mirror of
https://github.com/sailor-sh/CK-X.git
synced 2026-02-14 09:29:53 +00:00
7e1b32a3d9
- Fixed port exposure definition for k8s-api-server in docker-compose.yaml - Automatically converted single quotes for numbers to double qoutes for consistency
243 lines
5.6 KiB
YAML
243 lines
5.6 KiB
YAML
services:
|
|
# VNC Server (Ubuntu)
|
|
remote-desktop:
|
|
image: nishanb/ck-x-simulator-remote-desktop:latest
|
|
build:
|
|
context: ./remote-desktop
|
|
hostname: terminal
|
|
expose:
|
|
- "5901" # VNC port (internal only)
|
|
- "6901" # Web VNC port (internal only)
|
|
environment:
|
|
- VNC_PW=bakku-the-wizard
|
|
- VNC_PASSWORD=bakku-the-wizard
|
|
- VNC_VIEW_ONLY=false
|
|
- VNC_RESOLUTION=1280x800
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:6901/"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "1"
|
|
memory: 1G
|
|
reservations:
|
|
cpus: "0.5"
|
|
memory: 512M
|
|
networks:
|
|
- ckx-network
|
|
|
|
# Web Application (not directly exposed to users)
|
|
webapp:
|
|
image: nishanb/ck-x-simulator-webapp:latest
|
|
build:
|
|
context: ./app
|
|
expose:
|
|
- "3000" # Only exposed to internal network
|
|
environment:
|
|
- VNC_SERVICE_HOST=remote-desktop
|
|
- VNC_SERVICE_PORT=6901
|
|
- VNC_PASSWORD=bakku-the-wizard
|
|
- SSH_HOST=remote-terminal
|
|
- SSH_PORT=22
|
|
- SSH_USER=candidate
|
|
- SSH_PASSWORD=password
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "0.5"
|
|
memory: 512M
|
|
reservations:
|
|
cpus: "0.2"
|
|
memory: 256M
|
|
healthcheck:
|
|
test: ["CMD", "wget", "-q", "-O", "-", "http://localhost:3000/"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
networks:
|
|
- ckx-network
|
|
|
|
# Nginx Reverse Proxy - ONLY SERVICE EXPOSED TO USERS
|
|
nginx:
|
|
image: nishanb/ck-x-simulator-nginx:latest
|
|
build:
|
|
context: ./nginx
|
|
depends_on:
|
|
- webapp
|
|
- remote-desktop
|
|
- remote-terminal
|
|
- facilitator
|
|
- k8s-api-server
|
|
ports:
|
|
- "30080:80" # Expose Nginx on port 30080
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "0.2"
|
|
memory: 256M
|
|
reservations:
|
|
cpus: "0.1"
|
|
memory: 128M
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost/"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
networks:
|
|
- ckx-network
|
|
|
|
# Jump Host (ckad9999 and ckad9988)
|
|
jumphost:
|
|
image: nishanb/ck-x-simulator-jumphost:latest
|
|
build:
|
|
context: ./jumphost
|
|
hostname: ckad9999
|
|
privileged: true
|
|
# No external port mappings - only accessible internally
|
|
expose:
|
|
- "22" # SSH port (internal only)
|
|
volumes:
|
|
- kube-config:/home/candidate/.kube # Shared volume for Kubernetes config
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "1"
|
|
reservations:
|
|
cpus: "0.5"
|
|
memory: 512M
|
|
networks:
|
|
- ckx-network
|
|
healthcheck:
|
|
test: ["CMD", "nc", "-z", "localhost", "22"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
|
|
# Remote Terminal Service
|
|
remote-terminal:
|
|
image: nishanb/ck-x-simulator-remote-terminal:latest
|
|
build:
|
|
context: ./remote-terminal
|
|
hostname: remote-terminal
|
|
expose:
|
|
- "22" # SSH port (internal only)
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "0.5"
|
|
memory: 512M
|
|
reservations:
|
|
cpus: "0.2"
|
|
memory: 256M
|
|
networks:
|
|
- ckx-network
|
|
healthcheck:
|
|
test: ["CMD", "nc", "-z", "localhost", "22"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
|
|
# KIND Kubernetes Cluster
|
|
k8s-api-server: # Service name that will be used for DNS resolution
|
|
image: nishanb/ck-x-simulator-cluster:latest
|
|
build:
|
|
context: ./kind-cluster
|
|
container_name: kind-cluster
|
|
hostname: k8s-api-server
|
|
privileged: true # Required for running containers inside KIND
|
|
expose:
|
|
- "6443"
|
|
- "22"
|
|
volumes:
|
|
- kube-config:/home/candidate/.kube # Shared volume for Kubernetes config
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "2"
|
|
memory: 4G
|
|
reservations:
|
|
cpus: "1"
|
|
memory: 2G
|
|
networks:
|
|
- ckx-network
|
|
healthcheck:
|
|
test: ["CMD", "ls", "/ready"]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 20
|
|
start_period: 60s
|
|
|
|
# Redis Database for Facilitator
|
|
redis:
|
|
image: redis:alpine
|
|
hostname: redis
|
|
command: ["redis-server", "--appendonly", "yes"]
|
|
expose:
|
|
- "6379"
|
|
restart: unless-stopped
|
|
networks:
|
|
- ckx-network
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "0.3"
|
|
memory: 256M
|
|
reservations:
|
|
cpus: "0.1"
|
|
memory: 128M
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
|
|
# Facilitator Service
|
|
facilitator:
|
|
image: nishanb/ck-x-simulator-facilitator:latest
|
|
build:
|
|
context: ./facilitator
|
|
dockerfile: Dockerfile
|
|
hostname: facilitator
|
|
expose:
|
|
- "3000"
|
|
environment:
|
|
- PORT=3000
|
|
- NODE_ENV=prod
|
|
- SSH_HOST=jumphost
|
|
- SSH_PORT=22
|
|
- SSH_USERNAME=candidate
|
|
- LOG_LEVEL=info
|
|
- REDIS_HOST=redis
|
|
- REDIS_PORT=6379
|
|
- TRACK_METRICS=true # based on the environment variable TRACK_METRICS, the facilitator will send metrics to the metric server
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- jumphost
|
|
- redis
|
|
networks:
|
|
- ckx-network
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "0.5"
|
|
memory: 512M
|
|
reservations:
|
|
cpus: "0.2"
|
|
memory: 256M
|
|
healthcheck:
|
|
test: ["CMD", "wget", "-q", "-O", "-", "http://localhost:3000"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 3
|
|
|
|
networks:
|
|
ckx-network:
|
|
name: ckx-network
|
|
driver: bridge
|
|
|
|
volumes:
|
|
kube-config: # Shared volume for Kubernetes configuration
|