Openfire
/
openfire-docker-compose
mirror of https://github.com/surevine/openfire-docker-compose.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add dualstack support 

This adds support for IPv6, by giving all `start.sh` scripts an `-6` argument, that causes a dualstack configuration to be loaded.

Each individual docker-compose file has been split out. Now, each file no longer defines any networking. Instead, one of two networking fragments is expected to be merged in.

When starting Openfire, a Hazelcast configuration option is passed through to the Openfire process to denote preference for IPv4 or IPv6. This passing through depends on the change in Openfire, that is introduced by 2634d4a83a

Minor other changes have been applied, that mostly make the start scripts more consistent amongst each-other.

fixes #61
pull/68/head
Guus der Kinderen 2024-10-16 13:46:19 +02:00 committed by Matthew Vivian
parent 7d30e5e1f6
commit 3b4862328b
34 changed files with 943 additions and 277 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
cluster/README.md
View File

@ -62,6 +62,50 @@ The following MUC rooms are configured:
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24` for the clustered configuration. The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24` for the clustered configuration.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------------------------------+
| [fd23:d79:d076::99] |
| 172.60.0.99 |
| +----------------+ |
| | |+--------------+ |
(XMPP-C2S) 55222 -|-------| Load Balancer |+-------+ | |
(BOSH) 57070 -| | | | | |
(BOSHS) 57443 -| +----------------+ | | |
| | | [fd23:d79:d076::30]
| | | 172.60.0.30 |
| | | +--------+ |
| | +=============+ | |- 5223 (XMPP-C2S)
| | | | | XMPP 3 |----|- 5263 (XMPP-S2S)
| | | | | | |- 9093 (HTTP-Admin)
| | | | +------+-+ |- 7073 (BOSH)
| | | | | |
| [fd23:d79:d076::10] | [fd23:d79:d076::20]| |
| 172.60.0.10 | 172.60.0.20 | |
| +--------+ | +--------+ | |
(XMPP-C2S) 5221 -| | +======+ | |=====+ |- 5222 (XMPP-C2S)
(XMPP-S2S) 5261 -|------| XMPP 1 +============+ XMPP 2 | |- 5262 (XMPP-S2S)
(HTTP-Admin) 9091 -| | | | |------------|- 9092 (HTTP-Admin)
(BOSH) 7071 -| +----+---+ +----+---+ |- 7072 (BOSH)
| | | |
| | | |
| +---+--+ | |
| | | | |
(Database) 5432 -|-------| DB +------------------+ |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+----------------172.60.0.0/24---------------------+
fd23:0d79:d076::/64
```
### Removing a node from the network ### Removing a node from the network
To remove a node from the network run the following command: To remove a node from the network run the following command:

52
cluster/docker-compose-clustered.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql:/docker-entrypoint-initdb.d - ./sql:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb: lb:
image: nginx:stable image: nginx:stable
@ -24,10 +21,7 @@ services:
- "57443:57443" - "57443:57443"
volumes: volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf - ./nginx/nginx.conf:/etc/nginx/nginx.conf
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1: xmpp1:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
ports: ports:
@ -42,17 +36,7 @@ services:
- ./_data/xmpp/1/conf:/var/lib/openfire/conf - ./_data/xmpp/1/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
xmpp2: xmpp2:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -68,17 +52,7 @@ services:
- ./_data/xmpp/2/conf:/var/lib/openfire/conf - ./_data/xmpp/2/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
xmpp3: xmpp3:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -94,17 +68,7 @@ services:
- ./_data/xmpp/3/conf:/var/lib/openfire/conf - ./_data/xmpp/3/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
dozzle: dozzle:
image: amir20/dozzle:latest image: amir20/dozzle:latest
@ -112,11 +76,3 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
ports: ports:
- 9999:8080 - 9999:8080
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

63
cluster/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,63 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
ipv6_address: fd23:d79:d076::99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
ipv6_address: fd23:d79:d076::20
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
ipv6_address: fd23:d79:d076::30
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
networks:
openfire-clustered-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

56
cluster/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,56 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

25
cluster/nginx/nginx.conf
View File

@ -5,11 +5,14 @@ stream {
server 172.60.0.10:5222; server 172.60.0.10:5222;
server 172.60.0.20:5222; server 172.60.0.20:5222;
server 172.60.0.30:5222; server 172.60.0.30:5222;
fd23:d79:d076::10:5222;
fd23:d79:d076::20:5222;
fd23:d79:d076::30:5222;
} }
server { server {
listen 55222; listen 55222;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass xmpp; proxy_pass xmpp;
} }
@ -18,11 +21,14 @@ stream {
server 172.60.0.10:7070; server 172.60.0.10:7070;
server 172.60.0.20:7070; server 172.60.0.20:7070;
server 172.60.0.30:7070; server 172.60.0.30:7070;
fd23:d79:d076::10:7070;
fd23:d79:d076::20:7070;
fd23:d79:d076::30:7070;
} }
server { server {
listen 57070; listen 57070;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass bosh; proxy_pass bosh;
} }
@ -31,11 +37,14 @@ stream {
server 172.60.0.10:7443; server 172.60.0.10:7443;
server 172.60.0.20:7443; server 172.60.0.20:7443;
server 172.60.0.30:7443; server 172.60.0.30:7443;
fd23:d79:d076::10:7443;
fd23:d79:d076::20:7443;
fd23:d79:d076::30:7443;
} }
server { server {
listen 57443; listen 57443;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 30s; proxy_timeout 30s;
proxy_pass boshs; proxy_pass boshs;
} }
@ -44,11 +53,14 @@ stream {
server 172.60.0.10:5269; server 172.60.0.10:5269;
server 172.60.0.20:5269; server 172.60.0.20:5269;
server 172.60.0.30:5269; server 172.60.0.30:5269;
fd23:d79:d076::10:5269;
fd23:d79:d076::20:5269;
fd23:d79:d076::30:5269;
} }
server { server {
listen 5269; listen 5269;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 1m; proxy_timeout 1m;
proxy_pass s2s; proxy_pass s2s;
} }
@ -57,11 +69,14 @@ stream {
server 172.60.0.10:5270; server 172.60.0.10:5270;
server 172.60.0.20:5270; server 172.60.0.20:5270;
server 172.60.0.30:5270; server 172.60.0.30:5270;
fd23:d79:d076::10:5270;
fd23:d79:d076::20:5270;
fd23:d79:d076::30:5270;
} }
server { server {
listen 5270; listen 5270;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 1m; proxy_timeout 1m;
proxy_pass s2slegacy; proxy_pass s2slegacy;
} }

22
cluster/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash #!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h] usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env -n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information -h Show this helpful information
"; exit 0; } "; exit 0; }
@ -10,6 +11,9 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env") COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT") COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
PREFER_IPV4="true"
# Where is this script? It could be called from anywhere, so use this to get full paths. # Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )" SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
@ -17,7 +21,7 @@ source "$SCRIPTPATH/../_common/functions.sh"
check_deps check_deps
while getopts n:h o; do while getopts n:6h o; do
case "$o" in case "$o" in
n) n)
if [[ $OPTARG =~ " " ]]; then if [[ $OPTARG =~ " " ]]; then
@ -27,7 +31,12 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG" echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG" export OPENFIRE_TAG="$OPTARG"
;; ;;
h) 6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
PREFER_IPV4="false"
;;
h)
usage usage
;; ;;
*) *)
@ -36,8 +45,11 @@ while getopts n:h o; do
esac esac
done done
export PREFER_IPV4
echo "Starting a clustered environment." echo "Starting a clustered environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml") COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH" pushd "$SCRIPTPATH"
@ -45,8 +57,8 @@ pushd "$SCRIPTPATH"
"${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures "${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures
# Clean up temporary persistence data # Clean up temporary persistence data
if ! rm -rf _data; then if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1 echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi fi
mkdir _data mkdir _data
cp -r xmpp _data/ cp -r xmpp _data/

22
cluster/xmpp/1/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports> <outbound-ports>
<ports>0</ports> <ports>0</ports>
</outbound-ports> </outbound-ports>
<!-- The following enables multicast discovery of cluster members <!-- The following enables multicast discovery of cluster members -->
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast <!--
-->
<join> <join>
<multicast enabled="true"> <multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group> <multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port> <multicast-port>54327</multicast-port>
</multicast> </multicast>
<tcp-ip enabled="false"/> <tcp-ip enabled="false"/>
</join> </join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
--> -->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!-- <!--
<join> <join>
<multicast enabled="false"/> <multicast enabled="false"/>
<tcp-ip enabled="true"> <tcp-ip enabled="true">
<member>10.10.1.1:5701</member> <member>fd23:d79:d076:0:0:0:0:10</member>
<member>10.10.1.2:5701</member> <member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip> </tcp-ip>
</join> </join>
--> -->
<interfaces enabled="false"> <interfaces enabled="true">
<interface>10.10.1.*</interface> <interface>172.60.0.10</interface>
<interface>fd23:d79:d076:0:0:0:0:10</interface>
</interfaces> </interfaces>
<ssl enabled="false"/> <ssl enabled="false"/>
<socket-interceptor enabled="false"/> <socket-interceptor enabled="false"/>

22
cluster/xmpp/2/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports> <outbound-ports>
<ports>0</ports> <ports>0</ports>
</outbound-ports> </outbound-ports>
<!-- The following enables multicast discovery of cluster members <!-- The following enables multicast discovery of cluster members -->
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast <!--
-->
<join> <join>
<multicast enabled="true"> <multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group> <multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port> <multicast-port>54327</multicast-port>
</multicast> </multicast>
<tcp-ip enabled="false"/> <tcp-ip enabled="false"/>
</join> </join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
--> -->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!-- <!--
<join> <join>
<multicast enabled="false"/> <multicast enabled="false"/>
<tcp-ip enabled="true"> <tcp-ip enabled="true">
<member>10.10.1.1:5701</member> <member>fd23:d79:d076:0:0:0:0:10</member>
<member>10.10.1.2:5701</member> <member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip> </tcp-ip>
</join> </join>
--> -->
<interfaces enabled="false"> <interfaces enabled="true">
<interface>10.10.1.*</interface> <interface>fd23:d79:d076:0:0:0:0:20</interface>
<interface>172.60.0.20</interface>
</interfaces> </interfaces>
<ssl enabled="false"/> <ssl enabled="false"/>
<socket-interceptor enabled="false"/> <socket-interceptor enabled="false"/>

22
cluster/xmpp/3/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports> <outbound-ports>
<ports>0</ports> <ports>0</ports>
</outbound-ports> </outbound-ports>
<!-- The following enables multicast discovery of cluster members <!-- The following enables multicast discovery of cluster members -->
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast <!--
-->
<join> <join>
<multicast enabled="true"> <multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group> <multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port> <multicast-port>54327</multicast-port>
</multicast> </multicast>
<tcp-ip enabled="false"/> <tcp-ip enabled="false"/>
</join> </join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
--> -->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!-- <!--
<join> <join>
<multicast enabled="false"/> <multicast enabled="false"/>
<tcp-ip enabled="true"> <tcp-ip enabled="true">
<member>10.10.1.1:5701</member> <member>fd23:d79:d076:0:0:0:0:10</member>
<member>10.10.1.2:5701</member> <member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip> </tcp-ip>
</join> </join>
--> -->
<interfaces enabled="false"> <interfaces enabled="true">
<interface>10.10.1.*</interface> <interface>fd23:d79:d076:0:0:0:0:30</interface>
<interface>172.60.0.30</interface>
</interfaces> </interfaces>
<ssl enabled="false"/> <ssl enabled="false"/>
<socket-interceptor enabled="false"/> <socket-interceptor enabled="false"/>

70
cluster_with_federation/README.md
View File

@ -106,6 +106,76 @@ Note that users and MUC rooms on the additional Openfire domain have a similar n
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24` for the clustered configuration. The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24` for the clustered configuration.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------------------------------+
| [fd23:d79:d076::99] |
| 172.60.0.99 |
| +----------------+ |
| | |+--------------+ |
(XMPP-C2S) 55222 -|-------| Load Balancer |+-------+ | |
(BOSH) 57070 -| | | | | |
(BOSHS) 57443 -| +----------------+ | | |
| | | [fd23:d79:d076::30]
| | | 172.60.0.30 |
| | | +--------+ |
| | +=============+ | |- 5223 (XMPP-C2S)
| | | | | XMPP 3 |----|- 5263 (XMPP-S2S)
| | | | | | |- 9093 (HTTP-Admin)
| | | | +------+-+ |- 7073 (BOSH)
| | | | | |
| [fd23:d79:d076::10] | [fd23:d79:d076::20]| |
| 172.60.0.10 | 172.60.0.20 | |
| +--------+ | +--------+ | |
(XMPP-C2S) 5221 -| | +======+ | |=====+ |- 5222 (XMPP-C2S)
(XMPP-S2S) 5261 -|------| XMPP 1 +============+ XMPP 2 | |- 5262 (XMPP-S2S)
(HTTP-Admin) 9091 -| | | | |------------|- 9092 (HTTP-Admin)
(BOSH) 7071 -| +----+---+ +----+---+ |- 7072 (BOSH)
| | | |
| | | |
| +---+--+ | |
| | | | |
(Database) 5432 -|-------| DB +------------------+ |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+----------------172.60.0.0/24---------------------+
fd23:0d79:d076::/64
```
The federated domain, with IPv6 enabled, looks like this:
```
+------------------------+
| [fd23:d79:d076::110] |
| 172.60.0.110 |
| +------------+ |
(XMPP-C2S) 5229 -| | | |
(XMPP-S2S) 5269 -|------| OTHER XMPP | |
(HTTP-Admin) 9099 -| | | |
(BOSH) 7079/7449 -| +------+-----+ |
| | |
| | |
| +-----+----+ |
| | | |
(Database) 5433 -|-------| OTHER DB | |
| | | |
| +----------+ |
| 172.60.0.111 |
| [fd23:d79:d076::111] |
| |
+------172.60.0.0/24-----+
fd23:0d79:d076::/64
```
### Removing a node from the network ### Removing a node from the network
To remove a node from the network run the following command: To remove a node from the network run the following command:

73
cluster_with_federation/docker-compose-clustered.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql/clustered:/docker-entrypoint-initdb.d - ./sql/clustered:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb: lb:
image: nginx:stable image: nginx:stable
@ -24,10 +21,7 @@ services:
- "57443:57443" - "57443:57443"
volumes: volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf - ./nginx/nginx.conf:/etc/nginx/nginx.conf
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1: xmpp1:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
ports: ports:
@ -42,19 +36,7 @@ services:
- ./_data/xmpp/1/conf:/var/lib/openfire/conf - ./_data/xmpp/1/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
xmpp2: xmpp2:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -70,19 +52,7 @@ services:
- ./_data/xmpp/2/conf:/var/lib/openfire/conf - ./_data/xmpp/2/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
xmpp3: xmpp3:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -98,19 +68,7 @@ services:
- ./_data/xmpp/3/conf:/var/lib/openfire/conf - ./_data/xmpp/3/conf:/var/lib/openfire/conf
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh", "-Dhazelcast.prefer.ipv4.stack=${PREFER_IPV4}"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
- "xmpp2.localhost.example:172.60.0.20"
- "conference.xmpp2.localhost.example:172.60.0.20"
- "xmpp3.localhost.example:172.60.0.30"
- "conference.xmpp3.localhost.example:172.60.0.30"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
otherdb: otherdb:
image: library/postgres:9.6.24-alpine image: library/postgres:9.6.24-alpine
@ -122,10 +80,7 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql/otherdomain:/docker-entrypoint-initdb.d - ./sql/otherdomain:/docker-entrypoint-initdb.d
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
otherxmpp: otherxmpp:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
ports: ports:
@ -141,26 +96,10 @@ services:
- ./_data/plugins_for_otherdomain:/opt/plugins - ./_data/plugins_for_otherdomain:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "otherdb:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "otherdb:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
extra_hosts:
- "xmpp.localhost.example:172.60.0.99"
- "conference.xmpp.localhost.example:172.60.0.99"
- "otherxmpp.localhost.example:172.60.0.110"
- "conference.otherxmpp.localhost.example:172.60.0.110"
dozzle: dozzle:
image: amir20/dozzle:latest image: amir20/dozzle:latest
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
ports: ports:
- 9999:8080 - 9999:8080
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

85
cluster_with_federation/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,85 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
ipv6_address: fd23:d79:d076::99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
ipv6_address: fd23:d79:d076::20
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
ipv6_address: fd23:d79:d076::30
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
- "xmpp3.localhost.example=fd23:d79:d076::30"
- "conference.xmpp3.localhost.example=fd23:d79:d076::30"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
otherdb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
ipv6_address: fd23:d79:d076::111
otherxmpp:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
ipv6_address: fd23:d79:d076::110
extra_hosts:
- "xmpp.localhost.example=fd23:d79:d076::99"
- "conference.xmpp.localhost.example=fd23:d79:d076::99"
- "otherxmpp.localhost.example=fd23:d79:d076::110"
- "conference.otherxmpp.localhost.example=fd23:d79:d076::110"
networks:
openfire-clustered-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

76
cluster_with_federation/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,76 @@
services:
db:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.11
lb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.99
xmpp1:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
xmpp2:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.20
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
xmpp3:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.30
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
- "xmpp2.localhost.example=172.60.0.20"
- "conference.xmpp2.localhost.example=172.60.0.20"
- "xmpp3.localhost.example=172.60.0.30"
- "conference.xmpp3.localhost.example=172.60.0.30"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
otherdb:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.111
otherxmpp:
networks:
openfire-clustered-net:
ipv4_address: 172.60.0.110
extra_hosts:
- "xmpp.localhost.example=172.60.0.99"
- "conference.xmpp.localhost.example=172.60.0.99"
- "otherxmpp.localhost.example=172.60.0.110"
- "conference.otherxmpp.localhost.example=172.60.0.110"
networks:
openfire-clustered-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

15
cluster_with_federation/nginx/nginx.conf
View File

@ -5,6 +5,9 @@ stream {
server 172.60.0.10:5222; server 172.60.0.10:5222;
server 172.60.0.20:5222; server 172.60.0.20:5222;
server 172.60.0.30:5222; server 172.60.0.30:5222;
fd23:d79:d076::10:5222;
fd23:d79:d076::20:5222;
fd23:d79:d076::30:5222;
} }
server { server {
listen 55222; listen 55222;
@ -18,6 +21,9 @@ stream {
server 172.60.0.10:7070; server 172.60.0.10:7070;
server 172.60.0.20:7070; server 172.60.0.20:7070;
server 172.60.0.30:7070; server 172.60.0.30:7070;
fd23:d79:d076::10:7070;
fd23:d79:d076::20:7070;
fd23:d79:d076::30:7070;
} }
server { server {
listen 57070; listen 57070;
@ -31,6 +37,9 @@ stream {
server 172.60.0.10:7443; server 172.60.0.10:7443;
server 172.60.0.20:7443; server 172.60.0.20:7443;
server 172.60.0.30:7443; server 172.60.0.30:7443;
fd23:d79:d076::10:7443;
fd23:d79:d076::20:7443;
fd23:d79:d076::30:7443;
} }
server { server {
listen 57443; listen 57443;
@ -44,6 +53,9 @@ stream {
server 172.60.0.10:5269; server 172.60.0.10:5269;
server 172.60.0.20:5269; server 172.60.0.20:5269;
server 172.60.0.30:5269; server 172.60.0.30:5269;
fd23:d79:d076::10:5269;
fd23:d79:d076::20:5269;
fd23:d79:d076::30:5269;
} }
server { server {
listen 5269; listen 5269;
@ -57,6 +69,9 @@ stream {
server 172.60.0.10:5270; server 172.60.0.10:5270;
server 172.60.0.20:5270; server 172.60.0.20:5270;
server 172.60.0.30:5270; server 172.60.0.30:5270;
fd23:d79:d076::10:5270;
fd23:d79:d076::20:5270;
fd23:d79:d076::30:5270;
} }
server { server {
listen 5270; listen 5270;

26
cluster_with_federation/start.sh
View File

@ -1,21 +1,27 @@
#!/bin/bash #!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h] usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env -n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information -h Show this helpful information
"; exit 0; } "; exit 0; }
PROJECT="openfire" PROJECT="openfire"
COMPOSE_FILE_COMMAND=("docker-compose") COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env") COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT") COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
PREFER_IPV4="true"
# Where is this script? It could be called from anywhere, so use this to get full paths. # Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )" SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
source "$SCRIPTPATH/../_common/functions.sh" source "$SCRIPTPATH/../_common/functions.sh"
while getopts n:h o; do check_deps
while getopts n:6h o; do
case "$o" in case "$o" in
n) n)
if [[ $OPTARG =~ " " ]]; then if [[ $OPTARG =~ " " ]]; then
@ -25,7 +31,12 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG" echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG" export OPENFIRE_TAG="$OPTARG"
;; ;;
h) 6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
PREFER_IPV4="false"
;;
h)
usage usage
;; ;;
*) *)
@ -34,8 +45,11 @@ while getopts n:h o; do
esac esac
done done
export PREFER_IPV4
echo "Starting a clustered environment." echo "Starting a clustered environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml") COMPOSE_FILE_COMMAND+=("-f" "docker-compose-clustered.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH" pushd "$SCRIPTPATH"
@ -43,8 +57,8 @@ pushd "$SCRIPTPATH"
"${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures "${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures
# Clean up temporary persistence data # Clean up temporary persistence data
if ! rm -rf _data; then if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1 echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi fi
mkdir _data mkdir _data
cp -r xmpp _data/ cp -r xmpp _data/

22
cluster_with_federation/xmpp/1/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports> <outbound-ports>
<ports>0</ports> <ports>0</ports>
</outbound-ports> </outbound-ports>
<!-- The following enables multicast discovery of cluster members <!-- The following enables multicast discovery of cluster members -->
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast <!--
-->
<join> <join>
<multicast enabled="true"> <multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group> <multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port> <multicast-port>54327</multicast-port>
</multicast> </multicast>
<tcp-ip enabled="false"/> <tcp-ip enabled="false"/>
</join> </join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
--> -->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!-- <!--
<join> <join>
<multicast enabled="false"/> <multicast enabled="false"/>
<tcp-ip enabled="true"> <tcp-ip enabled="true">
<member>10.10.1.1:5701</member> <member>fd23:d79:d076:0:0:0:0:10</member>
<member>10.10.1.2:5701</member> <member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip> </tcp-ip>
</join> </join>
--> -->
<interfaces enabled="false"> <interfaces enabled="true">
<interface>10.10.1.*</interface> <interface>172.60.0.10</interface>
<interface>fd23:d79:d076:0:0:0:0:10</interface>
</interfaces> </interfaces>
<ssl enabled="false"/> <ssl enabled="false"/>
<socket-interceptor enabled="false"/> <socket-interceptor enabled="false"/>

22
cluster_with_federation/xmpp/2/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports> <outbound-ports>
<ports>0</ports> <ports>0</ports>
</outbound-ports> </outbound-ports>
<!-- The following enables multicast discovery of cluster members <!-- The following enables multicast discovery of cluster members -->
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast <!--
-->
<join> <join>
<multicast enabled="true"> <multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group> <multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port> <multicast-port>54327</multicast-port>
</multicast> </multicast>
<tcp-ip enabled="false"/> <tcp-ip enabled="false"/>
</join> </join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
--> -->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!-- <!--
<join> <join>
<multicast enabled="false"/> <multicast enabled="false"/>
<tcp-ip enabled="true"> <tcp-ip enabled="true">
<member>10.10.1.1:5701</member> <member>fd23:d79:d076:0:0:0:0:10</member>
<member>10.10.1.2:5701</member> <member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip> </tcp-ip>
</join> </join>
--> -->
<interfaces enabled="false"> <interfaces enabled="true">
<interface>10.10.1.*</interface> <interface>fd23:d79:d076:0:0:0:0:20</interface>
<interface>172.60.0.20</interface>
</interfaces> </interfaces>
<ssl enabled="false"/> <ssl enabled="false"/>
<socket-interceptor enabled="false"/> <socket-interceptor enabled="false"/>

22
cluster_with_federation/xmpp/3/conf/hazelcast-local-config.xml
View File

@ -8,30 +8,34 @@
<outbound-ports> <outbound-ports>
<ports>0</ports> <ports>0</ports>
</outbound-ports> </outbound-ports>
<!-- The following enables multicast discovery of cluster members <!-- The following enables multicast discovery of cluster members -->
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-multicast <!--
-->
<join> <join>
<multicast enabled="true"> <multicast enabled="true">
<multicast-group>FF02:0:0:0:0:0:0:1</multicast-group>
<multicast-group>224.2.2.3</multicast-group> <multicast-group>224.2.2.3</multicast-group>
<multicast-port>54327</multicast-port> <multicast-port>54327</multicast-port>
</multicast> </multicast>
<tcp-ip enabled="false"/> <tcp-ip enabled="false"/>
</join> </join>
<!-- The following enables TCP/IP based discovery of cluster members
See http://docs.hazelcast.org/docs/3.12/manual/html-single/index.html#discovering-members-by-tcp
--> -->
<!-- The following enables TCP/IP based discovery of cluster members -->
<!-- <!--
<join> <join>
<multicast enabled="false"/> <multicast enabled="false"/>
<tcp-ip enabled="true"> <tcp-ip enabled="true">
<member>10.10.1.1:5701</member> <member>fd23:d79:d076:0:0:0:0:10</member>
<member>10.10.1.2:5701</member> <member>fd23:d79:d076:0:0:0:0:20</member>
<member>fd23:d79:d076:0:0:0:0:30</member>
<member>172.60.0.10</member>
<member>172.60.0.20</member>
<member>172.60.0.30</member>
</tcp-ip> </tcp-ip>
</join> </join>
--> -->
<interfaces enabled="false"> <interfaces enabled="true">
<interface>10.10.1.*</interface> <interface>fd23:d79:d076:0:0:0:0:30</interface>
<interface>172.60.0.30</interface>
</interfaces> </interfaces>
<ssl enabled="false"/> <ssl enabled="false"/>
<socket-interceptor enabled="false"/> <socket-interceptor enabled="false"/>

81
federation/README.md
View File

@ -52,6 +52,35 @@ XMPP 2 hosts the following MUC rooms:
The Docker compose file defines a custom bridge network with a single subnet of `172.50.0.0/24` The Docker compose file defines a custom bridge network with a single subnet of `172.50.0.0/24`
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+---------------------------------------------+
| [fd23:d79:d076::10] [fd23:d79:d076::20] |
| 172.50.0.10 172.50.0.20 |
| +--------+ +--------+ |
(XMPP-C2S) 5221 -| | | | | |- 5222 (XMPP-C2S)
(XMPP-S2S) 5261 -|------| XMPP 1 +============+ XMPP 2 |-------|- 5262 (XMPP-S2S)
(HTTP-Admin) 9091 -| | | | | |- 9092 (HTTP-Admin)
(BOSH) 7071/7441 -| +----+---+ +----+---+ |- 7072/7442 (BOSH)
| | | |
| | | |
| +---+--+ +--+---+ |
| | | | | |
(Database) 5431 -|-------| DB 1 | | DB 2 |-------|- 5432 (Database)
| | | | | |
| +------+ +------+ |
| 172.50.0.11 172.50.0.21 |
| [fd23:d79:d076::11] [fd23:d79:d076::21] |
| |
+----------------172.50.0.0/24----------------+
fd23:0d79:d076::/64
```
### Removing a node from the network ### Removing a node from the network
To remove a node from the network run the following command: To remove a node from the network run the following command:
@ -93,15 +122,15 @@ The convention I have followed is to increment the IP addresses by 10 and the po
For `xmpp1` For `xmpp1`
* Openfire IP: `172.50.0.10` * Openfire IP: `172.50.0.10` / `fd23:d79:d076::10`
* DB IP: `172.50.0.11` * DB IP: `172.50.0.11` / `fd23:d79:d076::11`
* XMPP port: `5221` * XMPP port: `5221`
* Admin port: `9091` * Admin port: `9091`
For `xmpp2` For `xmpp2`
* Openfire IP: `172.50.0.20` * Openfire IP: `172.50.0.20` / `fd23:d79:d076::20`
* DB IP: `172.50.0.21` * DB IP: `172.50.0.21` / `fd23:d79:d076::21`
* XMPP port: `5222` * XMPP port: `5222`
* Admin port: `9092` * Admin port: `9092`
@ -117,6 +146,7 @@ db3:
networks: networks:
openfire-federated-net: openfire-federated-net:
ipv4_address: 172.50.0.31 ipv4_address: 172.50.0.31
ipv6_address: fd23:d79:d076::31
xmpp3: xmpp3:
image: openfire:latest image: openfire:latest
@ -128,14 +158,17 @@ xmpp3:
networks: networks:
openfire-federated-net: openfire-federated-net:
ipv4_address: 172.50.0.30 ipv4_address: 172.50.0.30
ipv6_address: fd23:d79:d076::30
networks: networks:
openfire-federated-net: openfire-federated-net:
driver: bridge driver: bridge
enable_ipv6: true
ipam: ipam:
driver: default driver: default
config: config:
- subnet: 172.50.0.0/24 - subnet: 172.50.0.0/24
- subnet: fd23:0d79:d076::/64
``` ```
Run this with the `start.sh`. Once running navigate to `http://localhost:9093` and manually configure the Openfire server. Run this with the `start.sh`. Once running navigate to `http://localhost:9093` and manually configure the Openfire server.
@ -192,3 +225,43 @@ xmpp3:
... ...
``` ```
Add the IPv4-only network definition in `docker-compose-federated-ipv4-only.yml`:
```
...
db3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.31
xmpp3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.30
...
```
Add the dual-stack network definition in `docker-compose-federated-dualstack.yml` (note that this also includes IPv4 config):
```
...
db3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.31
ipv6_address: fd23:d79:d076::31
xmpp3:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.30
ipv6_address: fd23:d79:d076::30
...
```
Lastly, add the new host in all `extra_hosts` configuration blocks.

33
federation/docker-compose-federated.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql/1:/docker-entrypoint-initdb.d - ./sql/1:/docker-entrypoint-initdb.d
networks:
openfire-federated-net:
ipv4_address: 172.50.0.11
db2: db2:
image: library/postgres:9.6.24-alpine image: library/postgres:9.6.24-alpine
@ -26,9 +23,6 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql/2:/docker-entrypoint-initdb.d - ./sql/2:/docker-entrypoint-initdb.d
networks:
openfire-federated-net:
ipv4_address: 172.50.0.21
xmpp1: xmpp1:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -45,14 +39,6 @@ services:
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db1:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db1:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-federated-net:
ipv4_address: 172.50.0.10
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
xmpp2: xmpp2:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -69,27 +55,10 @@ services:
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db2:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db2:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-federated-net:
ipv4_address: 172.50.0.20
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
dozzle: dozzle:
image: amir20/dozzle:latest image: amir20/dozzle:latest
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
ports: ports:
- 9999:8080 - 9999:8080
networks:
openfire-federated-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.50.0.0/24

45
federation/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,45 @@
services:
db1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.11
ipv6_address: fd23:d79:d076::11
db2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.21
ipv6_address: fd23:d79:d076::21
xmpp1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
xmpp2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.20
ipv6_address: fd23:d79:d076::20
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
- "xmpp2.localhost.example=fd23:d79:d076::20"
- "conference.xmpp2.localhost.example=fd23:d79:d076::20"
networks:
openfire-federated-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.50.0.0/24
- subnet: fd23:0d79:d076::/64

40
federation/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,40 @@
services:
db1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.11
db2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.21
xmpp1:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.10
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
xmpp2:
networks:
openfire-federated-net:
ipv4_address: 172.50.0.20
extra_hosts:
- "xmpp1.localhost.example:172.50.0.10"
- "conference.xmpp1.localhost.example:172.50.0.10"
- "xmpp2.localhost.example:172.50.0.20"
- "conference.xmpp2.localhost.example:172.50.0.20"
networks:
openfire-federated-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.50.0.0/24

20
federation/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash #!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h] usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env -n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information -h Show this helpful information
"; exit 0; } "; exit 0; }
@ -10,12 +11,16 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env") COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT") COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
# Where is this script? It could be called from anywhere, so use this to get full paths. # Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )" SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
source "$SCRIPTPATH/../_common/functions.sh" source "$SCRIPTPATH/../_common/functions.sh"
while getopts n:h o; do check_deps
while getopts n:6h o; do
case "$o" in case "$o" in
n) n)
if [[ $OPTARG =~ " " ]]; then if [[ $OPTARG =~ " " ]]; then
@ -25,7 +30,11 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG" echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG" export OPENFIRE_TAG="$OPTARG"
;; ;;
h) 6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
;;
h)
usage usage
;; ;;
*) *)
@ -36,6 +45,7 @@ done
echo "Starting a federated environment." echo "Starting a federated environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose-federated.yml") COMPOSE_FILE_COMMAND+=("-f" "docker-compose-federated.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH" pushd "$SCRIPTPATH"
@ -43,8 +53,8 @@ pushd "$SCRIPTPATH"
"${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures "${COMPOSE_FILE_COMMAND[@]}" pull --ignore-pull-failures
# Clean up temporary persistence data # Clean up temporary persistence data
if ! rm -rf _data; then if ! rm -rf _data; then
echo "ERROR: Failed to delete the data directory. Try with sudo, then re-run." && popd && exit 1 echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi fi
mkdir _data mkdir _data
cp -r xmpp _data/ cp -r xmpp _data/

39
proxy/README.md
View File

@ -54,3 +54,42 @@ The following MUC rooms are configured:
## Network ## Network
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24`. The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24`.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------+
| |
| [fd23:d79:d076::99] |
| 172.60.0.99 |
| +--------+ |
(XMPP-C2S) 55222 -| | | |
(XMPP-S2S) 55269 -|------| Nginx + |
(HTTP-Admin) 59090 -| | | |
(BOSH) 57070 -| +----+---+ |
| | |
| | |
| [fd23:d79:d076::10] |
| 172.60.0.10 |
| +--------+ |
(XMPP-C2S) 5222 -| | | |
(XMPP-S2S) 5269 -|------| XMPP 1 + |
(HTTP-Admin) 9090 -| | | |
(BOSH) 7070 -| +----+---+ |
| | |
| | |
| +---+--+ |
| | | |
(Database) 5432 -|-------| DB + |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+-----172.60.0.0/24--------+
fd23:0d79:d076::/64
```

32
proxy/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,32 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
proxy:
networks:
openfire-net:
ipv4_address: 172.60.0.99
ipv6_address: fd23:d79:d076::99
xmpp:
networks:
openfire-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp1.localhost.example=fd23:d79:d076::10"
networks:
openfire-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

27
proxy/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,27 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
proxy:
networks:
openfire-net:
ipv4_address: 172.60.0.99
xmpp:
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp1.localhost.example=172.60.0.10"
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

20
proxy/docker-compose.yml
View File

@ -12,9 +12,6 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql:/docker-entrypoint-initdb.d - ./sql:/docker-entrypoint-initdb.d
networks:
openfire-net:
ipv4_address: 172.60.0.11
proxy: proxy:
image: nginx:stable image: nginx:stable
@ -27,9 +24,6 @@ services:
- "59090:59090" - "59090:59090"
volumes: volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf - ./nginx/nginx.conf:/etc/nginx/nginx.conf
networks:
openfire-net:
ipv4_address: 172.60.0.99
xmpp: xmpp:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
@ -46,12 +40,6 @@ services:
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example:172.60.0.10"
- "conference.xmpp1.localhost.example:172.60.0.10"
dozzle: dozzle:
image: amir20/dozzle:latest image: amir20/dozzle:latest
@ -59,11 +47,3 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
ports: ports:
- 9999:8080 - 9999:8080
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

15
proxy/nginx/nginx.conf
View File

@ -3,55 +3,60 @@
stream { stream {
upstream xmpp { upstream xmpp {
server 172.60.0.10:5222; server 172.60.0.10:5222;
fd23:d79:d076::10:5222;
} }
server { server {
listen 55222; listen 55222;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass xmpp; proxy_pass xmpp;
} }
upstream bosh { upstream bosh {
server 172.60.0.10:7070; server 172.60.0.10:7070;
fd23:d79:d076::10:7070;
} }
server { server {
listen 57070; listen 57070;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 12h; # Set this lower to be more flappy proxy_timeout 12h; # Set this lower to be more flappy
proxy_pass bosh; proxy_pass bosh;
} }
upstream boshs { upstream boshs {
server 172.60.0.10:7443; server 172.60.0.10:7443;
fd23:d79:d076::10:7443;
} }
server { server {
listen 57443; listen 57443;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 30s; proxy_timeout 30s;
proxy_pass boshs; proxy_pass boshs;
} }
upstream s2s { upstream s2s {
server 172.60.0.10:5269; server 172.60.0.10:5269;
fd23:d79:d076::10:5269;
} }
server { server {
listen 55269; listen 55269;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 1m; proxy_timeout 1m;
proxy_pass s2s; proxy_pass s2s;
} }
upstream s2slegacy { upstream s2slegacy {
server 172.60.0.10:5270; server 172.60.0.10:5270;
fd23:d79:d076::10:5270;
} }
server { server {
listen 55270; listen 55270;
tcp_nodelay on; tcp_nodelay on;
proxy_connect_timeout 10s; proxy_connect_timeout 10s;
proxy_timeout 1m; proxy_timeout 1m;
proxy_pass s2slegacy; proxy_pass s2slegacy;
} }

16
proxy/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash #!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h] usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env -n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information -h Show this helpful information
"; exit 0; } "; exit 0; }
@ -10,6 +11,8 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env") COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT") COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
# Where is this script? It could be called from anywhere, so use this to get full paths. # Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )" SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
@ -17,7 +20,7 @@ source "$SCRIPTPATH/../_common/functions.sh"
check_deps check_deps
while getopts n:h o; do while getopts n:6h o; do
case "$o" in case "$o" in
n) n)
if [[ $OPTARG =~ " " ]]; then if [[ $OPTARG =~ " " ]]; then
@ -27,7 +30,11 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG" echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG" export OPENFIRE_TAG="$OPTARG"
;; ;;
h) 6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
;;
h)
usage usage
;; ;;
*) *)
@ -38,6 +45,7 @@ done
echo "Starting a simple environment." echo "Starting a simple environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose.yml") COMPOSE_FILE_COMMAND+=("-f" "docker-compose.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH" pushd "$SCRIPTPATH"
@ -46,7 +54,7 @@ pushd "$SCRIPTPATH"
# Clean up temporary persistence data # Clean up temporary persistence data
if ! rm -rf _data; then if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1 echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi fi
mkdir _data mkdir _data
cp -r xmpp _data/ cp -r xmpp _data/

30
simple/README.md
View File

@ -46,3 +46,33 @@ The following MUC rooms are configured:
## Network ## Network
The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24`. The Docker compose file defines a custom bridge network with a single subnet of `172.60.0.0/24`.
When the `-6` argument to `./start.sh` is provided, then an additional subnet of `fd23:0d79:d076::/64` is configured.
Then, IPv6 is preferred for internal networking. Note that the IPv4 network remains in place, as Docker does not support
IPv6-only containers.
When running with the optional `-6` flag (that adds IPv6 support) the system looks like this:
```
+--------------------------+
| |
| [fd23:d79:d076::10] |
| 172.60.0.10 |
| +--------+ |
(XMPP-C2S) 5222 -| | | |
(XMPP-S2S) 5269 -|------| XMPP 1 + |
(HTTP-Admin) 9090 -| | | |
(BOSH) 7070 -| +----+---+ |
| | |
| | |
| +---+--+ |
| | | |
(Database) 5432 -|-------| DB + |
| | | |
| +------+ |
| 172.60.0.11 |
| [fd23:d79:d076::11] |
| |
+-----172.60.0.0/24--------+
fd23:0d79:d076::/64
```

26
simple/docker-compose-network-dualstack.yml 100644
View File

@ -0,0 +1,26 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
ipv6_address: fd23:d79:d076::11
xmpp1:
networks:
openfire-net:
ipv4_address: 172.60.0.10
ipv6_address: fd23:d79:d076::10
extra_hosts:
- "xmpp1.localhost.example=fd23:d79:d076::10"
- "conference.xmpp.localhost.example=fd23:d79:d076::10"
networks:
openfire-net:
driver: bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.60.0.0/24
- subnet: fd23:0d79:d076::/64

22
simple/docker-compose-network-ipv4-only.yml 100644
View File

@ -0,0 +1,22 @@
services:
db:
networks:
openfire-net:
ipv4_address: 172.60.0.11
xmpp1:
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp1.localhost.example=172.60.0.10"
- "conference.xmpp.localhost.example=172.60.0.10"
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

19
simple/docker-compose.yml
View File

@ -12,10 +12,7 @@ services:
- "POSTGRES_PASSWORD=hunter2" - "POSTGRES_PASSWORD=hunter2"
volumes: volumes:
- ./sql:/docker-entrypoint-initdb.d - ./sql:/docker-entrypoint-initdb.d
networks:
openfire-net:
ipv4_address: 172.60.0.11
xmpp1: xmpp1:
image: "openfire:${OPENFIRE_TAG}" image: "openfire:${OPENFIRE_TAG}"
ports: ports:
@ -31,12 +28,6 @@ services:
- ./_data/plugins:/opt/plugins - ./_data/plugins:/opt/plugins
- ../_common/wait-for-it.sh:/wait-for-it.sh - ../_common/wait-for-it.sh:/wait-for-it.sh
command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"] command: ["/wait-for-it.sh", "-s", "db:5432", "--", "/sbin/entrypoint.sh"]
networks:
openfire-net:
ipv4_address: 172.60.0.10
extra_hosts:
- "xmpp.localhost.example:172.60.0.10"
- "conference.xmpp.localhost.example:172.60.0.10"
dozzle: dozzle:
image: amir20/dozzle:latest image: amir20/dozzle:latest
@ -44,11 +35,3 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
ports: ports:
- 9999:8080 - 9999:8080
networks:
openfire-net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.60.0.0/24

16
simple/start.sh
View File

@ -1,7 +1,8 @@
#!/bin/bash #!/bin/bash
usage() { echo "Usage: $0 [-n openfire-tag] [-h] usage() { echo "Usage: $0 [-n openfire-tag] [-6] [-h]
-n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env -n openfire-tag Launches all Openfire instances with the specified tag. This overrides the value in .env
-6 Replace standard IPv4-based bridge networking with IPv6.
-h Show this helpful information -h Show this helpful information
"; exit 0; } "; exit 0; }
@ -10,6 +11,8 @@ COMPOSE_FILE_COMMAND=("docker" "compose")
COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env") COMPOSE_FILE_COMMAND+=("--env-file" "../_common/.env")
COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT") COMPOSE_FILE_COMMAND+=("--project-name" "$PROJECT")
NETWORK_COMPOSE_FILE="docker-compose-network-ipv4-only.yml"
# Where is this script? It could be called from anywhere, so use this to get full paths. # Where is this script? It could be called from anywhere, so use this to get full paths.
SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )" SCRIPTPATH="$( cd "$(dirname "$0")"; pwd -P )"
@ -17,7 +20,7 @@ source "$SCRIPTPATH/../_common/functions.sh"
check_deps check_deps
while getopts n:h o; do while getopts n:6h o; do
case "$o" in case "$o" in
n) n)
if [[ $OPTARG =~ " " ]]; then if [[ $OPTARG =~ " " ]]; then
@ -27,7 +30,11 @@ while getopts n:h o; do
echo "Using Openfire tag: $OPTARG" echo "Using Openfire tag: $OPTARG"
export OPENFIRE_TAG="$OPTARG" export OPENFIRE_TAG="$OPTARG"
;; ;;
h) 6)
echo "Using IPv6"
NETWORK_COMPOSE_FILE="docker-compose-network-dualstack.yml"
;;
h)
usage usage
;; ;;
*) *)
@ -38,6 +45,7 @@ done
echo "Starting a simple environment." echo "Starting a simple environment."
COMPOSE_FILE_COMMAND+=("-f" "docker-compose.yml") COMPOSE_FILE_COMMAND+=("-f" "docker-compose.yml")
COMPOSE_FILE_COMMAND+=("-f" "$NETWORK_COMPOSE_FILE")
pushd "$SCRIPTPATH" pushd "$SCRIPTPATH"
@ -46,7 +54,7 @@ pushd "$SCRIPTPATH"
# Clean up temporary persistence data # Clean up temporary persistence data
if ! rm -rf _data; then if ! rm -rf _data; then
echo "ERROR: Failed to delete _data directory. Try with sudo, then re-run." && popd && exit 1 echo "ERROR: Failed to delete the _data directory. Try with sudo, then re-run." && popd && exit 1
fi fi
mkdir _data mkdir _data
cp -r xmpp _data/ cp -r xmpp _data/