Openfire
/
openfire-docker-compose
mirror of https://github.com/surevine/openfire-docker-compose.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add dualstack support 

This adds support for IPv6, by giving all `start.sh` scripts an `-6` argument, that causes a dualstack configuration to be loaded.

Each individual docker-compose file has been split out. Now, each file no longer defines any networking. Instead, one of two networking fragments is expected to be merged in.

When starting Openfire, a Hazelcast configuration option is passed through to the Openfire process to denote preference for IPv4 or IPv6. This passing through depends on the change in Openfire, that is introduced by 2634d4a83a

Minor other changes have been applied, that mostly make the start scripts more consistent amongst each-other.

fixes #61
pull/68/head
Guus der Kinderen 2024-10-16 13:46:19 +02:00 committed by Matthew Vivian
parent 7d30e5e1f6
commit 3b4862328b
34 changed files with 943 additions and 277 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
cluster/README.md
View File

@ -62,6 +62,50 @@ The following MUC rooms are configured:
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24` for the clustered configuration.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------------------------------+
| [fd23:d79:d076::99] |
| 172.60.0.99 |
| +----------------+ |
| | |+--------------+ |
(XMPP-C2S) 55222 -|-------| Load Balancer |+-------+ | |
(BOSH) 57070 -| | | | | |
(BOSHS) 57443 -| +----------------+ | | |
| | | [fd23:d79:d076::30]
| | | 172.60.0.30 |
| | | +--------+ |
| | +=============+ | |- 5223 (XMPP-C2S)
| | | | | XMPP 3 |----|- 5263 (XMPP-S2S)
| | | | | | |- 9093 (HTTP-Admin)
| | | | +------+-+ |- 7073 (BOSH)
| | | | | |
| [fd23:d79:d076::10] | [fd23:d79:d076::20]| |
| 172.60.0.10 | 172.60.0.20 | |
| +--------+ | +--------+ | |
(XMPP-C2S) 5221 -| | +======+ | |=====+ |- 5222 (XMPP-C2S)
(XMPP-S2S) 5261 -|------| XMPP 1 +============+ XMPP 2 | |- 5262 (XMPP-S2S)
(HTTP-Admin) 9091 -| | | | |------------|- 9092 (HTTP-Admin)
(BOSH) 7071 -| +----+---+ +----+---+ |- 7072 (BOSH)
| | | |
| | | |
| +---+--+ | |
| | | | |
(Database) 5432 -|-------| DB +------------------+ |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+----------------172.60.0.0/24---------------------+
fd23:0d79:d076::/64
```
### Removing a node from the network
To remove a node from the network run the following command:

52
cluster/docker-compose-clustered.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb:
image: nginx:stable
@ -24,10 +21,7 @@ services:
- "57443:57443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1:
image: "openfire:${OPENFIRE_TAG}"
ports:
@ -42,17 +36,7 @@ services:
- ./_data/xmpp/1/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
xmpp2:
image: "openfire:${OPENFIRE_TAG}"
@ -68,17 +52,7 @@ services:
- ./_data/xmpp/2/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
xmpp3:
image: "openfire:${OPENFIRE_TAG}"
@ -94,17 +68,7 @@ services:
- ./_data/xmpp/3/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
dozzle:
image: amir20/dozzle:latest
@ -112,11 +76,3 @@ services:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 9999:8080
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

63
cluster/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,63 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
ipv6_address: fd23:d79:d076::99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
ipv6_address: fd23:d79:d076::20
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
ipv6_address: fd23:d79:d076::30
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
networks:
openfire-clustered-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

56
cluster/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,56 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

25
cluster/nginx/nginx.conf
View File

@ -5,11 +5,14 @@ stream {
server 172.60.0.10:5222;
server 172.60.0.20:5222;
server 172.60.0.30:5222;
fd23:d79:d076::10:5222;
fd23:d79:d076::20:5222;
fd23:d79:d076::30:5222;
}
server {
listen 55222;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass xmpp;
}
@ -18,11 +21,14 @@ stream {
server 172.60.0.10:7070;
server 172.60.0.20:7070;
server 172.60.0.30:7070;
fd23:d79:d076::10:7070;
fd23:d79:d076::20:7070;
fd23:d79:d076::30:7070;
}
server {
listen 57070;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass bosh;
}
@ -31,11 +37,14 @@ stream {
server 172.60.0.10:7443;
server 172.60.0.20:7443;
server 172.60.0.30:7443;
fd23:d79:d076::10:7443;
fd23:d79:d076::20:7443;
fd23:d79:d076::30:7443;
}
server {
listen 57443;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 30s;
proxy_pass boshs;
}
@ -44,11 +53,14 @@ stream {
server 172.60.0.10:5269;
server 172.60.0.20:5269;
server 172.60.0.30:5269;
fd23:d79:d076::10:5269;
fd23:d79:d076::20:5269;
fd23:d79:d076::30:5269;
}
server {
listen 5269;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 1m;
proxy_pass s2s;
}
@ -57,11 +69,14 @@ stream {
server 172.60.0.10:5270;
server 172.60.0.20:5270;
server 172.60.0.30:5270;
fd23:d79:d076::10:5270;
fd23:d79:d076::20:5270;
fd23:d79:d076::30:5270;
}
server {
listen 5270;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 1m;
proxy_pass s2slegacy;
}

22
cluster/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h]
usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information
"; exit 0; }
@ -10,6 +11,9 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
PREFER_IPV4="true"
# Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
@ -17,7 +21,7 @@ source "$SCRIPTPATH/../_common/functions.sh"
check_deps
while getopts n:h o; do
while getopts n:6h o; do
case "$o" in
n)
if [[ $OPTARG =~ " " ]]; then
@ -27,7 +31,12 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG"
;;
h)
6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
PREFER_IPV4="false"
;;
h)
usage
;;
*)
@ -36,8 +45,11 @@ while getopts n:h o; do
esac
done
export PREFER_IPV4
echo "Starting a clustered environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH"
@ -45,8 +57,8 @@ pushd "$SCRIPTPATH"
"${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures
# Clean up temporary persistence data
if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1
if ! rm -rf _data; then
echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi
mkdir _data
cp -r xmpp _data/

22
cluster/xmpp/1/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports>
<ports>0</ports>
</outbound-ports>
<!-- The following enables multicast discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast
-->
<!-- The following enables multicast discovery of cluster members -->
<!--
<join>
<multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port>
</multicast>
<tcp-ip enabled="false"/>
</join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
-->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!--
<join>
<multicast enabled="false"/>
<tcp-ip enabled="true">
<member>10.10.1.1:5701</member>
<member>10.10.1.2:5701</member>
<member>fd23:d79:d076:0:0:0:0:10</member>
<member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip>
</join>
-->
<interfaces enabled="false">
<interface>10.10.1.*</interface>
<interfaces enabled="true">
<interface>172.60.0.10</interface>
<interface>fd23:d79:d076:0:0:0:0:10</interface>
</interfaces>
<ssl enabled="false"/>
<socket-interceptor enabled="false"/>

22
cluster/xmpp/2/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports>
<ports>0</ports>
</outbound-ports>
<!-- The following enables multicast discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast
-->
<!-- The following enables multicast discovery of cluster members -->
<!--
<join>
<multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port>
</multicast>
<tcp-ip enabled="false"/>
</join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
-->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!--
<join>
<multicast enabled="false"/>
<tcp-ip enabled="true">
<member>10.10.1.1:5701</member>
<member>10.10.1.2:5701</member>
<member>fd23:d79:d076:0:0:0:0:10</member>
<member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip>
</join>
-->
<interfaces enabled="false">
<interface>10.10.1.*</interface>
<interfaces enabled="true">
<interface>fd23:d79:d076:0:0:0:0:20</interface>
<interface>172.60.0.20</interface>
</interfaces>
<ssl enabled="false"/>
<socket-interceptor enabled="false"/>

22
cluster/xmpp/3/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports>
<ports>0</ports>
</outbound-ports>
<!-- The following enables multicast discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast
-->
<!-- The following enables multicast discovery of cluster members -->
<!--
<join>
<multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port>
</multicast>
<tcp-ip enabled="false"/>
</join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
-->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!--
<join>
<multicast enabled="false"/>
<tcp-ip enabled="true">
<member>10.10.1.1:5701</member>
<member>10.10.1.2:5701</member>
<member>fd23:d79:d076:0:0:0:0:10</member>
<member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip>
</join>
-->
<interfaces enabled="false">
<interface>10.10.1.*</interface>
<interfaces enabled="true">
<interface>fd23:d79:d076:0:0:0:0:30</interface>
<interface>172.60.0.30</interface>
</interfaces>
<ssl enabled="false"/>
<socket-interceptor enabled="false"/>

70
cluster_with_federation/README.md
View File

@ -106,6 +106,76 @@ Note that users and MUC rooms on the additional Openfire domain have a similar n
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24` for the clustered configuration.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------------------------------+
| [fd23:d79:d076::99] |
| 172.60.0.99 |
| +----------------+ |
| | |+--------------+ |
(XMPP-C2S) 55222 -|-------| Load Balancer |+-------+ | |
(BOSH) 57070 -| | | | | |
(BOSHS) 57443 -| +----------------+ | | |
| | | [fd23:d79:d076::30]
| | | 172.60.0.30 |
| | | +--------+ |
| | +=============+ | |- 5223 (XMPP-C2S)
| | | | | XMPP 3 |----|- 5263 (XMPP-S2S)
| | | | | | |- 9093 (HTTP-Admin)
| | | | +------+-+ |- 7073 (BOSH)
| | | | | |
| [fd23:d79:d076::10] | [fd23:d79:d076::20]| |
| 172.60.0.10 | 172.60.0.20 | |
| +--------+ | +--------+ | |
(XMPP-C2S) 5221 -| | +======+ | |=====+ |- 5222 (XMPP-C2S)
(XMPP-S2S) 5261 -|------| XMPP 1 +============+ XMPP 2 | |- 5262 (XMPP-S2S)
(HTTP-Admin) 9091 -| | | | |------------|- 9092 (HTTP-Admin)
(BOSH) 7071 -| +----+---+ +----+---+ |- 7072 (BOSH)
| | | |
| | | |
| +---+--+ | |
| | | | |
(Database) 5432 -|-------| DB +------------------+ |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+----------------172.60.0.0/24---------------------+
fd23:0d79:d076::/64
```
The federated domain, with IPv6 enabled, looks like this:
```
+------------------------+
| [fd23:d79:d076::110] |
| 172.60.0.110 |
| +------------+ |
(XMPP-C2S) 5229 -| | | |
(XMPP-S2S) 5269 -|------| OTHER XMPP | |
(HTTP-Admin) 9099 -| | | |
(BOSH) 7079/7449 -| +------+-----+ |
| | |
| | |
| +-----+----+ |
| | | |
(Database) 5433 -|-------| OTHER DB | |
| | | |
| +----------+ |
| 172.60.0.111 |
| [fd23:d79:d076::111] |
| |
+------172.60.0.0/24-----+
fd23:0d79:d076::/64
```
### Removing a node from the network
To remove a node from the network run the following command:

73
cluster_with_federation/docker-compose-clustered.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql/clustered:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb:
image: nginx:stable
@ -24,10 +21,7 @@ services:
- "57443:57443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1:
image: "openfire:${OPENFIRE_TAG}"
ports:
@ -42,19 +36,7 @@ services:
- ./_data/xmpp/1/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
xmpp2:
image: "openfire:${OPENFIRE_TAG}"
@ -70,19 +52,7 @@ services:
- ./_data/xmpp/2/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
xmpp3:
image: "openfire:${OPENFIRE_TAG}"
@ -98,19 +68,7 @@ services:
- ./_data/xmpp/3/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
otherdb:
image: library/postgres:9.6.24-alpine
@ -122,10 +80,7 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql/otherdomain:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
otherxmpp:
image: "openfire:${OPENFIRE_TAG}"
ports:
@ -141,26 +96,10 @@ services:
- ./_data/plugins_for_otherdomain:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "otherdb:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
extra_hosts:
- "xmpp.localhost.example:172.60.0.99"
- "conference.xmpp.localhost.example:172.60.0.99"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
dozzle:
image: amir20/dozzle:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 9999:8080
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

85
cluster_with_federation/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,85 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
ipv6_address: fd23:d79:d076::99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
ipv6_address: fd23:d79:d076::20
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
ipv6_address: fd23:d79:d076::30
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
otherdb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
ipv6_address: fd23:d79:d076::111
otherxmpp:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
ipv6_address: fd23:d79:d076::110
extra_hosts:
- "xmpp.localhost.example=fd23:d79:d076::99"
- "conference.xmpp.localhost.example=fd23:d79:d076::99"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
networks:
openfire-clustered-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

76
cluster_with_federation/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,76 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
otherdb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
otherxmpp:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
extra_hosts:
- "xmpp.localhost.example=172.60.0.99"
- "conference.xmpp.localhost.example=172.60.0.99"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

15
cluster_with_federation/nginx/nginx.conf
View File

@ -5,6 +5,9 @@ stream {
server 172.60.0.10:5222;
server 172.60.0.20:5222;
server 172.60.0.30:5222;
fd23:d79:d076::10:5222;
fd23:d79:d076::20:5222;
fd23:d79:d076::30:5222;
}
server {
listen 55222;
@ -18,6 +21,9 @@ stream {
server 172.60.0.10:7070;
server 172.60.0.20:7070;
server 172.60.0.30:7070;
fd23:d79:d076::10:7070;
fd23:d79:d076::20:7070;
fd23:d79:d076::30:7070;
}
server {
listen 57070;
@ -31,6 +37,9 @@ stream {
server 172.60.0.10:7443;
server 172.60.0.20:7443;
server 172.60.0.30:7443;
fd23:d79:d076::10:7443;
fd23:d79:d076::20:7443;
fd23:d79:d076::30:7443;
}
server {
listen 57443;
@ -44,6 +53,9 @@ stream {
server 172.60.0.10:5269;
server 172.60.0.20:5269;
server 172.60.0.30:5269;
fd23:d79:d076::10:5269;
fd23:d79:d076::20:5269;
fd23:d79:d076::30:5269;
}
server {
listen 5269;
@ -57,6 +69,9 @@ stream {
server 172.60.0.10:5270;
server 172.60.0.20:5270;
server 172.60.0.30:5270;
fd23:d79:d076::10:5270;
fd23:d79:d076::20:5270;
fd23:d79:d076::30:5270;
}
server {
listen 5270;

26
cluster_with_federation/start.sh
View File

@ -1,21 +1,27 @@
#!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h]
usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information
"; exit 0; }
PROJECT="openfire"
COMPOSE_FILE_COMMAND=("docker-compose")
COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
PREFER_IPV4="true"
# Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
source "$SCRIPTPATH/../_common/functions.sh"
while getopts n:h o; do
check_deps
while getopts n:6h o; do
case "$o" in
n)
if [[ $OPTARG =~ " " ]]; then
@ -25,7 +31,12 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG"
;;
h)
6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
PREFER_IPV4="false"
;;
h)
usage
;;
*)
@ -34,8 +45,11 @@ while getopts n:h o; do
esac
done
export PREFER_IPV4
echo "Starting a clustered environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH"
@ -43,8 +57,8 @@ pushd "$SCRIPTPATH"
"${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures
# Clean up temporary persistence data
if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1
if ! rm -rf _data; then
echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi
mkdir _data
cp -r xmpp _data/

22
cluster_with_federation/xmpp/1/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports>
<ports>0</ports>
</outbound-ports>
<!-- The following enables multicast discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast
-->
<!-- The following enables multicast discovery of cluster members -->
<!--
<join>
<multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port>
</multicast>
<tcp-ip enabled="false"/>
</join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
-->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!--
<join>
<multicast enabled="false"/>
<tcp-ip enabled="true">
<member>10.10.1.1:5701</member>
<member>10.10.1.2:5701</member>
<member>fd23:d79:d076:0:0:0:0:10</member>
<member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip>
</join>
-->
<interfaces enabled="false">
<interface>10.10.1.*</interface>
<interfaces enabled="true">
<interface>172.60.0.10</interface>
<interface>fd23:d79:d076:0:0:0:0:10</interface>
</interfaces>
<ssl enabled="false"/>
<socket-interceptor enabled="false"/>

22
cluster_with_federation/xmpp/2/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports>
<ports>0</ports>
</outbound-ports>
<!-- The following enables multicast discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast
-->
<!-- The following enables multicast discovery of cluster members -->
<!--
<join>
<multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port>
</multicast>
<tcp-ip enabled="false"/>
</join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
-->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!--
<join>
<multicast enabled="false"/>
<tcp-ip enabled="true">
<member>10.10.1.1:5701</member>
<member>10.10.1.2:5701</member>
<member>fd23:d79:d076:0:0:0:0:10</member>
<member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip>
</join>
-->
<interfaces enabled="false">
<interface>10.10.1.*</interface>
<interfaces enabled="true">
<interface>fd23:d79:d076:0:0:0:0:20</interface>
<interface>172.60.0.20</interface>
</interfaces>
<ssl enabled="false"/>
<socket-interceptor enabled="false"/>

22
cluster_with_federation/xmpp/3/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports>
<ports>0</ports>
</outbound-ports>
<!-- The following enables multicast discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast
-->
<!-- The following enables multicast discovery of cluster members -->
<!--
<join>
<multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port>
</multicast>
<tcp-ip enabled="false"/>
</join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
-->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!--
<join>
<multicast enabled="false"/>
<tcp-ip enabled="true">
<member>10.10.1.1:5701</member>
<member>10.10.1.2:5701</member>
<member>fd23:d79:d076:0:0:0:0:10</member>
<member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip>
</join>
-->
<interfaces enabled="false">
<interface>10.10.1.*</interface>
<interfaces enabled="true">
<interface>fd23:d79:d076:0:0:0:0:30</interface>
<interface>172.60.0.30</interface>
</interfaces>
<ssl enabled="false"/>
<socket-interceptor enabled="false"/>

81
federation/README.md
View File

@ -52,6 +52,35 @@ XMPP 2 hosts the following MUC rooms:
The Docker compose file defines a custom bridge network with a single subnet of `172.50.0.0/24`
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+---------------------------------------------+
| [fd23:d79:d076::10] [fd23:d79:d076::20] |
| 172.50.0.10 172.50.0.20 |
| +--------+ +--------+ |
(XMPP-C2S) 5221 -| | | | | |- 5222 (XMPP-C2S)
(XMPP-S2S) 5261 -|------| XMPP 1 +============+ XMPP 2 |-------|- 5262 (XMPP-S2S)
(HTTP-Admin) 9091 -| | | | | |- 9092 (HTTP-Admin)
(BOSH) 7071/7441 -| +----+---+ +----+---+ |- 7072/7442 (BOSH)
| | | |
| | | |
| +---+--+ +--+---+ |
| | | | | |
(Database) 5431 -|-------| DB 1 | | DB 2 |-------|- 5432 (Database)
| | | | | |
| +------+ +------+ |
| 172.50.0.11 172.50.0.21 |
| [fd23:d79:d076::11] [fd23:d79:d076::21] |
| |
+----------------172.50.0.0/24----------------+
fd23:0d79:d076::/64
```
### Removing a node from the network
To remove a node from the network run the following command:
@ -93,15 +122,15 @@ The convention I have followed is to increment the IP addresses by 10 and the po
For `xmpp1`
* Openfire IP: `172.50.0.10`
* DB IP: `172.50.0.11`
* Openfire IP: `172.50.0.10` / `fd23:d79:d076::10`
* DB IP: `172.50.0.11` / `fd23:d79:d076::11`
* XMPP port: `5221`
* Admin port: `9091`
For `xmpp2`
* Openfire IP: `172.50.0.20`
* DB IP: `172.50.0.21`
* Openfire IP: `172.50.0.20` / `fd23:d79:d076::20`
* DB IP: `172.50.0.21` / `fd23:d79:d076::21`
* XMPP port: `5222`
* Admin port: `9092`
@ -117,6 +146,7 @@ db3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.31
ipv6_address: fd23:d79:d076::31
xmpp3:
image: openfire:latest
@ -128,14 +158,17 @@ xmpp3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.30
ipv6_address: fd23:d79:d076::30
networks:
openfire-federated-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.50.0.0/24
- subnet: fd23:0d79:d076::/64
```
Run this with the `start.sh`. Once running navigate to `http://localhost:9093` and manually configure the Openfire server.
@ -192,3 +225,43 @@ xmpp3:
...
```
Add the IPv4-only network definition in `docker-compose-federated-ipv4-only.yml`:
```
...
db3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.31
xmpp3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.30
...
```
Add the dual-stack network definition in `docker-compose-federated-dualstack.yml` (note that this also includes IPv4 config):
```
...
db3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.31
ipv6_address: fd23:d79:d076::31
xmpp3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.30
ipv6_address: fd23:d79:d076::30
...
```
Lastly, add the new host in all `extra_hosts` configuration blocks.

33
federation/docker-compose-federated.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql/1:/docker-entrypoint-initdb.d
networks:
openfire-federated-net:
ipv4_address: 172.50.0.11
db2:
image: library/postgres:9.6.24-alpine
@ -26,9 +23,6 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql/2:/docker-entrypoint-initdb.d
networks:
openfire-federated-net:
ipv4_address: 172.50.0.21
xmpp1:
image: "openfire:${OPENFIRE_TAG}"
@ -45,14 +39,6 @@ services:
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db1:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-federated-net:
ipv4_address: 172.50.0.10
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
xmpp2:
image: "openfire:${OPENFIRE_TAG}"
@ -69,27 +55,10 @@ services:
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db2:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-federated-net:
ipv4_address: 172.50.0.20
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
dozzle:
image: amir20/dozzle:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 9999:8080
networks:
openfire-federated-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.50.0.0/24

45
federation/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,45 @@
services:
db1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.11
ipv6_address: fd23:d79:d076::11
db2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.21
ipv6_address: fd23:d79:d076::21
xmpp1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
xmpp2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.20
ipv6_address: fd23:d79:d076::20
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
networks:
openfire-federated-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.50.0.0/24
- subnet: fd23:0d79:d076::/64

40
federation/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,40 @@
services:
db1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.11
db2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.21
xmpp1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.10
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
xmpp2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.20
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
networks:
openfire-federated-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.50.0.0/24

20
federation/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h]
usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information
"; exit 0; }
@ -10,12 +11,16 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
# Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
source "$SCRIPTPATH/../_common/functions.sh"
while getopts n:h o; do
check_deps
while getopts n:6h o; do
case "$o" in
n)
if [[ $OPTARG =~ " " ]]; then
@ -25,7 +30,11 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG"
;;
h)
6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
;;
h)
usage
;;
*)
@ -36,6 +45,7 @@ done
echo "Starting a federated environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-federated.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH"
@ -43,8 +53,8 @@ pushd "$SCRIPTPATH"
"${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures
# Clean up temporary persistence data
if ! rm -rf _data; then
echo "ERROR: Failed to delete the data directory. Try with sudo, then re-run." && popd && exit 1
if ! rm -rf _data; then
echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi
mkdir _data
cp -r xmpp _data/

39
proxy/README.md
View File

@ -54,3 +54,42 @@ The following MUC rooms are configured:
## Network
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24`.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------+
| |
| [fd23:d79:d076::99] |
| 172.60.0.99 |
| +--------+ |
(XMPP-C2S) 55222 -| | | |
(XMPP-S2S) 55269 -|------| Nginx + |
(HTTP-Admin) 59090 -| | | |
(BOSH) 57070 -| +----+---+ |
| | |
| | |
| [fd23:d79:d076::10] |
| 172.60.0.10 |
| +--------+ |
(XMPP-C2S) 5222 -| | | |
(XMPP-S2S) 5269 -|------| XMPP 1 + |
(HTTP-Admin) 9090 -| | | |
(BOSH) 7070 -| +----+---+ |
| | |
| | |
| +---+--+ |
| | | |
(Database) 5432 -|-------| DB + |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+-----172.60.0.0/24--------+
fd23:0d79:d076::/64
```

32
proxy/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,32 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
proxy:
networks:
openfire-net:
ipv4_address: 172.60.0.99
ipv6_address: fd23:d79:d076::99
xmpp:
networks:
openfire-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
networks:
openfire-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

27
proxy/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,27 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
proxy:
networks:
openfire-net:
ipv4_address: 172.60.0.99
xmpp:
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

20
proxy/docker-compose.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql:/docker-entrypoint-initdb.d
networks:
openfire-net:
ipv4_address: 172.60.0.11
proxy:
image: nginx:stable
@ -27,9 +24,6 @@ services:
- "59090:59090"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
networks:
openfire-net:
ipv4_address: 172.60.0.99
xmpp:
image: "openfire:${OPENFIRE_TAG}"
@ -46,12 +40,6 @@ services:
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
dozzle:
image: amir20/dozzle:latest
@ -59,11 +47,3 @@ services:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 9999:8080
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

15
proxy/nginx/nginx.conf
View File

@ -3,55 +3,60 @@
stream {
upstream xmpp {
server 172.60.0.10:5222;
fd23:d79:d076::10:5222;
}
server {
listen 55222;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass xmpp;
}
upstream bosh {
server 172.60.0.10:7070;
fd23:d79:d076::10:7070;
}
server {
listen 57070;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass bosh;
}
upstream boshs {
server 172.60.0.10:7443;
fd23:d79:d076::10:7443;
}
server {
listen 57443;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 30s;
proxy_pass boshs;
}
upstream s2s {
server 172.60.0.10:5269;
fd23:d79:d076::10:5269;
}
server {
listen 55269;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 1m;
proxy_pass s2s;
}
upstream s2slegacy {
server 172.60.0.10:5270;
fd23:d79:d076::10:5270;
}
server {
listen 55270;
tcp_nodelay on;
proxy_connect_timeout 10s;
proxy_connect_timeout 10s;
proxy_timeout 1m;
proxy_pass s2slegacy;
}

16
proxy/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h]
usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information
"; exit 0; }
@ -10,6 +11,8 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
# Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
@ -17,7 +20,7 @@ source "$SCRIPTPATH/../_common/functions.sh"
check_deps
while getopts n:h o; do
while getopts n:6h o; do
case "$o" in
n)
if [[ $OPTARG =~ " " ]]; then
@ -27,7 +30,11 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG"
;;
h)
6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
;;
h)
usage
;;
*)
@ -38,6 +45,7 @@ done
echo "Starting a simple environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH"
@ -46,7 +54,7 @@ pushd "$SCRIPTPATH"
# Clean up temporary persistence data
if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1
echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi
mkdir _data
cp -r xmpp _data/

30
simple/README.md
View File

@ -46,3 +46,33 @@ The following MUC rooms are configured:
## Network
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24`.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------+
| |
| [fd23:d79:d076::10] |
| 172.60.0.10 |
| +--------+ |
(XMPP-C2S) 5222 -| | | |
(XMPP-S2S) 5269 -|------| XMPP 1 + |
(HTTP-Admin) 9090 -| | | |
(BOSH) 7070 -| +----+---+ |
| | |
| | |
| +---+--+ |
| | | |
(Database) 5432 -|-------| DB + |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+-----172.60.0.0/24--------+
fd23:0d79:d076::/64
```

26
simple/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,26 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
xmpp1:
networks:
openfire-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp.localhost.example=fd23:d79:d076::10"
networks:
openfire-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

22
simple/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,22 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
xmpp1:
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp.localhost.example=172.60.0.10"
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

19
simple/docker-compose.yml
View File

@ -12,10 +12,7 @@ services:
- "POSTGRES_PASSWORD=hunter2"
volumes:
- ./sql:/docker-entrypoint-initdb.d
networks:
openfire-net:
ipv4_address: 172.60.0.11
xmpp1:
image: "openfire:${OPENFIRE_TAG}"
ports:
@ -31,12 +28,6 @@ services:
- ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp.localhost.example:172.60.0.10"
- "conference.xmpp.localhost.example:172.60.0.10"
dozzle:
image: amir20/dozzle:latest
@ -44,11 +35,3 @@ services:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 9999:8080
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

16
simple/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h]
usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information
"; exit 0; }
@ -10,6 +11,8 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
# Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
@ -17,7 +20,7 @@ source "$SCRIPTPATH/../_common/functions.sh"
check_deps
while getopts n:h o; do
while getopts n:6h o; do
case "$o" in
n)
if [[ $OPTARG =~ " " ]]; then
@ -27,7 +30,11 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG"
;;
h)
6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
;;
h)
usage
;;
*)
@ -38,6 +45,7 @@ done
echo "Starting a simple environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH"
@ -46,7 +54,7 @@ pushd "$SCRIPTPATH"
# Clean up temporary persistence data
if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1
echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi
mkdir _data
cp -r xmpp _data/