-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
189 lines (181 loc) · 6.04 KB
/
docker-compose.yml
File metadata and controls
189 lines (181 loc) · 6.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
services:
# MinIO for S3-compatible storage
minio:
image: minio/minio:latest
container_name: minio-storage
ports:
- "9002:9000"
- "9001:9001"
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin
command: server /data --console-address ":9001"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 5s
timeout: 3s
retries: 10
volumes:
- minio-data:/data
# MinIO client to create bucket
minio-setup:
image: minio/mc:latest
container_name: minio-setup
depends_on:
minio:
condition: service_healthy
entrypoint: >
/bin/sh -c "
/usr/bin/mc alias set myminio http://minio:9000 minioadmin minioadmin;
/usr/bin/mc mb myminio/warehouse || true;
/usr/bin/mc anonymous set public myminio/warehouse;
exit 0;
"
# Nessie catalog for Iceberg REST
nessie:
image: ghcr.io/projectnessie/nessie:0.99.0
container_name: nessie-catalog
ports:
- "19120:19120"
environment:
# Nessie catalog configuration
- nessie.catalog.default-warehouse=warehouse
- nessie.catalog.warehouses.warehouse.location=s3://warehouse/
# S3 config - endpoint is internal to docker network
- nessie.catalog.service.s3.default-options.endpoint=http://minio:9000
# external-endpoint is what clients outside docker should use
- nessie.catalog.service.s3.default-options.external-endpoint=http://localhost:9002
- nessie.catalog.service.s3.default-options.path-style-access=true
- nessie.catalog.service.s3.default-options.region=us-east-1
# S3 credentials using secret reference
- nessie.catalog.service.s3.default-options.access-key=urn:nessie-secret:quarkus:nessie.catalog.secrets.access-key
- nessie.catalog.secrets.access-key.name=minioadmin
- nessie.catalog.secrets.access-key.secret=minioadmin
depends_on:
minio-setup:
condition: service_completed_successfully
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:19120/api/v2/config"]
interval: 5s
timeout: 3s
retries: 10
# Polaris catalog with AWS credentials for MinIO access
polaris:
image: apache/polaris:latest
container_name: polaris-catalog
ports:
- "8181:8181"
- "8182:8182"
environment:
# AWS credentials so Polaris can access MinIO
- AWS_ACCESS_KEY_ID=minioadmin
- AWS_SECRET_ACCESS_KEY=minioadmin
- AWS_REGION=us-east-1
# Disable STS for MinIO compatibility
- POLARIS_FEATURES_DEFAULT_ALLOW_EXTERNAL_TABLE_LOCATION=true
- POLARIS_FEATURES_DEFAULT_ALLOW_UNSTRUCTURED_TABLE_LOCATION=true
# Use S3 endpoint override for MinIO
- AWS_S3_ENDPOINT=http://minio:9000
- AWS_S3_PATH_STYLE_ACCESS=true
depends_on:
minio-setup:
condition: service_completed_successfully
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8181/api/catalog/v1/config?warehouse=polaris_catalog"]
interval: 5s
timeout: 10s
retries: 20
start_period: 30s
# PostgreSQL for Lakekeeper
lakekeeper-db:
image: postgres:17
container_name: lakekeeper-db
environment:
POSTGRES_PASSWORD: postgres
PGDATA: /var/lib/postgresql/data/pgdata
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 2s
timeout: 5s
retries: 10
volumes:
- lakekeeper-data:/var/lib/postgresql/data
# Lakekeeper migrations
lakekeeper-migrate:
image: quay.io/lakekeeper/catalog:latest
container_name: lakekeeper-migrate
environment: &lakekeeper-env
LAKEKEEPER__PG_ENCRYPTION_KEY: "ThisIsNotSecureButOkForTesting"
LAKEKEEPER__PG_DATABASE_URL_READ: "postgresql://postgres:postgres@lakekeeper-db:5432/postgres"
LAKEKEEPER__PG_DATABASE_URL_WRITE: "postgresql://postgres:postgres@lakekeeper-db:5432/postgres"
LAKEKEEPER__AUTHZ_BACKEND: "allowall"
command: migrate
depends_on:
lakekeeper-db:
condition: service_healthy
# Lakekeeper catalog
lakekeeper:
image: quay.io/lakekeeper/catalog:latest
container_name: lakekeeper-catalog
ports:
- "8282:8181"
extra_hosts:
- "host.docker.internal:host-gateway"
environment:
<<: *lakekeeper-env
command: serve
depends_on:
lakekeeper-migrate:
condition: service_completed_successfully
healthcheck:
test: ["CMD", "/home/nonroot/lakekeeper", "healthcheck"]
interval: 5s
timeout: 3s
retries: 10
# Lakekeeper warehouse setup
lakekeeper-setup:
image: curlimages/curl:latest
container_name: lakekeeper-setup
extra_hosts:
- "host.docker.internal:host-gateway"
depends_on:
lakekeeper:
condition: service_healthy
minio-setup:
condition: service_completed_successfully
command:
- /bin/sh
- -c
- |
echo 'Bootstrapping Lakekeeper...'
curl -s -X POST http://lakekeeper:8181/management/v1/bootstrap \
-H 'Content-Type: application/json' \
-d '{"accept-terms-of-use": true}' || true
sleep 2
echo 'Creating warehouse...'
curl -s -X POST http://lakekeeper:8181/management/v1/warehouse \
-H 'Content-Type: application/json' \
-d '{
"warehouse-name": "test-warehouse",
"project-id": "00000000-0000-0000-0000-000000000000",
"storage-profile": {
"type": "s3",
"bucket": "warehouse",
"region": "us-east-1",
"path-style-access": true,
"endpoint": "http://host.docker.internal:9002",
"sts-enabled": false,
"flavor": "minio"
},
"storage-credential": {
"type": "s3",
"credential-type": "access-key",
"aws-access-key-id": "minioadmin",
"aws-secret-access-key": "minioadmin"
}
}'
echo ''
echo 'Lakekeeper setup complete!'
volumes:
minio-data:
lakekeeper-data: