alexsun/compose-anything
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add apisix/etcd/grafana/prometheus

Browse Source
This commit is contained in:
Sun-ZhenXing
2025-09-26 16:40:04 +08:00
parent 8e096fb9a7
commit 30014852ca
17 changed files with 1473 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -6,15 +6,18 @@ Compose Anything helps users quickly deploy various services by providing a set
| Service | Version |
| -------------------------------------------------------- | ---------------------------- |
| [Apache APISIX](./src/apisix) | 3.13.0 |
| [Bifrost Gateway](./src/bifrost-gateway) | 1.2.15 |
| [Clash](./src/clash) | 1.18.0 |
| [Docker Registry](./src/docker-registry) | 3.0.0 |
| [etcd](./src/etcd) | 3.6.0 |
| [frpc](./src/frpc) | 0.64.0 |
| [frps](./src/frps) | 0.64.0 |
| [Gitea](./src/gitea) | 1.24.6 |
| [Gitea Runner](./src/gitea-runner) | 0.2.12 |
| [GitLab](./src/gitlab) | 17.10.4-ce.0 |
| [GitLab Runner](./src/gitlab-runner) | 17.10.1 |
| [Grafana](./src/grafana) | 12.1.1 |
| [IOPaint](./src/io-paint) | latest |
| [Milvus Standalone](./src/milvus-standalone) | 2.6.2 |
| [Milvus Standalone Embed](./src/milvus-standalone-embed) | 2.6.2 |
@@ -29,6 +32,7 @@ Compose Anything helps users quickly deploy various services by providing a set
| [OpenCut](./src/opencut) | latest |
| [PocketBase](./src/pocketbase) | 0.30.0 |
| [PostgreSQL](./src/postgres) | 17.6 |
| [Prometheus](./src/prometheus) | 3.5.0 |
| [Qdrant](./src/qdrant) | 1.15.4 |
| [RabbitMQ](./src/rabbitmq) | 4.1.4 |
| [Redis](./src/redis) | 8.2.1 |

34
src/apisix/.env.example Normal file
View File

@@ -0,0 +1,34 @@
# Apache APISIX Environment Variables
# APISIX image version
APISIX_VERSION=3.13.0-debian
# Host port mapping for HTTP traffic (9080)
APISIX_HTTP_PORT_OVERRIDE=9080
# Host port mapping for HTTPS traffic (9443)
APISIX_HTTPS_PORT_OVERRIDE=9443
# Host port mapping for Admin API (9180)
APISIX_ADMIN_PORT_OVERRIDE=9180
# Run APISIX in standalone mode (without etcd)
APISIX_STAND_ALONE=false
# etcd image version
ETCD_VERSION=v3.6.0
# Host port mapping for etcd client connections (2379)
ETCD_CLIENT_PORT_OVERRIDE=2379
# APISIX Dashboard image version
APISIX_DASHBOARD_VERSION=3.0.1-alpine
# Host port mapping for Dashboard (9000)
APISIX_DASHBOARD_PORT_OVERRIDE=9000
# Dashboard admin username
APISIX_DASHBOARD_USER=admin
# Dashboard admin password - CHANGE THIS FOR PRODUCTION!
APISIX_DASHBOARD_PASSWORD=admin

209
src/apisix/README.md Normal file
View File

@@ -0,0 +1,209 @@
# Apache APISIX
[English](./README.md) | [中文](./README.zh.md)
This service deploys Apache APISIX, a dynamic, real-time, high-performance cloud-native API gateway.
## Services
- `apisix`: The APISIX API gateway.
- `etcd`: The configuration storage backend for APISIX.
- `apisix-dashboard` (optional): Web UI for managing APISIX configuration.
## Environment Variables
| Variable Name | Description | Default Value |
| ------------------------------ | ---------------------------------------------------- | --------------- |
| APISIX_VERSION | APISIX image version | `3.13.0-debian` |
| APISIX_HTTP_PORT_OVERRIDE | Host port mapping for HTTP traffic (9080) | `9080` |
| APISIX_HTTPS_PORT_OVERRIDE | Host port mapping for HTTPS traffic (9443) | `9443` |
| APISIX_ADMIN_PORT_OVERRIDE | Host port mapping for Admin API (9180) | `9180` |
| APISIX_STAND_ALONE | Run APISIX in standalone mode (without etcd) | `false` |
| ETCD_VERSION | etcd image version | `v3.6.0` |
| ETCD_CLIENT_PORT_OVERRIDE | Host port mapping for etcd client connections (2379) | `2379` |
| APISIX_DASHBOARD_VERSION | APISIX Dashboard image version | `3.0.1-alpine` |
| APISIX_DASHBOARD_PORT_OVERRIDE | Host port mapping for Dashboard (9000) | `9000` |
| APISIX_DASHBOARD_USER | Dashboard admin username | `admin` |
| APISIX_DASHBOARD_PASSWORD | Dashboard admin password | `admin` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `apisix_logs`: A volume for storing APISIX logs.
- `etcd_data`: A volume for storing etcd configuration data.
- `dashboard_conf`: A volume for storing Dashboard configuration.
- `config.yaml`: Optional custom APISIX configuration file (mount to `/usr/local/apisix/conf/config.yaml`).
- `apisix.yaml`: Optional custom APISIX route configuration file (mount to `/usr/local/apisix/conf/apisix.yaml`).
## Network Ports
- `9080`: HTTP traffic port
- `9443`: HTTPS traffic port
- `9180`: Admin API port
- `9000`: Dashboard web interface (optional)
- `2379`: etcd client port
## Usage
### Basic Setup
1. Start the services:
```bash
docker compose up -d
```
2. Access the Admin API:
```bash
curl http://localhost:9180/apisix/admin/routes
```
### With Dashboard
To enable the web dashboard, use the `dashboard` profile:
```bash
docker compose --profile dashboard up -d
```
Access the dashboard at `http://localhost:9000` with credentials:
- Username: `admin` (configurable via `APISIX_DASHBOARD_USER`)
- Password: `admin` (configurable via `APISIX_DASHBOARD_PASSWORD`)
### Creating Routes
#### Using Admin API
Create a simple route:
```bash
curl -X PUT http://localhost:9180/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
-H 'Content-Type: application/json' \
-d '{
"uri": "/get",
"upstream": {
"type": "roundrobin",
"nodes": {
"httpbin.org:80": 1
}
}
}'
```
Test the route:
```bash
curl http://localhost:9080/get
```
#### Using Dashboard
1. Access the dashboard at `http://localhost:9000`
2. Login with admin credentials
3. Navigate to "Route" section
4. Create and configure routes through the web interface
### Configuration Files
#### Custom APISIX Configuration
Mount a custom `config.yaml` file:
```yaml
volumes:
- ./config.yaml:/usr/local/apisix/conf/config.yaml
```
Example `config.yaml`:
```yaml
apisix:
node_listen: 9080
enable_ipv6: false
enable_admin: true
port_admin: 9180
etcd:
host:
- "http://etcd:2379"
prefix: "/apisix"
timeout: 30
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091
```
#### Standalone Mode
For simple setups without etcd, enable standalone mode:
```env
APISIX_STAND_ALONE=true
```
Mount an `apisix.yaml` file with route definitions:
```yaml
volumes:
- ./apisix.yaml:/usr/local/apisix/conf/apisix.yaml
```
### SSL/TLS Configuration
To enable HTTPS:
1. Mount SSL certificates
2. Configure SSL in `config.yaml`
3. Create SSL-enabled routes
Example SSL volume mount:
```yaml
volumes:
- ./ssl:/usr/local/apisix/conf/cert
```
### Plugins
APISIX supports numerous plugins for authentication, rate limiting, logging, etc.:
- Authentication: `jwt-auth`, `key-auth`, `oauth`
- Rate Limiting: `limit-req`, `limit-conn`, `limit-count`
- Observability: `prometheus`, `zipkin`, `skywalking`
- Security: `cors`, `csrf`, `ip-restriction`
Enable plugins through the Admin API or Dashboard.
## Security Notes
- **Change the default Admin API key** (`edd1c9f034335f136f87ad84b625c8f1`) in production
- **Change dashboard credentials** for production use
- Configure proper SSL/TLS certificates for HTTPS
- Use authentication plugins for sensitive routes
- Implement rate limiting to prevent abuse
- Regular security updates are recommended
## Monitoring
APISIX provides built-in metrics for Prometheus:
- Enable the `prometheus` plugin
- Metrics available at `http://localhost:9091/apisix/prometheus/metrics`
## Performance Tuning
- Adjust worker processes based on CPU cores
- Configure appropriate buffer sizes
- Use connection pooling for upstream services
- Enable response caching when appropriate
## License
Apache APISIX is licensed under the Apache 2.0 license.

209
src/apisix/README.zh.md Normal file
View File

@@ -0,0 +1,209 @@
# Apache APISIX
[English](./README.md) | [中文](./README.zh.md)
本服务部署 Apache APISIX这是一个动态、实时、高性能的云原生 API 网关。
## 服务
- `apisix`: APISIX API 网关。
- `etcd`: APISIX 的配置存储后端。
- `apisix-dashboard`(可选): 用于管理 APISIX 配置的 Web UI。
## 环境变量
| 变量名 | 描述 | 默认值 |
| ------------------------------ | ------------------------------------- | --------------- |
| APISIX_VERSION | APISIX 镜像版本 | `3.13.0-debian` |
| APISIX_HTTP_PORT_OVERRIDE | HTTP 流量的主机端口映射9080 | `9080` |
| APISIX_HTTPS_PORT_OVERRIDE | HTTPS 流量的主机端口映射9443 | `9443` |
| APISIX_ADMIN_PORT_OVERRIDE | Admin API 的主机端口映射9180 | `9180` |
| APISIX_STAND_ALONE | 以独立模式运行 APISIX不使用 etcd | `false` |
| ETCD_VERSION | etcd 镜像版本 | `v3.6.0` |
| ETCD_CLIENT_PORT_OVERRIDE | etcd 客户端连接的主机端口映射2379 | `2379` |
| APISIX_DASHBOARD_VERSION | APISIX Dashboard 镜像版本 | `3.0.1-alpine` |
| APISIX_DASHBOARD_PORT_OVERRIDE | Dashboard 的主机端口映射9000 | `9000` |
| APISIX_DASHBOARD_USER | Dashboard 管理员用户名 | `admin` |
| APISIX_DASHBOARD_PASSWORD | Dashboard 管理员密码 | `admin` |
请根据您的使用情况修改 `.env` 文件。
## 数据卷
- `apisix_logs`: 用于存储 APISIX 日志的数据卷。
- `etcd_data`: 用于存储 etcd 配置数据的数据卷。
- `dashboard_conf`: 用于存储 Dashboard 配置的数据卷。
- `config.yaml`: 可选的自定义 APISIX 配置文件(挂载到 `/usr/local/apisix/conf/config.yaml`)。
- `apisix.yaml`: 可选的自定义 APISIX 路由配置文件(挂载到 `/usr/local/apisix/conf/apisix.yaml`)。
## 网络端口
- `9080`: HTTP 流量端口
- `9443`: HTTPS 流量端口
- `9180`: Admin API 端口
- `9000`: Dashboard Web 界面(可选)
- `2379`: etcd 客户端端口
## 使用方法
### 基本设置
1. 启动服务:
```bash
docker compose up -d
```
2. 访问 Admin API
```bash
curl http://localhost:9180/apisix/admin/routes
```
### 使用 Dashboard
要启用 Web 仪表板,使用 `dashboard` 配置文件:
```bash
docker compose --profile dashboard up -d
```
在 `http://localhost:9000` 访问仪表板,凭据:
- 用户名: `admin`(可通过 `APISIX_DASHBOARD_USER` 配置)
- 密码: `admin`(可通过 `APISIX_DASHBOARD_PASSWORD` 配置)
### 创建路由
#### 使用 Admin API
创建简单路由:
```bash
curl -X PUT http://localhost:9180/apisix/admin/routes/1 \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
-H 'Content-Type: application/json' \
-d '{
"uri": "/get",
"upstream": {
"type": "roundrobin",
"nodes": {
"httpbin.org:80": 1
}
}
}'
```
测试路由:
```bash
curl http://localhost:9080/get
```
#### 使用 Admin Dashboard
1. 在 `http://localhost:9000` 访问仪表板
2. 使用管理员凭据登录
3. 导航到"路由"部分
4. 通过 Web 界面创建和配置路由
### 配置文件
#### 自定义 APISIX 配置
挂载自定义 `config.yaml` 文件:
```yaml
volumes:
- ./config.yaml:/usr/local/apisix/conf/config.yaml
```
示例 `config.yaml`
```yaml
apisix:
node_listen: 9080
enable_ipv6: false
enable_admin: true
port_admin: 9180
etcd:
host:
- "http://etcd:2379"
prefix: "/apisix"
timeout: 30
plugin_attr:
prometheus:
export_addr:
ip: "0.0.0.0"
port: 9091
```
#### 独立模式
对于不使用 etcd 的简单设置,启用独立模式:
```env
APISIX_STAND_ALONE=true
```
挂载带有路由定义的 `apisix.yaml` 文件:
```yaml
volumes:
- ./apisix.yaml:/usr/local/apisix/conf/apisix.yaml
```
### SSL/TLS 配置
要启用 HTTPS
1. 挂载 SSL 证书
2. 在 `config.yaml` 中配置 SSL
3. 创建启用 SSL 的路由
SSL 卷挂载示例:
```yaml
volumes:
- ./ssl:/usr/local/apisix/conf/cert
```
### 插件
APISIX 支持众多插件,用于身份验证、速率限制、日志记录等:
- 身份验证: `jwt-auth`、`key-auth`、`oauth`
- 速率限制: `limit-req`、`limit-conn`、`limit-count`
- 可观察性: `prometheus`、`zipkin`、`skywalking`
- 安全性: `cors`、`csrf`、`ip-restriction`
通过 Admin API 或 Dashboard 启用插件。
## 安全注意事项
- **在生产环境中更改默认 Admin API 密钥**`edd1c9f034335f136f87ad84b625c8f1`
- **为生产使用更改仪表板凭据**
- 为 HTTPS 配置适当的 SSL/TLS 证书
- 对敏感路由使用身份验证插件
- 实施速率限制以防止滥用
- 建议定期进行安全更新
## 监控
APISIX 为 Prometheus 提供内置指标:
- 启用 `prometheus` 插件
- 指标可在 `http://localhost:9091/apisix/prometheus/metrics` 获得
## 性能调优
- 根据 CPU 核心数调整工作进程
- 配置适当的缓冲区大小
- 为上游服务使用连接池
- 在适当时启用响应缓存
## 许可证
Apache APISIX 采用 Apache 2.0 许可证。

121
src/apisix/docker-compose.yaml Normal file
View File

@@ -0,0 +1,121 @@
x-default: &default
restart: unless-stopped
volumes:
- &localtime /etc/localtime:/etc/localtime:ro
- &timezone /etc/timezone:/etc/timezone:ro
logging:
driver: json-file
options:
max-size: 100m
services:
apisix:
<<: *default
image: apache/apisix:${APISIX_VERSION:-3.13.0-debian}
container_name: apisix
ports:
- "${APISIX_HTTP_PORT_OVERRIDE:-9080}:9080"
- "${APISIX_HTTPS_PORT_OVERRIDE:-9443}:9443"
- "${APISIX_ADMIN_PORT_OVERRIDE:-9180}:9180"
volumes:
- *localtime
- *timezone
- apisix_logs:/usr/local/apisix/logs
# Optional: Mount custom configuration
# - ./config.yaml:/usr/local/apisix/conf/config.yaml
# - ./apisix.yaml:/usr/local/apisix/conf/apisix.yaml
environment:
- APISIX_STAND_ALONE=${APISIX_STAND_ALONE:-false}
depends_on:
- etcd
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
etcd:
<<: *default
image: quay.io/coreos/etcd:${ETCD_VERSION:-v3.6.0}
container_name: apisix-etcd
ports:
- "${ETCD_CLIENT_PORT_OVERRIDE:-2379}:2379"
volumes:
- *localtime
- *timezone
- etcd_data:/etcd-data
environment:
- ETCD_NAME=apisix-etcd
- ETCD_DATA_DIR=/etcd-data
- ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379
- ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd:2380
- ETCD_INITIAL_CLUSTER=apisix-etcd=http://etcd:2380
- ETCD_INITIAL_CLUSTER_STATE=new
- ETCD_INITIAL_CLUSTER_TOKEN=apisix-etcd-cluster
- ETCD_AUTO_COMPACTION_RETENTION=1
- ETCD_QUOTA_BACKEND_BYTES=2147483648
- ETCD_HEARTBEAT_INTERVAL=100
- ETCD_ELECTION_TIMEOUT=1000
- ETCD_ENABLE_V2=false
command:
- etcd
- --name=apisix-etcd
- --data-dir=/etcd-data
- --listen-client-urls=http://0.0.0.0:2379
- --advertise-client-urls=http://etcd:2379
- --listen-peer-urls=http://0.0.0.0:2380
- --initial-advertise-peer-urls=http://etcd:2380
- --initial-cluster=apisix-etcd=http://etcd:2380
- --initial-cluster-state=new
- --initial-cluster-token=apisix-etcd-cluster
- --auto-compaction-retention=1
- --quota-backend-bytes=2147483648
- --heartbeat-interval=100
- --election-timeout=1000
- --enable-v2=false
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.1'
memory: 128M
# Optional: APISIX Dashboard
apisix-dashboard:
<<: *default
image: apache/apisix-dashboard:${APISIX_DASHBOARD_VERSION:-3.0.1-alpine}
container_name: apisix-dashboard
ports:
- "${APISIX_DASHBOARD_PORT_OVERRIDE:-9000}:9000"
volumes:
- *localtime
- *timezone
- dashboard_conf:/usr/local/apisix-dashboard/conf
environment:
- APISIX_DASHBOARD_USER=${APISIX_DASHBOARD_USER:-admin}
- APISIX_DASHBOARD_PASSWORD=${APISIX_DASHBOARD_PASSWORD:-admin}
depends_on:
- apisix
profiles:
- dashboard
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
reservations:
cpus: '0.1'
memory: 128M
volumes:
apisix_logs:
etcd_data:
dashboard_conf:

37
src/etcd/.env.example Normal file
View File

@@ -0,0 +1,37 @@
# etcd Environment Variables
# etcd image version
ETCD_VERSION=v3.6.0
# Host port mapping for client connections (2379)
ETCD_CLIENT_PORT_OVERRIDE=2379
# Host port mapping for peer connections (2380)
ETCD_PEER_PORT_OVERRIDE=2380
# Human-readable name for this etcd member
ETCD_NAME=etcd-node
# Initial cluster configuration
ETCD_INITIAL_CLUSTER=etcd-node=http://localhost:2380
# Initial cluster state ('new' or 'existing')
ETCD_INITIAL_CLUSTER_STATE=new
# Initial cluster token for bootstrap
ETCD_INITIAL_CLUSTER_TOKEN=etcd-cluster
# Auto compaction retention in hours
ETCD_AUTO_COMPACTION_RETENTION=1
# Storage size limit in bytes (2GB = 2147483648)
ETCD_QUOTA_BACKEND_BYTES=2147483648
# Heartbeat interval in milliseconds
ETCD_HEARTBEAT_INTERVAL=100
# Election timeout in milliseconds
ETCD_ELECTION_TIMEOUT=1000
# Enable etcd v2 API
ETCD_ENABLE_V2=false

135
src/etcd/README.md Normal file
View File

@@ -0,0 +1,135 @@
# etcd
[English](./README.md) | [中文](./README.zh.md)
This service deploys etcd, a distributed, reliable key-value store for the most critical data of a distributed system.
## Services
- `etcd`: The etcd key-value store service.
## Environment Variables
| Variable Name | Description | Default Value |
| ------------------------------ | ----------------------------------------------- | --------------------------------- |
| ETCD_VERSION | etcd image version | `v3.6.0` |
| ETCD_CLIENT_PORT_OVERRIDE | Host port mapping for client connections (2379) | `2379` |
| ETCD_PEER_PORT_OVERRIDE | Host port mapping for peer connections (2380) | `2380` |
| ETCD_NAME | Human-readable name for this etcd member | `etcd-node` |
| ETCD_INITIAL_CLUSTER | Initial cluster configuration | `etcd-node=http://localhost:2380` |
| ETCD_INITIAL_CLUSTER_STATE | Initial cluster state ('new' or 'existing') | `new` |
| ETCD_INITIAL_CLUSTER_TOKEN | Initial cluster token for bootstrap | `etcd-cluster` |
| ETCD_AUTO_COMPACTION_RETENTION | Auto compaction retention in hours | `1` |
| ETCD_QUOTA_BACKEND_BYTES | Storage size limit in bytes | `2147483648` (2GB) |
| ETCD_HEARTBEAT_INTERVAL | Heartbeat interval in milliseconds | `100` |
| ETCD_ELECTION_TIMEOUT | Election timeout in milliseconds | `1000` |
| ETCD_ENABLE_V2 | Enable etcd v2 API | `false` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `etcd_data`: A volume for storing etcd data persistently.
## Network Ports
- `2379`: Client communication port
- `2380`: Peer communication port (for clustering)
## Single Node Setup
The default configuration runs etcd as a single node, suitable for development and testing.
## Cluster Setup
To set up a multi-node etcd cluster, you need to:
1. Define multiple etcd services in your compose file
2. Configure the `ETCD_INITIAL_CLUSTER` variable properly
3. Set unique names for each node
Example for a 3-node cluster:
```yaml
services:
etcd1:
# ... base config
environment:
- ETCD_NAME=etcd1
- ETCD_INITIAL_CLUSTER=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd1:2379
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd1:2380
etcd2:
# ... base config
environment:
- ETCD_NAME=etcd2
- ETCD_INITIAL_CLUSTER=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd2:2379
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd2:2380
etcd3:
# ... base config
environment:
- ETCD_NAME=etcd3
- ETCD_INITIAL_CLUSTER=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd3:2379
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd3:2380
```
## Client Access
### Using etcdctl
Connect to etcd using the etcdctl client:
```bash
# Set endpoint
export ETCDCTL_ENDPOINTS=http://localhost:2379
# Put a key-value pair
etcdctl put mykey myvalue
# Get a value
etcdctl get mykey
# List all keys
etcdctl get --prefix ""
```
### Using HTTP API
etcd provides a RESTful HTTP API:
```bash
# Put a key-value pair
curl -X PUT http://localhost:2379/v3/kv/put \
-H 'Content-Type: application/json' \
-d '{"key":"bXlrZXk=","value":"bXl2YWx1ZQ=="}'
# Get a value
curl -X POST http://localhost:2379/v3/kv/range \
-H 'Content-Type: application/json' \
-d '{"key":"bXlrZXk="}'
```
## Performance Tuning
- Adjust `ETCD_QUOTA_BACKEND_BYTES` based on your storage needs
- Tune `ETCD_HEARTBEAT_INTERVAL` and `ETCD_ELECTION_TIMEOUT` for your network latency
- Configure `ETCD_AUTO_COMPACTION_RETENTION` to manage data size
## Security Notes
- The default configuration is for development/testing only
- For production, enable TLS encryption and authentication
- Consider network security and firewall rules
- Regular backups are recommended
## Monitoring
etcd exposes metrics at `http://localhost:2379/metrics` in Prometheus format.
## License
etcd is licensed under the Apache 2.0 license.

135
src/etcd/README.zh.md Normal file
View File

@@ -0,0 +1,135 @@
# etcd
[English](./README.md) | [中文](./README.zh.md)
本服务部署 etcd这是一个分布式、可靠的键值存储用于分布式系统的最关键数据。
## 服务
- `etcd`: etcd 键值存储服务。
## 环境变量
| 变量名 | 描述 | 默认值 |
| ------------------------------ | ----------------------------------- | --------------------------------- |
| ETCD_VERSION | etcd 镜像版本 | `v3.6.0` |
| ETCD_CLIENT_PORT_OVERRIDE | 客户端连接的主机端口映射2379 | `2379` |
| ETCD_PEER_PORT_OVERRIDE | 对等连接的主机端口映射2380 | `2380` |
| ETCD_NAME | 此 etcd 成员的人类可读名称 | `etcd-node` |
| ETCD_INITIAL_CLUSTER | 初始集群配置 | `etcd-node=http://localhost:2380` |
| ETCD_INITIAL_CLUSTER_STATE | 初始集群状态('new' 或 'existing' | `new` |
| ETCD_INITIAL_CLUSTER_TOKEN | 用于引导的初始集群令牌 | `etcd-cluster` |
| ETCD_AUTO_COMPACTION_RETENTION | 自动压缩保留时间(小时) | `1` |
| ETCD_QUOTA_BACKEND_BYTES | 存储大小限制(字节) | `2147483648` (2GB) |
| ETCD_HEARTBEAT_INTERVAL | 心跳间隔(毫秒) | `100` |
| ETCD_ELECTION_TIMEOUT | 选举超时(毫秒) | `1000` |
| ETCD_ENABLE_V2 | 启用 etcd v2 API | `false` |
请根据您的使用情况修改 `.env` 文件。
## 数据卷
- `etcd_data`: 用于持久存储 etcd 数据的数据卷。
## 网络端口
- `2379`: 客户端通信端口
- `2380`: 对等通信端口(用于集群)
## 单节点设置
默认配置将 etcd 作为单节点运行,适用于开发和测试。
## 集群设置
要设置多节点 etcd 集群,您需要:
1. 在您的 compose 文件中定义多个 etcd 服务
2. 正确配置 `ETCD_INITIAL_CLUSTER` 变量
3. 为每个节点设置唯一名称
3 节点集群示例:
```yaml
services:
etcd1:
# ... 基础配置
environment:
- ETCD_NAME=etcd1
- ETCD_INITIAL_CLUSTER=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd1:2379
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd1:2380
etcd2:
# ... 基础配置
environment:
- ETCD_NAME=etcd2
- ETCD_INITIAL_CLUSTER=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd2:2379
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd2:2380
etcd3:
# ... 基础配置
environment:
- ETCD_NAME=etcd3
- ETCD_INITIAL_CLUSTER=etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
- ETCD_ADVERTISE_CLIENT_URLS=http://etcd3:2379
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://etcd3:2380
```
## 客户端访问
### 使用 etcdctl
使用 etcdctl 客户端连接到 etcd
```bash
# 设置端点
export ETCDCTL_ENDPOINTS=http://localhost:2379
# 放置键值对
etcdctl put mykey myvalue
# 获取值
etcdctl get mykey
# 列出所有键
etcdctl get --prefix ""
```
### 使用 HTTP API
etcd 提供 RESTful HTTP API
```bash
# 放置键值对
curl -X PUT http://localhost:2379/v3/kv/put \
-H 'Content-Type: application/json' \
-d '{"key":"bXlrZXk=","value":"bXl2YWx1ZQ=="}'
# 获取值
curl -X POST http://localhost:2379/v3/kv/range \
-H 'Content-Type: application/json' \
-d '{"key":"bXlrZXk="}'
```
## 性能调优
- 根据您的存储需求调整 `ETCD_QUOTA_BACKEND_BYTES`
- 根据您的网络延迟调整 `ETCD_HEARTBEAT_INTERVAL``ETCD_ELECTION_TIMEOUT`
- 配置 `ETCD_AUTO_COMPACTION_RETENTION` 来管理数据大小
## 安全注意事项
- 默认配置仅适用于开发/测试
- 对于生产环境,启用 TLS 加密和身份验证
- 考虑网络安全和防火墙规则
- 建议定期备份
## 监控
etcd 在 `http://localhost:2379/metrics` 以 Prometheus 格式公开指标。
## 许可证
etcd 采用 Apache 2.0 许可证。

64
src/etcd/docker-compose.yaml Normal file
View File

@@ -0,0 +1,64 @@
x-default: &default
restart: unless-stopped
volumes:
- &localtime /etc/localtime:/etc/localtime:ro
- &timezone /etc/timezone:/etc/timezone:ro
logging:
driver: json-file
options:
max-size: 100m
services:
etcd:
<<: *default
image: quay.io/coreos/etcd:${ETCD_VERSION:-v3.6.0}
container_name: etcd
ports:
- "${ETCD_CLIENT_PORT_OVERRIDE:-2379}:2379"
- "${ETCD_PEER_PORT_OVERRIDE:-2380}:2380"
volumes:
- *localtime
- *timezone
- etcd_data:/etcd-data
environment:
- ETCD_NAME=${ETCD_NAME:-etcd-node}
- ETCD_DATA_DIR=/etcd-data
- ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
- ETCD_ADVERTISE_CLIENT_URLS=http://localhost:2379
- ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380
- ETCD_INITIAL_ADVERTISE_PEER_URLS=http://localhost:2380
- ETCD_INITIAL_CLUSTER=${ETCD_INITIAL_CLUSTER:-etcd-node=http://localhost:2380}
- ETCD_INITIAL_CLUSTER_STATE=${ETCD_INITIAL_CLUSTER_STATE:-new}
- ETCD_INITIAL_CLUSTER_TOKEN=${ETCD_INITIAL_CLUSTER_TOKEN:-etcd-cluster}
- ETCD_AUTO_COMPACTION_RETENTION=${ETCD_AUTO_COMPACTION_RETENTION:-1}
- ETCD_QUOTA_BACKEND_BYTES=${ETCD_QUOTA_BACKEND_BYTES:-2147483648}
- ETCD_HEARTBEAT_INTERVAL=${ETCD_HEARTBEAT_INTERVAL:-100}
- ETCD_ELECTION_TIMEOUT=${ETCD_ELECTION_TIMEOUT:-1000}
- ETCD_ENABLE_V2=${ETCD_ENABLE_V2:-false}
command:
- etcd
- --name=${ETCD_NAME:-etcd-node}
- --data-dir=/etcd-data
- --listen-client-urls=http://0.0.0.0:2379
- --advertise-client-urls=http://localhost:2379
- --listen-peer-urls=http://0.0.0.0:2380
- --initial-advertise-peer-urls=http://localhost:2380
- --initial-cluster=${ETCD_INITIAL_CLUSTER:-etcd-node=http://localhost:2380}
- --initial-cluster-state=${ETCD_INITIAL_CLUSTER_STATE:-new}
- --initial-cluster-token=${ETCD_INITIAL_CLUSTER_TOKEN:-etcd-cluster}
- --auto-compaction-retention=${ETCD_AUTO_COMPACTION_RETENTION:-1}
- --quota-backend-bytes=${ETCD_QUOTA_BACKEND_BYTES:-2147483648}
- --heartbeat-interval=${ETCD_HEARTBEAT_INTERVAL:-100}
- --election-timeout=${ETCD_ELECTION_TIMEOUT:-1000}
- --enable-v2=${ETCD_ENABLE_V2:-false}
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
volumes:
etcd_data:

25
src/grafana/.env.example Normal file
View File

@@ -0,0 +1,25 @@
# Grafana Environment Variables
# Grafana image version
GRAFANA_VERSION=12.1.1
# Host port mapping (maps to Grafana port 3000 in container)
GRAFANA_PORT_OVERRIDE=3000
# Admin username
GRAFANA_ADMIN_USER=admin
# Admin password - CHANGE THIS FOR PRODUCTION!
GRAFANA_ADMIN_PASSWORD=admin
# Allow users to sign up themselves
GRAFANA_ALLOW_SIGN_UP=false
# Comma-separated list of plugins to install
GRAFANA_PLUGINS=
# Root URL for Grafana (used for links and redirects)
GRAFANA_ROOT_URL=http://localhost:3000
# Secret key for signing cookies and encrypting database - SET THIS FOR PRODUCTION!
GRAFANA_SECRET_KEY=

75
src/grafana/README.md Normal file
View File

@@ -0,0 +1,75 @@
# Grafana
[English](./README.md) | [中文](./README.zh.md)
This service deploys Grafana, an open-source analytics and monitoring platform for visualizing metrics from various data sources.
## Services
- `grafana`: The Grafana web interface and API server.
## Environment Variables
| Variable Name | Description | Default Value |
| ---------------------- | ---------------------------------------------------------- | ----------------------- |
| GRAFANA_VERSION | Grafana image version | `12.1.1` |
| GRAFANA_PORT_OVERRIDE | Host port mapping (maps to Grafana port 3000 in container) | `3000` |
| GRAFANA_ADMIN_USER | Admin username | `admin` |
| GRAFANA_ADMIN_PASSWORD | Admin password | `admin` |
| GRAFANA_ALLOW_SIGN_UP | Allow users to sign up themselves | `false` |
| GRAFANA_PLUGINS | Comma-separated list of plugins to install | `""` |
| GRAFANA_ROOT_URL | Root URL for Grafana (used for links and redirects) | `http://localhost:3000` |
| GRAFANA_SECRET_KEY | Secret key for signing cookies and encrypting database | `""` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `grafana_data`: A volume for storing Grafana's database and configuration.
- `grafana_logs`: A volume for storing Grafana logs.
- `grafana.ini`: Optional custom configuration file (mount to `/etc/grafana/grafana.ini`).
- `provisioning`: Optional directory for provisioning datasources and dashboards (mount to `/etc/grafana/provisioning`).
## Default Credentials
- Username: `admin` (configurable via `GRAFANA_ADMIN_USER`)
- Password: `admin` (configurable via `GRAFANA_ADMIN_PASSWORD`)
## Security Notes
- **Change the default admin password** in production environments.
- Set a strong `GRAFANA_SECRET_KEY` for production use.
- Consider disabling sign-up (`GRAFANA_ALLOW_SIGN_UP=false`) in production.
- Use HTTPS in production by configuring a reverse proxy or Grafana's TLS settings.
## Common Use Cases
### Installing Plugins
Set the `GRAFANA_PLUGINS` environment variable with a comma-separated list of plugin IDs:
```env
GRAFANA_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource
```
### Custom Configuration
Mount a custom `grafana.ini` file to `/etc/grafana/grafana.ini`:
```yaml
volumes:
- ./grafana.ini:/etc/grafana/grafana.ini
```
### Provisioning Datasources and Dashboards
Mount a provisioning directory with datasource and dashboard configurations:
```yaml
volumes:
- ./provisioning:/etc/grafana/provisioning
```
## License
Grafana is licensed under the AGPL v3.0 license. Commercial licenses are available from Grafana Labs.

75
src/grafana/README.zh.md Normal file
View File

@@ -0,0 +1,75 @@
# Grafana
[English](./README.md) | [中文](./README.zh.md)
本服务部署 Grafana这是一个开源的分析和监控平台用于可视化来自各种数据源的指标。
## 服务
- `grafana`: Grafana Web 界面和 API 服务器。
## 环境变量
| 变量名 | 描述 | 默认值 |
| ---------------------- | ------------------------------------------------ | ----------------------- |
| GRAFANA_VERSION | Grafana 镜像版本 | `12.1.1` |
| GRAFANA_PORT_OVERRIDE | 主机端口映射(映射到容器中的 Grafana 端口 3000 | `3000` |
| GRAFANA_ADMIN_USER | 管理员用户名 | `admin` |
| GRAFANA_ADMIN_PASSWORD | 管理员密码 | `admin` |
| GRAFANA_ALLOW_SIGN_UP | 允许用户自行注册 | `false` |
| GRAFANA_PLUGINS | 要安装的插件列表(逗号分隔) | `""` |
| GRAFANA_ROOT_URL | Grafana 的根 URL用于链接和重定向 | `http://localhost:3000` |
| GRAFANA_SECRET_KEY | 用于签名 cookies 和加密数据库的密钥 | `""` |
请根据您的使用情况修改 `.env` 文件。
## 数据卷
- `grafana_data`: 用于存储 Grafana 数据库和配置的数据卷。
- `grafana_logs`: 用于存储 Grafana 日志的数据卷。
- `grafana.ini`: 可选的自定义配置文件(挂载到 `/etc/grafana/grafana.ini`)。
- `provisioning`: 用于预配置数据源和仪表板的可选目录(挂载到 `/etc/grafana/provisioning`)。
## 默认凭据
- 用户名: `admin`(可通过 `GRAFANA_ADMIN_USER` 配置)
- 密码: `admin`(可通过 `GRAFANA_ADMIN_PASSWORD` 配置)
## 安全注意事项
- **在生产环境中更改默认管理员密码**。
- 为生产环境设置强 `GRAFANA_SECRET_KEY`
- 考虑在生产环境中禁用注册(`GRAFANA_ALLOW_SIGN_UP=false`)。
- 通过配置反向代理或 Grafana 的 TLS 设置在生产环境中使用 HTTPS。
## 常见用例
### 安装插件
使用逗号分隔的插件 ID 列表设置 `GRAFANA_PLUGINS` 环境变量:
```env
GRAFANA_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource
```
### 自定义配置
将自定义 `grafana.ini` 文件挂载到 `/etc/grafana/grafana.ini`
```yaml
volumes:
- ./grafana.ini:/etc/grafana/grafana.ini
```
### 预配置数据源和仪表板
挂载包含数据源和仪表板配置的预配置目录:
```yaml
volumes:
- ./provisioning:/etc/grafana/provisioning
```
## 许可证
Grafana 采用 AGPL v3.0 许可证。商业许可证可从 Grafana Labs 获得。

46
src/grafana/docker-compose.yaml Normal file
View File

@@ -0,0 +1,46 @@
x-default: &default
restart: unless-stopped
volumes:
- &localtime /etc/localtime:/etc/localtime:ro
- &timezone /etc/timezone:/etc/timezone:ro
logging:
driver: json-file
options:
max-size: 100m
services:
grafana:
<<: *default
image: grafana/grafana:${GRAFANA_VERSION:-12.1.1}
container_name: grafana
ports:
- "${GRAFANA_PORT_OVERRIDE:-3000}:3000"
volumes:
- *localtime
- *timezone
- grafana_data:/var/lib/grafana
- grafana_logs:/var/log/grafana
# Optional: Mount custom configuration
# - ./grafana.ini:/etc/grafana/grafana.ini
# - ./provisioning:/etc/grafana/provisioning
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_ADMIN_USER:-admin}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD:-admin}
- GF_USERS_ALLOW_SIGN_UP=${GRAFANA_ALLOW_SIGN_UP:-false}
- GF_INSTALL_PLUGINS=${GRAFANA_PLUGINS:-}
- GF_SERVER_ROOT_URL=${GRAFANA_ROOT_URL:-http://localhost:3000}
- GF_SECURITY_SECRET_KEY=${GRAFANA_SECRET_KEY:-}
user: "472:472" # Grafana user
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.25'
memory: 256M
volumes:
grafana_data:
grafana_logs:

16
src/prometheus/.env.example Normal file
View File

@@ -0,0 +1,16 @@
# Prometheus Environment Variables
# Prometheus image version
PROMETHEUS_VERSION=v3.5.0
# Host port mapping (maps to Prometheus port 9090 in container)
PROMETHEUS_PORT_OVERRIDE=9090
# How long to retain data (examples: 15d, 30d, 1y)
PROMETHEUS_RETENTION_TIME=15d
# Maximum storage size (empty = unlimited, examples: 10GB, 1TB)
PROMETHEUS_RETENTION_SIZE=
# External URL for Prometheus (used for links and redirects)
PROMETHEUS_EXTERNAL_URL=http://localhost:9090

119
src/prometheus/README.md Normal file
View File

@@ -0,0 +1,119 @@
# Prometheus
[English](./README.md) | [中文](./README.zh.md)
This service deploys Prometheus, an open-source system monitoring and alerting toolkit with a multi-dimensional data model and powerful query language.
## Services
- `prometheus`: The Prometheus server for scraping and storing time series data.
## Environment Variables
| Variable Name | Description | Default Value |
| ------------------------- | ------------------------------------------------------------- | ----------------------- |
| PROMETHEUS_VERSION | Prometheus image version | `v3.5.0` |
| PROMETHEUS_PORT_OVERRIDE | Host port mapping (maps to Prometheus port 9090 in container) | `9090` |
| PROMETHEUS_RETENTION_TIME | How long to retain data | `15d` |
| PROMETHEUS_RETENTION_SIZE | Maximum storage size (empty = unlimited) | `""` |
| PROMETHEUS_EXTERNAL_URL | External URL for Prometheus (used for links and redirects) | `http://localhost:9090` |
Please modify the `.env` file as needed for your use case.
## Volumes
- `prometheus_data`: A volume for storing Prometheus time series data.
- `prometheus.yml`: Optional custom configuration file (mount to `/etc/prometheus/prometheus.yml`).
- `rules`: Optional directory for alerting and recording rules (mount to `/etc/prometheus/rules`).
## Default Configuration
The default Prometheus configuration includes:
- Scraping itself for metrics
- Global scrape interval of 15 seconds
- Basic web console access
## Configuration Files
### Custom Prometheus Configuration
Mount a custom `prometheus.yml` file to `/etc/prometheus/prometheus.yml`:
```yaml
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
```
Example `prometheus.yml`:
```yaml
global:
scrape_interval: 15s
evaluation_interval: 15s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node_exporter'
static_configs:
- targets: ['node_exporter:9100']
```
### Alert Rules
Mount rules directory to `/etc/prometheus/rules`:
```yaml
volumes:
- ./rules:/etc/prometheus/rules
```
## Data Retention
Configure data retention using environment variables:
- `PROMETHEUS_RETENTION_TIME`: Time-based retention (e.g., `30d`, `1y`)
- `PROMETHEUS_RETENTION_SIZE`: Size-based retention (e.g., `10GB`, `1TB`)
## API Access
- Web UI: `http://localhost:9090`
- API endpoint: `http://localhost:9090/api/v1/`
- Admin API is enabled for configuration reloads
## Security Notes
- Consider restricting access to the admin API in production
- Use authentication/authorization proxy for production deployments
- Monitor resource usage as Prometheus can consume significant storage and memory
## Common Use Cases
### Monitoring Docker Containers
Add cAdvisor to monitor container metrics:
```yaml
services:
cadvisor:
image: gcr.io/cadvisor/cadvisor:latest
ports:
- "8080:8080"
volumes:
- /:/rootfs:ro
- /var/run:/var/run:ro
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /dev/disk/:/dev/disk:ro
```
### Service Discovery
Use file-based service discovery or integrate with service discovery systems like Consul or Kubernetes.
## License
Prometheus is licensed under the Apache 2.0 license.

119
src/prometheus/README.zh.md Normal file
View File

@@ -0,0 +1,119 @@
# Prometheus
[English](./README.md) | [中文](./README.zh.md)
本服务部署 Prometheus这是一个开源的系统监控和警报工具包具有多维数据模型和强大的查询语言。
## 服务
- `prometheus`: 用于抓取和存储时间序列数据的 Prometheus 服务器。
## 环境变量
| 变量名 | 描述 | 默认值 |
| ------------------------- | --------------------------------------------------- | ----------------------- |
| PROMETHEUS_VERSION | Prometheus 镜像版本 | `v3.5.0` |
| PROMETHEUS_PORT_OVERRIDE | 主机端口映射(映射到容器中的 Prometheus 端口 9090 | `9090` |
| PROMETHEUS_RETENTION_TIME | 数据保留时间 | `15d` |
| PROMETHEUS_RETENTION_SIZE | 最大存储大小(空值 = 无限制) | `""` |
| PROMETHEUS_EXTERNAL_URL | Prometheus 的外部 URL用于链接和重定向 | `http://localhost:9090` |
请根据您的使用情况修改 `.env` 文件。
## 数据卷
- `prometheus_data`: 用于存储 Prometheus 时间序列数据的数据卷。
- `prometheus.yml`: 可选的自定义配置文件(挂载到 `/etc/prometheus/prometheus.yml`)。
- `rules`: 用于警报和记录规则的可选目录(挂载到 `/etc/prometheus/rules`)。
## 默认配置
默认的 Prometheus 配置包括:
- 抓取自身的指标
- 全局抓取间隔为 15 秒
- 基本的 Web 控制台访问
## 配置文件
### 自定义 Prometheus 配置
将自定义 `prometheus.yml` 文件挂载到 `/etc/prometheus/prometheus.yml`
```yaml
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
```
示例 `prometheus.yml`
```yaml
global:
scrape_interval: 15s
evaluation_interval: 15s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node_exporter'
static_configs:
- targets: ['node_exporter:9100']
```
### 警报规则
将规则目录挂载到 `/etc/prometheus/rules`
```yaml
volumes:
- ./rules:/etc/prometheus/rules
```
## 数据保留
使用环境变量配置数据保留:
- `PROMETHEUS_RETENTION_TIME`: 基于时间的保留(例如,`30d``1y`
- `PROMETHEUS_RETENTION_SIZE`: 基于大小的保留(例如,`10GB``1TB`
## API 访问
- Web UI: `http://localhost:9090`
- API 端点: `http://localhost:9090/api/v1/`
- 启用了管理 API 用于配置重新加载
## 安全注意事项
- 考虑在生产环境中限制对管理 API 的访问
- 为生产部署使用身份验证/授权代理
- 监控资源使用情况,因为 Prometheus 可能消耗大量存储和内存
## 常见用例
### 监控 Docker 容器
添加 cAdvisor 来监控容器指标:
```yaml
services:
cadvisor:
image: gcr.io/cadvisor/cadvisor:latest
ports:
- "8080:8080"
volumes:
- /:/rootfs:ro
- /var/run:/var/run:ro
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /dev/disk/:/dev/disk:ro
```
### 服务发现
使用基于文件的服务发现或与 Consul 或 Kubernetes 等服务发现系统集成。
## 许可证
Prometheus 采用 Apache 2.0 许可证。

50
src/prometheus/docker-compose.yaml Normal file
View File

@@ -0,0 +1,50 @@
x-default: &default
restart: unless-stopped
volumes:
- &localtime /etc/localtime:/etc/localtime:ro
- &timezone /etc/timezone:/etc/timezone:ro
logging:
driver: json-file
options:
max-size: 100m
services:
prometheus:
<<: *default
image: prom/prometheus:${PROMETHEUS_VERSION:-v3.5.0}
container_name: prometheus
ports:
- "${PROMETHEUS_PORT_OVERRIDE:-9090}:9090"
volumes:
- *localtime
- *timezone
- prometheus_data:/prometheus
# Optional: Mount custom configuration
# - ./prometheus.yml:/etc/prometheus/prometheus.yml
# - ./rules:/etc/prometheus/rules
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--storage.tsdb.retention.time=${PROMETHEUS_RETENTION_TIME:-15d}'
- '--storage.tsdb.retention.size=${PROMETHEUS_RETENTION_SIZE:-}'
- '--web.enable-lifecycle'
- '--web.enable-admin-api'
- '--web.external-url=${PROMETHEUS_EXTERNAL_URL:-http://localhost:9090}'
environment:
- PROMETHEUS_RETENTION_TIME=${PROMETHEUS_RETENTION_TIME:-15d}
- PROMETHEUS_RETENTION_SIZE=${PROMETHEUS_RETENTION_SIZE:-}
user: "65534:65534" # nobody user
deploy:
resources:
limits:
cpus: '1.0'
memory: 2G
reservations:
cpus: '0.25'
memory: 512M
volumes:
prometheus_data: