Last active
October 9, 2017 01:11
-
-
Save jdeathe/2ff3df2372f5d7b5a4a9a79ca0be9c22 to your computer and use it in GitHub Desktop.
Initial docker-compose v2 proof of concept.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ------------------------------------------------------------------------------ | |
# Ref: https://docs.docker.com/compose/compose-file/ | |
# | |
# This value is for testing only. | |
# export MYSQL_USER_PASSWORD="*03F7361A0E18DA99361B7A82EA575944F53E206B" | |
# | |
# docker-compose -p app1 down | |
# docker-compose -p app1 up -d --scale varnish=2 --scale httpd=3 | |
# | |
# For older versions of docker-compose you will need to scale and recreate. | |
# docker-compose -p app1 up -d | |
# docker-compose -p app1 scale httpd=3 varnish=2 | |
# docker-compose -p app1 up --force-recreate --no-deps -d varnish haproxy | |
# ------------------------------------------------------------------------------ | |
version: "2" | |
networks: | |
tier1: | |
driver: "bridge" | |
ipam: | |
config: | |
- subnet: "172.172.1.0/24" | |
gateway: "172.172.1.1" | |
tier2: | |
driver: "bridge" | |
ipam: | |
config: | |
- subnet: "172.172.2.0/24" | |
gateway: "172.172.2.1" | |
internal: true | |
tier3: | |
driver: "bridge" | |
ipam: | |
config: | |
- subnet: "172.172.3.0/24" | |
gateway: "172.172.3.1" | |
internal: true | |
tier4: | |
driver: "bridge" | |
ipam: | |
config: | |
- subnet: "172.172.4.0/24" | |
gateway: "172.172.4.1" | |
internal: true | |
volumes: | |
data-mysql: | |
driver: "local" | |
services: | |
haproxy: | |
command: '"printf -- \"%s\n\" \"$${HAPROXY_CERTIFICATE}\" > /usr/local/etc/haproxy/localhost.localdomain.crt; printf -- \"%s\n\" \"$${HAPROXY_CONFIG}\" > /usr/local/etc/haproxy/haproxy.cfg && haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg && /docker-entrypoint.sh haproxy -f /usr/local/etc/haproxy/haproxy.cfg"' | |
depends_on: | |
- "varnish" | |
entrypoint: "/bin/sh -c" | |
environment: | |
HAPROXY_CONFIG: |- | |
global | |
group root | |
log 127.0.0.1 local2 | |
maxconn 4096 | |
maxsslrate 128 | |
nbproc 1 | |
spread-checks 4 | |
ssl-default-bind-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS | |
ssl-default-server-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS | |
tune.bufsize 16384 | |
tune.maxaccept 192 | |
tune.maxrewrite 1024 | |
tune.ssl.default-dh-param 2048 | |
tune.ssl.cachesize 320000 | |
tune.ssl.lifetime 300 | |
tune.ssl.maxrecord 1419 | |
tune.zlib.memlevel 9 | |
user root | |
defaults | |
default-server maxconn 128 | |
log global | |
mode http | |
option httplog | |
option dontlognull | |
option dontlog-normal | |
option abortonclose | |
option http-server-close | |
option forwardfor except 127.0.0.0/8 | |
option redispatch | |
retries 3 | |
timeout connect 5s | |
timeout client 40s | |
timeout server 40s | |
timeout queue 120s | |
timeout http-request 4s | |
timeout http-keep-alive 15s | |
timeout check 15s | |
frontend http | |
backlog 1024 | |
bind 0.0.0.0:80 nice 15 | |
default_backend http | |
maxconn 1024 | |
rate-limit sessions 1024 | |
redirect scheme https code 301 if !{ ssl_fc } | |
frontend https | |
backlog 1024 | |
bind 0.0.0.0:443 nice 30 ssl no-sslv3 no-tls-tickets crt /usr/local/etc/haproxy/localhost.localdomain.crt | |
default_backend https | |
maxconn 1024 | |
rate-limit sessions 128 | |
backend http | |
balance roundrobin | |
fullconn 1024 | |
http-request del-header X-Forwarded-Port | |
http-request del-header X-Forwarded-Proto | |
option forwardfor | |
option httpchk HEAD / HTTP/1.1\r\nHost:\ localhost.localdomain\r\nConnection:\ close\r\nUser-Agent:\ HAProxy\r\nAccept-Encoding:\ gzip,\ deflate | |
reqidel ^Forwarded:.* | |
reqadd X-Forwarded-Port:\ 80 | |
reqadd X-Forwarded-Proto:\ http | |
server web_1 varnish_1:80 port 80 check | |
server web_2 varnish_2:80 port 80 check backup | |
backend https | |
balance roundrobin | |
fullconn 1024 | |
http-request del-header X-Forwarded-Port | |
http-request del-header X-Forwarded-Proto | |
option forwardfor | |
option httpchk HEAD / HTTP/1.1\r\nHost:\ localhost.localdomain\r\nConnection:\ close\r\nUser-Agent:\ HAProxy\r\nAccept-Encoding:\ gzip,\ deflate | |
reqidel ^Forwarded:.* | |
reqadd X-Forwarded-Port:\ 443 | |
reqadd X-Forwarded-Proto:\ https | |
# rspadd Strict-Transport-Security:\ max-age=15768000 | |
server web_1 varnish_1:8443 port 8443 check check-send-proxy send-proxy-v2 no-sslv3 no-tls-tickets | |
server web_2 varnish_2:8443 port 8443 check check-send-proxy send-proxy-v2 no-sslv3 no-tls-tickets backup | |
HAPROXY_CERTIFICATE: |- | |
-----BEGIN PRIVATE KEY----- | |
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDxMCu2FVXj9ahx | |
FaU4YPC6JYWnirt1F8mMBO+ChMcZe//DCWMkNNcYx4DixaQxozno1Qno1K6JCs3m | |
1PqsGIL1nEZec9rlXJeo+cVpLx2pnoAQRJt/OffcJZqquBCEk6Ckvh751VIN3ldE | |
iUbhNdhNzVWHlYp7ItSyzDKL4cNSKZqNM3A7D3xkE52wgWFKv+4cxPQGX/yu1GMj | |
gPFGIq56nLT1c7zMLQBpR/VNSqAPRNblTmzN8xwfitpzzS5CeCaAHiaI5AQpemMB | |
hExIN01B/O9rdFatuCWVRkLyirUt+vDKNQ9GtB38yXzf7xYKqnmSzmjhrLKETbZe | |
Ux9FgpgRAgMBAAECggEBAIYrHtXOrpX+LTKjMOLZAnD6uIwIH9m2Xtb2U+pORJeH | |
pDJyAWW9wz40lR0RhxJZ07gS8s1Dqsfva7USG1Qq2ocY5Qhb+JQI2xETyN6HaD/Y | |
PTNPhxTSQXCEtrJrbDzkBsQ+QusF4Px4CCHHH9feZTJ6nC6tYHi5WosQDrpD36zP | |
BXYQHxoLicxV+rdBtHUtK2u9KC1WxE43l9FDZG7nJ+8vL/MQaWO4vQQgOUtz+VMV | |
jkS7EMW5U2Odb/dLFH/4+my015sL7ajboM7r8m1vyuDVdNayXC6wOvMMvUs56Ymr | |
4d7vEsYIglYPlb5nIz7dlyeBWWeKsJ1mrR0RUYLY+EECgYEA/eSORC/mJGt8CCfb | |
Ydej/fVVp0AwCbWyt+pX8Ol0KVbnwPZ407qytxeO0Ja9UuA5bp/dvyBdyHKjigMd | |
zPPS03Bi/XKogjfgHK22sc0ZDVAWLKXnc3puHV4zG4q2t+KIRj2htY3NLxUt9+mP | |
Vp8yqBsgCIawwk6PlXLcFQgHaEkCgYEA8zCfH/4jZaovtS4eQ+Esk3Nb+dy+BSc1 | |
3SEi81rzPsixuNki3Lyb9zK/Y9fHLZsFsisgYO+4+gMkQPrMxokbfMYwKIwD5xUs | |
hg4OPPzaxDTVHe4Jojf75rKCW8TGxpbnL1thSvt/GMQFTLsEo99hgJSr3PfTgwDr | |
34TZk0QHgYkCgYAD0txdpIcHx2Kf0NHaAGBk47v9f9b5XnYplOrsIufv83IcEtow | |
/h/Q6Bbrh0mkpOHYi6nQRhGDgk56Np/NRWLIcmnbPU3SYDsM04Tr2pXlAG7FD16T | |
+6UK5i9I2+bykAPTYvw7er47VktR73+MI2uk4nuyBS1GT96Ttp4f5vYNmQKBgQCm | |
q8gjMRYpcz5HOlhbxVO7qvB6iqNg/MKZz0AY8ViMyxeizI5sIofyH8G0OAq2YuzA | |
c3Y5eZKZJtYOAtWdrBI+rcYLxApYsdZV+gQgIFv+5Qa7AI1xtFTcg7N8GZzyNjIz | |
7rj7nuo4mv/W2sYPWeWFLl+rjd5UhqkiA/bqS1GpoQKBgHCdamzOqA4u1uLClCRc | |
dzsFrJYpE07OB6CvXtX1M2kSOkVK15FgjMviv76V1m6VvaHxhphgt4IyomN2GrQL | |
2dau2h2TpocTiGBgFYrh0XiUrN1dvzju4l2gziz79h0Bif8DYmZOmnBnKbhVMxkZ | |
1z5IDuli+nWYpJ7HmCIoi+Rh | |
-----END PRIVATE KEY----- | |
-----BEGIN CERTIFICATE----- | |
MIIC5zCCAc+gAwIBAgIJAJT2WaKk6zHNMA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNV | |
BAMMFWxvY2FsaG9zdC5sb2NhbGRvbWFpbjAeFw0xNzEwMDkwMDU1MTlaFw0xODEw | |
MDkwMDU1MTlaMCAxHjAcBgNVBAMMFWxvY2FsaG9zdC5sb2NhbGRvbWFpbjCCASIw | |
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPEwK7YVVeP1qHEVpThg8LolhaeK | |
u3UXyYwE74KExxl7/8MJYyQ01xjHgOLFpDGjOejVCejUrokKzebU+qwYgvWcRl5z | |
2uVcl6j5xWkvHamegBBEm38599wlmqq4EISToKS+HvnVUg3eV0SJRuE12E3NVYeV | |
insi1LLMMovhw1Ipmo0zcDsPfGQTnbCBYUq/7hzE9AZf/K7UYyOA8UYirnqctPVz | |
vMwtAGlH9U1KoA9E1uVObM3zHB+K2nPNLkJ4JoAeJojkBCl6YwGETEg3TUH872t0 | |
Vq24JZVGQvKKtS368Mo1D0a0HfzJfN/vFgqqeZLOaOGssoRNtl5TH0WCmBECAwEA | |
AaMkMCIwIAYDVR0RBBkwF4IVbG9jYWxob3N0LmxvY2FsZG9tYWluMA0GCSqGSIb3 | |
DQEBCwUAA4IBAQAtb+7E0ABsSHEYCZoBeAfEXnRwgsWIYGC/As/tumhGLNuRmBfR | |
Rik9CXjsGSGpENdq8Dh2tLKI4QqI9zsNKd4tu2pWcPDi5C5plO/Jt9QO7dQvzCRb | |
gxeDyZ0GcaHEei4AyHeeBWp+t3ZHGDh9NtuDY2fHPU2S/smfzfmB3dGZI9wMRjC4 | |
+tpebGK/aLsEstIwfzXu41pg8jvr9qBN96rsjrpCiCw3fY7vw+O2DMkxPmqcD1yd | |
Ziy/3c9kuUKEn6V5G/HiSNtTBoMw7zx8mu22roG8Lg8VzcJEAe0BSG/pbdVsLBn0 | |
zWcWNxnDYg3tH+w0tUWXc1FO6YxzEL+8xvCy | |
-----END CERTIFICATE----- | |
image: "haproxy:1.7.9-alpine" | |
links: | |
- "varnish" | |
networks: | |
- "tier1" | |
- "tier2" | |
ports: | |
- "80:80" | |
- "443:443" | |
restart: "always" | |
ulimits: | |
nofile: | |
soft: 524288 | |
hard: 1048576 | |
nproc: 65535 | |
varnish: | |
environment: | |
VARNISH_STORAGE: "malloc,256M" | |
VARNISH_VCL_CONF: "dmNsIDQuMDsKCmltcG9ydCBkaXJlY3RvcnM7CmltcG9ydCBzdGQ7Cgpwcm9iZSBoZWFsdGhjaGVjayB7CgkuaW50ZXJ2YWwgPSA1czsKCS50aW1lb3V0ID0gMnM7Cgkud2luZG93ID0gNTsKCS50aHJlc2hvbGQgPSAzOwoJLmluaXRpYWwgPSAyOwoJLmV4cGVjdGVkX3Jlc3BvbnNlID0gMjAwOwoJLnJlcXVlc3QgPQoJCSJHRVQgLyBIVFRQLzEuMSIKCQkiSG9zdDogbG9jYWxob3N0LmxvY2FsZG9tYWluIgoJCSJDb25uZWN0aW9uOiBjbG9zZSIKCQkiVXNlci1BZ2VudDogVmFybmlzaCIKCQkiQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlIjsKfQoKYmFja2VuZCBodHRwXzEgeyAuaG9zdCA9ICJodHRwZF8xIjsgLnBvcnQgPSAiODAiOyAuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsgLnByb2JlID0gaGVhbHRoY2hlY2s7IH0KYmFja2VuZCBodHRwXzIgeyAuaG9zdCA9ICJodHRwZF8yIjsgLnBvcnQgPSAiODAiOyAuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsgLnByb2JlID0gaGVhbHRoY2hlY2s7IH0KYmFja2VuZCBodHRwXzMgeyAuaG9zdCA9ICJodHRwZF8zIjsgLnBvcnQgPSAiODAiOyAuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsgLnByb2JlID0gaGVhbHRoY2hlY2s7IH0KCmJhY2tlbmQgdGVybWluYXRlZF9odHRwc18xIHsgLmhvc3QgPSAiaHR0cGRfMSI7IC5wb3J0ID0gIjg0NDMiOyAuZmlyc3RfYnl0ZV90aW1lb3V0ID0gMzAwczsgLnByb2JlID0gaGVhbHRoY2hlY2s7IH0KYmFja2VuZCB0ZXJtaW5hdGVkX2h0dHBzXzIgeyAuaG9zdCA9ICJodHRwZF8yIjsgLnBvcnQgPSAiODQ0MyI7IC5maXJzdF9ieXRlX3RpbWVvdXQgPSAzMDBzOyAucHJvYmUgPSBoZWFsdGhjaGVjazsgfQpiYWNrZW5kIHRlcm1pbmF0ZWRfaHR0cHNfMyB7IC5ob3N0ID0gImh0dHBkXzMiOyAucG9ydCA9ICI4NDQzIjsgLmZpcnN0X2J5dGVfdGltZW91dCA9IDMwMHM7IC5wcm9iZSA9IGhlYWx0aGNoZWNrOyB9CgpzdWIgdmNsX2luaXQgewoJbmV3IGRpcmVjdG9yX2h0dHAgPSBkaXJlY3RvcnMucm91bmRfcm9iaW4oKTsKCWRpcmVjdG9yX2h0dHAuYWRkX2JhY2tlbmQoaHR0cF8xKTsKCWRpcmVjdG9yX2h0dHAuYWRkX2JhY2tlbmQoaHR0cF8yKTsKCWRpcmVjdG9yX2h0dHAuYWRkX2JhY2tlbmQoaHR0cF8zKTsKCgluZXcgZGlyZWN0b3JfdGVybWluYXRlZF9odHRwcyA9IGRpcmVjdG9ycy5yb3VuZF9yb2JpbigpOwoJZGlyZWN0b3JfdGVybWluYXRlZF9odHRwcy5hZGRfYmFja2VuZCh0ZXJtaW5hdGVkX2h0dHBzXzEpOwoJZGlyZWN0b3JfdGVybWluYXRlZF9odHRwcy5hZGRfYmFja2VuZCh0ZXJtaW5hdGVkX2h0dHBzXzIpOwoJZGlyZWN0b3JfdGVybWluYXRlZF9odHRwcy5hZGRfYmFja2VuZCh0ZXJtaW5hdGVkX2h0dHBzXzMpOwp9CgpzdWIgdmNsX3JlY3YgewoJaWYgKHJlcS5tZXRob2QgPT0gIlBSSSIpIHsKCQlyZXR1cm4gKHN5bnRoKDQwNSkpOwoJfQoKCXVuc2V0IHJlcS5odHRwLkZvcndhcmRlZDsKCXVuc2V0IHJlcS5odHRwLlgtRm9yd2FyZGVkLVBvcnQ7Cgl1bnNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qcm90bzsKCglpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4NDQzIHx8CgkJc3RkLnBvcnQobG9jYWwuaXApID09IDg0NDMpIHsKCQlzZXQgcmVxLmh0dHAuWC1Gb3J3YXJkZWQtUG9ydCA9ICI0NDMiOwoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qcm90byA9ICJodHRwcyI7CgkJc2V0IHJlcS5iYWNrZW5kX2hpbnQgPSBkaXJlY3Rvcl90ZXJtaW5hdGVkX2h0dHBzLmJhY2tlbmQoKTsKCX0gZWxzZSBpZiAoc3RkLnBvcnQoc2VydmVyLmlwKSA9PSA4MCB8fAoJCXN0ZC5wb3J0KGxvY2FsLmlwKSA9PSA4MCkgewoJCXNldCByZXEuaHR0cC5YLUZvcndhcmRlZC1Qb3J0ID0gIjgwIjsKCQlzZXQgcmVxLmJhY2tlbmRfaGludCA9IGRpcmVjdG9yX2h0dHAuYmFja2VuZCgpOwoJfSBlbHNlIHsKCQlyZXR1cm4gKHN5bnRoKDQwMykpOwoJfQoKCWlmIChyZXEubWV0aG9kICE9ICJHRVQiICYmCgkJcmVxLm1ldGhvZCAhPSAiSEVBRCIgJiYKCQlyZXEubWV0aG9kICE9ICJQVVQiICYmCgkJcmVxLm1ldGhvZCAhPSAiUE9TVCIgJiYKCQlyZXEubWV0aG9kICE9ICJUUkFDRSIgJiYKCQlyZXEubWV0aG9kICE9ICJPUFRJT05TIiAmJgoJCXJlcS5tZXRob2QgIT0gIkRFTEVURSIpIHsKCQlyZXR1cm4gKHBpcGUpOwoJfQoKCWlmIChyZXEubWV0aG9kICE9ICJHRVQiICYmIAoJCXJlcS5tZXRob2QgIT0gIkhFQUQiKSB7CgkJcmV0dXJuIChwYXNzKTsKCX0KCglpZiAocmVxLmh0dHAuRXhwZWN0KSB7CgkJcmV0dXJuIChwaXBlKTsKCX0KCglpZiAocmVxLmh0dHAuQ2FjaGUtQ29udHJvbCB+ICIocHJpdmF0ZXxuby1jYWNoZXxuby1zdG9yZSkiKSB7CgkJcmV0dXJuIChwYXNzKTsKCX0KCglpZiAocmVxLnVybCB+ICJcLihnaWZ8cG5nfGpwZT9nfGljb3xzd2Z8Y3NzfGpzfGh0bWw/fHR4dCkkIikgewoJCXVuc2V0IHJlcS5odHRwLkNvb2tpZTsKCQlyZXR1cm4gKGhhc2gpOwoJfQoKCWlmIChyZXEuaHR0cC5Db29raWUpIHsKCQlzZXQgcmVxLmh0dHAuQ29va2llID0gIjsiICsgcmVxLmh0dHAuQ29va2llOwoJCXNldCByZXEuaHR0cC5Db29raWUgPSByZWdzdWJhbGwocmVxLmh0dHAuQ29va2llLCAiOyArIiwgIjsiKTsKCQlzZXQgcmVxLmh0dHAuQ29va2llID0gcmVnc3ViYWxsKHJlcS5odHRwLkNvb2tpZSwgIjsoUEhQU0VTU0lEfGFwcC1zZXNzaW9uKT0iLCAiOyBcMT0iKTsKCQlzZXQgcmVxLmh0dHAuQ29va2llID0gcmVnc3ViYWxsKHJlcS5odHRwLkNvb2tpZSwgIjtbXiBdW147XSoiLCAiIik7CgkJc2V0IHJlcS5odHRwLkNvb2tpZSA9IHJlZ3N1YmFsbChyZXEuaHR0cC5Db29raWUsICJeWzsgXSt8WzsgXSskIiwgIiIpOwoKCQlpZiAocmVxLmh0dHAuQ29va2llID09ICIiKSB7CgkJCXVuc2V0IHJlcS5odHRwLkNvb2tpZTsKCQl9Cgl9CgoJaWYgKHJlcS5odHRwLkF1dGhvcml6YXRpb24gfHwgCgkJcmVxLmh0dHAuQ29va2llKSB7CgkJcmV0dXJuIChwYXNzKTsKCX0KCglyZXR1cm4gKGhhc2gpOwp9CgpzdWIgdmNsX2hhc2ggewoJaGFzaF9kYXRhKHJlcS51cmwpOwoKCWlmIChyZXEuaHR0cC5ob3N0KSB7CgkJaGFzaF9kYXRhKHJlcS5odHRwLmhvc3QpOwoJfSBlbHNlIHsKCQloYXNoX2RhdGEoc2VydmVyLmlwKTsKCX0KCglpZiAocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pIHsKCQloYXNoX2RhdGEocmVxLmh0dHAuWC1Gb3J3YXJkZWQtUHJvdG8pOwoJfQoKCXJldHVybiAobG9va3VwKTsKfQoKc3ViIHZjbF9oaXQgewoJaWYgKG9iai50dGwgPj0gMHMpIHsKCQlyZXR1cm4gKGRlbGl2ZXIpOwoJfQoKCWlmIChzdGQuaGVhbHRoeShyZXEuYmFja2VuZF9oaW50KSAmJiAKCQlvYmoudHRsICsgMTVzID4gMHMpIHsKCQlyZXR1cm4gKGRlbGl2ZXIpOwoJfSBlbHNlIGlmIChvYmoudHRsICsgb2JqLmdyYWNlID4gMHMpIHsKCQlyZXR1cm4gKGRlbGl2ZXIpOwoJfQoKCXJldHVybiAobWlzcyk7Cn0KCnN1YiB2Y2xfZGVsaXZlciB7CglyZXR1cm4gKGRlbGl2ZXIpOwp9CgpzdWIgdmNsX2JhY2tlbmRfcmVzcG9uc2UgewoJc2V0IGJlcmVzcC5ncmFjZSA9IDZoOwoKCWlmIChiZXJlc3AudHRsIDw9IDBzIHx8CgkJYmVyZXNwLmh0dHAuU2V0LUNvb2tpZSB8fAoJCWJlcmVzcC5odHRwLlN1cnJvZ2F0ZS1jb250cm9sIH4gIm5vLXN0b3JlIiB8fAoJCSggISBiZXJlc3AuaHR0cC5TdXJyb2dhdGUtQ29udHJvbCAmJiAKCQkJYmVyZXNwLmh0dHAuQ2FjaGUtQ29udHJvbCB+ICIocHJpdmF0ZXxuby1jYWNoZXxuby1zdG9yZSkiKSB8fAoJCWJlcmVzcC5odHRwLlZhcnkgPT0gIioiKSB7CgkJc2V0IGJlcmVzcC51bmNhY2hlYWJsZSA9IHRydWU7CgkJc2V0IGJlcmVzcC50dGwgPSAxMjBzOwoJCXJldHVybiAoZGVsaXZlcik7Cgl9CgoJcmV0dXJuIChkZWxpdmVyKTsKfQo=" | |
image: "jdeathe/centos-ssh-varnish:1.4.1" | |
links: | |
- "httpd" | |
networks: | |
tier2: | |
aliases: | |
- "varnish" | |
tier3: | |
aliases: | |
- "varnish" | |
restart: "always" | |
ulimits: | |
memlock: 82000 | |
nofile: | |
soft: 524288 | |
hard: 1048576 | |
nproc: 65535 | |
httpd: | |
depends_on: | |
- "memcached" | |
- "mysql" | |
environment: | |
APACHE_MPM: "event" | |
APACHE_SERVER_ALIAS: "app-1" | |
APACHE_SERVER_NAME: "app-1.local" | |
PHP_OPTIONS_SESSION_SAVE_HANDLER: "memcached" | |
PHP_OPTIONS_SESSION_SAVE_PATH: "memcached:11211" | |
image: "jdeathe/centos-ssh-apache-php:2.2.1" | |
links: | |
- "memcached" | |
- "mysql" | |
networks: | |
tier3: | |
aliases: | |
- "httpd" | |
tier4: | |
restart: "always" | |
memcached: | |
image: "jdeathe/centos-ssh-memcached:1.1.1" | |
environment: | |
MEMCACHED_CACHESIZE: "32" | |
networks: | |
tier4: | |
aliases: | |
- "memcached" | |
restart: "always" | |
mysql: | |
environment: | |
MYSQL_SUBNET: "172.172.4.0/255.255.255.0" | |
MYSQL_USER: "app-1" | |
MYSQL_USER_DATABASE: "app-1" | |
MYSQL_USER_PASSWORD: "${MYSQL_USER_PASSWORD}" | |
MYSQL_USER_PASSWORD_HASHED: "true" | |
image: "jdeathe/centos-ssh-mysql:1.8.1" | |
networks: | |
tier4: | |
aliases: | |
- "mysql" | |
restart: "always" | |
volumes: | |
- "data-mysql:/var/lib/mysql" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
TODO: