microshift-docker-compose/docker-compose.yml at main · righteouslabs/microshift-docker-compose · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
services:

  microshift:
    image: &microshift-image ghcr.io/microshift-io/microshift:4.21.0_g29f429c21_4.21.0_okd_scos.ec.15
    container_name: microshift
    hostname: microshift
    privileged: true
    tty: true
    cpus: 2
    mem_limit: 4g
    memswap_limit: 4g
    ulimits:
      nofile:
        soft: 524288
        hard: 524288
    depends_on:
      lvm-setup:
        condition: service_completed_successfully
    ports:
      - "6443:6443"
      - "9000:9000"
    volumes:
      - /dev:/dev
      - microshift-data:/var/lib/microshift
      - ./config/api_server.yaml:/etc/microshift/config.d/api_server.yaml:ro
      - ./config/storage.yaml:/etc/microshift/config.d/01-disable-storage-csi.yaml:ro
      - ./manifests/topolvm-fix:/etc/microshift/manifests.d/002-topolvm-fix:ro
    tmpfs:
      - /var/lib/containers
      - /tmp
      - /run
    dns_search:
      - "."
    healthcheck:
      test: ["CMD", "test", "-f", "/var/lib/microshift/resources/kubeadmin/microshift/kubeconfig"]
      interval: 10s
      timeout: 5s
      retries: 30
      start_period: 120s

  lvm-setup:
    # Matches upstream cluster_manager.sh: create loopback LVM before MicroShift starts.
    # TopoLVM auto-discovers the "myvg1" volume group for PVC provisioning.
    image: *microshift-image
    container_name: microshift-lvm-setup
    privileged: true
    volumes:
      - /dev:/dev
      - microshift-data:/var/lib/microshift
    entrypoint: /bin/bash
    command:
      - -c
      - |
        VG_NAME="myvg1"
        BACKING_FILE="/var/lib/microshift/lvm-backing.img"

        if vgs "$$VG_NAME" &>/dev/null; then
            echo "Volume group $$VG_NAME already exists, skipping setup"
            exit 0
        fi

        echo "Creating sparse backing file at $$BACKING_FILE..."
        truncate -s 1G "$$BACKING_FILE"

        echo "Setting up loopback device..."
        LOOP=$$(losetup --find --show "$$BACKING_FILE")
        echo "Loop device: $$LOOP"

        echo "Creating volume group $$VG_NAME..."
        vgcreate -f -y "$$VG_NAME" "$$LOOP"

        echo "LVM setup complete:"
        vgs "$$VG_NAME"

  kubeconfig:
    image: alpine:latest
    container_name: microshift-kubeconfig
    depends_on:
      microshift:
        condition: service_healthy
    volumes:
      - microshift-data:/var/lib/microshift:ro
      - ./:/output
    entrypoint: /bin/sh
    command:
      - -c
      - |
        sed 's|server: https://microshift:6443|server: https://localhost:6443|' \
          /var/lib/microshift/resources/kubeadmin/microshift/kubeconfig \
          | sed '/certificate-authority-data:/d' \
          | sed 's|server: https://localhost:6443|insecure-skip-tls-verify: true\n    server: https://localhost:6443|' \
          > /output/kubeconfig
        echo "kubeconfig written to ./kubeconfig"

  cluster-setup:
    image: bitnami/kubectl:latest
    container_name: microshift-cluster-setup
    user: "0:0"
    depends_on:
      microshift:
        condition: service_healthy
    environment:
      # Bump these versions to upgrade operators
      - PROMETHEUS_OPERATOR_VERSION=v0.82.2
      - CERT_MANAGER_VERSION=v1.19.4
      - RABBITMQ_CLUSTER_OPERATOR_VERSION=v2.19.1
      - RABBITMQ_TOPOLOGY_OPERATOR_VERSION=v1.18.3
    volumes:
      - microshift-data:/var/lib/microshift:ro
      - ./manifests:/manifests:ro
      - console-data:/console
    entrypoint: /bin/sh
    command:
      - -c
      - |
        export KUBECONFIG=/var/lib/microshift/resources/kubeadmin/microshift/kubeconfig

        echo "=== Installing Prometheus Operator CRDs $${PROMETHEUS_OPERATOR_VERSION} ==="
        curl -sL "https://github.com/prometheus-operator/prometheus-operator/releases/download/$${PROMETHEUS_OPERATOR_VERSION}/stripped-down-crds.yaml" \
          | kubectl apply --server-side -f -

        echo "=== Installing cert-manager $${CERT_MANAGER_VERSION} ==="
        curl -sL "https://github.com/cert-manager/cert-manager/releases/download/$${CERT_MANAGER_VERSION}/cert-manager.yaml" \
          | kubectl apply -f -
        echo "Waiting for cert-manager webhook to be ready..."
        kubectl wait --for=condition=Available deployment/cert-manager-webhook -n cert-manager --timeout=300s

        echo "=== Installing RabbitMQ Cluster Operator $${RABBITMQ_CLUSTER_OPERATOR_VERSION} ==="
        curl -sL "https://github.com/rabbitmq/cluster-operator/releases/download/$${RABBITMQ_CLUSTER_OPERATOR_VERSION}/cluster-operator.yml" \
          | sed 's|image: rabbitmqoperator/|image: docker.io/rabbitmqoperator/|g' \
          | kubectl apply -f -
        echo "Waiting for RabbitMQ Cluster Operator to be ready..."
        kubectl wait --for=condition=Available deployment/rabbitmq-cluster-operator -n rabbitmq-system --timeout=300s

        echo "=== Installing RabbitMQ Messaging Topology Operator $${RABBITMQ_TOPOLOGY_OPERATOR_VERSION} ==="
        curl -sL "https://github.com/rabbitmq/messaging-topology-operator/releases/download/$${RABBITMQ_TOPOLOGY_OPERATOR_VERSION}/messaging-topology-operator-with-certmanager.yaml" \
          | sed 's|image: rabbitmqoperator/|image: docker.io/rabbitmqoperator/|g' \
          | kubectl apply -f -
        echo "Waiting for RabbitMQ Messaging Topology Operator to be ready..."
        kubectl wait --for=condition=Available deployment/messaging-topology-operator -n rabbitmq-system --timeout=300s

        echo "=== Setting up OpenShift Console ==="
        kubectl apply -f /manifests/openshift-console.yaml
        echo "Creating console bearer token..."
        kubectl create token openshift-console -n openshift-console --duration=8760h > /console/token
        echo "Console bearer token written"

        echo "=== Cluster setup complete ==="

  openshift-console:
    image: quay.io/openshift/origin-console:4.17
    platform: linux/amd64
    container_name: openshift-console
    depends_on:
      cluster-setup:
        condition: service_completed_successfully
    network_mode: "service:microshift"
    volumes:
      - console-data:/console:ro
    entrypoint: /bin/sh
    command:
      - -c
      - |
        export BRIDGE_USER_AUTH=disabled
        export BRIDGE_K8S_MODE=off-cluster
        export BRIDGE_K8S_MODE_OFF_CLUSTER_ENDPOINT=https://localhost:6443
        export BRIDGE_K8S_MODE_OFF_CLUSTER_SKIP_VERIFY_TLS=true
        export BRIDGE_K8S_AUTH=bearer-token
        export BRIDGE_K8S_AUTH_BEARER_TOKEN=$(cat /console/token)
        exec /opt/bridge/bin/bridge --public-dir=/opt/bridge/static --listen=http://0.0.0.0:9000

volumes:
  microshift-data:
  console-data: