mirror of
https://github.com/GreptimeTeam/greptimedb.git
synced 2026-01-06 21:32:58 +00:00
32a3ef36f9
* add TLS support for etcd client connections~ Signed-off-by: codephage2020 <tingwangyan2020@163.com> * locate correct certs Signed-off-by: codephage2020 <tingwangyan2020@163.com> * Updated certs Signed-off-by: codephage2020 <tingwangyan2020@163.com> * Updated CI Signed-off-by: codephage2020 <tingwangyan2020@163.com> * Updated CI Signed-off-by: codephage2020 <tingwangyan2020@163.com> * Update docker-compose.yml * tests for TLS client creation Signed-off-by: codephage2020 <tingwangyan2020@163.com> * modify tests Signed-off-by: codephage2020 <tingwangyan2020@163.com> --------- Signed-off-by: codephage2020 <tingwangyan2020@163.com>
112 lines
3.1 KiB
YAML
112 lines
3.1 KiB
YAML
services:
|
|
|
|
zookeeper:
|
|
image: docker.io/bitnami/zookeeper:3.7
|
|
ports:
|
|
- '2181:2181'
|
|
environment:
|
|
- ALLOW_ANONYMOUS_LOGIN=yes
|
|
|
|
kafka:
|
|
image: docker.io/bitnami/kafka:3.9.0
|
|
container_name: kafka
|
|
ports:
|
|
- 9092:9092
|
|
- 9093:9093
|
|
environment:
|
|
KAFKA_CFG_NODE_ID: "1"
|
|
KAFKA_CFG_PROCESS_ROLES: broker,controller
|
|
KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: 1@127.0.0.1:2181
|
|
# Listeners
|
|
KAFKA_CFG_ADVERTISED_LISTENERS: PLAINTEXT://127.0.0.1:9092,SECURE://localhost:9093
|
|
KAFKA_CFG_CONTROLLER_LISTENER_NAMES: CONTROLLER
|
|
KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT,SECURE:SASL_PLAINTEXT
|
|
KAFKA_CFG_LISTENERS: PLAINTEXT://:9092,CONTROLLER://:2181,SECURE://:9093
|
|
ALLOW_PLAINTEXT_LISTENER: "yes"
|
|
KAFKA_BROKER_ID: "1"
|
|
KAFKA_CLIENT_USERS: "user_kafka"
|
|
KAFKA_CLIENT_PASSWORDS: "secret"
|
|
KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE: false
|
|
depends_on:
|
|
zookeeper:
|
|
condition: service_started
|
|
|
|
etcd:
|
|
image: docker.io/bitnami/etcd:3.5
|
|
ports:
|
|
- "2379:2379"
|
|
- "2380:2380"
|
|
environment:
|
|
ALLOW_NONE_AUTHENTICATION: "yes"
|
|
ETCD_NAME: etcd
|
|
ETCD_LISTEN_CLIENT_URLS: http://0.0.0.0:2379
|
|
ETCD_ADVERTISE_CLIENT_URLS: http://etcd:2379
|
|
ETCD_MAX_REQUEST_BYTES: 10485760
|
|
|
|
etcd-tls:
|
|
image: docker.io/bitnami/etcd:3.5
|
|
ports:
|
|
- "2378:2378"
|
|
- "2381:2381"
|
|
environment:
|
|
ALLOW_NONE_AUTHENTICATION: "yes"
|
|
ETCD_NAME: etcd-tls
|
|
ETCD_LISTEN_CLIENT_URLS: https://0.0.0.0:2378
|
|
ETCD_ADVERTISE_CLIENT_URLS: https://etcd-tls:2378
|
|
ETCD_LISTEN_PEER_URLS: https://0.0.0.0:2381
|
|
ETCD_INITIAL_ADVERTISE_PEER_URLS: https://etcd-tls:2381
|
|
ETCD_INITIAL_CLUSTER: etcd-tls=https://etcd-tls:2381
|
|
ETCD_INITIAL_CLUSTER_TOKEN: etcd-tls-cluster
|
|
ETCD_INITIAL_CLUSTER_STATE: new
|
|
ETCD_CERT_FILE: /certs/server.crt
|
|
ETCD_KEY_FILE: /certs/server-key.pem
|
|
ETCD_TRUSTED_CA_FILE: /certs/ca.crt
|
|
ETCD_PEER_CERT_FILE: /certs/server.crt
|
|
ETCD_PEER_KEY_FILE: /certs/server-key.pem
|
|
ETCD_PEER_TRUSTED_CA_FILE: /certs/ca.crt
|
|
ETCD_CLIENT_CERT_AUTH: "true"
|
|
ETCD_PEER_CLIENT_CERT_AUTH: "true"
|
|
ETCD_MAX_REQUEST_BYTES: 10485760
|
|
volumes:
|
|
- ./etcd-tls-certs:/certs:ro
|
|
|
|
minio:
|
|
image: docker.io/bitnami/minio:2024
|
|
ports:
|
|
- '9000:9000'
|
|
- '9001:9001'
|
|
environment:
|
|
- MINIO_ROOT_USER=superpower_ci_user
|
|
- MINIO_ROOT_PASSWORD=superpower_password
|
|
- MINIO_DEFAULT_BUCKETS=greptime
|
|
- BITNAMI_DEBUG=true
|
|
volumes:
|
|
- 'minio_data:/bitnami/minio/data'
|
|
|
|
postgres:
|
|
image: docker.io/postgres:14-alpine
|
|
ports:
|
|
- 5432:5432
|
|
volumes:
|
|
- ~/apps/postgres:/var/lib/postgresql/data
|
|
environment:
|
|
- POSTGRES_USER=greptimedb
|
|
- POSTGRES_DB=postgres
|
|
- POSTGRES_PASSWORD=admin
|
|
|
|
mysql:
|
|
image: bitnami/mysql:5.7
|
|
ports:
|
|
- 3306:3306
|
|
volumes:
|
|
- ~/apps/mysql:/var/lib/mysql
|
|
environment:
|
|
- MYSQL_DATABASE=mysql
|
|
- MYSQL_USER=greptimedb
|
|
- MYSQL_PASSWORD=admin
|
|
- MYSQL_ROOT_PASSWORD=admin
|
|
|
|
volumes:
|
|
minio_data:
|
|
driver: local
|