Diagram
swarm/docker-compose.yaml
version: "3.8" services: mariadb1: image: mariadb:11.1.2 environment: MYSQL_ROOT_PASSWORD: lkTR.3p2 MYSQL_DATABASE: soffid MYSQL_USER: soffid MYSQL_PASSWORD: 86h.FukT healthcheck: test: "/usr/bin/mariadb --user=root --password=lkTR.3p2 --execute \"SHOW DATABASES;\"" interval: 2s timeout: 20s retries: 10 deploy: placement: constraints: - node.hostname==sftsvr01 command: - mariadbd - --server-id=11 - --log-bin - --binlog-format=row - --expire_logs_days=15 - --max_binlog_size=1000M - --replicate-ignore-table=soffid.SC_SEQUENCE - --slave-skip-errors=1032,1053,1062 - --max_allowed_packet=256M - --innodb_log_file_size=256M - --character-set-server=utf8mb4 - --collation-server=utf8mb4_general_ci networks: - cluster volumes: - mariadb1_data:/var/lib/mysql mariadb2: image: mariadb:11.1.2 environment: MYSQL_ROOT_PASSWORD: lkTR.3p2 MYSQL_DATABASE: soffid MYSQL_USER: soffid MYSQL_PASSWORD: 86h.FukT healthcheck: test: "/usr/bin/mariadb --user=root --password=lkTR.3p2 --execute \"SHOW DATABASES;\"" interval: 2s timeout: 20s retries: 10 deploy: placement: constraints: - node.hostname==sftsvr02 command: - mariadbd - --server-id=22 - --log-bin - --binlog-format=row - --expire_logs_days=15 - --max_binlog_size=1000M - --replicate-ignore-table=soffid.SC_SEQUENCE - --slave-skip-errors=1032,1053,1062 - --max_allowed_packet=128M - --innodb_log_file_size=256M - --character-set-server=utf8mb4 - --collation-server=utf8mb4_general_ci networks: - cluster volumes: - mariadb2_data:/var/lib/mysql console: image: soffid/iam-console:3.6.4 environment: DB_URL: jdbc:mariadb:sequential://mariadb1,mariadb2/soffid DB_USER: soffid DB_PASSWORD: 86h.FukT ports: - 8080:8080 networks: - cluster configs: - source: trustedcert_1 target: /opt/soffid/iam-console-3/trustedcerts/test syncserver: image: soffid/iam-sync:3.6.2 hostname: soffid.postbank.lpb.co.ls environment: SOFFID_PORT: 1760 SOFFID_HOSTNAME: syncserver SOFFID_MAIN: "yes" DB_URL: jdbc:mysql:sequential://mariadb1,mariadb2/soffid DB_USER: soffid DB_PASSWORD: 86h.FukT DB_CONFIGURATION_TABLE: ss1 ports: - 1443:1443 - 49:49 - 1760:1760 networks: - cluster pam-store: image: soffid/pam-store:1.4.36 networks: - cluster volumes: - store_data:/opt/soffid/tomee/data configs: - source: trustedcert_1 target: /opt/soffid/tomee/trustedcerts/test deploy: placement: constraints: - node.hostname==sftsvr01 pam-launcher: image: soffid/pam-launcher:1.4.37 environment: STORE_SERVER: http://pam-store:8080 STORE_USER: postbank1-launcher STORE_PASSWORD: jaQ1S7jjz6CA2WmgjsXzP0WgS/qvB603eM04q0tR87x9WzbYS3zCFJcPF32pXHPt NETWORK_ID: soffid_cluster ports: - 8082:8080 networks: - cluster volumes: - launcher_data:/opt/soffid/tomee/launcher - /var/run/docker.sock:/var/run/docker.sock configs: - source: trustedcert_1 target: /opt/soffid/tomee/trustedcerts/test traefik: image: "traefik:v2.10" command: - "--log.level=DEBUG" - "--configFile=/data/traefik.yaml" - "--log=true" ports: - target: 443 published: 443 protocol: tcp #- "9000:9000" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./traefik:/data" networks: - cluster networks: cluster: attachable: true ipam: config: - subnet: 10.250.0.0/16 volumes: mariadb1_data: name: compose-mariadbdata external: true mariadb2_data: name: compose-mariadbdata external: true store_data: name: compose_store_data launcher_data: name: compose_launcher_data configs: trustedcert_1: file: ./trustedcerts/test
swarm/traefik/traefik.yaml
entryPoints: web: address: ":443" traefik: address: ":9000/tcp" api: dashboard: true providers: file: directory: /data/dynamic watch: true
swarm/traefik/dynamic/console.yaml
http: routers: consola: entryPoints: - web rule: "PathPrefix(`/`)" service: consola tls: options: services: consola: loadBalancer: sticky: cookie: name: server secure: true httpOnly: true servers: - url: http://console:8080/ healthCheck: scheme: http path: /soffid/anonymous/logo.svg port: 8080
swarm/traefik/dynamics/certs.yaml
tls: stores: default: defaultCertificate: certFile: /data/dynamic/25122be6d01ad29b.crt keyFile: /data/dynamic/server.key