From 242ecdd53e16ff47ec1530230386f3cbe15052d5 Mon Sep 17 00:00:00 2001 From: Sun-ZhenXing <1006925066@qq.com> Date: Tue, 6 Jan 2026 11:21:42 +0800 Subject: [PATCH] chore: update version --- README.md | 6 +++--- README.zh.md | 6 +++--- builds/debian-dind/.env.example | 4 ++-- builds/debian-dind/Dockerfile | 9 +++++++-- builds/debian-dind/README.md | 5 +++-- builds/debian-dind/README.zh.md | 5 +++-- builds/debian-dind/docker-compose.yaml | 4 ++-- builds/debian-dind/dockerd-entrypoint.sh | 15 ++++++++++++++- builds/microsandbox/docker-compose.yaml | 5 ----- src/bifrost-gateway/.env.example | 2 +- src/bifrost-gateway/README.md | 2 +- src/bifrost-gateway/README.zh.md | 2 +- src/bifrost-gateway/docker-compose.yaml | 2 +- src/open-webui/.env.example | 22 +++++++++++++++++----- src/open-webui/README.md | 6 ++++++ src/open-webui/README.zh.md | 10 ++++++++-- src/open-webui/docker-compose.yaml | 6 +++--- src/phoenix/.env.example | 2 +- src/phoenix/README.md | 2 +- src/phoenix/README.zh.md | 2 +- src/phoenix/docker-compose.yaml | 2 +- 21 files changed, 79 insertions(+), 40 deletions(-) diff --git a/README.md b/README.md index 7688568..2048d33 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ These services require building custom Docker images from source. | Service | Version | | ------------------------------------------- | ------- | -| [Debian DinD](./builds/debian-dind) | 0.1.1 | +| [Debian DinD](./builds/debian-dind) | 0.1.2 | | [goose](./builds/goose) | 1.18.0 | | [IOPaint](./builds/io-paint) | 1.6.0 | | [K3s inside DinD](./builds/k3s-inside-dind) | 0.2.2 | @@ -26,7 +26,7 @@ These services require building custom Docker images from source. | [Apache Kafka](./src/kafka) | 7.8.0 | | [Apache Pulsar](./src/pulsar) | 4.0.7 | | [Apache RocketMQ](./src/rocketmq) | 5.3.1 | -| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.54 | +| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.59 | | [Bolt.diy](./apps/bolt-diy) | latest | | [Budibase](./src/budibase) | 3.23.0 | | [Bytebot](./src/bytebot) | edge | @@ -87,7 +87,7 @@ These services require building custom Docker images from source. | [Odoo](./src/odoo) | 19.0 | | [Ollama](./src/ollama) | 0.12.0 | | [Open WebUI](./src/open-webui) | main | -| [Phoenix (Arize)](./src/phoenix) | 12.19.0 | +| [Phoenix (Arize)](./src/phoenix) | 12.27.0-nonroot | | [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 | | [Open WebUI Rust](./src/open-webui-rust) | latest | | [OpenCoze](./apps/opencoze) | See Docs | diff --git a/README.zh.md b/README.zh.md index ea7affe..72d650e 100644 --- a/README.zh.md +++ b/README.zh.md @@ -8,7 +8,7 @@ Compose Anything 通过提供一组高质量的 Docker Compose 配置文件, | 服务 | 版本 | | ------------------------------------------- | ------ | -| [Debian DinD](./builds/debian-dind) | 0.1.1 | +| [Debian DinD](./builds/debian-dind) | 0.1.2 | | [goose](./builds/goose) | 1.18.0 | | [IOPaint](./builds/io-paint) | 1.6.0 | | [K3s inside DinD](./builds/k3s-inside-dind) | 0.2.2 | @@ -26,7 +26,7 @@ Compose Anything 通过提供一组高质量的 Docker Compose 配置文件, | [Apache Kafka](./src/kafka) | 7.8.0 | | [Apache Pulsar](./src/pulsar) | 4.0.7 | | [Apache RocketMQ](./src/rocketmq) | 5.3.1 | -| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.54 | +| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.59 | | [Bolt.diy](./apps/bolt-diy) | latest | | [Budibase](./src/budibase) | 3.23.0 | | [Bytebot](./src/bytebot) | edge | @@ -87,7 +87,7 @@ Compose Anything 通过提供一组高质量的 Docker Compose 配置文件, | [Odoo](./src/odoo) | 19.0 | | [Ollama](./src/ollama) | 0.12.0 | | [Open WebUI](./src/open-webui) | main | -| [Phoenix (Arize)](./src/phoenix) | 12.19.0 | +| [Phoenix (Arize)](./src/phoenix) | 12.27.0-nonroot | | [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 | | [Open WebUI Rust](./src/open-webui-rust) | latest | | [OpenCoze](./apps/opencoze) | See Docs | diff --git a/builds/debian-dind/.env.example b/builds/debian-dind/.env.example index e66c917..a062fbd 100644 --- a/builds/debian-dind/.env.example +++ b/builds/debian-dind/.env.example @@ -4,8 +4,8 @@ # GLOBAL_REGISTRY= # Image versions -DEBIAN_DIND_VERSION=0.1.1 -DEBIAN_DIND_GPU_VERSION=0.1.1-gpu +DEBIAN_DIND_VERSION=0.1.2 +DEBIAN_DIND_GPU_VERSION=0.1.2-gpu # Timezone (default: UTC) TZ=UTC diff --git a/builds/debian-dind/Dockerfile b/builds/debian-dind/Dockerfile index 0d4615d..d349b1f 100644 --- a/builds/debian-dind/Dockerfile +++ b/builds/debian-dind/Dockerfile @@ -16,6 +16,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ xfsprogs \ xz-utils \ pigz \ + crun \ && rm -rf /var/lib/apt/lists/* # Install Docker @@ -36,13 +37,17 @@ RUN install -m 0755 -d /etc/apt/keyrings \ docker-compose-plugin \ && rm -rf /var/lib/apt/lists/* +# Configure Docker to use crun as the default runtime +RUN mkdir -p /etc/docker && \ + echo '{\n "default-runtime": "crun",\n "runtimes": {\n "crun": {\n "path": "/usr/bin/crun"\n }\n }\n}' > /etc/docker/daemon.json + # Install NVIDIA Container Toolkit (Optional) ARG INSTALL_NVIDIA_TOOLKIT=false RUN if [ "$INSTALL_NVIDIA_TOOLKIT" = "true" ]; then \ curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg \ && curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \ - sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \ - tee /etc/apt/sources.list.d/nvidia-container-toolkit.list \ + sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \ + tee /etc/apt/sources.list.d/nvidia-container-toolkit.list \ && apt-get update \ && apt-get install -y nvidia-container-toolkit \ && nvidia-ctk runtime configure --runtime=docker \ diff --git a/builds/debian-dind/README.md b/builds/debian-dind/README.md index c4e5d8a..15c2920 100644 --- a/builds/debian-dind/README.md +++ b/builds/debian-dind/README.md @@ -6,6 +6,7 @@ A Docker-in-Docker (DinD) service based on Debian, allowing you to run Docker in - Based on latest stable Debian (13.2-slim) - Out-of-the-box Docker daemon +- Uses `crun` as the default runtime for better performance and lower memory footprint - Optional NVIDIA Container Toolkit for GPU support - Resource limits configured - Healthcheck included @@ -39,8 +40,8 @@ Key environment variables (see `.env.example` for all options): | Variable | Description | Default | | ------------------------- | ----------------------------------- | -------------------- | | `GLOBAL_REGISTRY` | Global registry prefix (optional) | - | -| `DEBIAN_DIND_VERSION` | Main DinD image version | `0.1.1` | -| `DEBIAN_DIND_GPU_VERSION` | GPU-enabled DinD image version | `0.1.1-gpu` | +| `DEBIAN_DIND_VERSION` | Main DinD image version | `0.1.2` | +| `DEBIAN_DIND_GPU_VERSION` | GPU-enabled DinD image version | `0.1.2-gpu` | | `DEBIAN_VERSION` | Debian base image version | `13.2-slim` | | `DIND_PORT_OVERRIDE` | Host port for Docker daemon | `2375` | | `INSTALL_NVIDIA_TOOLKIT` | Install NVIDIA toolkit during build | `false` | diff --git a/builds/debian-dind/README.zh.md b/builds/debian-dind/README.zh.md index 812fad9..5a7bf47 100644 --- a/builds/debian-dind/README.zh.md +++ b/builds/debian-dind/README.zh.md @@ -6,6 +6,7 @@ - 基于最新稳定版 Debian(13.2-slim) - 开箱即用的 Docker 守护进程 +- 使用 `crun` 作为默认运行时,提供更好的性能和更低的内存占用 - 可选的 NVIDIA Container Toolkit,支持 GPU - 配置了资源限制 - 包含健康检查 @@ -39,8 +40,8 @@ | 变量 | 说明 | 默认值 | | ------------------------- | ------------------------- | ---------------- | | `GLOBAL_REGISTRY` | 全局镜像仓库前缀(可选) | - | -| `DEBIAN_DIND_VERSION` | 主 DinD 镜像版本 | `0.1.1` | -| `DEBIAN_DIND_GPU_VERSION` | GPU 版本 DinD 镜像版本 | `0.1.1-gpu` | +| `DEBIAN_DIND_VERSION` | 主 DinD 镜像版本 | `0.1.2` | +| `DEBIAN_DIND_GPU_VERSION` | GPU 版本 DinD 镜像版本 | `0.1.2-gpu` | | `DEBIAN_VERSION` | Debian 基础镜像版本 | `13.2-slim` | | `DIND_PORT_OVERRIDE` | Docker 守护进程的主机端口 | `2375` | | `INSTALL_NVIDIA_TOOLKIT` | 构建时安装 NVIDIA 工具包 | `false` | diff --git a/builds/debian-dind/docker-compose.yaml b/builds/debian-dind/docker-compose.yaml index 02fbe3b..fb1620f 100644 --- a/builds/debian-dind/docker-compose.yaml +++ b/builds/debian-dind/docker-compose.yaml @@ -12,7 +12,7 @@ x-defaults: &defaults services: dind: <<: *defaults - image: ${GLOBAL_REGISTRY:-}alexsuntop/debian-dind:${DEBIAN_DIND_VERSION:-0.1.1} + image: ${GLOBAL_REGISTRY:-}alexsuntop/debian-dind:${DEBIAN_DIND_VERSION:-0.1.2} profiles: - ${COMPOSE_PROFILES:-} build: @@ -50,7 +50,7 @@ services: # GPU-enabled DinD (optional) dind-gpu: <<: *defaults - image: ${GLOBAL_REGISTRY:-}alexsuntop/debian-dind:${DEBIAN_DIND_GPU_VERSION:-0.1.1-gpu} + image: ${GLOBAL_REGISTRY:-}alexsuntop/debian-dind:${DEBIAN_DIND_GPU_VERSION:-0.1.2-gpu} profiles: - gpu build: diff --git a/builds/debian-dind/dockerd-entrypoint.sh b/builds/debian-dind/dockerd-entrypoint.sh index 426fb2b..3e30609 100644 --- a/builds/debian-dind/dockerd-entrypoint.sh +++ b/builds/debian-dind/dockerd-entrypoint.sh @@ -25,7 +25,7 @@ if [ -z "$DOCKER_HOST" ]; then if [ -d /sys/fs/cgroup/cgroup.controllers ]; then # It is cgroup2 but maybe not mounted as such? # Actually if it exists, it's likely v2. - : + mount -t cgroup2 -o nsdelegate cgroup2 /sys/fs/cgroup || true else # cgroup v1 for subsystem in $(awk '/^[^#]/ { print $1 }' /proc/cgroups); do @@ -36,6 +36,19 @@ if [ -z "$DOCKER_HOST" ]; then done fi fi + + # Cgroup v2 delegation: move current process to a child cgroup and enable controllers + if [ -f /sys/fs/cgroup/cgroup.controllers ]; then + # Move current shell and future processes to a child cgroup + # this is required for cgroup v2 "no processes in internal nodes" rule + mkdir -p /sys/fs/cgroup/init + echo 0 > /sys/fs/cgroup/init/cgroup.procs 2>/dev/null || true + + # Enable all available controllers for child cgroups + for controller in $(cat /sys/fs/cgroup/cgroup.controllers); do + echo "+$controller" > /sys/fs/cgroup/cgroup.subtree_control 2>/dev/null || true + done + fi ;; esac fi diff --git a/builds/microsandbox/docker-compose.yaml b/builds/microsandbox/docker-compose.yaml index eba9a6a..0d41d61 100644 --- a/builds/microsandbox/docker-compose.yaml +++ b/builds/microsandbox/docker-compose.yaml @@ -27,11 +27,6 @@ services: ports: - ${MICROSANDBOX_PORT_OVERRIDE:-5555}:${MICROSANDBOX_PORT:-5555} privileged: true - cap_add: - - SYS_ADMIN - - NET_ADMIN - - SYS_PTRACE - - SYS_RESOURCE security_opt: - apparmor=unconfined - seccomp=unconfined diff --git a/src/bifrost-gateway/.env.example b/src/bifrost-gateway/.env.example index 4278ff8..847ed1c 100644 --- a/src/bifrost-gateway/.env.example +++ b/src/bifrost-gateway/.env.example @@ -1,5 +1,5 @@ # Bifrost Gateway Version -BIFROST_VERSION=v1.3.54 +BIFROST_VERSION=v1.3.59 # Port to bind to on the host machine BIFROST_PORT=28080 diff --git a/src/bifrost-gateway/README.md b/src/bifrost-gateway/README.md index d311219..c566cf6 100644 --- a/src/bifrost-gateway/README.md +++ b/src/bifrost-gateway/README.md @@ -12,7 +12,7 @@ Bifrost is a lightweight, high-performance LLM gateway that supports multiple mo ## Configuration -- `BIFROST_VERSION`: The version of the Bifrost image, default is `v1.3.54`. +- `BIFROST_VERSION`: The version of the Bifrost image, default is `v1.3.59`. - `BIFROST_PORT`: The port for the Bifrost service, default is `28080`. ### Telemetry diff --git a/src/bifrost-gateway/README.zh.md b/src/bifrost-gateway/README.zh.md index 05e68a5..8aaecf6 100644 --- a/src/bifrost-gateway/README.zh.md +++ b/src/bifrost-gateway/README.zh.md @@ -12,7 +12,7 @@ Bifrost 是一个轻量级、高性能的 LLM 网关,支持多种模型和提 ## 配置 -- `BIFROST_VERSION`: Bifrost 镜像的版本,默认为 `v1.3.54`。 +- `BIFROST_VERSION`: Bifrost 镜像的版本,默认为 `v1.3.59`。 - `BIFROST_PORT`: Bifrost 服务的端口,默认为 `28080`。 ### 遥测 (Telemetry) diff --git a/src/bifrost-gateway/docker-compose.yaml b/src/bifrost-gateway/docker-compose.yaml index acabb96..98a3d35 100644 --- a/src/bifrost-gateway/docker-compose.yaml +++ b/src/bifrost-gateway/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: bifrost: <<: *defaults - image: ${GLOBAL_REGISTRY:-}maximhq/bifrost:${BIFROST_VERSION:-v1.3.54} + image: ${GLOBAL_REGISTRY:-}maximhq/bifrost:${BIFROST_VERSION:-v1.3.59} volumes: - bifrost_data:/app/data ports: diff --git a/src/open-webui/.env.example b/src/open-webui/.env.example index 4b73800..414be01 100644 --- a/src/open-webui/.env.example +++ b/src/open-webui/.env.example @@ -1,15 +1,27 @@ +# Global Registry Prefix (optional) +# GHCR_IO_REGISTRY=ghcr.io + # Open WebUI Version OPEN_WEBUI_VERSION=main +# Timezone +TZ=UTC + # Port to bind to on the host machine -OPEN_WEBUI_PORT=8080 +OPEN_WEBUI_PORT_OVERRIDE=8080 + +# Resource Limits +OPEN_WEBUI_CPU_LIMIT=1 +OPEN_WEBUI_MEMORY_LIMIT=1024M +OPEN_WEBUI_CPU_RESERVATION=0.5 +OPEN_WEBUI_MEMORY_RESERVATION=512M # OpenAI API Configuration (optional) -OPENAI_API_BASE_URL=https://api.openai.com/v1 -OPENAI_API_KEY= +# OPENAI_API_BASE_URL=https://api.openai.com/v1 +# OPENAI_API_KEY= # Enable Ollama API integration (default: true) -ENABLE_OLLAMA_API=true +# ENABLE_OLLAMA_API=true # WebUI URL (optional, for external access configuration) -WEBUI_URL= +# WEBUI_URL= diff --git a/src/open-webui/README.md b/src/open-webui/README.md index 0825e80..3a6eb34 100644 --- a/src/open-webui/README.md +++ b/src/open-webui/README.md @@ -12,8 +12,14 @@ This service deploys Open WebUI, a web-based interface for LLMs. ## Configuration +- `GHCR_IO_REGISTRY`: The registry prefix for the Open WebUI image, default is `ghcr.io`. - `OPEN_WEBUI_VERSION`: The version of the Open WebUI image, default is `main`. +- `TZ`: The timezone for the container, default is `UTC`. - `OPEN_WEBUI_PORT_OVERRIDE`: The host port for Open WebUI, default is `8080`. +- `OPEN_WEBUI_CPU_LIMIT`: The CPU limit for the Open WebUI service, default is `1`. +- `OPEN_WEBUI_MEMORY_LIMIT`: The memory limit for the Open WebUI service, default is `1024M`. +- `OPEN_WEBUI_CPU_RESERVATION`: The CPU reservation for the Open WebUI service, default is `0.5`. +- `OPEN_WEBUI_MEMORY_RESERVATION`: The memory reservation for the Open WebUI service, default is `512M`. ## Volumes diff --git a/src/open-webui/README.zh.md b/src/open-webui/README.zh.md index 2c5b553..f2ec858 100644 --- a/src/open-webui/README.zh.md +++ b/src/open-webui/README.zh.md @@ -12,8 +12,14 @@ ## 配置 -- `OPEN_WEBUI_VERSION`: Open WebUI 镜像的版本,默认为 `main`。 -- `OPEN_WEBUI_PORT_OVERRIDE`: Open WebUI 的主机端口,默认为 `8080`。 +- `GHCR_IO_REGISTRY` :Open WebUI 镜像的仓库前缀,默认为 `ghcr.io`。 +- `OPEN_WEBUI_VERSION` :Open WebUI 镜像的版本,默认为 `main`。 +- `TZ` :容器的时区,默认为 `UTC`。 +- `OPEN_WEBUI_PORT_OVERRIDE` :Open WebUI 的主机端口,默认为 `8080`。 +- `OPEN_WEBUI_CPU_LIMIT` :Open WebUI 服务的 CPU 限制,默认为 `1`。 +- `OPEN_WEBUI_MEMORY_LIMIT` :Open WebUI 服务的内存限制,默认为 `1024M`。 +- `OPEN_WEBUI_CPU_RESERVATION` :Open WebUI 服务的 CPU 预留,默认为 `0.5`。 +- `OPEN_WEBUI_MEMORY_RESERVATION` :Open WebUI 服务的内存预留,默认为 `512M`。 ## 卷 diff --git a/src/open-webui/docker-compose.yaml b/src/open-webui/docker-compose.yaml index f8370f4..837a0d1 100644 --- a/src/open-webui/docker-compose.yaml +++ b/src/open-webui/docker-compose.yaml @@ -23,10 +23,10 @@ services: resources: limits: cpus: ${OPEN_WEBUI_CPU_LIMIT:-1} - memory: ${OPEN_WEBUI_MEMORY_LIMIT:-512M} + memory: ${OPEN_WEBUI_MEMORY_LIMIT:-1024M} reservations: - cpus: ${OPEN_WEBUI_CPU_RESERVATION:-0.1} - memory: ${OPEN_WEBUI_MEMORY_RESERVATION:-128M} + cpus: ${OPEN_WEBUI_CPU_RESERVATION:-0.5} + memory: ${OPEN_WEBUI_MEMORY_RESERVATION:-512M} volumes: open_webui_data: diff --git a/src/phoenix/.env.example b/src/phoenix/.env.example index bc26c96..ded75c8 100644 --- a/src/phoenix/.env.example +++ b/src/phoenix/.env.example @@ -1,5 +1,5 @@ # Phoenix version -PHOENIX_VERSION=12.25.0-nonroot +PHOENIX_VERSION=12.27.0-nonroot # Timezone TZ=UTC diff --git a/src/phoenix/README.md b/src/phoenix/README.md index 34daa73..2a39653 100644 --- a/src/phoenix/README.md +++ b/src/phoenix/README.md @@ -20,7 +20,7 @@ Arize Phoenix is an open-source AI observability platform for LLM applications. | Variable Name | Description | Default Value | | -------------------------- | ------------------------------------- | ----------------- | -| PHOENIX_VERSION | Phoenix image version | `12.25.0-nonroot` | +| PHOENIX_VERSION | Phoenix image version | `12.27.0-nonroot` | | PHOENIX_PORT_OVERRIDE | Host port for Phoenix UI and HTTP API | `6006` | | PHOENIX_GRPC_PORT_OVERRIDE | Host port for OTLP gRPC collector | `4317` | | PHOENIX_ENABLE_PROMETHEUS | Enable Prometheus metrics endpoint | `false` | diff --git a/src/phoenix/README.zh.md b/src/phoenix/README.zh.md index 102ddcc..c56aeb3 100644 --- a/src/phoenix/README.zh.md +++ b/src/phoenix/README.zh.md @@ -20,7 +20,7 @@ Arize Phoenix 是一个开源的 AI 可观测性平台,专为 LLM 应用设计 | 变量名 | 描述 | 默认值 | | -------------------------- | --------------------------------- | ----------------- | -| PHOENIX_VERSION | Phoenix 镜像版本 | `12.25.0-nonroot` | +| PHOENIX_VERSION | Phoenix 镜像版本 | `12.27.0-nonroot` | | PHOENIX_PORT_OVERRIDE | Phoenix UI 和 HTTP API 的主机端口 | `6006` | | PHOENIX_GRPC_PORT_OVERRIDE | OTLP gRPC 采集器的主机端口 | `4317` | | PHOENIX_ENABLE_PROMETHEUS | 启用 Prometheus 指标端点 | `false` | diff --git a/src/phoenix/docker-compose.yaml b/src/phoenix/docker-compose.yaml index 9b1b8fe..60f4cad 100644 --- a/src/phoenix/docker-compose.yaml +++ b/src/phoenix/docker-compose.yaml @@ -12,7 +12,7 @@ x-defaults: &defaults services: phoenix: <<: *defaults - image: ${GLOBAL_REGISTRY:-}arizephoenix/phoenix:${PHOENIX_VERSION:-12.25.0-nonroot} + image: ${GLOBAL_REGISTRY:-}arizephoenix/phoenix:${PHOENIX_VERSION:-12.27.0-nonroot} ports: - "${PHOENIX_PORT_OVERRIDE:-6006}:6006" # UI and OTLP HTTP collector - "${PHOENIX_GRPC_PORT_OVERRIDE:-4317}:4317" # OTLP gRPC collector