version: "2.2" networks: # DC 1 dc1_keycloak: ipam: config: - subnet: 10.1.1.0/24 # DC 2 dc2_keycloak: ipam: config: - subnet: 10.2.1.0/24 # cross-DC loadbalancing: ipam: config: - subnet: 10.0.2.0/24 # cross-DC db_replication: ipam: config: - subnet: 10.0.3.0/24 # cross-DC ispn_replication: ipam: config: - subnet: 10.0.4.0/24 services: infinispan_dc1: build: context: infinispan args: LOCAL_SITE: dc1 REMOTE_SITE: dc2 image: keycloak_test_infinispan_dc1:${KEYCLOAK_VERSION:-latest} cpus: 1 networks: - ispn_replication - dc1_keycloak environment: PUBLIC_SUBNET: 10.1.1.0/24 PRIVATE_SUBNET: 10.0.4.0/24 MGMT_USER: admin MGMT_USER_PASSWORD: admin TCP_PING_INITIAL_HOSTS: infinispan_dc1[7600] JAVA_OPTS: ${INFINISPAN_JVM_MEMORY:--Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -XX:+DisableExplicitGC} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true ports: - "9991:9990" infinispan_dc2: build: context: infinispan args: LOCAL_SITE: dc2 REMOTE_SITE: dc1 image: keycloak_test_infinispan_dc2:${KEYCLOAK_VERSION:-latest} depends_on: infinispan_dc1: condition: service_healthy cpus: 1 networks: - ispn_replication - dc2_keycloak environment: PUBLIC_SUBNET: 10.2.1.0/24 PRIVATE_SUBNET: 10.0.4.0/24 MGMT_USER: admin MGMT_USER_PASSWORD: admin TCP_PING_INITIAL_HOSTS: infinispan_dc1[7600],infinispan_dc2[7600] JAVA_OPTS: ${INFINISPAN_JVM_MEMORY:--Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -XX:+DisableExplicitGC} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true ports: - "9992:9990" mariadb_dc1: build: db/mariadb image: keycloak_test_mariadb:${KEYCLOAK_VERSION:-latest} cpus: 1 networks: - db_replication - dc1_keycloak environment: MYSQL_ROOT_PASSWORD: root MYSQL_INITDB_SKIP_TZINFO: foo MYSQL_DATABASE: keycloak MYSQL_USER: keycloak MYSQL_PASSWORD: keycloak entrypoint: docker-entrypoint-wsrep.sh command: --wsrep-new-cluster ports: - "3306:3306" mariadb_dc2: build: db/mariadb image: keycloak_test_mariadb:${KEYCLOAK_VERSION:-latest} depends_on: mariadb_dc1: condition: service_healthy cpuset: ${DB_CPUSET:-1} mem_limit: ${DB_MEMLIMIT:-1g} networks: - db_replication - dc2_keycloak environment: MYSQL_ROOT_PASSWORD: root MYSQL_INITDB_SKIP_TZINFO: foo entrypoint: docker-entrypoint-wsrep.sh command: --wsrep_cluster_address=gcomm://mariadb_dc1 ports: - "3307:3306" keycloak_dc1: build: context: ./keycloak args: REMOTE_CACHES: "true" image: keycloak_test_keycloak:${KEYCLOAK_VERSION:-latest} depends_on: # wait for the db cluster to be ready before starting keycloak mariadb_dc2: condition: service_healthy # wait for the ispn cluster to be ready before starting keycloak infinispan_dc2: condition: service_healthy cpuset: ${KEYCLOAK_DC1_CPUSET:-2} mem_limit: ${KEYCLOAK_MEMLIMIT:-2500m} networks: - dc1_keycloak environment: CONFIGURATION: standalone-ha.xml PUBLIC_SUBNET: 10.1.1.0/24 PRIVATE_SUBNET: 10.1.1.0/24 MARIADB_HOSTS: mariadb_dc1:3306 MARIADB_DATABASE: keycloak MARIADB_USER: keycloak MARIADB_PASSWORD: keycloak KEYCLOAK_USER: admin KEYCLOAK_PASSWORD: admin INFINISPAN_HOST: infinispan_dc1 SITE: dc1 JAVA_OPTS: ${KEYCLOAK_JVM_MEMORY:--Xms64m -Xmx2g -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true HTTP_MAX_CONNECTIONS: ${KEYCLOAK_HTTP_MAX_CONNECTIONS:-500} AJP_MAX_CONNECTIONS: ${KEYCLOAK_AJP_MAX_CONNECTIONS:-500} WORKER_IO_THREADS: ${KEYCLOAK_WORKER_IO_THREADS:-2} WORKER_TASK_MAX_THREADS: ${KEYCLOAK_WORKER_TASK_MAX_THREADS:-16} DS_MIN_POOL_SIZE: ${KEYCLOAK_DS_MIN_POOL_SIZE:-10} DS_MAX_POOL_SIZE: ${KEYCLOAK_DS_MAX_POOL_SIZE:-100} DS_POOL_PREFILL: "${KEYCLOAK_DS_POOL_PREFILL:-true}" DS_PS_CACHE_SIZE: ${KEYCLOAK_DS_PS_CACHE_SIZE:-100} ports: - "8080" - "9990" keycloak_dc2: build: context: ./keycloak args: REMOTE_CACHES: "true" image: keycloak_test_keycloak:${KEYCLOAK_VERSION:-latest} depends_on: # wait for first kc instance to be ready before starting another keycloak_dc1: condition: service_healthy cpuset: ${KEYCLOAK_DC2_CPUSET:-3} mem_limit: ${KEYCLOAK_MEMLIMIT:-2500m} networks: - dc2_keycloak environment: CONFIGURATION: standalone-ha.xml PUBLIC_SUBNET: 10.2.1.0/24 PRIVATE_SUBNET: 10.2.1.0/24 MARIADB_HOSTS: mariadb_dc2:3306 MARIADB_DATABASE: keycloak MARIADB_USER: keycloak MARIADB_PASSWORD: keycloak INFINISPAN_HOST: infinispan_dc2 SITE: dc2 JAVA_OPTS: ${KEYCLOAK_JVM_MEMORY:--Xms64m -Xmx2g -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true HTTP_MAX_CONNECTIONS: ${KEYCLOAK_HTTP_MAX_CONNECTIONS:-500} AJP_MAX_CONNECTIONS: ${KEYCLOAK_AJP_MAX_CONNECTIONS:-500} WORKER_IO_THREADS: ${KEYCLOAK_WORKER_IO_THREADS:-2} WORKER_TASK_MAX_THREADS: ${KEYCLOAK_WORKER_TASK_MAX_THREADS:-16} DS_MIN_POOL_SIZE: ${KEYCLOAK_DS_MIN_POOL_SIZE:-10} DS_MAX_POOL_SIZE: ${KEYCLOAK_DS_MAX_POOL_SIZE:-100} DS_POOL_PREFILL: "${KEYCLOAK_DS_POOL_PREFILL:-true}" DS_PS_CACHE_SIZE: ${KEYCLOAK_DS_PS_CACHE_SIZE:-100} ports: - "8080" - "9990" keycloak_lb_dc1: build: load-balancer/wildfly-modcluster image: keycloak_test_keycloak_lb:${KEYCLOAK_VERSION:-latest} cpus: 1 networks: - dc1_keycloak # - loadbalancing environment: PRIVATE_SUBNET: 10.1.1.0/24 # PUBLIC_SUBNET: 10.0.2.0/24 JAVA_OPTS: ${KEYCLOAK_LB_JVM_MEMORY:--Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true HTTP_MAX_CONNECTIONS: ${KEYCLOAK_LB_HTTP_MAX_CONNECTIONS:-500} WORKER_IO_THREADS: ${KEYCLOAK_LB_WORKER_IO_THREADS:-2} WORKER_TASK_MAX_THREADS: ${KEYCLOAK_LB_WORKER_TASK_MAX_THREADS:-16} ports: - "8081:8080" keycloak_lb_dc2: build: load-balancer/wildfly-modcluster image: keycloak_test_keycloak_lb:${KEYCLOAK_VERSION:-latest} cpus: 1 networks: - dc2_keycloak # - loadbalancing environment: PRIVATE_SUBNET: 10.2.1.0/24 # PUBLIC_SUBNET: 10.0.2.0/24 JAVA_OPTS: ${KEYCLOAK_LB_JVM_MEMORY:--Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true HTTP_MAX_CONNECTIONS: ${KEYCLOAK_LB_HTTP_MAX_CONNECTIONS:-500} WORKER_IO_THREADS: ${KEYCLOAK_LB_WORKER_IO_THREADS:-2} WORKER_TASK_MAX_THREADS: ${KEYCLOAK_LB_WORKER_TASK_MAX_THREADS:-16} ports: - "8082:8080"