You are viewing the RapidMiner Hub documentation for version 9.10 - Check here for latest version
Docker-compose deployment
This document will help you to deploy RapidMiner AI Hub on a single host. For multi-host deployments, see Kubernetes deployment with Helm.
To deploy RapidMiner AI Hub with docker-compose:
- [Download] the production template, and follow instructions.
All versions: [9.10.0] - [9.10.1] - [9.10.2] - [9.10.3] - [9.10.4] - [9.10.7] - [9.10.8] - [9.10.10] - [9.10.11] - [9.10.13] - [9.10.14] - [9.10.14.1] - [9.10.15]
For RapidMiner AI Hub 9.10, our Docker Images have been improved to meet the latest security guidelines, including those of OpenShift and Rootless Docker.
Starting from version 9.10.3, the production template addresses the vulnerabilities in Apache log4j described by CVE-2021-44228 and CVE-2021-45046, commonly referred to as Log4Shell.
Table of contents
- System requirements
- Profiles
- Instructions
- PUBLIC_URL
- The environment file (.env)
- The definition file (docker-compose.yml)
- Change the default port
System requirements
Rootless Docker was introduced in Docker Engine version 19.03 as an experimental feature, and graduated from that status in version 20.10.
Hence, it is recommended that you use version >= 20.10 of the Docker Engine.
For details related to the operating system, see the distribution-specific hints. Note that CentOS 6/7 are not supported, because unprivileged user namespaces are not supported in Linux kernel versions < 3.19.
Minimum recommended hardware configuration
The amount of memory needed depends heavily on the amount of data that will be processed by RapidMiner AI Hub. By themselves, the RapidMiner services can run with as little as 16 GB. However, in production environments, we recommend 32GB or more depending on user data, in order to provide users with enough capacity to analyze data from realistic use cases.
Each virtual or physical machine should at least have:
- Quad core
- 32GB RAM
- >30GB free disk space
If you are using Docker Desktop for Windows (or Mac), please make sure that you have allocated enough memory. The default setting in Docker Desktop is too low for RapidMiner AI Hub.
Profiles
If you only want a subset of the features provided by RapidMiner AI Hub, you can use the profiles feature of docker-compose to pick and choose from the following set:
| Profile | Description |
|---|---|
| ces | Coding environment storage |
| go | RapidMiner Go |
| grafana | Dashboards |
| job-agent | RapidMiner Job Agent |
| jupyter | JupyterHub |
| landing-page | Landing page |
| le | Letsencrypt |
| platform-admin | Platform Admin |
| proxy | RapidMiner Proxy |
| radoop_proxy | RapidMiner Radoop |
| rts | Real-Time Scoring |
| server | RapidMiner Server |
| token-tool | Token generator |
| tabgo | Tableau dashboards / Tableau connector |
In the environment file, edit the variable COMPOSE_PROFILES to choose your subset.
Note that value of COMPOSE_PROFILES is a comma-separated list with no spaces.
# Maximum set
#COMPOSE_PROFILES=proxy,landing-page,jupyter,grafana,go,rts,radoop_proxy,platform-admin,server,job-agent,le,ces,token-tool,tabgo
# Minimum set
#COMPOSE_PROFILES=proxy,server,job-agent,landing-page
# Default set
COMPOSE_PROFILES=proxy,landing-page,jupyter,grafana,rts,platform-admin,server,job-agent,ces,token-tool,le
To make use of the profiles feature, you need version >= 1.28.3 of docker-compose.
Note that newer versions of Docker permit you to issue the command docker compose –
with a space, not a dash! – but for the moment you should prefer docker-compose.
Read more: Compose CLI Tech Preview
Instructions
To deploy this template, take the following steps.
- If you have not yet done so, install Docker.
Download the ZIP file. Unzip and examine the contents:
- .env (note that because of the preceding dot, this file is usually hidden)
- docker-compose.yml
gofolder
(optional) By default, RapidMiner AI Hub will start with the set of services identified in the
COMPOSE_PROFILESvariable, as discussed above. You can choose a different set of profiles by setting the following variable in the.envfile:COMPOSE_PROFILES
As discussed in detail below, set the following variables in the
.envfile:PUBLIC_URLSSO_PUBLIC_URL
Set the following variables in the
.envfile, with the values of your licenses from my.rapidminer.com:SERVER_LICENSEGO_LICENSE
If necessary, you can manage the RTS license after logging in, via Platform Administration, and if you set the variable
SCORING_AGENT_ENABLESERVERLICENSEtotrue, you can use the RapidMiner Server license in place of the RTS license.(optional) Set additional frequently used configuration values:
- The initial admin password can be set using the variable
KEYCLOAK_PASSWORD(default: "changeit") - The
AUTH_SECRETvalue is used as internal authentication encryption key. We propose to change the default value to any base64 encoded string.
- The initial admin password can be set using the variable
Transfer the contents of the ZIP file, with URLs and licenses configured, to the server host, the machine where you installed Docker.
Connect to the server host, and change directory to the folder containing those files. Please make sure the
.envfile is readable and writable by all users:sudo chmod a+rw .envIf SSO configuration is not disabled (this is the case by default), then the platform deployment needs to be initialized before the first startup. In the directory containing
docker-compose.yml, type:docker-compose up -d rm-init-svcIf immediately afterwards you type
docker-compose logs -f rm-init-svcyou can observe the initialization taking place, and you will know that you are ready to execute the next step when you see the following text printed repeatedly to the screen, typically after 1-2 minutes:
[License initialization] Waiting for RapidMiner Server startup in order to install the license...Alternatively, if you observe the following error message:
| [RM INIT] Starting... | [RM INIT] Starting job /rapidminer/provision/tasks/01_check_permissions.sh | touch: cannot touch '/tmp/ssl/.test_permission': Permission denied | Permission denied on file/directory ssl/ ! | Please make sure about good permissions of these files/dirs: | - .env : it should be writable by anyone (666, or -rw-rw-rw-) | - ssl : it should be writable by anyone (777, or drwxrwxrwx)make sure to set the appropriate permissions on the
ssldirectory:sudo chown -R 2011:0 ssl/ sudo chmod -R ug+w ssl/ sudo chmod -R o-rwx ssl/before reissuing the initial command:
docker-compose up -d rm-init-svcFinally, start the stack by running the command:
docker-compose up -dAgain, you can observe the progress of startup with the command:
docker-compose logs -f rm-init-svcThe service
rm-init-svcwill exit without error when complete.
If the Docker images are not available on the host, they will be automatically downloaded from the Docker Hub.
PUBLIC_URL
The deployed stack needs to have a valid public URL, both for internal communication and so that external clients (like RapidMiner Studio and a browser) can connect to it. In the .env file, before first startup, set the values of the environment variables PUBLIC_URL and SSO_PUBLIC_URL to this public URL.
- The values
http://localhostandhttp://127.0.0.1are not supported, because this URL will be used also for internal container-to-container communication between our services. - If deploying on a single host, use the host's public IP address, such as
http://192.168.1.101or a publicly resolvable hostname that resolves to this IP address, likehttp://platform.rapidminer.com. If the deployment cannot listen on the default HTTP and HTTPS ports (80 and 443), then
- the port number should be also provided in the
PUBLIC_URLandSSO_PUBLIC_URLvariables, as inhttp://platform.rapidminer.com:8080 - the external port mapping should be set in the docker-compose.yml file at the
rm-proxy-svcservice definition, like8080:80 - the external ports should be set using the
PROXY_HTTP_PORTandPROXY_HTTPS_PORTvariables for therm-server-svcin the docker-compose.yml file, likePROXY_HTTP_PORT=8080andPROXY_HTTPS_PORT=8443. (If it is missed during the first startup, or needs to be changed, then later it should be configured in the/rapidminer-home/configuration/standalone.xmlfile at the proxy settings and requires restarting the service.)
- the port number should be also provided in the
It is highly preferred to use HTTPS for the connection. In this case the
PUBLIC_URLandSSO_PUBLIC_URLvariables should be configured using thehttps://prefix and the certificate chain and private key files should be provided in PEM format in thesslsub-folder using the filenamescertificate.crtandprivate.key. The default filenames can be changed using the environment variables in the Proxy section of the.envfile. Make sure to set the permissions of thessldirectory as indicated above in the final point of the instructions.
Once the deployment is running, the configured reverse proxy listens by default on the standard HTTP (80) port, and also on the HTTPS (443) port if an HTTPS certificate is configured.
The initial login credentials are set in the .env file (by the variables KEYCLOAK_USER and KEYCLOAK_PASSWORD).
By default you can log in using the username "admin" and password: "changeit".
From the landing page at PUBLIC_URL, the full range of services of RapidMiner AI Hub is available.
The environment file (.env)
# ############################################
#
# Global parameters
#
# ############################################
# Public domain of the deployment
PUBLIC_DOMAIN=platform.rapidminer.com
# Public URL of the deployment that will be used for external access (Public domain + protocol + port)
PUBLIC_URL=http://platform.rapidminer.com
# Public URL of the SSO endpoint that will be used for external access. In most cases it should be the same as the PUBLIC_URL
SSO_PUBLIC_URL=http://platform.rapidminer.com
# Enable/disable the service build into the RapidMiner cloud images, that updates the PUBLIC_URL and SSO_PUBLIC_URL variables to the new dynamic cloud hostname/IP address
AUTOMATIC_PUBLIC_URL_UPDATE_FOR_CLOUD_IMAGES=false
# Enable/disable the Legacy BASIC authentication support for REST endpoints, like webservices. (lowercase true/false)
LEGACY_REST_BASIC_AUTH_ENABLED=false
# Timezone setting
TZ=UTC
# Profiles
# A coma separated list of active profiles
# Maximum set
#COMPOSE_PROFILES=proxy,landing-page,jupyter,grafana,go,rts,radoop_proxy,platform-admin,server,job-agent,le,ces,token-tool,tabgo
# Minimum set
#COMPOSE_PROFILES=proxy,server,job-agent,landing-page
# Default set
COMPOSE_PROFILES=proxy,landing-page,jupyter,grafana,rts,platform-admin,server,job-agent,ces,token-tool,le
# Docker-compose timeout setting
COMPOSE_HTTP_TIMEOUT=600
# ############################################
#
# Deployment parameters
#
# ############################################
# Prefix to use for docker registry
REGISTRY=rapidminer/
# Version of the postgres containers
POSTGRES_VERSION=9.10.15-gen2
# Version of the Init container
INIT_VERSION=9.10.15-gen2
# Enable configuring server settings for Python Scripting extension
INIT_SHARED_CONDA_SETTINGS=true
# User migration settings for migrating from non-Keycloak-based deployments
USER_MIGRATION_ENABLED=True
USER_MIGRATION_DRY_RUN=False
# ############################################
#
# KeyCloak (SSO)
#
# ############################################
# Keycloak container version
KEYCLOAK_VERSION=9.10.15-gen2
# Keycloak database parameters
KC_DB=kcdb
KC_USER=kcdbuser
KC_PASSWORD=kcdbpass
# Default platform admin user credentials
KEYCLOAK_USER=admin
KEYCLOAK_PASSWORD=changeit
# SSO default parameters
SSO_IDP_REALM=master
SSO_SSL_REQUIRED=none
# ############################################
#
# Rapidminer server
#
# ############################################
SERVER_VERSION=9.10.15-gen2
SERVER_DBHOST=rm-postgresql-svc
SERVER_DBSCHEMA=rapidminer-server-db
SERVER_DBUSER=rmserver-db-user
SERVER_DBPASS=w61J784XSb24K4LRV97MbE16i8xa9O
POSTGRES_INITDB_ARGS="--encoding UTF8 --locale=C /var/lib/postgresql/data"
SERVER_MAX_MEMORY=2048M
RMSERVER_SSO_CLIENT_ID=urn:rapidminer:server
RMSERVER_SSO_CLIENT_SECRET=
SERVER_LICENSE=
RAPIDMINER_SERVER_HOST=rm-server-svc
RAPIDMINER_SERVER_PORT=8080
RAPIDMINER_SERVER_URL=http://rm-server-svc:8080
# AiHub and JA authenticates using this shared secret, which shall be a random string in base64 encoded format
# echo $RANDOM | md5sum | head -c 20; echo | base64;
AUTH_SECRET=
BROKER_ACTIVEMQ_USERNAME=amq-user
BROKER_ACTIVEMQ_PASSWORD=M69251o4A7fHY8i4eJ4j8Wlj8y4u3U
# ############################################
#
# Job Agent
#
# ############################################
JOBAGENT_VERSION=9.10.15-gen2
JOBAGENT_QUEUE_ACTIVEMQ_URI=failover:(tcp://rm-server-svc:5672)
JOBAGENT_CONTAINER_COUNT=2
JOB_QUEUE=DEFAULT
JOBAGENT_CONTAINER_MEMORYLIMIT=2048
#RAPIDMINER_JOBAGENT_OPTS="-Djobagent.python.registryBaseUrl=http://platform-admin-webui-svc:1082/"
RAPIDMINER_JOBAGENT_OPTS=
RAPIDMINER_SERVER_PROTOCOL=http
# ############################################
#
# Proxy
#
# ############################################
PROXY_VERSION=9.10.15-gen2
JUPYTER_BACKEND=http://rm-jupyterhub-svc:8000
JUPYTER_URL_SUFFIX=/jupyter
GRAFANA_BACKEND=http://rm-grafana-svc:3000
GRAFANA_URL_SUFFIX=/grafana
PA_BACKEND=http://platform-admin-webui-svc:1082/
PA_URL_SUFFIX=/platform-admin
RTS_WEBUI_BACKEND=http://platform-admin-webui-svc:1082/
RTS_WEBUI_URL_SUFFIX=/rts-admin
RTS_SCORING_BACKEND=http://rts-agent-svc:8090/
RTS_SCORING_URL_SUFFIX=/rts
# Change these when you want to use non-default pair to login Realtime-Scoring
RTS_ADMIN_USER=admin
RTS_ADMIN_PASSWORD=changeit
KEYCLOAK_BACKEND=http://rm-keycloak-svc:8080
LANDING_BACKEND=http://landing-page:1080
TOKEN_BACKEND=http://rm-token-tool-svc:1080
TOKEN_URL_SUFFIX=/get-token
# To enable standpy external access use this value as STANDPY_BACKEND
# STANDPY_BACKEND=http://rm-standpy-router-svc/
STANDPY_BACKEND=http://standpy-is-not-enabled-by-default
STANDPY_URL_SUFFIX=/standpy
ALLOW_LE=true
LE_BACKEND=http://letsencrypt-svc:1084
PASSWORD_FILE_PATH=/etc/nginx/ssl/password.txt
UNPRIVILEGED_PORTS=false
HTTPS_CRT_PATH=/etc/nginx/ssl/certificate.crt
HTTPS_KEY_PATH=/etc/nginx/ssl/private.key
HTTPS_DH_PATH=/etc/nginx/ssl/dhparam.pem
PROXY_DATA_UPLOAD_LIMIT=10240M
# ############################################
#
# Jupyterhub
#
# ############################################
RM_JUPYTER_VERSION=9.10.15-gen2
JHUB_POSTGRES_HOST=rm-jupyterhub-db-svc
JHUB_POSTGRES_DB=jupyterhub
JHUB_POSTGRES_USER=jupyterhubdbuser
JHUB_POSTGRES_PASSWORD=FoExRExzQsL7UpgEYa5sO7mhiGhi3ne
JHUB_HOSTNAME=rm-jupyterhub-svc
# Jupyterhub crypt key can be generated with the command: openssl rand -hex 32
JUPYTERHUB_CRYPT_KEY=
JHUB_DEBUG=False
JHUB_TOKEN_DEBUG=False
JHUB_PROXY_DEBUG=False
JHUB_DB_DEBUG=False
JHUB_SPAWNER_DEBUG=False
JUPYTER_STACK_NAME=default
SSO_NB_UID_KEY=X_NB_UID
SSO_NB_GID_KEY=X_NB_GID
SSO_NB_CUSTOM_BIND_MOUNTS_KEY=X_NB_CUSTOM_BIND_MOUNTS
# Content should be in json format, use quotes here instead of apostrophes
#JUPYTER_NB_CUSTOM_BIND_MOUNTS={"/usr/share/doc/apt":"/tmp/apt","/usr/share/doc/mount/":"/tmp/mount"}
JUPYTER_NB_CUSTOM_BIND_MOUNTS=
DOCKER_NOTEBOOK_CPU_LIMIT=100
DOCKER_NOTEBOOK_MEM_LIMIT=2g
#k8s
#DOCKER_NOTEBOOK_MEM_LIMIT=2G
JHUB_SSO_CLIENT_ID=urn:rapidminer:jupyterhub
JHUB_SSO_CLIENT_SECRET=
JHUB_SPAWNER=dockerspawner
JHUB_API_PROTOCOL=http
JHUB_API_HOSTNAME=rm-jupyterhub-svc
JHUB_PROXY_PORT=8000
JHUB_API_PORT=8001
JHUB_APP_PORT=8081
JHUB_ENV_VOLUME_NAME=rm-coding-shared-vol
#JHUB_CUSTOM_CA_CERTS=${PWD}/ssl/deb_cacerts/
#JHUB_SPAWNER=kubespawner
#JHUB_K8S_CMD: '/entrypoint.sh'
#JHUB_K8S_ARGS: ''
#JHUB_K8S_NAMESPACE=advertisinganalytics
#JHUB_K8S_NODE_SELECTOR_NAME: 'rapidminer.customer'
#JHUB_K8S_NODE_SELECTOR_VALUE: 'rapidminer'
#JHUB_K8S_NOTEBOOK_STORAGE_ACCESS_MODE=ReadWriteOnce
#JHUB_K8S_NOTEBOOK_STORAGE_CAPACITY=5Gi
#JHUB_K8S_NOTEBOOK_STORAGE_CLASS=ms-ebs-us-west-2b
#JHUB_K8S_IMAGE_PULL_SECRET=rm-docker-login-secret
#JHUB_K8S_ENV_PVC_NAME=python-envs-pvc
#JHUB_K8S_ENV_PVC_SUBPATH=coding-shared
JHUB_DOCKER_DISABLE_NOTEBOOK_IMAGE_PULL_AT_STARTUP=True
JHUB_DISABLE_AIHUB_TOKEN_REQUESTS=False
# ############################################
#
# Radoop Proxy
#
# ############################################
RADOOP_PROXY_VERSION=1.2.3
# Authentication: 'server|jwt|superuser'
RADOOP_PROXY_AUTHENTICATION=superuser
RADOOP_PROXY_SUPERUSERNAME=proxyadmin
RADOOP_PROXY_SUPERUSERPASSWORD=changeit
RADOOP_PROXY_PORT=1081
RADOOP_PROXY_WORKERSPOOLSIZE=100
RADOOP_PROXY_SSL="off"
# ############################################
#
# Platform admin
#
# ############################################
PA_VERSION=9.10.15-gen2
PA_SSO_CLIENT_ID=urn:rapidminer:platform-admin
PA_SSO_CLIENT_SECRET=
PA_DISABLE_PYTHON=false
PA_DISABLE_RTS=false
#
# Coding Environment Storage
#
CES_VERSION=9.10.15-gen2
# ############################################
#
# Real-Time Scoring Agent
#
# ############################################
RTS_VERSION=9.10.15-gen2
WAIT_FOR_LICENSES=1
SCORING_AGENT_ENABLESERVERLICENSE=false
SCORING_AGENT_SPRING_PROFILES_ACTIVE=default
# ############################################
#
# Grafana
#
# ############################################
RM_GRAFANA_VERSION=9.10.15-gen2
GRAFANA_SSO_CLIENT_ID=urn:rapidminer:grafana
GRAFANA_SSO_CLIENT_SECRET=
# Single value or comma separated list
RTSA_DEPLOYMENTS=http://rts-agent-svc:8090/
# Possible values: NOTSET, DEBUG, INFO, WARNING, ERROR, CRITICAL
GRAFANA_PROXY_LOGGING_LEVEL=INFO
# Set this to 'True' to log data (eg. result from webservice) returned from GF proxy
GRAFANA_PROXY_LOG_RESPONSE_DATA=False
# ############################################
#
# TabGo
#
# ############################################
# Used for both TabGo and the TabGo proxy.
TABGO_VERSION=9.9.0
# Proxy specific settings.
TABGO_PROXY_PORT=4443
TABGO_BACKEND=http://rm-tabgo-svc
# Settings for the TabGo service.
TABGO_MAX_MEMORY=384m
TABGO_PORT=8090
# Rate limit for small requests (e.g., scoring a single data row). The default
# values limit the rate to 10 requests per 5 seconds.
TABGO_SMALL_REQUEST_LIMIT=10
TABGO_SMALL_REQUEST_INTERVAL=5
# Change the log level to DEBUG to log HTTP traffic routed through TabGo.
TABGO_LOG_LEVEL=INFO
# Additional Java options should only be used for debugging.
TABGO_JAVA_OPTIONS=
# ############################################
#
# LetsEncrypt Client
#
# ############################################
LE_VERSION=9.10.15-gen2
# ############################################
#
# Docker Deployment Manager
#
# ############################################
DDM_VERSION=9.10.15-gen2
# ############################################
#
# Landing page
#
# ############################################
RM_LANDING_VERSION=9.10.15-gen2
LANDING_SSO_CLIENT_ID=urn:rapidminer:landing-page
LANDING_SSO_CLIENT_SECRET=
# ############################################
#
# Token Tool
#
# ############################################
TOKEN_SSO_CLIENT_ID=urn:rapidminer:token-tool
TOKEN_SSO_CLIENT_SECRET=
# ############################################
#
# RapidMiner Go
#
# ############################################
## General setup
GO_LICENSE=
GO_AUTH_SECRET=
GO_DB_HOST=rapidminer-automodel-db
GO_AMQ_URL=tcp://rapidminer-automodel-activemq:61616
GO_AMQ_USERNAME=next
GO_AMQ_PASSWORD=next
GO_JOB_QUEUE=rapiminder-automodeler-job-queue
GO_JOB_STATUS_QUEUE=rapidminer-automodeler-job-status-queue
GO_JOB_COMMAND_TOPIC=rapidminer-automodeler-job-command-topic
#_JAVA_OPTIONS='-Dlogging.level.root=DEBUG'
## Resource management
# RapidMiner Go is preconfigured to run on a host (or Docker engine) with 8GB
GO_JOB_CONTAINERS=1
## Docker images
GO_IMAGE_TAG_ROUTING=9.10.13-gen2
GO_IMAGE_TAG_RMID=9.10.13-gen2
GO_IMAGE_TAG_AM=9.10.13-gen2
GO_IMAGE_TAG_JC=9.10.13-gen2
GO_IMAGE_TAG_ET=9.10.13-gen2
# ############################################
#
# GO ROUTING
#
# ############################################
GO_ROUTING_RMID_HOST_PORT_1=rapidminer-automodel-rmid:8080
GO_ROUTING_AM_HOST_PORT_1=rapidminer-automodeler:8080
GO_ROUTING_EVENT_HOST_PORT=rapidminer-ui-event-tracking:8080
# DQ is not implemented yet - so currently it points to.
GO_ROUTING_DQ_HOST_PORT_1=localhost
# Docker's internal DNS server
GO_ROUTING_RESOLVER=127.0.0.11
GO_ROUTING_SERVER_NAME=localhost
GO_ROUTING_PROTOCOL=http
# ############################################
#
# GO RMID
#
# ############################################
# Use this profile set if you need rmid admin (user/pass is the default)
#GO_RMID_SPRING_PROFILES_ACTIVE=db-postgresql,is-saml,on-prem,branding,is-db
GO_RMID_SPRING_PROFILES_ACTIVE=db-postgresql,is-saml,on-prem,branding
GO_RMID_FRONTEND_TRACKING_ENABLED=false
GO_RMID_TOKEN_MAX_AGE=86400
GO_RMID_LOGIN_TYPE=LOGIN_TYPE_EXTERNAL
GO_SSO_CLIENT_ID=urn:rapidminer:go
GO_RMID_SAML_KEYSTORE_PASSWORD=bXlrZXlwYXNz
GO_RMID_SAML_KEYSTORE_ALIAS=mykeyalias
GO_RMID_JAVA_OPTIONS=-Xmx512M
# ############################################
#
# GO AUTOMODELER
#
# ############################################
GO_AUTOMODELER_SPRING_PROFILES_ACTIVE=db-postgresql,on-prem,branding
# Maximal Data file size given in bytes upto 2GB
GO_AUTOMODELER_SPRING_SERVLET_MULTIPART_MAX_FILE_SIZE=104857600
GO_AUTOMODELER_RMID_BASE_URL=http://rapidminer-automodel-rmid:8080
GO_AUTOMODELER_FRONTEND_TRACKING_ENABLED=true
GO_AUTOMODELER_FILESTORE_MIN_ROW_LIMIT=50
GO_AUTOMODELER_EXECUTION_TASK_LIMIT_PER_USER=4
# Maximal size of RapidMiner result set given in MB
GO_AUTOMODELER_EXECUTION_MAXIMUM_TOTAL_RESULT_SIZE=2000
GO_AUTOMODELER_DATA_IMPORT_MINIMUM_ATTRIBUTE_COUNT=2
GO_AUTOMODELER_DATA_IMPORT_MAXIMUM_ATTRIBUTE_COUNT=500
GO_AUTOMODELER_JAVA_OPTIONS=-Xmx2G
# ############################################
#
# GO JC
#
# ############################################
GO_JC_SPRING_PROFILES_ACTIVE=on-prem
GO_AMQ_REST_URL=http://rapidminer-automodel-activemq:8161
GO_JC_JAVA_OPTIONS=-Xmx4G
# ############################################
#
# GO Event Tracking
#
# ############################################
GO_ET_JAVA_OPTIONS=-Xmx320M
# ############################################
#
# GO AMQ
#
# ############################################
GO_ACTIVEMQ_CONFIG_DEFAULTACCOUNT=false
GO_ACTIVEMQ_ADMIN_LOGIN=admin
GO_ACTIVEMQ_ADMIN_PASSWORD=admin
GO_ACTIVEMQ_JMX_ADMIN_PASSWORD=admin
GO_AMQ_MAXMEMORY=512
# ############################################
#
# GO DB
#
# ############################################
GO_POSTGRES_PASSWORD=pgadminpass
GO_POSTGRES_USER=pgadmin
GO_AUTOMODELER_DB_USER=cookie
GO_AUTOMODELER_DB_PASSWORD=cookiepass
GO_AUTOMODELER_DB_NAME=cookie
GO_RMID_DB_USER=rmid
GO_RMID_DB_PASSWORD=rmid
GO_RMID_DB_NAME=rmid
# ############################################
#
# Service overrides
# - true/false - false means automatic detection
#
# ############################################
DEPLOYED_GRAFANA=false
DEPLOYED_JUPYTERHUB=false
DEPLOYED_LANDINGPAGE=false
DEPLOYED_PLATFORMADMIN=false
DEPLOYED_SERVER=false
DEPLOYED_TOKENTOOL=false
DEPLOYED_AUTOMODELER=false
The definition file (docker-compose.yml)
Notice that you can link directly to any of the services in the docker-compose file using the service name as an ID, for example #rm-server-job-agent-svc. You can also link to the #volumes and #networks.
- #rm-proxy-svc
- #letsencrypt-svc
- #rm-keycloak-db-svc
- #rm-keycloak-svc
- #rm-init-svc
- #rm-postgresql-svc
- #rm-server-svc
- #rm-server-job-agent-svc
- #rm-radoop-proxy-svc
- #platform-admin-webui-svc
- #rts-agent-svc
- #rm-jupyterhub-db-svc
- #rm-jupyterhub-svc
- #rm-coding-environment-storage-svc
- #rm-grafana-svc
- #rm-grafana-proxy-svc
- #rm-tabgo-proxy-svc
- #rm-tabgo-svc
- #landing-page
- #rm-token-tool-svc
- #rapidminer-automodel-routing
- #rapidminer-automodel-rmid
- #rapidminer-automodeler
- #rapidminer-automodel-job-container
- #rapidminer-ui-event-tracking
- #rapidminer-automodel-db
- #rapidminer-automodel-activemq
- #volumes
- #networks
version: "3.9"
services:
rm-proxy-svc:
image: "${REGISTRY}rapidminer-proxy:${PROXY_VERSION}"
hostname: rm-proxy-svc
restart: always
environment:
- KEYCLOAK_BACKEND=${KEYCLOAK_BACKEND}
- RMSERVER_BACKEND=${RAPIDMINER_SERVER_URL}
- JUPYTER_BACKEND=${JUPYTER_BACKEND}
- JUPYTER_URL_SUFFIX=${JUPYTER_URL_SUFFIX}
- GRAFANA_BACKEND=${GRAFANA_BACKEND}
- GRAFANA_URL_SUFFIX=${GRAFANA_URL_SUFFIX}
- PA_BACKEND=${PA_BACKEND}
- PA_URL_SUFFIX=${PA_URL_SUFFIX}
- TOKEN_BACKEND=${TOKEN_BACKEND}
- TOKEN_URL_SUFFIX=${TOKEN_URL_SUFFIX}
- ALLOW_LE=${ALLOW_LE}
- LE_BACKEND=${LE_BACKEND}
- RTS_WEBUI_BACKEND=${RTS_WEBUI_BACKEND}
- RTS_WEBUI_URL_SUFFIX=${RTS_WEBUI_URL_SUFFIX}
- RTS_SCORING_BACKEND=${RTS_SCORING_BACKEND}
- RTS_SCORING_URL_SUFFIX=${RTS_SCORING_URL_SUFFIX}
- RTS_ADMIN_USER=${RTS_ADMIN_USER}
- RTS_ADMIN_PASSWORD=${RTS_ADMIN_PASSWORD}
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- RTS_BASIC_AUTH=true
- LANDING_BACKEND=${LANDING_BACKEND}
- STANDPY_BACKEND=${STANDPY_BACKEND}
- STANDPY_URL_SUFFIX=${STANDPY_URL_SUFFIX}
- PASSWORD_FILE_PATH=${PASSWORD_FILE_PATH}
- HTTPS_CRT_PATH=${HTTPS_CRT_PATH}
- HTTPS_KEY_PATH=${HTTPS_KEY_PATH}
- HTTPS_DH_PATH=${HTTPS_DH_PATH}
#- DEBUG_CONF_INIT=true
#- WAIT_FOR_DHPARAM=true
- PROXY_DATA_UPLOAD_LIMIT=${PROXY_DATA_UPLOAD_LIMIT}
- UNPRIVILEGED_PORTS=${UNPRIVILEGED_PORTS}
ports:
- 0.0.0.0:80:80
- 0.0.0.0:443:443
networks:
rm-go-proxy-net:
aliases:
- rm-proxy-svc
- ${PUBLIC_DOMAIN}
rm-platform-int-net:
aliases:
- rm-proxy-svc
- ${PUBLIC_DOMAIN}
jupyterhub-user-net:
aliases:
- ${PUBLIC_DOMAIN}
volumes:
- ./ssl:/etc/nginx/ssl
- platform-admin-uploaded-vol:/rapidminer/platform-admin/uploaded/
profiles:
- proxy
letsencrypt-svc:
image: "${REGISTRY}rm-letsencrypt-client:${LE_VERSION}"
hostname: rm-letsencrypt-client-svc
restart: always
environment:
- PUBLIC_URL=${PUBLIC_URL}
- LETSENCRYPT_HOME=/certificates/
- DOMAIN=${PUBLIC_URL}
- WEBMASTER_MAIL=devops@rapidminer.com
- TZ=${TZ}
networks:
rm-platform-int-net:
aliases:
- rm-letsencrypt-client-svc
volumes:
- ./ssl:/etc/letsencrypt/
profiles:
- le
rm-keycloak-db-svc:
image: "${REGISTRY}postgres-9.6:${POSTGRES_VERSION}"
restart: always
hostname: rm-keycloak-db-svc
environment:
- POSTGRES_DB=${KC_DB}
- POSTGRES_USER=${KC_USER}
- POSTGRES_PASSWORD=${KC_PASSWORD}
- POSTGRES_INITDB_ARGS=${POSTGRES_INITDB_ARGS}
volumes:
- keycloak-postgresql-vol:/var/lib/postgresql/data
networks:
rm-idp-db-net:
aliases:
- rm-keycloak-db-svc
rm-keycloak-svc:
image: "${REGISTRY}rapidminer-keycloak:${KEYCLOAK_VERSION}"
restart: always
hostname: rm-keycloak-svc
environment:
#- DB_VENDOR=POSTGRES
#- DB_ADDR=rm-keycloak-db-svc
#- DB_DATABASE=${KC_DB}
#- DB_USER=${KC_USER}
#- DB_SCHEMA=public
#- DB_PASSWORD=${KC_PASSWORD}
#- KEYCLOAK_USER=${KEYCLOAK_USER}
#- KEYCLOAK_PASSWORD=${KEYCLOAK_PASSWORD}
- PROXY_ADDRESS_FORWARDING=true
##- KEYCLOAK_LOGLEVEL=DEBUG
##- ROOT_LOGLEVEL=DEBUG
##- JDBC_PARAMS=ssl=true
##
- KC_DB=postgres
- KC_DB_SCHEMA=public
- KC_DB_URL_HOST=rm-keycloak-db-svc
- KC_DB_URL_DATABASE=${KC_DB}
- KC_DB_USERNAME=${KC_USER}
- KC_DB_PASSWORD=${KC_PASSWORD}
- KC_HOSTNAME=${PUBLIC_DOMAIN}
- KC_HOSTNAME_PATH=/auth
- KC_HTTP_RELATIVE_PATH=/auth
- KC_FEATURES=token-exchange,upload_scripts
#- KC_HOSTNAME_PORT=8080
- KC_HOSTNAME_STRICT_BACKCHANNEL="false"
- KC_HOSTNAME_STRICT="false"
- KC_HOSTNAME_STRICT_HTTPS="false"
- KEYCLOAK_ADMIN=${KEYCLOAK_USER}
- KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_PASSWORD}
- KC_LOG_LEVEL=info
- KC_PROXY=edge
- KC_HTTP_ENABLED="true"
depends_on:
- rm-keycloak-db-svc
- rm-proxy-svc
networks:
rm-platform-int-net:
aliases:
- rm-keycloak-svc
rm-idp-db-net:
aliases:
- rm-keycloak-svc
rm-init-svc:
image: "${REGISTRY}rapidminer-deployment-init:${INIT_VERSION}"
restart: "no"
hostname: rm-keycloak-init-svc
depends_on:
- rm-keycloak-svc
- rm-postgresql-svc
environment:
- SERVICE_PROFILES=${COMPOSE_PROFILES}
- LEGACY_REST_BASIC_AUTH_ENABLED=${LEGACY_REST_BASIC_AUTH_ENABLED}
- PUBLIC_URL=${PUBLIC_URL}
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- DEBUG=false
volumes:
- ./ssl:/tmp/ssl
- ./.env:/rapidminer/.env
- ./docker-compose.yml:/docker-compose.yml:ro
- keycloak-admin-cli-vol:/rapidminer/.keycloak/
- deployed-services-vol:/rapidminer/deployed-services/
- ./go/saml/:/go/saml/
- ./go/licenses/:/go/licenses/
networks:
rm-platform-int-net:
aliases:
- rm-init-svc
rm-server-db-net:
aliases:
- rm-init-svc
rm-postgresql-svc:
image: "${REGISTRY}postgres-9.6:${POSTGRES_VERSION}"
hostname: rm-postgresql-svc
restart: always
environment:
- POSTGRES_DB=${SERVER_DBSCHEMA}
- POSTGRES_USER=${SERVER_DBUSER}
- POSTGRES_PASSWORD=${SERVER_DBPASS}
- POSTGRES_INITDB_ARGS=${POSTGRES_INITDB_ARGS}
volumes:
- rm-postgresql-vol:/var/lib/postgresql/data
networks:
rm-server-db-net:
aliases:
- rm-postgresql-svc
rm-server-svc:
image: "${REGISTRY}rapidminer-server:${SERVER_VERSION}"
hostname: rm-server-svc
restart: always
environment:
- PA_BASE_URL=${PA_BACKEND}
- PA_SYNC_DEBUG=False
# This may be useful, if server and platform-admin are not on an internal network
# - PA_SYNC_AUTH_USER=admin
# - PA_SYNC_AUTH_PASS=changeit
- DBHOST=${SERVER_DBHOST}
- DBSCHEMA=${SERVER_DBSCHEMA}
- DBUSER=${SERVER_DBUSER}
- DBPASS=${SERVER_DBPASS}
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- SSO_CLIENT_ID=${RMSERVER_SSO_CLIENT_ID}
- SSO_CLIENT_SECRET=${RMSERVER_SSO_CLIENT_SECRET}
- SSO_SSL_REQUIRED=${SSO_SSL_REQUIRED}
- LEGACY_REST_BASIC_AUTH_ENABLED=${LEGACY_REST_BASIC_AUTH_ENABLED}
- SERVER_MAX_MEMORY=${SERVER_MAX_MEMORY}
- BROKER_ACTIVEMQ_USERNAME=${BROKER_ACTIVEMQ_USERNAME}
- BROKER_ACTIVEMQ_PASSWORD=${BROKER_ACTIVEMQ_PASSWORD}
- JOBSERVICE_AUTH_SECRET=${AUTH_SECRET}
- JUPYTER_URL_SUFFIX=${JUPYTER_URL_SUFFIX}
- GRAFANA_URL_SUFFIX=${GRAFANA_URL_SUFFIX}
#- PROXY_HTTP_PORT=1080
#- PROXY_HTTPS_PORT=1443
- TZ=${TZ}
- CES_VERSION=${CES_VERSION}
volumes:
- rm-server-bootstrap-vol:/bootstrap.d
- rm-server-home-vol:/persistent-rapidminer-home
- rm-coding-shared-vol:/opt/coding-shared/:ro
depends_on:
- rm-postgresql-svc
profiles:
- server
networks:
jupyterhub-user-net:
aliases:
- rm-server-svc
rm-platform-int-net:
aliases:
- rm-server-svc
rm-server-db-net:
aliases:
- rm-server-svc
rm-server-job-agent-svc:
image: "${REGISTRY}rapidminer-execution-jobagent:${JOBAGENT_VERSION}"
hostname: rm-server-job-agent-svc
restart: always
environment:
- RAPIDMINER_SERVER_HOST=${RAPIDMINER_SERVER_HOST}
- RAPIDMINER_SERVER_PROTOCOL=${RAPIDMINER_SERVER_PROTOCOL}
- RAPIDMINER_SERVER_PORT=${RAPIDMINER_SERVER_PORT}
- JOBAGENT_QUEUE_ACTIVEMQ_URI=${JOBAGENT_QUEUE_ACTIVEMQ_URI}
- JOBAGENT_QUEUE_ACTIVEMQ_USERNAME=${BROKER_ACTIVEMQ_USERNAME}
- JOBAGENT_QUEUE_ACTIVEMQ_PASSWORD=${BROKER_ACTIVEMQ_PASSWORD}
- JOBAGENT_AUTH_SECRET=${AUTH_SECRET}
- JOBAGENT_CONTAINER_COUNT=${JOBAGENT_CONTAINER_COUNT}
- JOB_QUEUE=${JOB_QUEUE}
- JOBAGENT_CONTAINER_MEMORYLIMIT=${JOBAGENT_CONTAINER_MEMORYLIMIT}
- RAPIDMINER_JOBAGENT_OPTS=${RAPIDMINER_JOBAGENT_OPTS}
- TZ=${TZ}
- INIT_SHARED_CONDA_SETTINGS=${INIT_SHARED_CONDA_SETTINGS}
- CES_VERSION=${CES_VERSION}
volumes:
- rm-server-bootstrap-ja-vol:/bootstrap.d
- rm-coding-shared-vol:/opt/coding-shared/:ro
- rm-server-ja-extensions:/rapidminer-jobagent/home/resources/extensions:rw
- rm-server-ja-log-vol:/rapidminer-jobagent/home/log
- rm-server-ja-data-vol:/rapidminer-jobagent/home/data
- rm-server-ja-config-vol:/rapidminer-jobagent/home/config
depends_on:
- rm-server-svc
networks:
rm-platform-int-net:
aliases:
- rm-server-job-agent-svc
profiles:
- job-agent
rm-radoop-proxy-svc:
image: "${REGISTRY}radoop-proxy:${RADOOP_PROXY_VERSION}"
hostname: rm-radoop-proxy-svc
restart: always
environment:
- AUTHENTICATION=${RADOOP_PROXY_AUTHENTICATION}
- SUPERUSERNAME=${RADOOP_PROXY_SUPERUSERNAME}
- SUPERUSERPASSWORD=${RADOOP_PROXY_SUPERUSERPASSWORD}
- PORT=${RADOOP_PROXY_PORT}
- WORKERSPOOLSIZE=${RADOOP_PROXY_WORKERSPOOLSIZE}
- SSL=${RADOOP_PROXY_SSL}
- SERVERHOST=${RAPIDMINER_SERVER_HOST}
- SERVERPORT=${RAPIDMINER_SERVER_PORT}
#- SCHEME
ports:
# has to be the same number for internal and external ports.
- 0.0.0.0:${RADOOP_PROXY_PORT}:${RADOOP_PROXY_PORT}
profiles:
- radoop_proxy
#depends_on:
#- rm-server-svc
platform-admin-webui-svc:
image: "${REGISTRY}rapidminer-platform-admin-webui:${PA_VERSION}"
hostname: platform-admin-webui-svc
restart: always
environment:
- PA_URL_SUFFIX=${PA_URL_SUFFIX}
- PLATFORM_ADMIN_DATA_UPLOAD_LIMIT=${PROXY_DATA_UPLOAD_LIMIT}
- RTS_SCORING_URL_SUFFIX=${RTS_SCORING_URL_SUFFIX}
- RTS_SCORING_BACKEND=${RTS_SCORING_BACKEND}
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- SSO_CLIENT_ID=${PA_SSO_CLIENT_ID}
- SSO_CLIENT_SECRET=${PA_SSO_CLIENT_SECRET}
- PA_DISABLE_PYTHON=${PA_DISABLE_PYTHON}
- PA_DISABLE_RTS=${PA_DISABLE_RTS}
- DEBUG=false
- CES_VERSION=${CES_VERSION}
volumes:
- platform-admin-uploaded-vol:/var/www/html/uploaded/
- rts-licenses-vol:/var/www/html/uploaded/licenses/
networks:
jupyterhub-user-net:
aliases:
- platform-admin-webui-svc
rm-platform-int-net:
aliases:
- platform-admin-webui-svc
rm-coding-environment-storage-net:
aliases:
- platform-admin-webui-svc
profiles:
- platform-admin
rts-agent-svc:
image: "${REGISTRY}rapidminer-execution-scoring:${RTS_VERSION}"
hostname: rts-agent-svc
restart: always
environment:
- WAIT_FOR_LICENSES=${WAIT_FOR_LICENSES}
- TZ=${TZ}
- CES_VERSION=${CES_VERSION}
- INIT_SHARED_CONDA_SETTINGS=true
- SPRING_PROFILES_ACTIVE=${SCORING_AGENT_SPRING_PROFILES_ACTIVE}
- SCORING_AGENT_ENABLESERVERLICENSE=${SCORING_AGENT_ENABLESERVERLICENSE}
- SCORING_AGENT_MAX_UPLOAD_SIZE=${PROXY_DATA_UPLOAD_LIMIT}
- DEBUG=false
volumes:
- rts-deployments-vol:/rapidminer-scoring-agent/home/deployments/
- rts-licenses-vol:/rapidminer-scoring-agent/home/resources/licenses
- rm-coding-shared-vol:/opt/coding-shared/:ro
- rm-server-ja-extensions:/rapidminer-scoring-agent/home/resources/extensions:ro
networks:
rm-platform-int-net:
aliases:
- rts-agent-svc
profiles:
- rts
rm-jupyterhub-db-svc:
image: "${REGISTRY}rapidminer-jupyterhub-postgres:${RM_JUPYTER_VERSION}"
hostname: rm-jupyterhub-db-svc
restart: always
environment:
- POSTGRESQL_DATABASE=${JHUB_POSTGRES_DB}
- POSTGRESQL_USER=${JHUB_POSTGRES_USER}
- POSTGRESQL_PASSWORD=${JHUB_POSTGRES_PASSWORD}
volumes:
- jupyterhub-postgresql-vol:/var/lib/postgresql/data
networks:
jupyterhub-user-net:
aliases:
- rm-jupyterhub-db-svc
profiles:
- jupyter
rm-jupyterhub-svc:
image: "${REGISTRY}rapidminer-jupyterhub-jupyterhub:${RM_JUPYTER_VERSION}"
hostname: rm-jupyterhub-svc
restart: always
environment:
- RM_JUPYTER_VERSION=${RM_JUPYTER_VERSION}
- JHUB_HOSTNAME=${JHUB_HOSTNAME}
- SERVER_BASE_URL=${RAPIDMINER_SERVER_URL}
- POSTGRES_HOST=${JHUB_POSTGRES_HOST}
- POSTGRES_DB=${JHUB_POSTGRES_DB}
- POSTGRES_USER=${JHUB_POSTGRES_USER}
- POSTGRES_PASSWORD=${JHUB_POSTGRES_PASSWORD}
- DOCKER_NOTEBOOK_IMAGE=${REGISTRY}rapidminer-jupyter_notebook:${RM_JUPYTER_VERSION}
- JUPYTERHUB_CRYPT_KEY=${JUPYTERHUB_CRYPT_KEY}
- DOCKER_NOTEBOOK_CPU_LIMIT=${DOCKER_NOTEBOOK_CPU_LIMIT}
- DOCKER_NOTEBOOK_MEM_LIMIT=${DOCKER_NOTEBOOK_MEM_LIMIT}
- JHUB_DEBUG=${JHUB_DEBUG}
- JHUB_TOKEN_DEBUG=${JHUB_TOKEN_DEBUG}
- JHUB_PROXY_DEBUG=${JHUB_PROXY_DEBUG}
- JHUB_DB_DEBUG=${JHUB_DB_DEBUG}
- JHUB_SPAWNER_DEBUG=${JHUB_SPAWNER_DEBUG}
- JUPYTER_STACK_NAME=${JUPYTER_STACK_NAME}
- SSO_NB_UID_KEY=${SSO_NB_UID_KEY}
- SSO_NB_GID_KEY=${SSO_NB_GID_KEY}
- SSO_NB_CUSTOM_BIND_MOUNTS_KEY=${SSO_NB_CUSTOM_BIND_MOUNTS_KEY}
- JUPYTER_NB_CUSTOM_BIND_MOUNTS=${JUPYTER_NB_CUSTOM_BIND_MOUNTS}
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- SSO_CLIENT_ID=${JHUB_SSO_CLIENT_ID}
- SSO_CLIENT_SECRET=${JHUB_SSO_CLIENT_SECRET}
- PUBLIC_URL=${PUBLIC_URL}
- JUPYTER_URL_SUFFIX=${JUPYTER_URL_SUFFIX}
- SSO_USERNAME_KEY=preferred_username
- SSO_RESOURCE_ACCESS_KEY=resource_access
- JHUB_DEFAULT_ENV_NAME=aihub-${RM_JUPYTER_VERSION}-python
- JHUB_SPAWNER=${JHUB_SPAWNER}
- JHUB_API_PROTOCOL=${JHUB_API_PROTOCOL}
- JHUB_API_HOSTNAME=${JHUB_API_HOSTNAME}
- JHUB_PROXY_PORT=${JHUB_PROXY_PORT}
- JHUB_API_PORT=${JHUB_API_PORT}
- JHUB_ENV_VOLUME_NAME=${JHUB_ENV_VOLUME_NAME}
# - JHUB_CUSTOM_CA_CERTS=${JHUB_CUSTOM_CA_CERTS}
# - JHUB_K8S_NAMESPACE=${JHUB_K8S_NAMESPACE}
# - JHUB_K8S_NODE_SELECTOR_NAME=${JHUB_K8S_NODE_SELECTOR_NAME}
# - JHUB_K8S_NODE_SELECTOR_VALUE=${JHUB_K8S_NODE_SELECTOR_VALUE}
# - JHUB_K8S_NOTEBOOK_STORAGE_ACCESS_MODE=${JHUB_K8S_NOTEBOOK_STORAGE_ACCESS_MODE}
# - JHUB_K8S_NOTEBOOK_STORAGE_CAPACITY=${JHUB_K8S_NOTEBOOK_STORAGE_CAPACITY}
# - JHUB_K8S_NOTEBOOK_STORAGE_CLASS=${JHUB_K8S_NOTEBOOK_STORAGE_CLASS}
# - JHUB_K8S_IMAGE_PULL_SECRET=${JHUB_K8S_IMAGE_PULL_SECRET}
# - JHUB_K8S_ENV_PVC_NAME=${JHUB_K8S_ENV_PVC_NAME}
# - JHUB_K8S_ENV_PVC_SUBPATH=${JHUB_K8S_ENV_PVC_SUBPATH}
- JHUB_DOCKER_DISABLE_NOTEBOOK_IMAGE_PULL_AT_STARTUP=${JHUB_DOCKER_DISABLE_NOTEBOOK_IMAGE_PULL_AT_STARTUP}
- JHUB_DISABLE_AIHUB_TOKEN_REQUESTS=${JHUB_DISABLE_AIHUB_TOKEN_REQUESTS}
volumes:
# Use this if docker service run as root
- /var/run/docker.sock:/var/run/docker.sock:rw
# Use this if docker service run as user (pay attention for UID)
#- /run/user/1000/docker.sock:/var/run/docker.sock:rw
depends_on:
- rm-jupyterhub-db-svc
- rm-server-svc
networks:
rm-platform-int-net:
aliases:
- rm-jupyterhub-svc
jupyterhub-user-net:
aliases:
- rm-jupyterhub-svc
profiles:
- jupyter
rm-coding-environment-storage-svc:
image: "${REGISTRY}rapidminer-coding-environment-storage:${CES_VERSION}"
hostname: rm-coding-environment-storage-svc
restart: always
environment:
- PA_BACKEND=${PA_BACKEND}
- PA_SYNC_DEBUG=False
networks:
rm-coding-environment-storage-net:
aliases:
- rm-coding-environment-storage-svc
depends_on:
- platform-admin-webui-svc
volumes:
- rm-coding-shared-vol:/opt/coding-shared/
profiles:
- ces
rm-grafana-svc:
image: "${REGISTRY}rapidminer-grafana:${RM_GRAFANA_VERSION}"
hostname: rm-grafana-svc
restart: always
environment:
- PUBLIC_URL=${PUBLIC_URL}
- GRAFANA_URL_SUFFIX=${GRAFANA_URL_SUFFIX}
#- GF_LOG_LEVEL=debug
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- SSO_CLIENT_ID=${GRAFANA_SSO_CLIENT_ID}
- SSO_CLIENT_SECRET=${GRAFANA_SSO_CLIENT_SECRET}
- GF_AUTH_GENERIC_OAUTH_SCOPES=email openid
- TZ=${TZ}
volumes:
- grafana-home:/var/lib/grafana
depends_on:
- rm-grafana-proxy-svc
networks:
rm-platform-int-net:
aliases:
- rm-grafana-svc
profiles:
- grafana
rm-grafana-proxy-svc:
image: "${REGISTRY}rapidminer-grafana-proxy:${RM_GRAFANA_VERSION}"
hostname: rm-grafana-proxy-svc
restart: always
environment:
- RAPIDMINER_URL=${RAPIDMINER_SERVER_URL}
# Comma spearated list of RTSA URLs (http://rts-agent-svc:8090,https://rts-agent2-svc:8888)
- RTSA_DEPLOYMENTS=${RTS_SCORING_BACKEND}
- GRAFANA_PROXY_LOGGING_LEVEL=${GRAFANA_PROXY_LOGGING_LEVEL}
- LOG_RESPONSE_DATA=${GRAFANA_PROXY_LOG_RESPONSE_DATA}
depends_on:
- rm-server-svc
networks:
rm-platform-int-net:
aliases:
- rm-grafana-proxy-svc
profiles:
- grafana
rm-tabgo-proxy-svc:
image: "${REGISTRY}rapidminer-tabgo-proxy:${TABGO_VERSION}"
hostname: rm-tabgo-proxy-svc
restart: always
environment:
- HTTPS_CRT_PATH=${HTTPS_CRT_PATH}
- HTTPS_KEY_PATH=${HTTPS_KEY_PATH}
- TABGO_BACKEND=${TABGO_BACKEND}
- TABGO_PORT=${TABGO_PORT}
ports:
- 0.0.0.0:${TABGO_PROXY_PORT}:443
volumes:
- ./ssl:/etc/nginx/ssl
networks:
rm-platform-int-net:
aliases:
- rm-tabgo-proxy-svc
profiles:
- tabgo
rm-tabgo-svc:
image: "${REGISTRY}rapidminer-tabgo:${TABGO_VERSION}"
restart: always
hostname: rm-tabgo-svc
environment:
- TABGO_MAX_MEMORY=${TABGO_MAX_MEMORY}
- TABGO_RMS_HOSTNAME=${RAPIDMINER_SERVER_URL}
- TABGO_GO_HOSTNAME=${PUBLIC_URL}
- TABGO_SMALL_REQUEST_LIMIT=${TABGO_SMALL_REQUEST_LIMIT}
- TABGO_SMALL_REQUEST_INTERVAL=${TABGO_SMALL_REQUEST_INTERVAL}
- TABGO_LOG_LEVEL=${TABGO_LOG_LEVEL}
- _JAVA_OPTIONS=${TABGO_JAVA_OPTIONS}
networks:
rm-platform-int-net:
aliases:
- rm-tabgo-svc
profiles:
- tabgo
landing-page:
image: "${REGISTRY}rapidminer-deployment-landing-page:${RM_LANDING_VERSION}"
restart: always
hostname: landing-page
environment:
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- SSO_CLIENT_ID=${LANDING_SSO_CLIENT_ID}
- SSO_CLIENT_SECRET=${LANDING_SSO_CLIENT_SECRET}
- DEBUG=false
volumes:
- rm-landing-page-vol:/var/www/html/uploaded/
- deployed-services-vol:/rapidminer/deployed-services/
networks:
rm-platform-int-net:
aliases:
- landing-page
profiles:
- landing-page
rm-token-tool-svc:
image: "${REGISTRY}rapidminer-deployment-landing-page:${RM_LANDING_VERSION}"
restart: always
hostname: rm-token-tool
environment:
- PUBLIC_URL=${PUBLIC_URL}
- SSO_PUBLIC_URL=${SSO_PUBLIC_URL}
- SSO_IDP_REALM=${SSO_IDP_REALM}
- SSO_CLIENT_ID=${TOKEN_SSO_CLIENT_ID}
- SSO_CLIENT_SECRET=${TOKEN_SSO_CLIENT_SECRET}
- DEBUG=false
- SSO_CUSTOM_SCOPE=openid offline_access
- CUSTOM_URL_SUFFIX=${TOKEN_URL_SUFFIX}
- CUSTOM_CONTENT=get-token
volumes:
- rm-token-tool-vol:/var/www/html/uploaded/
networks:
rm-platform-int-net:
aliases:
- rm-token-tool
profiles:
- token-tool
# ###############################################
#
# RapidMiner GO
#
# ###############################################
# Frontend and API router
rapidminer-automodel-routing:
image: "rapidminer/rapidminer-automodel-routing:${GO_IMAGE_TAG_ROUTING}"
hostname: rapidminer-automodel-routing
environment:
RMID_HOST_PORT_1: ${GO_ROUTING_RMID_HOST_PORT_1}
AM_HOST_PORT_1: ${GO_ROUTING_AM_HOST_PORT_1}
EVENT_HOST_PORT: ${GO_ROUTING_EVENT_HOST_PORT}
DQ_HOST_PORT_1: ${GO_ROUTING_DQ_HOST_PORT_1}
RESOLVER: ${GO_ROUTING_RESOLVER}
SERVER_NAME: ${GO_ROUTING_SERVER_NAME}
PROTOCOL: ${GO_ROUTING_PROTOCOL}
depends_on:
- rapidminer-automodeler
- rapidminer-automodel-rmid
restart: always
networks:
rm-go-proxy-net:
aliases:
- rapidminer-automodel-routing
rm-go-int-net:
aliases:
- rapidminer-automodel-routing
profiles:
- go
rapidminer-automodel-rmid:
image: "rapidminer/rapidminer-automodel-rmid:${GO_IMAGE_TAG_RMID}"
hostname: rapidminer-automodel-rmid
environment:
SPRING_PROFILES_ACTIVE: ${GO_RMID_SPRING_PROFILES_ACTIVE}
DB_HOST: ${GO_DB_HOST}
DB_USER: ${GO_RMID_DB_USER}
DB_PASSWORD: ${GO_RMID_DB_PASSWORD}
DB_NAME: ${GO_RMID_DB_NAME}
_JAVA_OPTIONS: ${GO_RMID_JAVA_OPTIONS}
BASE_URL: ${PUBLIC_URL}
AUTH_SECRET: ${GO_AUTH_SECRET}
RMID_FRONTEND_TRACKING_ENABLED: ${GO_RMID_FRONTEND_TRACKING_ENABLED}
TOKEN_MAX_AGE: ${GO_RMID_TOKEN_MAX_AGE}
LOGIN_TYPE: ${GO_RMID_LOGIN_TYPE}
SAML_ENTITY_ID: ${GO_SSO_CLIENT_ID}
SAML_KEYSTORE_PASSWORD: ${GO_RMID_SAML_KEYSTORE_PASSWORD}
SAML_KEYSTORE_ALIAS: ${GO_RMID_SAML_KEYSTORE_ALIAS}
RMID_FRONTEND_AUTO_LOGIN: "true"
AM_BASE_URL: http://rapidminer-automodeler:8080
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/rmid/system/health"]
restart: always
volumes:
- ./go/saml:/rapidminer-automodel-rmid/saml
- ./go/branding/rmid:/rapidminer-automodeler/branding
depends_on:
- rapidminer-automodel-db
networks:
rm-go-int-net:
aliases:
- rapidminer-automodel-rmid
profiles:
- go
rapidminer-automodeler:
image: "rapidminer/rapidminer-automodeler:${GO_IMAGE_TAG_AM}"
hostname: rapidminer-automodeler
environment:
SPRING_PROFILES_ACTIVE: ${GO_AUTOMODELER_SPRING_PROFILES_ACTIVE}
SPRING_SERVLET_MULTIPART_MAX_FILE_SIZE: ${GO_AUTOMODELER_SPRING_SERVLET_MULTIPART_MAX_FILE_SIZE}
_JAVA_OPTIONS: ${GO_AUTOMODELER_JAVA_OPTIONS}
DB_HOST: ${GO_DB_HOST}
DB_USER: ${GO_AUTOMODELER_DB_USER}
DB_PASSWORD: ${GO_AUTOMODELER_DB_PASSWORD}
DB_NAME: ${GO_AUTOMODELER_DB_NAME}
BASE_URL: ${PUBLIC_URL}
RMID_BASE_URL: ${GO_AUTOMODELER_RMID_BASE_URL}
DQ_BASE_URL: ${GO_AUTOMODELER_RMID_BASE_URL}
AMQ_URL: ${GO_AMQ_URL}
AMQ_USERNAME: ${GO_ACTIVEMQ_ADMIN_LOGIN}
AMQ_PASSWORD: ${GO_ACTIVEMQ_ADMIN_PASSWORD}
AUTH_SECRET: ${GO_AUTH_SECRET}
AUTOMODELER_DEPLOYMENT_TIME_SERIES_ENABLED: 'true'
AUTOMODELER_FRONTEND_TRACKING_ENABLED: ${GO_AUTOMODELER_FRONTEND_TRACKING_ENABLED}
AUTOMODELER_FILESTORE_MIN_ROW_LIMIT: ${GO_AUTOMODELER_FILESTORE_MIN_ROW_LIMIT}
AUTOMODELER_EXECUTION_TASK_LIMIT_PER_USER: ${GO_AUTOMODELER_EXECUTION_TASK_LIMIT_PER_USER}
AUTOMODELER_EXECUTION_QUEUE_LIMIT_PER_USER: ${GO_JOB_CONTAINERS}
AUTOMODELER_EXECUTION_MAXIMUM_TOTAL_RESULT_SIZE: ${GO_AUTOMODELER_EXECUTION_MAXIMUM_TOTAL_RESULT_SIZE}
AUTOMODELER_DATA_IMPORT_MINIMUM_ATTRIBUTE_COUNT: ${GO_AUTOMODELER_DATA_IMPORT_MINIMUM_ATTRIBUTE_COUNT}
AUTOMODELER_DATA_IMPORT_MAXIMUM_ATTRIBUTE_COUNT: ${GO_AUTOMODELER_DATA_IMPORT_MAXIMUM_ATTRIBUTE_COUNT}
JOB_QUEUE: ${GO_JOB_QUEUE}
JOB_STATUS_QUEUE: ${GO_JOB_STATUS_QUEUE}
JOB_COMMAND_TOPIC: ${GO_JOB_COMMAND_TOPIC}
volumes:
- rapidminer_automodel_shared:/rapidminer-automodeler/shared
- ./go/licenses:/rapidminer-automodeler/shared/licenses
- ./go/branding/am:/rapidminer-automodeler/branding
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/am/system/health"]
restart: always
depends_on:
- rapidminer-automodel-activemq
- rapidminer-automodel-db
networks:
rm-go-int-net:
aliases:
- rapidminer-automodeler
profiles:
- go
rapidminer-automodel-job-container:
image: "rapidminer/rapidminer-automodel-job-container:${GO_IMAGE_TAG_JC}"
hostname: rapidminer-automodel-job-container
environment:
# Be aware that additional env vars might be set in Dockerfile
# (e.g. JOBCONTAINER_BASEDIR: /rapidminer-automodel-job-container)
SPRING_PROFILES_ACTIVE: ${GO_JC_SPRING_PROFILES_ACTIVE}
_JAVA_OPTIONS: ${GO_JC_JAVA_OPTIONS}
JOB_QUEUE: ${GO_JOB_QUEUE}
JOB_STATUS_QUEUE: ${GO_JOB_STATUS_QUEUE}
JOB_COMMAND_TOPIC: ${GO_JOB_COMMAND_TOPIC}
AMQ_URL: ${GO_AMQ_URL}
AMQ_REST_URL: ${GO_AMQ_REST_URL}
AMQ_USERNAME: ${GO_ACTIVEMQ_ADMIN_LOGIN}
AMQ_PASSWORD: ${GO_ACTIVEMQ_ADMIN_PASSWORD}
volumes:
- rapidminer_automodel_shared:/rapidminer-automodel-job-container/shared
- ./go/licenses:/rapidminer-automodel-job-container/shared/licenses
depends_on:
- rapidminer-automodeler
restart: always
networks:
rm-go-int-net:
aliases:
- rapidminer-automodel-job-container
profiles:
- go
rapidminer-ui-event-tracking:
image: "rapidminer/rapidminer-ui-event-tracking:${GO_IMAGE_TAG_ET}"
hostname: rapidminer-ui-event-tracking
environment:
_JAVA_OPTIONS: ${GO_ET_JAVA_OPTIONS}
DB_HOST: ${GO_DB_HOST}
DB_USER: ${GO_AUTOMODELER_DB_USER}
DB_PASSWORD: ${GO_AUTOMODELER_DB_PASSWORD}
DB_NAME: ${GO_AUTOMODELER_DB_NAME}
depends_on:
- rapidminer-automodeler
restart: always
networks:
rm-go-int-net:
aliases:
- rapidminer-ui-event-tracking
profiles:
- go
rapidminer-automodel-db:
image: "${REGISTRY}postgres-9.6:${POSTGRES_VERSION}"
hostname: rapidminer-automodel-db
volumes:
- rapidminer_automodel_dbdata:/var/lib/postgresql/data
- ./go/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
networks:
rm-go-int-net:
aliases:
- rapidminer-automodel-db
environment:
AUTOMODELER_DB_USER: ${GO_AUTOMODELER_DB_USER}
AUTOMODELER_DB_PASSWORD: ${GO_AUTOMODELER_DB_PASSWORD}
AUTOMODELER_DB_NAME: ${GO_AUTOMODELER_DB_NAME}
RMID_DB_USER: ${GO_RMID_DB_USER}
RMID_DB_PASSWORD: ${GO_RMID_DB_PASSWORD}
RMID_DB_NAME: ${GO_RMID_DB_NAME}
POSTGRES_PASSWORD: ${GO_POSTGRES_PASSWORD}
POSTGRES_USER: ${GO_POSTGRES_USER}
POSTGRES_INITDB_ARGS: ${POSTGRES_INITDB_ARGS}
profiles:
- go
#ports:
# - "5432:5432"
rapidminer-automodel-activemq:
image: "webcenter/activemq:5.14.3"
hostname: rapidminer-automodel-activemq
environment:
ACTIVEMQ_CONFIG_DEFAULTACCOUNT: ${GO_ACTIVEMQ_CONFIG_DEFAULTACCOUNT}
ACTIVEMQ_ADMIN_LOGIN: ${GO_ACTIVEMQ_ADMIN_LOGIN}
ACTIVEMQ_ADMIN_PASSWORD: ${GO_ACTIVEMQ_ADMIN_PASSWORD}
ACTIVEMQ_JMX_ADMIN_PASSWORD: ${GO_ACTIVEMQ_ADMIN_PASSWORD}
ACTIVEMQ_JMX_ADMIN_ROLE: readwrite
ACTIVEMQ_GROUPS_owners: 'admin'
ACTIVEMQ_CONFIG_MAXMEMORY: ${GO_AMQ_MAXMEMORY}
volumes:
- ./go/activemq.xml:/opt/activemq/conf/activemq.xml
networks:
rm-go-int-net:
aliases:
- rapidminer-automodel-activemq
profiles:
- go
#ports:
# - "8161:8161"
# - "61616:61616"
# - "61613:61613"
volumes:
rm-postgresql-vol:
rm-server-bootstrap-vol:
rm-server-home-vol:
rm-server-bootstrap-ja-vol:
rm-server-ja-log-vol:
rm-server-ja-data-vol:
rm-server-ja-extensions:
rm-server-ja-config-vol:
platform-admin-uploaded-vol:
rts-deployments-vol:
rts-licenses-vol:
jupyterhub-postgresql-vol:
grafana-home:
keycloak-postgresql-vol:
keycloak-admin-cli-vol:
rm-landing-page-vol:
rm-token-tool-vol:
deployed-services-vol:
rm-coding-shared-vol:
name: ${JHUB_ENV_VOLUME_NAME}
rapidminer_automodel_dbdata:
rapidminer_automodel_shared:
networks:
rm-platform-int-net:
rm-idp-db-net:
rm-server-db-net:
rm-coding-environment-storage-net:
jupyterhub-user-net:
name: jupyterhub-user-net-${JUPYTER_STACK_NAME}
rm-go-int-net:
rm-go-proxy-net: