# ============================================================ # 生产环境 Docker Compose 覆盖配置 # 使用方式: docker compose -f docker-compose.yml -f deploy/production/docker-compose.override.yml up -d # ============================================================ services: # ==================== 基础设施 ==================== postgres: restart: always environment: POSTGRES_DB: ${POSTGRES_DB} POSTGRES_USER: ${POSTGRES_USER} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} ports: - "127.0.0.1:5432:5432" volumes: - pgdata:/var/lib/postgresql/data - /opt/water-management/config/postgres:/etc/postgresql:ro deploy: resources: limits: cpus: '2.0' memory: 2G reservations: cpus: '0.5' memory: 512M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true healthcheck: test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"] interval: 30s timeout: 10s retries: 5 start_period: 60s redis: restart: always command: > redis-server --requirepass ${REDIS_PASSWORD} --maxmemory 512mb --maxmemory-policy allkeys-lru --appendonly yes --appendfsync everysec ports: - "127.0.0.1:6379:6379" deploy: resources: limits: cpus: '0.5' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "20m" max-file: "3" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp - /run tdengine: restart: always ports: - "127.0.0.1:6030:6030" - "127.0.0.1:6041:6041" deploy: resources: limits: cpus: '1.0' memory: 2G reservations: cpus: '0.5' memory: 512M logging: driver: json-file options: max-size: "50m" max-file: "5" kafka: restart: always ports: - "127.0.0.1:9092:9092" deploy: resources: limits: cpus: '1.0' memory: 2G reservations: cpus: '0.5' memory: 512M logging: driver: json-file options: max-size: "50m" max-file: "5" emqx: restart: always ports: - "1883:1883" - "127.0.0.1:8083:8083" - "127.0.0.1:18083:18083" environment: EMQX_DASHBOARD__DEFAULT_USERNAME: ${EMQX_ADMIN_USER} EMQX_DASHBOARD__DEFAULT_PASSWORD: ${EMQX_ADMIN_PASSWORD} deploy: resources: limits: cpus: '1.0' memory: 1G reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "30m" max-file: "3" nacos: restart: always ports: - "127.0.0.1:8848:8848" - "127.0.0.1:9848:9848" deploy: resources: limits: cpus: '1.0' memory: 1G reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "30m" max-file: "3" minio: restart: always ports: - "127.0.0.1:9000:9000" - "127.0.0.1:9001:9001" environment: MINIO_ROOT_USER: ${MINIO_USER} MINIO_ROOT_PASSWORD: ${MINIO_PASSWORD} deploy: resources: limits: cpus: '1.0' memory: 1G reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "30m" max-file: "3" # ==================== 应用服务 ==================== gateway: restart: always image: ${REGISTRY:-}water/wm-gateway:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8080:8080" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_CLOUD_NACOS_CONFIG_SERVER_ADDR: nacos:8848 SPRING_DATA_REDIS_HOST: redis SPRING_DATA_REDIS_PASSWORD: ${REDIS_PASSWORD} JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp base: restart: always image: ${REGISTRY:-}water/wm-base:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8091:8081" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} SPRING_DATA_REDIS_HOST: redis SPRING_DATA_REDIS_PASSWORD: ${REDIS_PASSWORD} JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp iot: restart: always image: ${REGISTRY:-}water/wm-iot:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8092:8082" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} MQTT_BROKER_URL: tcp://emqx:1883 JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp data-engine: restart: always image: ${REGISTRY:-}water/wm-data-engine:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8093:8083" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.5' memory: 1536M reservations: cpus: '0.5' memory: 512M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp bpm: restart: always image: ${REGISTRY:-}water/wm-bpm:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8094:8084" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp production: restart: always image: ${REGISTRY:-}water/wm-production:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8095:8085" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp revenue: restart: always image: ${REGISTRY:-}water/wm-revenue:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8096:8086" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp patrol: restart: always image: ${REGISTRY:-}water/wm-patrol:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8097:8087" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '1.0' memory: 768M reservations: cpus: '0.25' memory: 256M logging: driver: json-file options: max-size: "50m" max-file: "5" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp notify: restart: always image: ${REGISTRY:-}water/wm-notify:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8099:8089" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms128m -Xmx256m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '0.5' memory: 384M reservations: cpus: '0.1' memory: 128M logging: driver: json-file options: max-size: "30m" max-file: "3" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp job: restart: always image: ${REGISTRY:-}water/wm-job:${IMAGE_TAG:-latest} build: !reset null ports: - "127.0.0.1:8100:8090" environment: SPRING_PROFILES_ACTIVE: prod SPRING_CLOUD_NACOS_DISCOVERY_SERVER_ADDR: nacos:8848 SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB} SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} JAVA_OPTS: "-Xms128m -Xmx256m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" deploy: resources: limits: cpus: '0.5' memory: 384M reservations: cpus: '0.1' memory: 128M logging: driver: json-file options: max-size: "30m" max-file: "3" security_opt: - no-new-privileges:true read_only: true tmpfs: - /tmp # ==================== 前端 ==================== frontend: restart: always image: ${REGISTRY:-}water/frontend:${IMAGE_TAG:-latest} build: !reset null ports: - "80:80" - "443:443" volumes: - ./deploy/production/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - /etc/letsencrypt:/etc/letsencrypt:ro - /var/www/certbot:/var/www/certbot:ro deploy: resources: limits: cpus: '0.5' memory: 256M reservations: cpus: '0.1' memory: 64M logging: driver: json-file options: max-size: "20m" max-file: "3" security_opt: - no-new-privileges:true