Skip to content

fix: docker network #3971

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Flo4604 merged 4 commits into from
Sep 15, 2025
Merged

fix: docker network #3971

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2367963
try: something
Flo4604 Sep 15, 2025
c3aa21e
use correct network
Flo4604 Sep 15, 2025
95bbb6a
Merge branch 'main' into fix/dependencies
Flo4604 Sep 15, 2025
f9c880e
Merge branch 'main' into fix/dependencies
Flo4604 Sep 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 61 additions & 9 deletions deployment/docker-compose.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
name: unkey
services:
mysql:
networks:
- default
container_name: mysql
build:
context: ..
Expand All @@ -25,6 +27,8 @@ services:
interval: 10s

planetscale:
networks:
- default
container_name: planetscale
image: ghcr.io/mattrobenolt/ps-http-sim:v0.0.12
command:
Expand All @@ -42,6 +46,8 @@ services:
- 3900:3900

apiv2_lb:
networks:
- default
container_name: apiv2_lb
image: nginx:1.29.0
volumes:
Expand All @@ -53,6 +59,8 @@ services:
- 7070:7070

apiv2:
networks:
- default
deploy:
replicas: 3
endpoint_mode: vip
Expand All @@ -61,10 +69,12 @@ services:
context: ../go
dockerfile: ./Dockerfile
depends_on:
- mysql
- redis
- clickhouse
- otel
mysql:
condition: service_healthy
redis:
condition: service_healthy
clickhouse:
condition: service_healthy
environment:
UNKEY_HTTP_PORT: 7070
UNKEY_REDIS_URL: "redis://redis:6379"
Expand All @@ -79,6 +89,8 @@ services:
VAULT_MASTER_KEYS: "Ch9rZWtfMmdqMFBJdVhac1NSa0ZhNE5mOWlLSnBHenFPENTt7an5MRogENt9Si6wms4pQ2XIvqNSIgNpaBenJmXgcInhu6Nfv2U="

redis:
networks:
- default
container_name: redis
image: redis:8.0
ports:
Expand All @@ -91,6 +103,8 @@ services:
interval: 5s

agent:
networks:
- default
container_name: agent
command: ["/usr/local/bin/unkey", "agent", "--config", "config.docker.json"]
build:
Expand All @@ -113,6 +127,8 @@ services:
CLICKHOUSE_URL: "clickhouse://default:password@clickhouse:9000"

clickhouse:
networks:
- default
build:
context: ..
dockerfile: deployment/Dockerfile.clickhouse
Expand Down Expand Up @@ -145,6 +161,8 @@ services:
interval: 5s

s3:
networks:
- default
container_name: s3
image: bitnami/minio:2025.4.3
ports:
Expand All @@ -165,6 +183,8 @@ services:
interval: 5s

api:
networks:
- default
container_name: api
build:
context: ..
Expand Down Expand Up @@ -196,6 +216,8 @@ services:
- apiv2

gw:
networks:
- default
build:
context: ../go
dockerfile: Dockerfile
Expand All @@ -207,7 +229,18 @@ services:
- "80:80"
- "443:443"
depends_on:
- mysql
mysql:
condition: service_healthy
required: true
s3:
condition: service_healthy
required: true
redis:
condition: service_healthy
required: true
clickhouse:
condition: service_healthy
required: true
volumes:
- ./certs:/certs
environment:
Expand All @@ -232,6 +265,8 @@ services:
UNKEY_VAULT_MASTER_KEYS: "Ch9rZWtfMmdqMFBJdVhac1NSa0ZhNE5mOWlLSnBHenFPENTt7an5MRogENt9Si6wms4pQ2XIvqNSIgNpaBenJmXgcInhu6Nfv2U="

ctrl:
networks:
- default
build:
context: ../go
dockerfile: Dockerfile
Expand All @@ -242,8 +277,12 @@ services:
ports:
- "7091:7091"
depends_on:
- mysql
- s3
mysql:
condition: service_healthy
required: true
s3:
condition: service_healthy
required: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
Expand All @@ -265,6 +304,8 @@ services:
UNKEY_VAULT_MASTER_KEYS: "Ch9rZWtfMmdqMFBJdVhac1NSa0ZhNE5mOWlLSnBHenFPENTt7an5MRogENt9Si6wms4pQ2XIvqNSIgNpaBenJmXgcInhu6Nfv2U="

otel:
networks:
- default
image: grafana/otel-lgtm:0.11.7
container_name: otel
hostname: otel
Expand All @@ -274,6 +315,8 @@ services:
- 4318:4318

prometheus:
networks:
- default
image: prom/prometheus:v3.5.0
container_name: prometheus
ports:
Expand All @@ -284,15 +327,21 @@ services:
- apiv2

dashboard:
networks:
- default
build:
context: ..
dockerfile: ./apps/dashboard/Dockerfile
container_name: unkey-dashboard
ports:
- "3000:3000"
depends_on:
- planetscale
- agent
planetscale:
condition: service_started
required: true
agent:
condition: service_started
required: true
env_file:
- ../apps/dashboard/.env
environment:
Expand Down Expand Up @@ -355,3 +404,6 @@ volumes:
clickhouse-keeper:
s3:
metald-aio-data:

networks:
default:
12 changes: 11 additions & 1 deletion go/apps/ctrl/services/deployment/backends/docker.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (

"github.com/docker/docker/api/types/container"
"github.com/docker/docker/api/types/image"
"github.com/docker/docker/api/types/network"
"github.com/docker/docker/client"
"github.com/docker/docker/errdefs"
"github.com/docker/go-connections/nat"
Expand Down Expand Up @@ -266,6 +267,9 @@ func (d *DockerBackend) createContainer(ctx context.Context, name string, imageN
"unkey.vm.id": vmID,
"unkey.deployment.id": deploymentID,
"unkey.managed.by": "ctrl-fallback",
"com.docker.compose.project": "unkey_deployments",
"com.docker.compose.service": fmt.Sprintf("vm_%s", vmID),
"com.docker.compose.container-number": "1",
},
ExposedPorts: nat.PortSet{
"8080/tcp": struct{}{},
Expand All @@ -288,7 +292,13 @@ func (d *DockerBackend) createContainer(ctx context.Context, name string, imageN
},
}

resp, err := d.dockerClient.ContainerCreate(ctx, config, hostConfig, nil, nil, name)
networkingConfig := &network.NetworkingConfig{
EndpointsConfig: map[string]*network.EndpointSettings{
"unkey_default": {},
},
}

resp, err := d.dockerClient.ContainerCreate(ctx, config, hostConfig, networkingConfig, nil, name)
if err != nil {
return "", fmt.Errorf("failed to create container: %w", err)
}
Expand Down
28 changes: 17 additions & 11 deletions go/deploy/ctrl/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
version: '3.8'

services:
mysql:
container_name: ctrl-mysql
Expand Down Expand Up @@ -33,36 +31,44 @@ services:
extra_hosts:
- "host.docker.internal:host-gateway"
environment:
# Database configuration
# Database configuration
UNKEY_DATABASE_PRIMARY: ${UNKEY_DATABASE_PRIMARY}
UNKEY_DATABASE_HYDRA: "unkey:password@tcp(mysql:3306)/hydra?parseTime=true"

# Control plane configuration
UNKEY_HTTP_PORT: "8084"
UNKEY_METALD_ADDRESS: ${UNKEY_METALD_ADDRESS:-https://host.docker.internal:8080}

# Instance configuration
UNKEY_PLATFORM: "docker"
UNKEY_REGION: "docker"
UNKEY_OTEL: "true"
UNKEY_SPIFFE_SOCKET_PATH: "/var/lib/spire/agent/agent.sock"

volumes:
# Mount SPIFFE agent socket from host
- /var/lib/spire/agent/agent.sock:/var/lib/spire/agent/agent.sock

restart: unless-stopped

# Override the entrypoint to run ctrl command
command: ["run", "ctrl"]

# Health check
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8084/_/health"]
test:
[
"CMD",
"wget",
"--no-verbose",
"--tries=1",
"--spider",
"http://localhost:8084/_/health",
]
interval: 30s
timeout: 5s
retries: 3
start_period: 10s

volumes:
mysql:
mysql: