|
| 1 | +# -------------------------------------------------------------------- |
| 2 | +# Copyright (c) 2025, WSO2 LLC. (https://www.wso2.com). |
| 3 | +# |
| 4 | +# WSO2 LLC. licenses this file to you under the Apache License, |
| 5 | +# Version 2.0 (the "License"); you may not use this file except |
| 6 | +# in compliance with the License. |
| 7 | +# You may obtain a copy of the License at |
| 8 | +# |
| 9 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | +# |
| 11 | +# Unless required by applicable law or agreed to in writing, |
| 12 | +# software distributed under the License is distributed on an |
| 13 | +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 14 | +# KIND, either express or implied. See the License for the |
| 15 | +# specific language governing permissions and limitations |
| 16 | +# under the License. |
| 17 | +# -------------------------------------------------------------------- |
| 18 | + |
| 19 | +services: |
| 20 | + gateway-controller: |
| 21 | + image: ghcr.io/wso2/api-platform/gateway-controller:1.1.0-SNAPSHOT |
| 22 | + mem_limit: 60m |
| 23 | + mem_reservation: 60m |
| 24 | + cpus: 0.025 |
| 25 | + command: ["-config", "/etc/gateway-controller/config.toml"] |
| 26 | + ports: |
| 27 | + - "9090:9090" # REST API |
| 28 | + - "9094:9092" # Admin API |
| 29 | + - "9011:9091" # Metrics |
| 30 | + environment: |
| 31 | + - APIP_GW_DEVELOPMENT_MODE=true |
| 32 | + - APIP_GW_GATEWAY_REGISTRATION_TOKEN=${GATEWAY_REGISTRATION_TOKEN:-} |
| 33 | + - APIP_GW_CONTROLPLANE_HOST=${GATEWAY_CONTROLPLANE_HOST:-} |
| 34 | + volumes: |
| 35 | + - controller-data:/app/data |
| 36 | + - ./configs/config.toml:/etc/gateway-controller/config.toml:ro |
| 37 | + - ./resources/certificates:/app/certificates |
| 38 | + - ./resources/listener-certs:/app/listener-certs:ro |
| 39 | + extra_hosts: |
| 40 | + - "host.docker.internal:host-gateway" |
| 41 | + networks: |
| 42 | + - gateway-network |
| 43 | + |
| 44 | + gateway-runtime: |
| 45 | + image: ghcr.io/wso2/api-platform/gateway-runtime:1.1.0-SNAPSHOT |
| 46 | + mem_limit: 180m |
| 47 | + mem_reservation: 180m |
| 48 | + cpus: 0.175 |
| 49 | + command: ["--pol.config", "/etc/policy-engine/config.toml"] |
| 50 | + ports: |
| 51 | + # Router (Envoy) |
| 52 | + - "8080:8080" # HTTP ingress |
| 53 | + - "8443:8443" # HTTPS ingress |
| 54 | + - "8081:8081" # xDS-managed API listener |
| 55 | + - "9901:9901" # Envoy admin |
| 56 | + # Policy Engine |
| 57 | + - "9002:9002" # Admin API |
| 58 | + - "9003:9003" # Metrics |
| 59 | + environment: |
| 60 | + - GATEWAY_CONTROLLER_HOST=gateway-controller |
| 61 | + - MOESIF_KEY=${MOESIF_KEY:-} |
| 62 | + volumes: |
| 63 | + - ./configs/config.toml:/etc/policy-engine/config.toml:ro |
| 64 | + - ./configs/llm-pricing/model_prices.json:/etc/policy-engine/llm-pricing/model_prices.json:ro |
| 65 | + networks: |
| 66 | + - gateway-network |
| 67 | + |
| 68 | + jaeger: |
| 69 | + image: jaegertracing/all-in-one:1.76.0 |
| 70 | + environment: |
| 71 | + - COLLECTOR_OTLP_ENABLED=true |
| 72 | + ports: |
| 73 | + - "16686:16686" # Jaeger UI |
| 74 | + - "14268:14268" # Jaeger collector HTTP |
| 75 | + networks: |
| 76 | + - gateway-network |
| 77 | + profiles: ["tracing"] |
| 78 | + |
| 79 | + otel-collector: |
| 80 | + image: otel/opentelemetry-collector:0.112.0 |
| 81 | + command: ["--config=/etc/otel-collector-config.yaml"] |
| 82 | + volumes: |
| 83 | + - ./observability/otel-collector/config.yaml:/etc/otel-collector-config.yaml |
| 84 | + ports: |
| 85 | + - "4317:4317" # OTLP gRPC receiver |
| 86 | + - "4318:4318" # OTLP HTTP receiver |
| 87 | + networks: |
| 88 | + - gateway-network |
| 89 | + depends_on: |
| 90 | + - jaeger |
| 91 | + profiles: ["tracing"] |
| 92 | + |
| 93 | + opensearch: |
| 94 | + image: opensearchproject/opensearch:3.4.0 |
| 95 | + environment: |
| 96 | + - cluster.name=opensearch-cluster |
| 97 | + - node.name=opensearch-node1 |
| 98 | + - discovery.type=single-node |
| 99 | + - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m |
| 100 | + - DISABLE_SECURITY_PLUGIN=true |
| 101 | + - DISABLE_INSTALL_DEMO_CONFIG=true |
| 102 | + ports: |
| 103 | + - "9200:9200" |
| 104 | + - "9600:9600" |
| 105 | + volumes: |
| 106 | + - opensearch-data:/usr/share/opensearch/data |
| 107 | + networks: |
| 108 | + - gateway-network |
| 109 | + profiles: ["logging"] |
| 110 | + |
| 111 | + opensearch-dashboards: |
| 112 | + image: opensearchproject/opensearch-dashboards:3.4.0 |
| 113 | + environment: |
| 114 | + - OPENSEARCH_HOSTS=["http://opensearch:9200"] |
| 115 | + - DISABLE_SECURITY_DASHBOARDS_PLUGIN=true |
| 116 | + ports: |
| 117 | + - "5601:5601" |
| 118 | + networks: |
| 119 | + - gateway-network |
| 120 | + depends_on: |
| 121 | + - opensearch |
| 122 | + profiles: ["logging"] |
| 123 | + |
| 124 | + fluent-bit: |
| 125 | + image: fluent/fluent-bit:4.2.1 |
| 126 | + volumes: |
| 127 | + - /var/lib/docker/containers:/var/lib/docker/containers:ro |
| 128 | + - ./observability/fluent-bit/fluent-bit.conf:/fluent-bit/etc/fluent-bit.conf |
| 129 | + - ./observability/fluent-bit/parsers.conf:/fluent-bit/etc/parsers.conf |
| 130 | + - ./observability/fluent-bit/add_component.lua:/fluent-bit/scripts/add_component.lua |
| 131 | + command: /fluent-bit/bin/fluent-bit -c /fluent-bit/etc/fluent-bit.conf |
| 132 | + networks: |
| 133 | + - gateway-network |
| 134 | + depends_on: |
| 135 | + - opensearch |
| 136 | + profiles: ["logging"] |
| 137 | + |
| 138 | + prometheus: |
| 139 | + image: prom/prometheus:v3.3.1 |
| 140 | + volumes: |
| 141 | + - ./observability/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro |
| 142 | + - prometheus-data:/prometheus |
| 143 | + command: |
| 144 | + - '--config.file=/etc/prometheus/prometheus.yml' |
| 145 | + - '--storage.tsdb.path=/prometheus' |
| 146 | + - '--web.enable-lifecycle' |
| 147 | + ports: |
| 148 | + - "9092:9090" # Prometheus UI (9092 to avoid conflict with gateway-controller) |
| 149 | + networks: |
| 150 | + - gateway-network |
| 151 | + profiles: ["metrics"] |
| 152 | + |
| 153 | + grafana: |
| 154 | + image: "grafana/grafana:latest" |
| 155 | + environment: |
| 156 | + - GF_SECURITY_ADMIN_PASSWORD=admin |
| 157 | + - GF_USERS_ALLOW_SIGN_UP=false |
| 158 | + - GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH=/etc/grafana/provisioning/dashboards/infrastructure-overview.json |
| 159 | + volumes: |
| 160 | + - grafana-data:/var/lib/grafana |
| 161 | + - ./observability/grafana/provisioning/datasources:/etc/grafana/provisioning/datasources:ro |
| 162 | + - ./observability/grafana/provisioning/dashboards:/etc/grafana/provisioning/dashboards:ro |
| 163 | + - ./observability/grafana/dashboards:/etc/grafana/dashboards:ro |
| 164 | + ports: |
| 165 | + - "3000:3000" # Grafana UI |
| 166 | + networks: |
| 167 | + - gateway-network |
| 168 | + depends_on: |
| 169 | + - prometheus |
| 170 | + profiles: ["metrics"] |
| 171 | + |
| 172 | +volumes: |
| 173 | + controller-data: |
| 174 | + driver: local |
| 175 | + opensearch-data: |
| 176 | + driver: local |
| 177 | + prometheus-data: |
| 178 | + driver: local |
| 179 | + grafana-data: |
| 180 | + driver: local |
| 181 | + |
| 182 | +networks: |
| 183 | + gateway-network: |
| 184 | + driver: bridge |
0 commit comments