Gnous/mattermost
Archived
2
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Swarm file flavors (#222)

Browse Source 
* Better documentation for swarm file, avoid exposing ports for no reason

* add swarm file using traefik
This commit is contained in:
Mauricio Ugaz 2018-01-21 19:01:46 -03:00 committed by Kyâne Pichou
parent bdabd10d4d
commit 09d59556e0
2 changed files with 220 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
contrib/swarm/docker-stack-traefik.yml Normal file
View File

@ -0,0 +1,123 @@
# This file allows you to run mattermost within your docker swarm mode cluster
# for more informations check: https://docs.docker.com/engine/swarm/
#
# Simply run:
#
# `docker stack up [STACK NAME] -c docker-stack-traefik.yml`
#
# In this case `mm` is going to be stack name, so the command will be:
#
# `docker stack up mm -c docker-stack-traefik.yml`
#
# From now on all the services that belong to this stack will be prefixed with `mm_`
# this file defines 3 services, these are going to be mm_db, mm_app and mm_web,
# each of these names is the service's hostname as well, they can communicate
# with each other easily by using the hostname instead of the ip or exposing ports to the host.
#
# As a side note, images tagged as latest are pulled by default,
# that means there's no need to use `image:latest`
#
# use latest compose v3.3 file format for optimal compatibility with latest docker release and swarm features.
# see https://docs.docker.com/compose/compose-file/compose-versioning/#version-3
# and https://docs.docker.com/compose/compose-file/compose-versioning/#version-33
# and https://docs.docker.com/compose/compose-file/compose-versioning/#upgrading
version: '3.3'
networks:
# network for App <-> DB transactions
mm-in:
driver: overlay
internal: true
# this network faces the outside world
mm-out:
driver: overlay
internal: false
volumes:
mm-dbdata:
traefik-certs:
services:
db:
# use official mattermost prod-db image
image: mattermost/mattermost-prod-db
networks:
- mm-in
volumes:
# use a named-volume for data persistency
- mm-dbdata:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=mmuser_password
- POSTGRES_DB=mattermost
# uncomment the following to enable backup
# - AWS_ACCESS_KEY_ID=XXXX
# - AWS_SECRET_ACCESS_KEY=XXXX
# - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
# - AWS_REGION=us-east-1
deploy:
restart_policy:
condition: on-failure
app:
# use official mattermost prod-app image
image: mattermost/mattermost-prod-app
networks:
- mm-in
- mm-out
volumes:
- /var/lib/mattermost/config:/mattermost/config:rw
- /var/lib/mattermost/data:/mattermost/data:rw
- /var/lib/mattermost/logs:/mattermost/logs:rw
- /etc/localtime:/etc/localtime:ro
environment:
# use service's hostname
- DB_HOST=mm_db
# talk to the port within the overlay network
# without (over)exposing ports
- DB_PORT_NUMBER=5432
- MM_USERNAME=mmuser
- MM_PASSWORD=mmuser_password
- MM_DBNAME=mattermost
# pass the edition to be used, default is enterprise
# setting this env var will make the app use the team edition
- edition=team
# in case your config is not in default location
# - MM_CONFIG=/mattermost/config/config.json
deploy:
labels:
- "traefik.backend.loadbalancer.sticky=true"
- "traefik.backend.loadbalancer.swarm=true"
# the backend service needs a name
- "traefik.backend=mmapp"
# network is prefixed `mm_` as well
- "traefik.docker.network=mm_mm-out"
# generate a TLS cert for this domain
- "traefik.entrypoints=https"
- "traefik.frontend.passHostHeader=true"
# add your domain below here
- "traefik.frontend.rule=Host:mattermost.domain.com"
- "traefik.port=80"
restart_policy:
condition: on-failure
web:
# use official traefik image
image: traefik
ports:
- "80:80"
# you can view the traefik's dashboard in http://localhost:8080
- "8080:8080"
- "443:443"
networks:
- mm-out
command: --acme --acme.email="[ADD YOUR EMAIL HERE]" --acme.entrypoint=https --acme.onhostrule --acme.storage="acme/certs.json" --acme.acmelogging --web --docker --docker.domain=docker.localhost --docker.swarmmode --docker.watch --logLevel=DEBUG
volumes:
# traefik needs the docker socket in order to work properly
- /var/run/docker.sock:/var/run/docker.sock
# no traefik config file is being used
# you can deep further in the traefik docs
# http://docs.traefik.io/user-guide/examples/
- /dev/null:/traefik.toml
# use a named-volume for certs persistency
- traefik-certs:/acme
deploy:
restart_policy:
condition: on-failure

165
contrib/swarm/docker-stack.yml
View File

@ -1,78 +1,107 @@
# This file allow you to run mattermost within your docker swarm mode cluster
# This file allows you to run mattermost within your docker swarm mode cluster
# for more informations check: https://docs.docker.com/engine/swarm/
#
# Simply run:
#
# `docker stack up [STACK NAME] -c docker-stack.yml`
#
# In this case `mm` is going to be stack name, so the command will be:
#
# `docker stack up mm -c docker-stack.yml`
#
# From now on all the services that belong to this stack will be prefixed with `mm_`
# this file defines 3 services, these are going to be mm_db, mm_app and mm_web,
# each of these names is the service's hostname as well, they can communicate
# with each other easily by using the hostname instead of the ip or exposing ports to the host.
#
# As a side note, images tagged as latest are pulled by default,
# that means there's no need to use `image:latest`
#
# use latest compose v3.3 file format for optimal compatibility with latest docker release and swarm features.
# see https://docs.docker.com/compose/compose-file/compose-versioning/#version-3
# and https://docs.docker.com/compose/compose-file/compose-versioning/#version-33
# and https://docs.docker.com/compose/compose-file/compose-versioning/#upgrading
version: '3.3'
services:
db:
# use official mattermost prod-db image
image: mattermost/mattermost-prod-db:latest
ports:
- "5432"
networks:
- mm-network
volumes:
# use a named-volume for data persistency
- mm-dbdata:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
POSTGRES_USER: mmuser
POSTGRES_PASSWORD: mmuser_password
POSTGRES_DB: mattermost
# uncomment the following to enable backup
# AWS_ACCESS_KEY_ID=XXXX
# AWS_SECRET_ACCESS_KEY=XXXX
# WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
# AWS_REGION=us-east-1
deploy:
restart_policy:
condition: on-failure
app:
# use official mattermost prod-app image
image: mattermost/mattermost-prod-app:latest
ports:
- "8065"
networks:
- mm-network
volumes:
- /var/lib/mattermost/config:/mattermost/config:rw
- /var/lib/mattermost/data:/mattermost/data:rw
- /var/lib/mattermost/logs:/mattermost/logs:rw
- /etc/localtime:/etc/localtime:ro
environment:
DB_HOST: db
DB_PORT_NUMBER: 5432
MM_USERNAME: mmuser
MM_PASSWORD: mmuser_password
MM_DBNAME: mattermost
# in case your config is not in default location
# MM_CONFIG=/mattermost/config/config.json
deploy:
restart_policy:
condition: on-failure
web:
# use official mattermost prod-web image
image: mattermost/mattermost-prod-web:latest
ports:
- "80:80"
- "443:443"
networks:
- mm-network
volumes:
# This directory must have cert files
- /var/lib/mattermost/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
deploy:
restart_policy:
condition: on-failure
networks:
mm-network:
# network for App <-> DB transactions
mm-in:
driver: overlay
internal: true
# this network faces the outside world
mm-out:
driver: overlay
internal: false
volumes:
mm-dbdata:
mm-dbdata:
services:
db:
# use official mattermost prod-db image
image: mattermost/mattermost-prod-db
networks:
- mm-in
volumes:
# use a named-volume for data persistency
- mm-dbdata:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=mmuser_password
- POSTGRES_DB=mattermost
# uncomment the following to enable backup
# - AWS_ACCESS_KEY_ID=XXXX
# - AWS_SECRET_ACCESS_KEY=XXXX
# - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
# - AWS_REGION=us-east-1
deploy:
restart_policy:
condition: on-failure
app:
# use official mattermost prod-app image
image: mattermost/mattermost-prod-app
networks:
- mm-in
- mm-out
volumes:
- /var/lib/mattermost/config:/mattermost/config:rw
- /var/lib/mattermost/data:/mattermost/data:rw
- /var/lib/mattermost/logs:/mattermost/logs:rw
- /etc/localtime:/etc/localtime:ro
environment:
# use service's hostname
- DB_HOST=mm_db
# talk to the port within the overlay network
# without (over)exposing ports
- DB_PORT_NUMBER=5432
- MM_USERNAME=mmuser
- MM_PASSWORD=mmuser_password
- MM_DBNAME=mattermost
# pass the edition to be used, default is enterprise
# setting this env var will make the app use the team edition
- edition=team
# in case your config is not in default location
# - MM_CONFIG=/mattermost/config/config.json
deploy:
restart_policy:
condition: on-failure
web:
# use official mattermost prod-web image
image: mattermost/mattermost-prod-web
ports:
- "80:80"
- "443:443"
networks:
- mm-out
volumes:
# This directory must have cert files
- /var/lib/mattermost/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
environment:
# use app service's hostname
- APP_HOST=mm_app
# talk to the port within the overlay network
# without (over)exposing ports
- APP_PORT_NUMBER=80
deploy:
restart_policy:
condition: on-failure