# docker-compose.yaml — vpp-maglev{d,-frontend} container stack # # Two services built from a single multi-stage Alpine Dockerfile: # # maglevd -> git.ipng.ch/ipng/vpp-maglevd:latest (health-checker daemon) # frontend -> git.ipng.ch/ipng/vpp-maglevd-frontend:latest (read-only web dashboard) # # Both services are opt-in via Docker Compose "profiles". Copy # .env.example to .env, set COMPOSE_PROFILES to include the # services you want, and run: # # docker compose up -d # # See .env.example for every tunable. See README.md for the # operational overview. services: maglevd: profiles: [maglevd] build: context: . dockerfile: Dockerfile target: maglevd image: git.ipng.ch/ipng/vpp-maglevd:latest container_name: vpp-maglevd restart: unless-stopped # maglevd needs CAP_NET_RAW for ICMP probes and CAP_SYS_ADMIN for # netns-scoped probes (see docs/design.md NFR-4.1). Granting ALL # keeps the container operationally identical to a bare-metal # maglevd running under the Debian systemd unit, and lets # operators flip healthchecker.netns without re-plumbing the # container's capability set. cap_add: - ALL # The daemon reads these via the same env-var fallback that the # systemd unit uses — see debian/default.vpp-maglev. env_file: .env # Mount the config and VPP's runtime sockets. The /run/vpp mount # is only meaningful when the container runs on a host that also # runs VPP; on a frontend-only host the maglevd profile is not # activated and this block is irrelevant. volumes: - ./maglev.yaml:/etc/vpp-maglev/maglev.yaml:ro - /run/vpp:/run/vpp ports: - "9090:9090" # gRPC control plane - "9091:9091" # Prometheus /metrics frontend: profiles: [frontend] build: context: . dockerfile: Dockerfile target: frontend image: git.ipng.ch/ipng/vpp-maglevd-frontend:latest container_name: vpp-maglevd-frontend restart: unless-stopped env_file: .env ports: - "8080:8080"