I have an application who run inside a docker, just behind a traefik proxy. I made some benchmarks. First form the server, I got a response time of 12ms if I use the IP of the docker. But when I used the ndd my response time escalated to 90ms!
Why I have so much difference ?
I made the same test from my machine and I got 198ms in response time !!!.
Test from the server, with the docker IP :
> time curl -w "#curl-format.txt" -o /dev/null -s "172.23XXXXX"
time namelookup: 0.0000425
time connect: 0.0000005
time_appconnect: 0.0000005
time pretransfer: 0.0000005
time redirect: 0.0000005
time starttransfer: 0.0000005
time total: 0.0002795
real 0m0.0125
user 0m0.0085
sys 0m0.004s
Test from the server, with the NDD :
>time curl -w "#cur1-format.txt" -0 /dev/null-s "https://api.XXXXXX"
time namelookup: 0.0012755
time connect: 0.0014405
time_appconnect: 0.0494675
time pretransfer: 0.0497685
time redirect: 0.0000005
time starttransfer: 0.0754535
time total: 0.0756765
real 0m0.0905
user 0m0.0145
sys 0m0.014s
Test from my machine, with the NDD :
❯ time curl -w "#curl-format.txt" -o /dev/null -s "https://api.XXXXXXX"
time_namelookup: 0.010114s
time_connect: 0.040455s
time_appconnect: 0.125563s
time_pretransfer: 0.125802s
time_redirect: 0.000000s
time_starttransfer: 0.183123s
----------
time_total: 0.183554s
________________________________________________________
Executed in 198.84 millis fish external
usr time 26.63 millis 57.00 micros 26.57 millis
sys time 13.68 millis 834.00 micros 12.85 millis
My traefik config :
services:
traefik:
image: "traefik:v2.9"
container_name: "traefik"
restart: "always"
networks:
- "traefik"
command:
- "--api.dashboard=true"
- "--api.insecure=true"
- "--entryPoints.web.address=:80"
- "--entryPoints.websecure.address=:443"
- "--providers.docker=true"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=XXXXXXXXX"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock"
- "/root/shared:/root/shared"
labels:
- "traefik.http.services.dashboard.loadbalancer.server.port=80"
- "traefik.http.middlewares.httpsonly.redirectscheme.scheme=https"
- "traefik.http.middlewares.httpsonly.redirectscheme.permanent=true"
- "traefik.http.routers.httpsonly.rule=HostRegexp(`{any:.*}`)"
- "traefik.http.routers.httpsonly.middlewares=httpsonly"
- "traefik.http.routers.dashboard.rule=Host(`tra.XXXXXXX`)"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.routers.dashboard.tls.certresolver=myresolver"
- "traefik.http.routers.dashboard.service=dashboard#internal"
- "traefik.http.routers.api.rule=Host(`tra.XXXXXXX`) && PathPrefix(`/api`)"
- "traefik.http.routers.api.service=api#internal"
- "traefik.http.routers.api.entrypoints=websecure"
- "traefik.http.routers.api.tls.certresolver=myresolver"
- "traefik.http.routers.dashboard.middlewares=traefik-auth"
- "traefik.http.routers.api.middlewares=traefik-auth"
- "traefik.http.middlewares.traefik-auth.basicauth.usersfile=/root/shared/users"
- "traefik.http.middlewares.traefik-auth.basicauth.removeheader=true"
- "com.centurylinklabs.watchtower.enable=false"
The traefik config of my application :
services:
geodude:
image: "XXXXXXXX/geodude:main"
container_name: "geodude"
restart: "always"
networks:
- "traefik"
environment:
[...]
volumes:
- "/root/geodude/data:/data"
labels:
- "traefik.enable=true"
- "traefik.http.routers.geodude.rule=Host(`api.XXXXXX`)"
- "traefik.http.routers.geodude.entrypoints=websecure"
- "traefik.http.routers.geodude.tls.certresolver=myresolver"
networks:
traefik:
external: true
Related
traefik rule not redirecting requests made to "localhost/api" to backend container
Whenever I change the backend
- "traefik.http.routers.api.rule=Host(`localhost`) && PathPrefix(`/api`)"
to Host('localhost') I can access the application at localhost but after adding this rule, whenever I go to localhost/api , it leads me to frontend and opens html page
version: '3'
volumes:
myvol2:
external: false
services:
traefik:
image: "traefik:v2.6"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--api.dashboard=true"
- "--api.debug=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.api.address=:5000"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443" # new
ports:
- "80:80"
- "5000:5000"
- "443:443" # new
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
api:
image: "myimagename"
ports:
- '5000'
scale: 1
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`localhost`) && PathPrefix(`/api`)"
- "traefik.http.routers.api.entrypoints=web"
- "traefik.http.services.api.loadbalancer.server.port=5000"
volumes:
- /app/node_modules
- ./server:/app
- myvol2:/resources/static/assets/uploads # Volume
environment:
- PORT=5000
web:
image: "myfrontendimage"
stdin_open: true
scale: 1
ports:
- '3000'
environment:
- CHOKIDAR_USEPOLLING=true
- CI=true
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(`localhost`)"
- "traefik.http.routers.web.entrypoints=web"
- "traefik.http.services.web.loadbalancer.server.port=3000"
volumes:
- /app/node_modules
- ./client:/app
Tried redirecting the Tried almost all combinations of route, even tried adding regexp for matching localhost/api.
With my current nginx setup,
I have :
location /api{
rewrite /api/(.*) /$1 break;
proxy_pass http://api;
}
in my default.conf,
Trying to migrate to traefik but the requests to localhost/api are not reaching
Your configuration seems to be fine. In your question you have a bunch of placeholder values, so it's not actually possible to test your docker-compose.yaml, but we can produce a runnable version like this:
services:
traefik:
image: "traefik:v2.9"
command:
- "--api.insecure=true"
- "--api.dashboard=true"
- "--api.debug=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
# The port mappings here are to avoid conflicts with other services
# on my system
ports:
- "7080:80"
- "7443:443"
- "7090:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
api:
# Note that we don't need a `ports` configuration here because we're
# not publish any ports to the host (all access will be via the
# frontend proxy).
image: "docker.io/traefik/whoami:latest"
command:
- --name=API
- --port=5000
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`localhost`) && PathPrefix(`/api`)"
- "traefik.http.routers.api.entrypoints=web"
- "traefik.http.services.api.loadbalancer.server.port=5000"
web:
image: "docker.io/traefik/whoami:latest"
command:
- --name=WEB
- --port=3000
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(`localhost`)"
- "traefik.http.routers.web.entrypoints=web"
- "traefik.http.services.web.loadbalancer.server.port=3000"
The significant changes here are:
I'm using Traefik v2.9 (because why use an older release?)
I've replaced all your images with docker.io/traefik/whoami, which gives us a simple endpoint for testing.
With the above configuration, a request to http://localhost hits the "web" container:
$ curl localhost:7080
Name: WEB
[...]
Whereas a request to http://localhost/api hits the "api" container:
$ curl localhost:7080/api
{...., "name": "API"}
(We're getting a JSON response in the second case because we're hitting the /api path on the whoami container.)
Finally, got the traefik /api to redirect to the other backend container with the following set up
The primary issue was that even though it redirects to the container, it did not strip the /api prefix, so the API route was getting messed up
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=PathPrefix(`/api/`)"
- "traefik.http.routers.api.service=api"
- "traefik.http.services.api.loadbalancer.server.port=5000"
- "traefik.http.middlewares.api.stripprefix.prefixes=/api"
- "traefik.http.middlewares.api.stripprefix.forceSlash=false"
- "traefik.http.routers.api.middlewares=api"
I am new to this today. I have been trying to figure out what the problem is all day.
docker-compose version 1.28.5, build 324b023a
I run:
docker-compose up -d
and I get:
ERROR: The Compose file './docker-compose.yml' is invalid because:
Unsupported config option for services.teslamate: 'database'
version: "3"
services:
teslamate:
image: teslamate/teslamate
restart: always
environment:
- ENCRYPTION_KEY= <Insert Key>
- DB_USER=teslamate
- DB_PASS= <Insert password>
- DB_NAME=teslamate
- DB_HOST=database
- MQTT_HOST=mosquitto
- VIRTUAL_HOST=<Insert IP address>
# if you're going to access the UI from another machine replace
# "localhost" with the hostname / IP address of the docker host.
- TZ=US # (optional) replace to use local time in debug logs. See "Configuration".
ports:
- 4000:4000
volumes:
- ./import:/opt/app/import
cap_drop:
- all
database:
image: postgres:14
restart: always
environment:
- POSTGRES_USER=teslamate
- POSTGRES_PASSWORD= <Insert password>
- POSTGRES_DB=teslamate
volumes:
- teslamate-db:/var/lib/postgresql/data
grafana:
image: teslamate/grafana
restart: always
environment:
- DATABASE_USER=teslamate
- DATABASE_PASS= goforit
- DATABASE_NAME=teslamate
- DATABASE_HOST=database
ports:
- 3000:3000
volumes:
- teslamate-grafana-data:/var/lib/grafana
mosquitto:
image: eclipse-mosquitto:2
restart: always
command: mosquitto -c /mosquitto-no-auth.conf
# ports:
# - 1883:1883
volumes:
- mosquitto-conf:/mosquitto/config
- mosquitto-data:/mosquitto/data
volumes:
teslamate-db:
teslamate-grafana-data:
mosquitto-conf:
mosquitto-data:
Could someone please let me know what is wrong?
Thank you,
It is just a Yaml indentation problem. Your services teslamate, database, grafana and mosquito needs to have the same indentation, otherwise database is seen as a property of teslamate and it is not a valid property for docker-compose.
version: "3"
services:
teslamate:
image: teslamate/teslamate
restart: always
environment:
- ENCRYPTION_KEY= <Insert Key>
- DB_USER=teslamate
- DB_PASS= <Insert password>
- DB_NAME=teslamate
- DB_HOST=database
- MQTT_HOST=mosquitto
- VIRTUAL_HOST=<Insert IP address>
# if you're going to access the UI from another machine replace
# "localhost" with the hostname / IP address of the docker host.
- TZ=US # (optional) replace to use local time in debug logs. See "Configuration".
ports:
- 4000:4000
volumes:
- ./import:/opt/app/import
cap_drop:
- all
database:
image: postgres:14
restart: always
environment:
- POSTGRES_USER=teslamate
- POSTGRES_PASSWORD= <Insert password>
- POSTGRES_DB=teslamate
volumes:
- teslamate-db:/var/lib/postgresql/data
grafana:
image: teslamate/grafana
restart: always
environment:
- DATABASE_USER=teslamate
- DATABASE_PASS= goforit
- DATABASE_NAME=teslamate
- DATABASE_HOST=database
ports:
- 3000:3000
volumes:
- teslamate-grafana-data:/var/lib/grafana
mosquitto:
image: eclipse-mosquitto:2
restart: always
command: mosquitto -c /mosquitto-no-auth.conf
# ports:
# - 1883:1883
volumes:
- mosquitto-conf:/mosquitto/config
- mosquitto-data:/mosquitto/data
volumes:
teslamate-db:
teslamate-grafana-data:
mosquitto-conf:
mosquitto-data:
So I'm trying to add bitwarden_rs to my docker network but seems to fail hard.
I also have a nextcloud docker container running behind traefik (nextcloud.mydomain.com) which is working fine. But adding bitwarden with his own subdomain (bitwarden.mydomain.com) to traefik doesn't want to start working. I'm always getting a Bad Gateway error.
Traefik docker-compose
version: "3"
services:
traefik:
image: traefik:latest
container_name: traefik
restart: always
command:
- --log.level=DEBUG
- --api.insecure
- --api.dashboard
- --providers.file.directory=/FileProvider/
- --providers.file.watch=true
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.endpoint=unix:///var/run/docker.sock
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencryptresolver.acme.email=my#email.com
- --certificatesresolvers.letsencryptresolver.acme.storage=./letsencrypt/acme.json
- --certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencryptresolver.acme.httpchallenge=true
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- ...
networks:
- local-lan
labels:
- --traefik.http.middlewares.https.redirectscheme.scheme=https
- --traefik.http.routers.https_redirect.middlewares=https
- --traefik.http.routers.https_redirect.rule=(Host(`bitwarden.mydomain.com`) || Host(`nextcloud.mydomain.com`))
- --traefik.http.routers.https_redirect.entrypoints=web
- --traefik.docker.network=local-lan
networks:
local-lan:
external: true
traefik dynamic config
middlewares:
ncHeader:
headers:
customResponseHeaders:
stsPreload: true
stsSeconds: 15552000
redirect:
redirectScheme:
scheme: https
bitwarden_rs docker-compose
version: '3'
services:
bitwarden:
image: bitwardenrs/server:latest
container_name: bitwarden
restart: always
volumes:
- /home/reggi/bitwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- SIGNUPS_ALLOWED=true
- ADMIN_TOKEN=xxxxxxxxxxx
ports:
- 3012:3012
- 4500:80
networks:
- local-lan
labels:
- traefik.enable=true
- traefik.docker.network=local-lan
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=4500
- traefik.http.services.bitwarden-ui.loadbalancer.server.scheme=http
- traefik.http.routers.bitwarden-ui-https.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-https.entrypoints=websecure
- traefik.http.routers.bitwarden-ui-https.tls=true
- traefik.http.routers.bitwarden-ui-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui#docker
- traefik.http.routers.bitwarden-ui-http.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-http.entrypoints=web
- traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui#docker
- traefik.http.routers.bitwarden-websocket-https.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure
- traefik.http.routers.bitwarden-websocket-https.tls=true
- traefik.http.routers.bitwarden-websocket-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket
- traefik.http.routers.bitwarden-websocket-http.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-http.entrypoints=web
- traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
networks:
local-lan:
external: true
Both containers are running fine with this configuration but for some reason, I get a Bad Gateway when I navigate to http(s)://bitwarden.mydomain.com.
When I navigate to my server IP:4500 bitwarden opens up meaning the docker container is running fine.
In my traefik log I can find this error:
time="2021-03-10T21:06:35Z" level=debug msg="'502 Bad Gateway' caused by: dial tcp 17.32.0.8:4500: connect: connection refused"
And when I do a simple curl to the bitwarden container from traefik container I get the same error:
curl --verbose http://17.32.0.8:4500
For example, curl to my nextcloud container does work:
I tried a lot of stuff already but can't seem to figure it out. For nextcloud I could add a trusted proxy domain but that doesn't seem to be possible for bitwarden_rs if I'm not mistaken.
Adding network label didn't help GitHub answer
Using these config labels didn't help as well GitHub answer
Does someone know what I'm missing or doing wrong?
After some more investigation, I found my error.
I don't need to map port 80 outside your docker network, I just needed to expose it. So this works now:
version: '3'
services:
bitwarden:
image: bitwardenrs/server:latest
container_name: bitwarden
restart: always
volumes:
- /home/reggi/bitwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- SIGNUPS_ALLOWED=true
- ADMIN_TOKEN=xxxxxxxxxxx
expose:
- 3012
- 80
networks:
- local-lan
labels:
- traefik.enable=true
- traefik.docker.network=local-lan
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=4500
- traefik.http.services.bitwarden-ui.loadbalancer.server.scheme=http
- traefik.http.routers.bitwarden-ui-https.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-https.entrypoints=websecure
- traefik.http.routers.bitwarden-ui-https.tls=true
- traefik.http.routers.bitwarden-ui-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui#docker
- traefik.http.routers.bitwarden-ui-http.rule=Host(`bitwarden.mydomain.com`)
- traefik.http.routers.bitwarden-ui-http.entrypoints=web
- traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui#docker
- traefik.http.routers.bitwarden-websocket-https.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure
- traefik.http.routers.bitwarden-websocket-https.tls=true
- traefik.http.routers.bitwarden-websocket-https.tls.certresolver=letsencryptresolver
- traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket
- traefik.http.routers.bitwarden-websocket-http.rule=Host(`bitwarden.mydomain.com`) && Path(`/notifications/hub`)
- traefik.http.routers.bitwarden-websocket-http.entrypoints=web
- traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
networks:
local-lan:
external: true
Having major problems getting my moodle installation working behind a traefik container in docker swarm. No matter what I try, I get a bad gateway error (different hosts in the frontend rule). I've read various posts on stack overflow and tutorials but due to the amount of commands and different options available, my head is spinning. Could somebody point me in the right direction?
version: '3.7'
services:
traefik:
image: traefik:v1.6.2
networks:
- traefik-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/traefik/traefik.toml:/etc/traefik/traefik.toml
labels:
- traefik.docker.network=traefik-proxy
- traefik.http.routers.traefik-http.entrypoints=web
- traefik.port=8080
- traefik.enable=true
ports:
- "80:80"
- "8080:8080"
command: --api
mariadb:
image: bitnami/mariadb:latest
environment:
- MARIADB_USER=bn_moodle
- MARIADB_DATABASE=bitnami_moodle
- MARIADB_PASSWORD=bitnami
- ALLOW_EMPTY_PASSWORD=yes
volumes:
- /var/mariadb_data:/bitnami
networks:
- database
- traefik-proxy
ports:
- "3306:3306"
moodle:
image: bitnami/moodle:latest
environment:
- MOODLE_DATABASE_USER=bn_moodle
- MOODLE_DATABASE_NAME=bitnami_moodle
- MOODLE_DATABASE_PASSWORD=bitnami
- ALLOW_EMPTY_PASSWORD=yes
ports:
- 8000:80
volumes:
- /var/moodle_data:/bitnami
depends_on:
- mariadb
networks:
- database
- traefik-proxy
labels:
- traefik.enable=true
- traefik.http.routers.moodle.entrypoints=web
- traefik.port=80
- traefik.frontend.rule=Host:one.test.com
- traefik.docker.network=traefik-proxy
- traefik.backend=moodle.app
networks:
database:
driver: overlay
traefik-proxy:
external: true
volumes:
mariadb_data:
moodle_data:
At least following should be updated:
moodle uses port 8080, not 80. So, it can be a reason.
traefik.enable=false should be set for mariadb and traefik services as there is no sense to send a traffic to them
mariadb should have only database network - means isolation from traefik
make traefik more supportive with command: --providers.docker --api --api.insecure=true --providers.docker.watch true
Here is a config for Docker Compose that uses traefik:v2.0.
version: '3.7'
services:
traefik:
image: traefik:v2.0
networks:
- traefik-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.enable=false"
ports:
- "80:80"
- "8080:8080"
command: --providers.docker --api --api.insecure=true --providers.docker.watch true
mariadb:
image: bitnami/mariadb:latest
labels:
- "traefik.enable=false"
environment:
- MARIADB_USER=bn_moodle
- MARIADB_DATABASE=bitnami_moodle
- MARIADB_PASSWORD=bitnami
- ALLOW_EMPTY_PASSWORD=yes
networks:
- database
moodle:
image: bitnami/moodle:latest
environment:
- MOODLE_DATABASE_USER=bn_moodle
- MOODLE_DATABASE_NAME=bitnami_moodle
- MOODLE_DATABASE_PASSWORD=bitnami
- ALLOW_EMPTY_PASSWORD=yes
ports:
- 8000:8080
depends_on:
- mariadb
networks:
- database
- traefik-proxy
labels:
- "traefik.enable=true"
- "traefik.http.services.moodle.loadbalancer.server.port=8080"
- "traefik.http.routers.moodle.rule=HostRegexp(`{catchall:.*}`)"
- "traefik.docker.network=traefik-proxy"
networks:
database:
driver: bridge
traefik-proxy:
external: true
Run
docker-compose up -d
docker-compose logs -f
and when log displays lines like
moodle_1 | moodle 11:05:41.68 INFO ==> Running Moodle install script
moodle_1 | moodle 11:08:14.90 INFO ==> Persisting Moodle installation
moodle_1 | moodle 11:08:21.75 INFO ==> ** Moodle setup finished! **
moodle_1 |
moodle_1 | moodle 11:08:21.77 INFO ==> ** Starting cron **
moodle_1 | moodle 11:08:21.80 INFO ==> ** Starting Apache **
try to open http://localhost.
BTW, http://localhost:8080 will open Traefik dashboard. It's useful to see what's is managed and how.
I'm attempting to run this script in Win10 to configure everything.
All containers except the elastic container are initialized correctly and
Elastic times out and then exits with code 124.
https://imgur.com/a/FO8ckwc (some log outputs)
I'm running this script where I didn't touch anything except the Windows ports (you can see the comments)
https://pastebin.com/7Z8Gnenr
version: '3.1'
# Generated on 23-04-2018
services:
alfresco:
image: openmbeeguest/mms-repo:3.2.4-SNAPSHOT
environment:
CATALINA_OPTS: "-Xmx1G -XX:+UseConcMarkSweepGC"
depends_on:
- postgresql
- activemq
- elastic
networks:
- internal
ports:
- 8080:8080
volumes:
- alf_logs:/usr/local/tomcat/logs
- alf_data:/opt/alf_data
tmpfs:
- /tmp
- /usr/local/tomcat/temp/
- /usr/local/tomcat/work/
solr:
image: openmbeeguest/mms-solr:3.2.4-SNAPSHOT
environment:
CATALINA_OPTS: "-Xmx1G -XX:+UseG1GC -XX:+ParallelRefProcEnabled -XX:G1HeapRegionSize=8m -XX:MaxGCPauseMillis=200"
depends_on:
- alfresco
networks:
- internal
volumes:
- solr_logs:/usr/local/tomcat/logs/
- solr_content_store:/opt/solr/ContentStore
tmpfs:
- /tmp
- /usr/local/tomcat/temp/
- /usr/local/tomcat/work/
activemq:
image: openmbeeguest/mms-activemq:3.2.4-SNAPSHOT
ports:
#I changed these Windows side ports
- 61615:61616
- 61617:61614
- 8162:8161
# ORIGINAL
#- 61616:61616
#- 61614:61614
#- 8161:8161
volumes:
- activemq-data-volume:/data/activemq
- activemq-log-volume:/var/log/activemq
- activemq-conf-volume:/opt/activemq/conf
environment:
- ACTIVEMQ_ADMIN_LOGIN admin
- ACTIVEMQ_ADMIN_PASSWORD admin
networks:
- internal
elastic:
image: openmbeeguest/mms-elastic:3.2.4-SNAPSHOT
environment:
CLEAN: 'false'
ports:
- 9200:9200
volumes:
- elastic-data-volume:/usr/share/elasticsearch/data
networks:
- internal
postgresql:
image: openmbeeguest/mms-postgres:3.2.4-SNAPSHOT
volumes:
- pgsql_data:/var/lib/postgresql/data
environment:
- POSTGRES_USER=alfresco
- POSTGRES_PASSWORD=alfresco
- POSTGRES_DB=alfresco
networks:
- internal
volumes:
alf_logs:
alf_data:
solr_logs:
solr_content_store:
pgsql_data:
activemq-data-volume:
activemq-log-volume:
activemq-conf-volume:
elastic-data-volume:
nginx-external-volume:
networks:
internal:
Any help would be greatly appreciated!
Do you have the logs from the elasticsearch container to share? Without that it's hard to tell why it's exiting.
One thing that's tripped me up repeatedly though is the vm.max_map_count setting - the default in Docker is too low for elasticsearch to function, so it's a good first thing to check.