Use Docker Compose version 2 format (#2834)

After talking to @jsha, this updates Boulder's docker-compose.yml to version 2. I'm currently working on moving some Certbot tests from EC2 to Docker and this allows me to take advantage of networking features like embedded DNS which is used by default in newer versions of Docker Compose. This shouldn't change any behavior of the file. One notable thing is I had to add network_mode: bridge to the bhsm service. I don't believe this is a change in behavior though since bhsm was included in the links section for boulder
letsencrypt · Jun 26, 2017 · ee2f88a · ee2f88a
1 parent c5da184
commit ee2f88a
Show file tree

Hide file tree

Showing 2 changed files with 72 additions and 63 deletions.
diff --git a/README.md b/README.md
@@ -18,6 +18,10 @@ Make sure you have a local copy of Boulder in your `$GOPATH`:
     export GOPATH=~/gopath
     git clone https://github.com/letsencrypt/boulder/ $GOPATH/src/github.com/letsencrypt/boulder
 
+Additionally, make sure you have Docker Engine 1.10.0+ and Docker Compose
+1.6.0+ installed. If you do not, you can follow Docker's [installation
+instructions](https://docs.docker.com/compose/install/).
+
 To start Boulder in a Docker container, run:
 
     docker-compose up

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,63 +1,68 @@
-boulder:
-    build: .
-    dockerfile: Dockerfile
-    environment:
-        FAKE_DNS: 127.0.0.1
-        PKCS11_PROXY_SOCKET: tcp://boulder-hsm:5657
-        BOULDER_CONFIG_DIR: test/config
-    volumes:
-      - .:/go/src/github.com/letsencrypt/boulder
-      - /tmp:/tmp
-    net: bridge
-    extra_hosts:
-      - le.wtf:127.0.0.1
-      - boulder:127.0.0.1
-    ports:
-      - 4000:4000 # ACME
-      - 4002:4002 # OCSP
-      - 4003:4003 # OCSP
-      - 4430:4430 # ACME via HTTPS
-      - 4500:4500 # ct-test-srv
-      - 6000:6000 # gsb-test-srv
-      - 8000:8000 # debug ports
-      - 8001:8001
-      - 8002:8002
-      - 8003:8003
-      - 8004:8004
-      - 8005:8005
-      - 8006:8006
-      - 8008:8008
-      - 8009:8009
-      - 8010:8010
-      - 8055:8055 # dns-test-srv updates
-      - 9380:9380 # mail-test-srv
-      - 9381:9381 # mail-test-srv
-    links:
-      - bhsm:boulder-hsm
-      - bmysql:boulder-mysql
-bhsm:
-    # To minimize the fetching of various layers this should match
-    # the FROM image and tag in boulder/Dockerfile
-    image: letsencrypt/boulder-tools:2017-05-25
-    environment:
-        PKCS11_DAEMON_SOCKET: tcp://0.0.0.0:5657
-    command: /usr/local/bin/pkcs11-daemon /usr/lib/softhsm/libsofthsm.so
-    expose:
-      - 5657
-bmysql:
-    image: mariadb:10.1
-    net: bridge
-    environment:
-        MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
-    command: mysqld --bind-address=0.0.0.0
-    log_driver: none
-prom:
-    image: prom/prometheus
-    net: bridge
-    ports:
-      - 9090:9090
-    volumes:
-      - $PWD/test/prometheus/:/promconf/
-    command: -config.file /promconf/prometheus.yml
-    links:
-      - boulder
+version: '2'
+services:
+    boulder:
+        build:
+            context: .
+            dockerfile: Dockerfile
+        environment:
+            FAKE_DNS: 127.0.0.1
+            PKCS11_PROXY_SOCKET: tcp://boulder-hsm:5657
+            BOULDER_CONFIG_DIR: test/config
+        volumes:
+          - .:/go/src/github.com/letsencrypt/boulder
+          - /tmp:/tmp
+        network_mode: bridge
+        extra_hosts:
+          - le.wtf:127.0.0.1
+          - boulder:127.0.0.1
+        ports:
+          - 4000:4000 # ACME
+          - 4002:4002 # OCSP
+          - 4003:4003 # OCSP
+          - 4430:4430 # ACME via HTTPS
+          - 4500:4500 # ct-test-srv
+          - 6000:6000 # gsb-test-srv
+          - 8000:8000 # debug ports
+          - 8001:8001
+          - 8002:8002
+          - 8003:8003
+          - 8004:8004
+          - 8005:8005
+          - 8006:8006
+          - 8008:8008
+          - 8009:8009
+          - 8010:8010
+          - 8055:8055 # dns-test-srv updates
+          - 9380:9380 # mail-test-srv
+          - 9381:9381 # mail-test-srv
+        links:
+          - bhsm:boulder-hsm
+          - bmysql:boulder-mysql
+    bhsm:
+        # To minimize the fetching of various layers this should match
+        # the FROM image and tag in boulder/Dockerfile
+        image: letsencrypt/boulder-tools:2017-05-25
+        environment:
+            PKCS11_DAEMON_SOCKET: tcp://0.0.0.0:5657
+        command: /usr/local/bin/pkcs11-daemon /usr/lib/softhsm/libsofthsm.so
+        expose:
+          - 5657
+        network_mode: bridge
+    bmysql:
+        image: mariadb:10.1
+        network_mode: bridge
+        environment:
+            MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
+        command: mysqld --bind-address=0.0.0.0
+        logging:
+            driver: none
+    prom:
+        image: prom/prometheus
+        network_mode: bridge
+        ports:
+          - 9090:9090
+        volumes:
+          - $PWD/test/prometheus/:/promconf/
+        command: -config.file /promconf/prometheus.yml
+        links:
+          - boulder