krot8+y9tOnrLDkHxw3wLvWsB4wgd9+RAY97Gzzs7ix3nAXthsT+jPWdyuENiKSuKEyHKbDqciJRBGqktgYU9XkYIfZzEm4cxhscT9jqNsUg2ml+uJdDQOps2mL5LgNetWWmcP43xPIkxAwu5oK873GV3uZOdQqYE2CBYT66+/+Yp5xzoL4+qZUUiDEpfWKm+clRlAm1Keiur
deploy: deploy:
update_config: update_config:
parallelism: 1 parallelism: 1
@ -36,29 +28,25 @@ services:
memory: 1Gi memory: 1Gi
replicas: 1 replicas: 1
mode: replicated mode: replicated
# placement: placement:
# constraints: constraints:
# - node.labels.overload == 1 - node.role == worker
volumes: volumes:
- type: bind - type: bind
source: /volume/ig/ls/wwwroot source: /volume/ig/ls/wwwroot
target: /publish/wwwroot target: /app/wwwroot
- type: bind
source: /volume/config/ls/appsettings.Production.json
target: /app/appsettings.Production.json
ports: ports:
- 8010:8010 - 8010:8010
networks: networks:
- mother - mother
core: core:
image: registry.vnfco.ir/ig/api:test image: registry.vnfco.ir/ig/api:latest
# environment: environment:
# - NODE_ENV=production - SPRING_PROFILES_ACTIVE=prod
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app
# - REACT_APP_PATH_URL=/api/v1
# - REACT_APP_STORAGE_URL=https://storage.igarson.app
# - REACT_APP_SIGNAL_URL_PATH=/restauranthub
# - REACT_APP_LOG_LENGTH=20
# - REACT_APP_SOCKET_SECRET=GodProtectedKeyTools
# - REACT_APP_SECRET_KEY_GAME=6JCvBmi1ADry5Qk0bLaV+5klnAqYaVtjn+HSHG4N4pOAEl480saobylNWcudDxhvgw6q0yzVmbYH+lQIS3RmEHLXRHYAHxsdXl5MBuqU/p1oCC3SWmYke1SWHkoTUOm1f8SBZ1HucOxBHv7psqFUu5lG38P/EPiozv6/0qDU+vVFFp6v9ZTigBihLll0mU6qR14krot8+y9tOnrLDkHxw3wLvWsB4wgd9+RAY97Gzzs7ix3nAXthsT+jPWdyuENiKSuKEyHKbDqciJRBGqktgYU9XkYIfZzEm4cxhscT9jqNsUg2ml+uJdDQOps2mL5LgNetWWmcP43xPIkxAwu5oK873GV3uZOdQqYE2CBYT66+/+Yp5xzoL4+qZUUiDEpfWKm+clRlAm1Keiur
deploy: deploy:
update_config: update_config:
parallelism: 1 parallelism: 1
@ -71,32 +59,35 @@ services:
resources: resources:
limits: limits:
cpus: '1' cpus: '1'
memory: 1Gi memory: 500m
replicas: 1 replicas: 1
mode: replicated mode: replicated
# placement: placement:
# constraints: constraints:
# - node.labels.overload == 1 - node.role == worker
volumes: volumes:
- type: bind - type: bind
source: /volume/ig/api/storage source: /volume/ig/api/storage
target: /target/storage target: /target/storage
- type: bind
source: /volume/config/core/application-prod.properties
target: /target/classes/application-prod.properties
ports: ports:
- 8011:8011 - 8011:8080
networks: networks:
- mother - mother
sms: sms:
image: registry.vnfco.ir/ig/sms:test image: registry.vnfco.ir/ig/sms:latest
# environment: environment:
# - NODE_ENV=production - QUEUE_NAME=ig-sms
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app - RABBIT_URI=amqp://igarsonAgent:muyXHzymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT@rabbitmq:5672
# - REACT_APP_PATH_URL=/api/v1 - SMS_SERVICE_URI=https://api.kavenegar.com/v1/
# - REACT_APP_STORAGE_URL=https://storage.igarson.app - SMS_SERVICE_CONTEXT_PATH=/sms/send.json
# - REACT_APP_SIGNAL_URL_PATH=/restauranthub - USERAPIKEY=7461633837643439575446434F7161634F676C58426E674B396A5356586A3173
# - REACT_APP_LOG_LENGTH=20 - SECRETKEY=!#u*(!@ofOAJDU31y+
# - REACT_APP_SOCKET_SECRET=GodProtectedKeyTools
# - REACT_APP_SECRET_KEY_GAME=6JCvBmi1ADry5Qk0bLaV+5klnAqYaVtjn+HSHG4N4pOAEl480saobylNWcudDxhvgw6q0yzVmbYH+lQIS3RmEHLXRHYAHxsdXl5MBuqU/p1oCC3SWmYke1SWHkoTUOm1f8SBZ1HucOxBHv7psqFUu5lG38P/EPiozv6/0qDU+vVFFp6v9ZTigBihLll0mU6qR14krot8+y9tOnrLDkHxw3wLvWsB4wgd9+RAY97Gzzs7ix3nAXthsT+jPWdyuENiKSuKEyHKbDqciJRBGqktgYU9XkYIfZzEm4cxhscT9jqNsUg2ml+uJdDQOps2mL5LgNetWWmcP43xPIkxAwu5oK873GV3uZOdQqYE2CBYT66+/+Yp5xzoL4+qZUUiDEpfWKm+clRlAm1Keiur
deploy: deploy:
update_config: update_config:
parallelism: 1 parallelism: 1
@ -109,7 +100,7 @@ services:
resources: resources:
limits: limits:
cpus: '0.5' cpus: '0.5'
memory: 50M memory: 10m
replicas: 1 replicas: 1
mode: replicated mode: replicated
placement: placement:
@ -118,8 +109,37 @@ services:
networks: networks:
- mother - mother
yaus:
image: registry.vnfco.ir/ig/yaus:latest
environment:
- MONGO_URL=mongodb://API:dljHVOHjf6123HDHWADOU8123@mongoprimary:27017,mongosecondary:27017/yaus?authSource=yaus
- URL_NOTFOUND=https://igarson.app/notfound
- TOLL=https://igarson.app/goto?dest=
- COLLECTION_MONGO="urls"
- DATABASE_MONGO=yaus
- DOMAIN=qr.igarson.app
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
window: 120s
resources:
limits:
cpus: '0.5'
memory: 10m
replicas: 1
mode: replicated
placement:
constraints:
- node.role == worker
ports:
- "8016:8000"
networks:
- mother

20
stacks/lvl4/stack.yml
View File

@ -11,7 +11,7 @@ networks:
services: services:
menu: menu:
image: registry.vnfco.ir/ig/pwa:test image: registry.vnfco.ir/ig/pwa:latest
# environment: # environment:
# - NODE_ENV=production # - NODE_ENV=production
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app # - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -32,7 +32,7 @@ services:
window: 120s window: 120s
resources: resources:
limits: limits:
cpus: '0.5' cpus: '0.3'
memory: 50M memory: 50M
replicas: 1 replicas: 1
mode: replicated mode: replicated
@ -47,7 +47,7 @@ services:
capitan: capitan:
image: registry.vnfco.ir/ig/garson:test image: registry.vnfco.ir/ig/garson:latest
# environment: # environment:
# - NODE_ENV=production # - NODE_ENV=production
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app # - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -68,7 +68,7 @@ services:
window: 120s window: 120s
resources: resources:
limits: limits:
cpus: '0.5' cpus: '0.3'
memory: 50M memory: 50M
replicas: 1 replicas: 1
mode: replicated mode: replicated
@ -83,7 +83,7 @@ services:
website: website:
image: registry.vnfco.ir/ig/website:test image: registry.vnfco.ir/ig/website:latest
# environment: # environment:
# - NODE_ENV=production # - NODE_ENV=production
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app # - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -104,7 +104,7 @@ services:
window: 120s window: 120s
resources: resources:
limits: limits:
cpus: '0.5' cpus: '0.3'
memory: 50M memory: 50M
replicas: 1 replicas: 1
mode: replicated mode: replicated
@ -116,8 +116,8 @@ services:
networks: networks:
- mother - mother
adminpanel: admin:
image: registry.vnfco.ir/ig/admin:test image: registry.vnfco.ir/ig/admin:latest
# environment: # environment:
# - NODE_ENV=production # - NODE_ENV=production
# - REACT_APP_SIGNAL_URL=https://ls.igarson.app # - REACT_APP_SIGNAL_URL=https://ls.igarson.app
@ -138,7 +138,7 @@ services:
window: 120s window: 120s
resources: resources:
limits: limits:
cpus: '0.5' cpus: '0.3'
memory: 50M memory: 50M
replicas: 1 replicas: 1
mode: replicated mode: replicated
@ -151,7 +151,7 @@ services:
- mother - mother
# shop: # shop:
# image: registry.vnfco.ir/ig/shop:test # image: registry.vnfco.ir/ig/shop:latest
# # environment: # # environment:
# # - NODE_ENV=production # # - NODE_ENV=production
# # - REACT_APP_SIGNAL_URL=https://ls.igarson.app # # - REACT_APP_SIGNAL_URL=https://ls.igarson.app

50
stacks/lvl5/poste.io/stack.yml 100644
View File

@ -0,0 +1,50 @@
version: "3.7"
networks:
mother:
external: true
services:
poste:
image: registry.vnfco.ir/library/analogic/poste.io:latest
environment:
- HTTPS=OFF
- HTTP_PORT=9090
- DISABLE_CLAMAV=TRUE
- DISABLE_RSPAMD=TRUE
- TZ=Asia/Tehran
- VIRTUAL_HOST=mail.igarson.app
- LETSENCRYPT_EMAIL=admin@igarson.app
- LETSENCRYPT_HOST=mail.igarson.app
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
window: 120s
resources:
limits:
cpus: '0.5'
memory: 200m
replicas: 1
mode: replicated
placement:
constraints:
- node.role == worker
volumes:
- /etc/localtime:/etc/localtime:ro
- /volume/poste/data:/data
ports:
- "25:25"
- "110:110"
- "143:143"
- "587:587"
- "993:993"
- "995:995"
- "4190:4190"
- "9090:9090"
networks:
- mother

0
stacks/lvlTest/IGTEST/stack.yml 100644
View File

113
stacks/lvlTest/MOTHER/stack.test.yml 100644
View File

@ -0,0 +1,113 @@
version: "3.7"
networks:
mother:
external: true
services:
mongo1:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
volumes:
- /volume/mongo/primary:/bitnami/mongodb
environment:
- MONGODB_ADVERTISED_HOSTNAME=mongoprimary
- MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9WeM6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
resources:
limits:
cpus: '0.5'
memory: 350M
replicas: 1
mode: replicated
placement:
constraints:
- node.role == worker
ports:
- "27011:27017"
networks:
- mother
#REDIS
redis:
image: registry.vnfco.ir/library/redis:primary
deploy:
placement:
constraints:
- node.role==worker
resources:
limits:
cpus: '0.30'
memory: 20M
update_config:
parallelism: 1
delay: 10s
order: stop-first
restart_policy:
condition: any
delay: 5s
max_attempts: 10
window: 120s
networks:
- mother
volumes:
- /volume/redis:/data
ports:
- "6969:6379"
# RABBIT
rabbit:
image: registry.vnfco.ir/library/rabbitmq:3.8.19-management-alpine
deploy:
placement:
constraints:
- node.role==worker
resources:
reservations:
cpus: '0.25'
memory: 100M
restart_policy:
condition: any
delay: 10s
max_attempts: 5
environment:
- RABBITMQ_DEFAULT_PASS=22102210aA
- RABBITMQ_DEFAULT_USER=MyNameIsAdmin
networks:
- mother
ports:
- "5672:5672"
- "15672:15672"
pg:
image: registry.vnfco.ir/library/bitnami/postgresql:12
deploy:
placement:
constraints:
- node.role==worker
update_config:
parallelism: 1
delay: 10s
order: stop-first
restart_policy:
condition: any
delay: 5s
max_attempts: 10
window: 120s
environment:
- POSTGRESQL_USERNAME=igarsonAgent
- POSTGRESQL_PASSWORD=aXysDgz7Nfr55dT5VEXmTDoqsUOG/gl4kmEe6QD/oqwna95RiYXrAyy8
- POSTGRESQL_DATABASE=igarsonDB
networks:
- mother
volumes:
- /volume/postgres:/bitnami/postgresql
ports:
- "5431:5432"

4
stacks/lvlTest/singlemongonode/Dockerfile 100644
View File

@ -0,0 +1,4 @@
FROM mongo:4.4-rc-focal
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod 777 /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]

341
stacks/lvlTest/singlemongonode/docker-entrypoint.sh 100644
View File

@ -0,0 +1,341 @@
#!/bin/bash
set -Eeuo pipefail
if [ "${1:0:1}" = '-' ]; then
set -- mongod "$@"
fi
originalArgOne="$1"
# allow the container to be started with `--user`
# all mongo* commands should be dropped to the correct user
if [[ "$originalArgOne" == mongo* ]] && [ "$(id -u)" = '0' ]; then
if [ "$originalArgOne" = 'mongod' ]; then
find /data/configdb /data/db \! -user mongodb -exec chown mongodb '{}' +
fi
# make sure we can write to stdout and stderr as "mongodb"
# (for our "initdb" code later; see "--logpath" below)
chown --dereference mongodb "/proc/$$/fd/1" "/proc/$$/fd/2" || :
# ignore errors thanks to https://github.com/docker-library/mongo/issues/149
exec gosu mongodb "$BASH_SOURCE" "$@"
fi
# you should use numactl to start your mongod instances, including the config servers, mongos instances, and any clients.
# https://docs.mongodb.com/manual/administration/production-notes/#configuring-numa-on-linux
if [[ "$originalArgOne" == mongo* ]]; then
numa='numactl --interleave=all'
if $numa true &> /dev/null; then
set -- $numa "$@"
fi
fi
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# see https://github.com/docker-library/mongo/issues/147 (mongod is picky about duplicated arguments)
_mongod_hack_have_arg() {
local checkArg="$1"; shift
local arg
for arg; do
case "$arg" in
"$checkArg"|"$checkArg"=*)
return 0
;;
esac
done
return 1
}
# _mongod_hack_get_arg_val '--some-arg' "$@"
_mongod_hack_get_arg_val() {
local checkArg="$1"; shift
while [ "$#" -gt 0 ]; do
local arg="$1"; shift
case "$arg" in
"$checkArg")
echo "$1"
return 0
;;
"$checkArg"=*)
echo "${arg#$checkArg=}"
return 0
;;
esac
done
return 1
}
declare -a mongodHackedArgs
# _mongod_hack_ensure_arg '--some-arg' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_arg() {
local ensureArg="$1"; shift
mongodHackedArgs=( "$@" )
if ! _mongod_hack_have_arg "$ensureArg" "$@"; then
mongodHackedArgs+=( "$ensureArg" )
fi
}
# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_no_arg() {
local ensureNoArg="$1"; shift
mongodHackedArgs=()
while [ "$#" -gt 0 ]; do
local arg="$1"; shift
if [ "$arg" = "$ensureNoArg" ]; then
continue
fi
mongodHackedArgs+=( "$arg" )
done
}
# _mongod_hack_ensure_no_arg '--some-unwanted-arg' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_no_arg_val() {
local ensureNoArg="$1"; shift
mongodHackedArgs=()
while [ "$#" -gt 0 ]; do
local arg="$1"; shift
case "$arg" in
"$ensureNoArg")
shift # also skip the value
continue
;;
"$ensureNoArg"=*)
# value is already included
continue
;;
esac
mongodHackedArgs+=( "$arg" )
done
}
# _mongod_hack_ensure_arg_val '--some-arg' 'some-val' "$@"
# set -- "${mongodHackedArgs[@]}"
_mongod_hack_ensure_arg_val() {
local ensureArg="$1"; shift
local ensureVal="$1"; shift
_mongod_hack_ensure_no_arg_val "$ensureArg" "$@"
mongodHackedArgs+=( "$ensureArg" "$ensureVal" )
}
# _js_escape 'some "string" value'
_js_escape() {
jq --null-input --arg 'str' "$1" '$str'
}
jsonConfigFile="${TMPDIR:-/tmp}/docker-entrypoint-config.json"
tempConfigFile="${TMPDIR:-/tmp}/docker-entrypoint-temp-config.json"
_parse_config() {
if [ -s "$tempConfigFile" ]; then
return 0
fi
local configPath
if configPath="$(_mongod_hack_get_arg_val --config "$@")"; then
# if --config is specified, parse it into a JSON file so we can remove a few problematic keys (especially SSL-related keys)
# see https://docs.mongodb.com/manual/reference/configuration-options/
mongo --norc --nodb --quiet --eval "load('/js-yaml.js'); printjson(jsyaml.load(cat($(_js_escape "$configPath"))))" > "$jsonConfigFile"
jq 'del(.systemLog, .processManagement, .net, .security)' "$jsonConfigFile" > "$tempConfigFile"
return 0
fi
return 1
}
dbPath=
_dbPath() {
if [ -n "$dbPath" ]; then
echo "$dbPath"
return
fi
if ! dbPath="$(_mongod_hack_get_arg_val --dbpath "$@")"; then
if _parse_config "$@"; then
dbPath="$(jq -r '.storage.dbPath // empty' "$jsonConfigFile")"
fi
fi
: "${dbPath:=/data/db}"
echo "$dbPath"
}
if [ "$originalArgOne" = 'mongod' ]; then
file_env 'MONGO_INITDB_ROOT_USERNAME'
file_env 'MONGO_INITDB_ROOT_PASSWORD'
# pre-check a few factors to see if it's even worth bothering with initdb
shouldPerformInitdb=
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
# if we have a username/password, let's set "--auth"
_mongod_hack_ensure_arg '--auth' "$@"
set -- "${mongodHackedArgs[@]}"
shouldPerformInitdb='true'
elif [ "$MONGO_INITDB_ROOT_USERNAME" ] || [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
cat >&2 <<-'EOF'
error: missing 'MONGO_INITDB_ROOT_USERNAME' or 'MONGO_INITDB_ROOT_PASSWORD'
both must be specified for a user to be created
EOF
exit 1
fi
if [ -z "$shouldPerformInitdb" ]; then
# if we've got any /docker-entrypoint-initdb.d/* files to parse later, we should initdb
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh|*.js) # this should match the set of files we check for below
shouldPerformInitdb="$f"
break
;;
esac
done
fi
# check for a few known paths (to determine whether we've already initialized and should thus skip our initdb scripts)
if [ -n "$shouldPerformInitdb" ]; then
dbPath="$(_dbPath "$@")"
for path in \
"$dbPath/WiredTiger" \
"$dbPath/journal" \
"$dbPath/local.0" \
"$dbPath/storage.bson" \
; do
if [ -e "$path" ]; then
shouldPerformInitdb=
break
fi
done
fi
if [ -n "$shouldPerformInitdb" ]; then
mongodHackedArgs=( "$@" )
if _parse_config "$@"; then
_mongod_hack_ensure_arg_val --config "$tempConfigFile" "${mongodHackedArgs[@]}"
fi
_mongod_hack_ensure_arg_val --bind_ip 127.0.0.1 "${mongodHackedArgs[@]}"
_mongod_hack_ensure_arg_val --port 27017 "${mongodHackedArgs[@]}"
_mongod_hack_ensure_no_arg --bind_ip_all "${mongodHackedArgs[@]}"
# remove "--auth" and "--replSet" for our initial startup (see https://docs.mongodb.com/manual/tutorial/enable-authentication/#start-mongodb-without-access-control)
# https://github.com/docker-library/mongo/issues/211
_mongod_hack_ensure_no_arg --auth "${mongodHackedArgs[@]}"
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
_mongod_hack_ensure_no_arg_val --replSet "${mongodHackedArgs[@]}"
fi
sslMode="$(_mongod_hack_have_arg '--sslPEMKeyFile' "$@" && echo 'allowSSL' || echo 'disabled')" # "BadValue: need sslPEMKeyFile when SSL is enabled" vs "BadValue: need to enable SSL via the sslMode flag when using SSL configuration parameters"
_mongod_hack_ensure_arg_val --sslMode "$sslMode" "${mongodHackedArgs[@]}"
if stat "/proc/$$/fd/1" > /dev/null && [ -w "/proc/$$/fd/1" ]; then
# https://github.com/mongodb/mongo/blob/38c0eb538d0fd390c6cb9ce9ae9894153f6e8ef5/src/mongo/db/initialize_server_global_state.cpp#L237-L251
# https://github.com/docker-library/mongo/issues/164#issuecomment-293965668
_mongod_hack_ensure_arg_val --logpath "/proc/$$/fd/1" "${mongodHackedArgs[@]}"
else
initdbLogPath="$(_dbPath "$@")/docker-initdb.log"
echo >&2 "warning: initdb logs cannot write to '/proc/$$/fd/1', so they are in '$initdbLogPath' instead"
_mongod_hack_ensure_arg_val --logpath "$initdbLogPath" "${mongodHackedArgs[@]}"
fi
_mongod_hack_ensure_arg --logappend "${mongodHackedArgs[@]}"
pidfile="${TMPDIR:-/tmp}/docker-entrypoint-temp-mongod.pid"
rm -f "$pidfile"
_mongod_hack_ensure_arg_val --pidfilepath "$pidfile" "${mongodHackedArgs[@]}"
"${mongodHackedArgs[@]}" --fork
mongo=( mongo --host 127.0.0.1 --port 27017 --quiet )
# check to see that our "mongod" actually did start up (catches "--help", "--version", MongoDB 3.2 being silly, slow prealloc, etc)
# https://jira.mongodb.org/browse/SERVER-16292
tries=30
while true; do
if ! { [ -s "$pidfile" ] && ps "$(< "$pidfile")" &> /dev/null; }; then
# bail ASAP if "mongod" isn't even running
echo >&2
echo >&2 "error: $originalArgOne does not appear to have stayed running -- perhaps it had an error?"
echo >&2
exit 1
fi
if "${mongo[@]}" 'admin' --eval 'quit(0)' &> /dev/null; then
# success!
break
fi
(( tries-- ))
if [ "$tries" -le 0 ]; then
echo >&2
echo >&2 "error: $originalArgOne does not appear to have accepted connections quickly enough -- perhaps it had an error?"
echo >&2
exit 1
fi
sleep 1
done
if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ]; then
rootAuthDatabase='admin'
"${mongo[@]}" "$rootAuthDatabase" <<-EOJS
db.createUser({
user: $(_js_escape "$MONGO_INITDB_ROOT_USERNAME"),
pwd: $(_js_escape "$MONGO_INITDB_ROOT_PASSWORD"),
roles: [ { role: 'root', db: $(_js_escape "$rootAuthDatabase") } ]
})
EOJS
fi
echo "Heydaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaar"
export MONGO_INITDB_DATABASE="${MONGO_INITDB_DATABASE:-test}"
echo
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh) echo "$0: running $f"; . "$f" ;;
*.js) echo "$0: running $f"; "${mongo[@]}" "$MONGO_INITDB_DATABASE" "$f"; echo ;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
"${mongodHackedArgs[@]}" --shutdown
rm -f "$pidfile"
echo
echo 'MongoDB init process complete; ready for start up.'
echo
fi
# MongoDB 3.6+ defaults to localhost-only binding
if mongod --help 2>&1 | grep -q -- --bind_ip_all; then # TODO remove this conditional when 3.4 is no longer supported
haveBindIp=
if _mongod_hack_have_arg --bind_ip "$@" || _mongod_hack_have_arg --bind_ip_all "$@"; then
haveBindIp=1
elif _parse_config "$@" && jq --exit-status '.net.bindIp // .net.bindIpAll' "$jsonConfigFile" > /dev/null; then
haveBindIp=1
fi
if [ -z "$haveBindIp" ]; then
# so if no "--bind_ip" is specified, let's add "--bind_ip_all"
set -- "$@" --bind_ip_all
fi
fi
unset "${!MONGO_INITDB_@}"
fi
rm -f "$jsonConfigFile" "$tempConfigFile"
exec "$@"%

2
stacks/lvlTest/singlemongonode/mongod.env 100644
View File

@ -0,0 +1,2 @@
MONGO_INITDB_ROOT_USERNAME=admin
MONGO_INITDB_ROOT_PASSWORD=22102210aA

BIN
stacks/lvldebug.zip 100644
View File

Binary file not shown.

115
stacks/lvldebug/mongo/stack.yml 100644
View File

@ -0,0 +1,115 @@
version: "3.7"
networks:
mother:
external: true
volumes:
db-01:
db-02:
services:
mongoprimary:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
volumes:
- db-01:/bitnami/mongodb
environment:
- MONGODB_REPLICA_SET_MODE=primary
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongoprimary
- MONGODB_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
replicas: 1
mode: replicated
ports:
- "27011:27017"
networks:
- mother
healthcheck:
test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
mongosecondary:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
environment:
- MONGODB_REPLICA_SET_MODE=secondary
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongosecondary
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
volumes:
- db-02:/bitnami/mongodb
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
mode: replicated
replicas: 1
ports:
- "27012:27017"
networks:
- mother
healthcheck:
test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
mongoarbiter:
image: registry.vnfco.ir/library/bitnami/mongodb:4.4.11-debian-10-r5
environment:
- MONGODB_REPLICA_SET_MODE=arbiter
- MONGODB_REPLICA_SET_NAME=igrep
- MONGODB_ADVERTISED_HOSTNAME=mongoarbiter
- MONGODB_INITIAL_PRIMARY_HOST=mongoprimary
- MONGODB_INITIAL_PRIMARY_PORT_NUMBER=27017
- MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=cWv1WQvWEp+LPdax9We/M6PeT7KgyTE9zKmC5y1ieqz4JtpLiVifJrQg0VHYhE6l
- MONGODB_REPLICA_SET_KEY=keyissetforlocalreplica
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
mode: replicated
replicas: 1
networks:
- mother
healthcheck:
test: ["CMD", "mongo", "--eval", "printjson(db.isMaster())" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s

154
stacks/lvldebug/pg/stack.yml 100644
View File

@ -0,0 +1,154 @@
version: "3.7"
networks:
mother:
external: true
services:
pg-0:
image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
environment:
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-0
- REPMGR_NODE_NETWORK_NAME=pg-0
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
volumes:
- /Users/amirmoghi3/volume/pg/pg_0_data:/bitnami/postgresql
ports:
- "5432:5432"
networks:
- mother
deploy:
placement:
constraints:
- node.role == worker
resources:
limits:
cpus: "1"
memory: 300M
update_config:
parallelism: 1
delay: 10s
order: stop-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
healthcheck:
test: ["CMD", "curl", "--fail", "--silent", "--output", "/dev/null", "--write-out", "HTTPSTATUS:%{http_code}", "http://localhost:5432/"]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
pg-1:
image: registry.vnfco.ir/library/bitnami/postgresql-repmgr:13.5.0-debian-10-r48
environment:
- REPMGR_PARTNER_NODES=pg-0,pg-1
- REPMGR_NODE_NAME=pg-1
- REPMGR_NODE_NETWORK_NAME=pg-1
- REPMGR_PRIMARY_HOST=pg-0
- REPMGR_PASSWORD=UjvGvyYXZZTvL1GsST7AJrtmQjqSV+LOihKQaEGyUUtdQAUGSA3BsFEi5B4KoRBF
- POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
volumes:
- /Users/amirmoghi3/volume/pg/pg_1_data:/bitnami/postgresql
ports:
- "5433:5432"
networks:
- mother
deploy:
placement:
constraints:
- node.role == worker
resources:
limits:
cpus: "0.5"
memory: 300M
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
healthcheck:
test: ["CMD", "curl", "--fail", "--silent", "--output", "/dev/null", "--write-out", "HTTPSTATUS:%{http_code}", "http://localhost:5432/"]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
# pgmaster:
# image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
# volumes:
# - '/Users/amirmoghi3/volume/pg:/bitnami/postgresql'
# environment:
# - POSTGRESQL_USERNAME=igarsonAgent
# - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
# - POSTGRESQL_DATABASE=igarsonDB
# - POSTGRESQL_REPLICATION_MODE=master
# - POSTGRESQL_REPLICATION_USER=pgreplicator
# - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# resources:
# limits:
# cpus: '1'
# memory: 300M
# replicas: 1
# mode: replicated
# placement:
# constraints:
# - node.role == worker
# ports:
# - "5432:5432"
# networks:
# - mother
# pgslave:
# image: registry.vnfco.ir/library/crunchydata/crunchy-postgres:centos7-13.1-4.5.1
# environment:
# - POSTGRESQL_REPLICATION_MODE=slave
# - POSTGRESQL_REPLICATION_USER=pgreplicator
# - POSTGRESQL_REPLICATION_PASSWORD=ciXz6xmnEMZSO+0T8L6mGcFJrAvPzkTC04oh/WYIRi51gMQLPfW8tTEHALX6fhk4
# - POSTGRESQL_MASTER_HOST=pgmaster
# - POSTGRESQL_PASSWORD=xHTpBf4wC+bBeNg2pL6Ga7VEWKFJx7VPEUpqxwPFfOc2YYTVwFQuHfsiqoVeT9+6
# - POSTGRESQL_MASTER_PORT_NUMBER=5432
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# resources:
# limits:
# cpus: '0.7'
# memory: 300M
# mode: replicated
# replicas: 1
# placement:
# constraints:
# - node.role == worker
# ports:
# - "5433:5432"
# networks:
# - mother

38
stacks/lvldebug/rabbitmq/stack.yml 100644
View File

@ -0,0 +1,38 @@
version: "3.7"
networks:
mother:
external: true
volumes:
rabbit-data:
services:
rabbitmq:
image: registry.vnfco.ir/library/rabbitmq:3.8.19-management-alpine
ports:
- '5672:5672'
- '15672:15672'
environment:
- RABBITMQ_PASSWORD=muyXHymcTYLzk3wYnIwGUJWECKy0ViUDOUlCmPF3XS2kliuV0TaA0mWf6lT
- RABBITMQ_USERNAME=igarsonAgent
volumes:
- rabbit-data:/bitnami
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
window: 120s
replicas: 1
mode: replicated
networks:
- mother

100
stacks/lvldebug/redis/stack.yml 100644
View File

@ -0,0 +1,100 @@
version: "3.7"
networks:
mother:
external: true
volumes:
redis-data:
services:
redismaster:
image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
ports:
- '6969:6379'
environment:
- REDIS_REPLICATION_MODE=master
- REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
- REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
volumes:
- redis-data:/bitnami
deploy:
update_config:
parallelism: 1
delay: 10s
order: start-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
replicas: 1
mode: replicated
networks:
- mother
healthcheck:
test: ["CMD-SHELL", "redis-cli ping"]
interval: 5s
timeout: 2s
retries: 3
start_period: 10s
# redisreplica:
# image: registry.vnfco.ir/library/bitnami/redis:5.0.14-debian-10-r90
# ports:
# - '6970:6379'
# environment:
# - REDIS_REPLICATION_MODE=slave
# - REDIS_MASTER_HOST=redismaster
# - REDIS_MASTER_PORT_NUMBER=6379
# - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# - REDIS_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# max_attempts: 3
# window: 120s
# replicas: 1
# mode: replicated
# networks:
# - mother
# healthcheck:
# test: ["CMD-SHELL", "redis-cli ping"]
# interval: 5s
# timeout: 2s
# retries: 3
# start_period: 10s
# redissentinel:
# image: registry.vnfco.ir/library/bitnami/redis-sentinel:5.0.14-debian-10-r87
# ports:
# - '26379:26379'
# environment:
# - REDIS_SENTINEL_PASSWORD=wgi4KDgvFXLIeB1aiYYYFgMJtOfEI/uGoBv4JrPnhvzdgJCvQidapI3TE/LpheUYwn4T8nmacbkoBasy4+vTNSGgfbntvskXV4LUUp/iByz+Ao61J2Bl9bVC7Tl29TXq5LGEQN4LyPMmLSthYOmFajSNcCEP0xIG
# - REDIS_MASTER_HOST=redismaster
# - REDIS_MASTER_PASSWORD=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# - REDIS_SENTINEL_DOWN_AFTER_MILLISECONDS=2000
# - REDIS_SENTINEL_FAILOVER_TIMEOUT=10000
# - REDIS_SENTINEL_QUORUM=1
# - REDISCLI_AUTH=Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD+q74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q+bEK9CqAu3y2Zu4xkVyzyYKdFMT696IB/SS1M7rvZKw7NBYT99lGCpj1edk+6hRpK/Qy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN/1gLJd/uTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw/P8REEL0KDyZ9khilU/XvzSgzp+v5i9hmUdKO3B8r+Y4keUZyaKz2VxCHSGAuqWSCpe+do1qQ==
# deploy:
# update_config:
# parallelism: 1
# delay: 10s
# order: start-first
# restart_policy:
# condition: any
# delay: 5s
# window: 120s
# mode: global
# networks:
# - mother