version: "3.9"
services:
# 1. The Envoy Control Plane (Your existing service)
envoy-control-plane:
user: "1026:100"
image: docker.jerxie.com/xds-server:latest
container_name: envoy-control-plane
restart: unless-stopped
ports:
# Exposes the gRPC XDS service port (18000) for the Envoy proxy to connect to
- "8090:8080"
# --- REMOVED: The 18000:18000 mapping is removed as it's only for internal sidecar use. ---
# - "18000:18000"
volumes:
- /volume1/docker/envoy-control-plane/data:/app/data:rw
command: ["--node-id", "home", "--config-dir", "/app/data/config","--db","file:/app/data/data.db?_foreign_keys=on", "--enable-cert-issuance", "webroot-path=/app/data/acme"]
# Add a network to ensure both services can communicate
networks:
- envoy_network
# 2. The Envoy Proxy (New service)
envoy-proxy:
user: "1026:100"
# Use the official Envoy Docker image
image: envoyproxy/envoy:v1.33.12 # Use a specific, stable version
container_name: envoy-proxy
restart: unless-stopped
# Expose a port where the proxy will listen for client traffic (e.g., 11111 for admin, 10000,10001 for listener)
ports:
- "10000:10000"
- "10001:10001"
- "11111:11111"
volumes:
- /volume1/docker/envoy-control-plane/data/envoy_config:/etc/config:rw
# The starting command you provided
command:
- "envoy"
- "-c"
- "/etc/config/envoy.yaml"
# Ensure this service waits for the control plane to be up
depends_on:
- envoy-control-plane
# Connect to the same network as the control plane
networks:
- envoy_network
# Define the volumes used by the services
# Corrected volume definition
#volumes:
# data_volume:
# driver: local
# driver_opts:
# type: "nfs"
# # Keep standard NFS mount options here (addr, rw, nfsvers=4)
# o: "addr=192.168.68.90,rw,nfsvers=4"
# # Specify the remote path
# device: ":/volume1/docker/envoy-control-plane/data"
# # Define ownership options separately (optional, but often helps)
# uid: "1026"
# gid: "100"
# Define a custom network for inter-service communication
networks:
envoy_network:
driver: bridge
