--- version: '3' volumes: data-volume: driver_opts: type: none device: ${OBMP_DATA_ROOT}/postgres/data o: bind ts-volume: driver_opts: type: none device: ${OBMP_DATA_ROOT}/postgres/ts o: bind services: zookeeper: restart: unless-stopped container_name: obmp-zookeeper image: confluentinc/cp-zookeeper:7.1.1 volumes: - ${OBMP_DATA_ROOT}/zk-data:/var/lib/zookeeper/data - ${OBMP_DATA_ROOT}/zk-log:/var/lib/zookeeper/log environment: ZOOKEEPER_CLIENT_PORT: 2181 ZOOKEEPER_TICK_TIME: 2000 kafka: restart: unless-stopped container_name: obmp-kafka image: confluentinc/cp-kafka:7.1.1 # Change the mount point to where you want to store Kafka data. # Normally 80GB or more volumes: - ${OBMP_DATA_ROOT}/kafka-data:/var/lib/kafka/data depends_on: - zookeeper ports: - "9092:9092" environment: KAFKA_BROKER_ID: 1 KAFKA_ZOOKEEPER_CONNECT: obmp-zookeeper:2181 # Change/add listeners based on your FQDN that the host and other containers can access. You can use # an IP address as well. By default, only within the compose/containers can Kafka be accesssed # using port 29092. Outside access can be enabled, but you should use an FQDN listener. #KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:29092,PLAINTEXT_HOST://:9092 KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://obmp-kafka:29092 KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 KAFKA_NUM_PARTITIONS: 8 KAFKA_LOG_RETENTION_MINUTES: 90 KAFKA_LOG_ROLL_MS: 3600000 KAFKA_LOG_SEGMENT_BYTES: 1073741824 KAFKA_MESSAGE_MAX_BYTES: 100000000 KAFKA_LOG_CLEANER_THREADS: 2 # TODO: Move comment to documentation # You can use SWAG and Let's Encrypt to front the Grafana HTTP port 3000 instance. Below is an example # Create the SWAG direcgtory using "sudo mkdir -m 777 ${OBMP_DATA_ROOT}/swag" # swag: # image: linuxserver/letsencrypt:version-1.11.0 # container_name: obmp-swag # cap_add: # - NET_ADMIN # environment: # - PUID=1000 # - PGID=1000 # - TZ=UTC # - URL= # - SUBDOMAINS=, # - VALIDATION=http # - EMAIL= # - ONLY_SUBDOMAINS=true # - STAGING=false # volumes: # - /var/openbmp/swag:/config # ports: # - 443:443 # - 80:80 #optional # restart: unless-stopped grafana: restart: unless-stopped container_name: obmp-grafana image: grafana/grafana:9.1.7 ports: - "3000:3000" volumes: - ${OBMP_DATA_ROOT}/grafana:/var/lib/grafana - ${OBMP_DATA_ROOT}/grafana/provisioning:/etc/grafana/provisioning/ environment: - GF_SECURITY_ADMIN_PASSWORD=openbmp - GF_AUTH_ANONYMOUS_ENABLED=true - GF_USERS_HOME_PAGE=d/obmp-home/obmp-home - GF_INSTALL_PLUGINS=agenty-flowcharting-panel,grafana-piechart-panel,grafana-worldmap-panel,grafana-simple-json-datasource,vonage-status-panel # TODO: Move comment block to documentation # The below is an example of how to enable OAuth #- GF_AUTH_GENERIC_OAUTH_NAME=MyCompany SSO #- GF_AUTH_GENERIC_OAUTH_ICON=signin #- GF_AUTH_GENERIC_OAUTH_ENABLED=true #- GF_AUTH_GENERIC_OAUTH_CLIENT_ID= #- GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET= #- GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=true #- GF_AUTH_GENERIC_OAUTH_AUTH_URL= #- GF_AUTH_GENERIC_OAUTH_TOKEN_URL= #- GF_SERVER_ROOT_URL=%(protocol)s://%(domain)s:%(http_port)s/ psql: restart: unless-stopped container_name: obmp-psql image: openbmp/postgres:2.2.1 privileged: true shm_size: 1536m sysctls: - net.ipv4.tcp_keepalive_intvl=30 - net.ipv4.tcp_keepalive_probes=5 - net.ipv4.tcp_keepalive_time=180 ports: - "5432:5432" volumes: - data-volume:/var/lib/postgresql/data - ts-volume:/var/lib/postgresql/ts # alter_job max_runtime in _timescaledb_config.bgw_job ( https://docs.timescale.com/latest/api#alter_job ) command: > -c max_wal_size=10GB environment: - POSTGRES_PASSWORD=openbmp - POSTGRES_USER=openbmp - POSTGRES_DB=openbmp collector: restart: unless-stopped container_name: obmp-collector image: openbmp/collector:2.2.3 sysctls: - net.ipv4.tcp_keepalive_intvl=30 - net.ipv4.tcp_keepalive_probes=5 - net.ipv4.tcp_keepalive_time=180 ports: - "5000:5000" volumes: - ${OBMP_DATA_ROOT}/config:/config environment: - KAFKA_FQDN=obmp-kafka:29092 psql-app: restart: unless-stopped container_name: obmp-psql-app image: openbmp/psql-app:2.2.2 sysctls: - net.ipv4.tcp_keepalive_intvl=30 - net.ipv4.tcp_keepalive_probes=5 - net.ipv4.tcp_keepalive_time=180 ports: - "9005:9005" volumes: - ${OBMP_DATA_ROOT}/config:/config environment: - MEM=3 # Set memory to at least 2GB but ideally 4GB - KAFKA_FQDN=obmp-kafka:29092 - RPKI_URL=https://rpki.cloudflare.com/rpki.json # define the URL to retrieve json endoed RPKI data - RPKI_PASS=None - RPKI_USER=None - ENABLE_RPKI=1 # 1 enables, 0 disables RPKI sync - ENABLE_IRR=1 # 1 enables, 0 disables IRR sync - ENABLE_DBIP=1 # 1 enables, 0 disables DBIP import - POSTGRES_REPORT_WINDOW='8 minute' # default POSTGRESS window to select when building # summary tables. For deployments that absorb large # bursts increase the value, ex 60 minute - POSTGRES_PASSWORD=openbmp - POSTGRES_USER=openbmp - POSTGRES_DB=openbmp - POSTGRES_HOST=obmp-psql - POSTGRES_PORT=5432 - POSTGRES_DROP_peer_event_log='1 year' - POSTGRES_DROP_stat_reports='4 weeks' - POSTGRES_DROP_ip_rib_log='4 weeks' - POSTGRES_DROP_alerts='4 weeks' - POSTGRES_DROP_ls_nodes_log='4 months' - POSTGRES_DROP_ls_links_log='4 months' - POSTGRES_DROP_ls_prefixes_log='4 months' - POSTGRES_DROP_stats_chg_byprefix='4 weeks' - POSTGRES_DROP_stats_chg_byasn='4 weeks' - POSTGRES_DROP_stats_chg_bypeer='4 weeks' - POSTGRES_DROP_stats_ip_origins='4 weeks' - POSTGRES_DROP_stats_peer_rib='4 weeks' - POSTGRES_DROP_stats_peer_update_counts='4 weeks' whois: restart: unless-stopped container_name: obmp-whois image: openbmp/whois:2.2.0 sysctls: - net.ipv4.tcp_keepalive_intvl=30 - net.ipv4.tcp_keepalive_probes=5 - net.ipv4.tcp_keepalive_time=180 ports: - "4300:43" # volumes: # - ${OBMP_DATA_ROOT}/config:/config environment: - POSTGRES_PASSWORD=openbmp - POSTGRES_USER=openbmp - POSTGRES_DB=openbmp - POSTGRES_HOST=obmp-psql - POSTGRES_PORT=5432